Posted By

mightybs on 02/21/13


rails ruby att

Versions (?)

Rails fix for cookie munging AT&T Proxies

 / Published in: Rails

Working on the problem described here:

After some testing we found the below code to fix our troubles in Rails 1.0 sites. I have not checked if future Rails versions provide the same "fix" or not. We include this file in our environment file so that on load of the application we decide whether or not it is necessary and define the fix then.

  1. # ActionController has a cookie "fix" supposedly for performance on ruby < 1.8.1
  2. # but it's too strict in its parsing and doesn't work with some broken proxies.
  3. # Sadly the CGI::Cookie provided with ruby 1.8.4 does not suffer this limitation
  4. # but since it differs in other ways we'll not use it here and just "fix" the rails "fix".
  6. # check that the parser is broken before overwriting
  7. if CGI::Cookie.parse('foo=1;bar=2; baz=3')['foo'][0] == '1;bar=2'
  8. class CGI
  9. class Cookie
  10. class << self
  11. alias_method :strict_parse, :parse
  12. def parse(raw_cookie)
  13. # rfc 6265 says "; " separator but some proxies chew my cookies
  14. raw_cookie &&= raw_cookie.gsub(/;([^ ])/, '; \1')
  15. strict_parse(raw_cookie)
  16. end
  17. end
  18. end
  19. end
  20. end

Report this snippet  

You need to login to post a comment.