Added test for RFC 6265 cookies

Author: LiberalArtist

web-server-doc/info.rkt

@@ -3,6 +3,7 @@
 (define collection 'multi)
 
 (define build-deps '("net-doc"
+                     "net-cookies"
                      "rackunit-doc"
                      "compatibility-doc"
                      "db-doc"

web-server-doc/web-server/scribblings/http.scrbl

@@ -294,10 +294,11 @@ transmission that the server @bold{will not catch}.}
    Constructs a cookie with the appropriate fields.
 
    This is a wrapper around @racket[make-cookie] from @racketmodname[net/cookies/server]
-   for backwords compatability. The @racket[comment] argument is ignored.
+   for backwards compatability. The @racket[comment] argument is ignored.
    If @racket[expires] is given as a string, it should match
    @link["https://tools.ietf.org/html/rfc7231#section-7.1.1.2"]{RFC 7231, Section 7.1.1.2},
    in which case it will be converted to a @racket[date?] value.
+   If conversion fails, an @racket[exn:fail:contract?] is raised.
  }
 
  @defproc[(cookie->header [c cookie?]) header?]{
@@ -401,7 +402,7 @@ available (@racket[make-secret-salt/file]),
  @defproc*[([(request-id-cookie [request request?]
                                 [#:name name (and/c string? cookie-name?)]
                                 [#:key secret-salt bytes?]
-                                [#:timeout timeout +inf.0])
+                                [#:timeout timeout number? +inf.0])
              (or/c #f (and/c string? cookie-value?))]
             [(request-id-cookie [name (and/c string? cookie-name?)]
                                 [secret-salt bytes?]

web-server-lib/web-server/http/cookie-parse.rkt

@@ -3,7 +3,8 @@
 (require web-server/http/request-structs
          net/cookies/common
          net/cookies/server
-         web-server/private/util         
+         web-server/private/util
+         racket/match
          racket/contract)
 
 (provide (contract-out
@@ -20,6 +21,12 @@
   (name value domain path)
   #:prefab)
 
+(define handle-quoted-value
+  (match-lambda
+    [(regexp #rx"^\"(.*)\"$" (list _ inner))
+     inner]
+    [val val]))
+
 (define (request-cookies req)
   (for/fold ([cookies-so-far null])
             ([this-header (in-list (request-headers/raw req))]
@@ -29,6 +36,6 @@
             (for/list ([pr (in-list (cookie-header->alist
                                      (header-value this-header)))])
               (client-cookie (bytes->string/utf-8 (car pr))
-                             (bytes->string/utf-8 (cdr pr))
+                             (handle-quoted-value (bytes->string/utf-8 (cdr pr)))
                              #f
                              #f)))))

web-server-lib/web-server/http/cookie.rkt

@@ -65,27 +65,30 @@
                                                   (app string->number hour)
                                                   (app string->number min)
                                                   (app string->number sec)))
-                                   (seconds->date
-                                    (find-seconds sec min hour day
-                                                  (case month-str
-                                                    [("Jan") 1]
-                                                    [("Feb") 2]
-                                                    [("Mar") 3]
-                                                    [("Apr") 4]
-                                                    [("May") 5]
-                                                    [("Jun") 6]
-                                                    [("Jul") 7]
-                                                    [("Aug") 8]
-                                                    [("Sep") 9]
-                                                    [("Oct") 10]
-                                                    [("Nov") 11]
-                                                    [("Dec") 12])
-                                                  year
-                                                  #f))]
+                                   (with-handlers ([exn:fail? (λ (e) (failure-cont))])
+                                     (seconds->date
+                                      (find-seconds sec min hour day
+                                                    (case month-str
+                                                      [("Jan") 1]
+                                                      [("Feb") 2]
+                                                      [("Mar") 3]
+                                                      [("Apr") 4]
+                                                      [("May") 5]
+                                                      [("Jun") 6]
+                                                      [("Jul") 7]
+                                                      [("Aug") 8]
+                                                      [("Sep") 9]
+                                                      [("Oct") 10]
+                                                      [("Nov") 11]
+                                                      [("Dec") 12])
+                                                    year
+                                                    #f)
+                                      #f))]
                                   [_ (raise-arguments-error
                                       'make-cookie*
                                       "invalid #:expires string"
-                                      'expected "#f, a date?, or a string conforming to RFC 7231 Section 7.1.1.2"
+                                      'expected
+                                      "#f, a date?, or a string conforming to RFC 7231 Section 7.1.1.2"
                                       'given exp-date/raw)])]
                                [else exp-date/raw])))
 

web-server-lib/web-server/http/id-cookie.rkt

@@ -19,15 +19,15 @@
        bytes?)]
   [logout-id-cookie
    (->* [(and/c string? cookie-name?)]
-                [#:path (or/c path/extension-value? #f)
-                 #:domain (or/c domain-value? #f)]
-                cookie?)]
+        [#:path (or/c path/extension-value? #f)
+         #:domain (or/c domain-value? #f)]
+        cookie?)]
   [valid-id-cookie?
-   (-> any/c
-       #:name (and/c string? cookie-name?)
-       #:key bytes?
-       #:timeout number?
-       (or/c #f (and/c string? cookie-value?)))]
+   (->* [any/c
+         #:name (and/c string? cookie-name?)
+         #:key bytes?]
+        [#:timeout number?]
+        (or/c #f (and/c string? cookie-value?)))]
   [request-id-cookie
    (->i ([name-or-req {kw-name}
                       (if (unsupplied-arg? kw-name)
@@ -111,8 +111,8 @@
                         )
   (define-values {data key}
     (if maybe-key
-        (values maybe-key data-or-key)
-        (values data-or-key maybe-data)))
+        (values data-or-key maybe-key)
+        (values maybe-data data-or-key)))
   (define authored (current-seconds))
   (define digest
     (mac key (list authored data)))
@@ -131,7 +131,7 @@
 (define (valid-id-cookie? c
                           #:name name
                           #:key key
-                          #:timeout timeout)
+                          #:timeout [timeout +inf.0])
   (and (id-cookie? name c)
        (with-handlers ([exn:fail? (lambda (x) #f)])
          (match (if (client-cookie? c)
@@ -158,11 +158,11 @@
   (let ([name (or kw-name name-or-req)]
         [key (or kw-key maybe-key)]
         [req (or maybe-req name-or-req)])
-  (for/or ([c (in-list (request-cookies req))])
-    (valid-id-cookie? c
-                      #:name name
-                      #:key key
-                      #:timeout timeout))))
+    (for/or ([c (in-list (request-cookies req))])
+      (valid-id-cookie? c
+                        #:name name
+                        #:key key
+                        #:timeout timeout))))
 
 (define (logout-id-cookie name
                           #:path [path #f]