Cookie
view release on metacpan or search on metacpan
$jar->fetch || die( $jar->error );
# set the response headers with the cookies from our repository
$jar->add_response_header;
Why? Well, because "fetch" retrieves the cookies sent by the http client
and store them into the repository. However, cookies sent by the http
client only contain the cookie name and value, such as:
GET /my/path/ HTTP/1.1
Host: www.example.org
Cookie: session_token=eyJleHAiOjE2MzYwNzEwMzksImFsZyI6IkhTMjU2In0.eyJqdGkiOiJkMDg2Zjk0OS1mYWJmLTRiMzgtOTE1ZC1hMDJkNzM0Y2ZmNzAiLCJmaXJzdF9uYW1lIjoiSm9obiIsImlhdCI6MTYzNTk4NDYzOSwiYXpwIjoiNGQ0YWFiYWQtYmJiMy00ODgwLThlM2ItNTA0OWMwZTczNjBlIiwiaXNz...
As you can see, 3 cookies were sent: "session_token", "csrf_token" and
"site_prefs"
So, when "fetch" creates an object for each one and store them, those
cookies have no "path" value and no other attribute, and when
"add_response_header" is then called, it stringifies the cookies and
create a "Set-Cookie" header for each one, but only with their value and
no other attribute.
The http client, when receiving those cookies will derive the missing
cookie path to be "/my/path", i.e. the current uri path, and will create
a duplicate cookie from the previously stored cookie with the same name
but not limited to HTTP::Request, is provided, it will use it to get the
"Cookie" header value. The object method needs to have the "header"
method in order to get, or set the "Cookie" or "Set-Cookie" headers.
Alternatively, if a value for "request" has been set, it will use it to
get the "Cookie" header value from Apache modperl.
You can also provide the "Cookie" string to parse by providing the
"string" option to this method.
$jar->fetch( string => q{foo=bar; site_prefs=lang%3Den-GB} ) ||
die( $jar->error );
Ultimately, if none of those are available, it will use the environment
variable "HTTP_COOKIE"
If the option "store" is true (by default it is true), this method will
add the fetched cookies to the repository.
It returns an hash reference of cookie key => cookie object
error, this returns "undef" in perlfunc and sets an error
parse
This method is used by "fetch" to parse cookies sent by http client.
Parsing is much simpler than for http client receiving cookies from
server.
It takes the raw "Cookie" string sent by the http client, and returns an
hash reference (possibly empty) of cookie name to cookie value pairs.
my $cookies = $jar->parse( 'foo=bar; site_prefs=lang%3Den-GB' );
# You can safely do as well:
my $cookies = $jar->parse( '' );
purge
Thise takes no argument and will remove from the repository all cookies
that have expired. A cookie that has expired is a Cookie that has its
"expires" property set and whose value is in the past.
This returns an array object of all the cookies thus removed.
# get cookies sent by the http client
$jar->fetch || die( $jar->error );
# set the response headers with the cookies from our repository
$jar->add_response_header;
Why? Well, because ["fetch"](#fetch) retrieves the cookies sent by the http client and store them into the repository. However, cookies sent by the http client only contain the cookie name and value, such as:
GET /my/path/ HTTP/1.1
Host: www.example.org
Cookie: session_token=eyJleHAiOjE2MzYwNzEwMzksImFsZyI6IkhTMjU2In0.eyJqdGkiOiJkMDg2Zjk0OS1mYWJmLTRiMzgtOTE1ZC1hMDJkNzM0Y2ZmNzAiLCJmaXJzdF9uYW1lIjoiSm9obiIsImlhdCI6MTYzNTk4NDYzOSwiYXpwIjoiNGQ0YWFiYWQtYmJiMy00ODgwLThlM2ItNTA0OWMwZTczNjBlIiwiaXNzIjoi...
As you can see, 3 cookies were sent: `session_token`, `csrf_token` and `site_prefs`
So, when ["fetch"](#fetch) creates an object for each one and store them, those cookies have no `path` value and no other attribute, and when ["add\_response\_header"](#add_response_header) is then called, it stringifies the cookies and create a `Set...
The http client, when receiving those cookies will derive the missing cookie path to be `/my/path`, i.e. the current uri path, and will create a duplicate cookie from the previously stored cookie with the same name for that host, but that had the pa...
So you can create a repository and use it to store the cookies sent by the http client using ["fetch"](#fetch), but in preparation of the server response, either use a separate repository with, for example, `my $jar_out = Cookie::Jar->new` or use ["s...
# Add Set-Cookie header for that cookie, but do not add cookie to repository
$jar->set( $cookie_object );
It retrieves all possible cookies from the http request received from the web browser.
It takes an optional hash or hash reference of parameters, such as `host`. If it is not provided, the value set with ["host"](#host) is used instead.
If the parameter `request` containing an http request object, such as, but not limited to [HTTP::Request](https://metacpan.org/pod/HTTP%3A%3ARequest), is provided, it will use it to get the `Cookie` header value. The object method needs to have the `...
Alternatively, if a value for ["request"](#request) has been set, it will use it to get the `Cookie` header value from Apache modperl.
You can also provide the `Cookie` string to parse by providing the `string` option to this method.
$jar->fetch( string => q{foo=bar; site_prefs=lang%3Den-GB} ) ||
die( $jar->error );
Ultimately, if none of those are available, it will use the environment variable `HTTP_COOKIE`
If the option `store` is true (by default it is true), this method will add the fetched cookies to the [repository](#repo).
It returns an hash reference of cookie key => [cookie object](https://metacpan.org/pod/Cookie)
A cookie key is made of the host (possibly empty), the path and the cookie name separated by `;`
}
Upon success this will return the current object, and if there was an error, this returns ["undef" in perlfunc](https://metacpan.org/pod/perlfunc#undef) and sets an [error](https://metacpan.org/pod/Module%3A%3AGeneric#error)
## parse
This method is used by ["fetch"](#fetch) to parse cookies sent by http client. Parsing is much simpler than for http client receiving cookies from server.
It takes the raw `Cookie` string sent by the http client, and returns an hash reference (possibly empty) of cookie name to cookie value pairs.
my $cookies = $jar->parse( 'foo=bar; site_prefs=lang%3Den-GB' );
# You can safely do as well:
my $cookies = $jar->parse( '' );
## purge
Thise takes no argument and will remove from the repository all cookies that have expired. A cookie that has expired is a [Cookie](https://metacpan.org/pod/Cookie) that has its `expires` property set and whose value is in the past.
This returns an [array object](https://metacpan.org/pod/Module%3A%3AGeneric%3A%3AArray) of all the cookies thus removed.
my $all = $jar->purge;
lib/Cookie/Jar.pm view on Meta::CPAN
# get cookies sent by the HTTP client
$jar->fetch || die( $jar->error );
# set the response headers with the cookies from our repository
$jar->add_response_header;
Why? Well, because L</fetch> retrieves the cookies sent by the HTTP client and store them into the repository. However, cookies sent by the HTTP client only contain the cookie name and value, such as:
GET /my/path/ HTTP/1.1
Host: www.example.org
Cookie: session_token=eyJleHAiOjE2MzYwNzEwMzksImFsZyI6IkhTMjU2In0.eyJqdGkiOiJkMDg2Zjk0OS1mYWJmLTRiMzgtOTE1ZC1hMDJkNzM0Y2ZmNzAiLCJmaXJzdF9uYW1lIjoiSm9obiIsImlhdCI6MTYzNTk4NDYzOSwiYXpwIjoiNGQ0YWFiYWQtYmJiMy00ODgwLThlM2ItNTA0OWMwZTczNjBlIiwiaXNzIjoi...
As you can see, 3 cookies were sent: C<session_token>, C<csrf_token> and C<site_prefs>
So, when L</fetch> creates an object for each one and store them, those cookies have no C<path> value and no other attribute, and when L</add_response_header> is then called, it stringifies the cookies and create a C<Set-Cookie> header for each one, ...
The HTTP client, when receiving those cookies will derive the missing cookie path to be C</my/path>, i.e. the current URI path, and will create a duplicate cookie from the previously stored cookie with the same name for that host, but that had the p...
So you can create a repository and use it to store the cookies sent by the HTTP client using L</fetch>, but in preparation of the server response, either use a separate repository with, for example, C<< my $jar_out = Cookie::Jar->new >> or use L</set...
# Add Set-Cookie header for that cookie, but do not add cookie to repository
$jar->set( $cookie_object );
lib/Cookie/Jar.pm view on Meta::CPAN
It retrieves all possible cookies from the HTTP request received from the web browser.
It takes an optional hash or hash reference of parameters, such as C<host>. If it is not provided, the value set with L</host> is used instead.
If the parameter C<request> containing an HTTP request object, such as, but not limited to L<HTTP::Request>, is provided, it will use it to get the C<Cookie> header value. The object method needs to have the C<header> method in order to get, or set t...
Alternatively, if a value for L</request> has been set, it will use it to get the C<Cookie> header value from Apache modperl.
You can also provide the C<Cookie> string to parse by providing the C<string> option to this method.
$jar->fetch( string => q{foo=bar; site_prefs=lang%3Den-GB} ) ||
die( $jar->error );
Ultimately, if none of those are available, it will use the environment variable C<HTTP_COOKIE>
If the option C<store> is true (by default it is true), this method will add the fetched cookies to the L<repository|/repo>.
It returns an hash reference of cookie key => L<cookie object|Cookie>
A cookie key is made of the host (possibly empty), the path and the cookie name separated by C<;>
lib/Cookie/Jar.pm view on Meta::CPAN
}
Upon success this will return the current object, and if there was an error, this returns L<perlfunc/undef> and sets an L<error|Module::Generic/error>
=head2 parse
This method is used by L</fetch> to parse cookies sent by HTTP client. Parsing is much simpler than for HTTP client receiving cookies from server.
It takes the raw C<Cookie> string sent by the HTTP client, and returns an hash reference (possibly empty) of cookie name to cookie value pairs.
my $cookies = $jar->parse( 'foo=bar; site_prefs=lang%3Den-GB' );
# You can safely do as well:
my $cookies = $jar->parse( '' );
=head2 purge
Thise takes no argument and will remove from the repository all cookies that have expired. A cookie that has expired is a L<Cookie> that has its C<expires> property set and whose value is in the past.
This returns an L<array object|Module::Generic::Array> of all the cookies thus removed.
my $all = $jar->purge;
t/004_cookies.t view on Meta::CPAN
{
diag( "add_request_header returned an error: ", $jar->error ) if( $DEBUG );
}
my $h = $req->header( 'Cookie' );
like( $h, qr/session_token=${token}/ );
like( $h, qr/csrf_token=${csrf}/ );
$resp = HTTP::Response->new( 200 => 'OK' );
$resp->request( $req );
# $resp->header( 'Set-Cookie' => qq{site_prefs=lang%3Den-GB; path=/account} );
my $prefs_cookie = $srv->make( name => 'site_prefs', value => "lang=en-GB", path => '/account' ) || do
{
diag( "Unable to add cookie site_prefs: ", $srv->error ) if( $DEBUG );
};
$rv = $srv->set( $prefs_cookie, response => $resp ) || do
{
diag( "set returned an error: ", $srv->error ) if( $DEBUG );
};
$rv = $jar->extract( $resp ) || do
{
diag( "extract returned an error: ", $jar->error ) if( $DEBUG );
};
$req = HTTP::Request->new( GET => 'https://www.example.com/' );
$req->header( Host => 'www.example.com' );
$rv = $jar->add_request_header( $req );
if( !defined( $rv ) )
{
diag( "add_request_header returned an error: ", $jar->error ) if( $DEBUG );
}
$h = $req->header( 'Cookie' );
diag( "HTTP request is: ", $req->as_string ) if( $DEBUG );
like( $h, qr/session_token=${token}/ );
like( $h, qr/csrf_token=${csrf}/ );
unlike( $h, qr/site_prefs=lang%3Den-GB/ );
$req = HTTP::Request->new( GET => 'https://www.example.com/account/images/' );
$req->header( Host => 'www.example.com' );
$rv = $jar->add_request_header( $req );
if( !defined( $rv ) )
{
diag( "add_request_header returned an error: ", $jar->error ) if( $DEBUG );
}
$h = $req->header( 'Cookie' );
diag( "HTTP request is: ", $req->as_string ) if( $DEBUG );
like( $h, qr/session_token=${token}/ );
like( $h, qr/csrf_token=${csrf}/ );
like( $h, qr/site_prefs=lang%3Den-GB/ );
# my $csrf_cookie = $jar->make( name => 'csrf_token', path => '/' )->elapse;
$rv = $srv->fetch( request => $req ) || do
{
diag( "fetch returned an error: ", $srv->error ) if( $DEBUG );
};
$csrf_cookie = $srv->get( csrf_token => 'example.com' );
ok( $csrf_cookie );
if( !defined( $csrf_cookie ) )
{
t/004_cookies.t view on Meta::CPAN
# Add them back to the client request object
$rv = $jar->add_request_header( $req );
if( !defined( $rv ) )
{
diag( "add_request_header returned an error: ", $jar->error ) if( $DEBUG );
}
$h = $req->header( 'Cookie' );
like( $h, qr/session_token=${token}/ );
# should not be here anymore
unlike( $h, qr/csrf_token=${csrf}/ );
like( $h, qr/site_prefs=lang%3Den-GB/ );
};
};
subtest 'extract one cookie' => sub
{
my $jar = Cookie::Jar->new( debug => $DEBUG );
my $cookie_str = q{session_token=fe3fc36d-4104-4cd1-8f07-56cb96b2c78b; path=/ ; expires=Monday, 01-Nov-2021 17:12:40 GMT};
my $co = $jar->extract_one( $cookie_str, { port => 443, host => 'www.example.com' } );
ok( $co );
SKIP:
t/005_modperl.t view on Meta::CPAN
if( !defined( $rv ) )
{
diag( "add_request_header returned an error: ", $jar->error ) if( $DEBUG );
}
$resp = $ua->request( $req );
diag( "Server response is: ", $resp->as_string ) if( $DEBUG );
$rv = $jar->extract( $resp ) || do
{
diag( "extract returned an error: ", $jar->error ) if( $DEBUG );
};
ok( $jar->exists( 'site_prefs' => $mp_host ), 'sites_prefs cookie received' );
# test 5
$req = HTTP::Request->new( GET => "${proto}://${hostport}/tests/test05" );
$req->header( Host => "${mp_host}:${port}" );
$rv = $jar->add_request_header( $req );
if( !defined( $rv ) )
{
diag( "add_request_header returned an error: ", $jar->error ) if( $DEBUG );
}
$resp = $ua->request( $req );
t/005_modperl.t view on Meta::CPAN
# Add them back to the client request object
$rv = $jar->add_request_header( $req );
if( !defined( $rv ) )
{
diag( "add_request_header returned an error: ", $jar->error ) if( $DEBUG );
}
$h = $req->header( 'Cookie' );
like( $h, qr/session_token=${token}/ );
# should not be here anymore, because we acknowledged it expired
unlike( $h, qr/csrf_token=${csrf}/ );
like( $h, qr/site_prefs=lang%3Den-GB/ );
};
subtest 'encrypted' => sub
{
SKIP:
{
eval( "use Crypt::Cipher ${CRYPTX_REQUIRED_VERSION}" );
if( $@ )
{
skip( "Crypt::Cipher is not installed on your system", 4 );
t/CookieTest.pm view on Meta::CPAN
my $jar = $self->jar;
return( $self->ok( $jar->exists( 'session_token' ) && $jar->exists( 'csrf_token' ) ) );
}
sub test04
{
my $self = shift( @_ );
my $rv;
my $jar = $self->jar;
my $r = $self->request;
my $c = $jar->make( name => 'site_prefs', value => "lang=en-GB", path => '/account' ) || do
{
return( $self->ok(0) );
};
defined( $rv = $jar->set( $c ) ) || do
{
return( $self->ok(0) );
};
my @set_values = $r->err_headers_out->get( 'Set-Cookie' );
return( $self->ok( "@set_values" =~ /(^|\b)site_prefs=lang%3Den-GB/ ? 1 : 0 ) );
}
# Check we have received 2 cookies and not 3.
# The 3rd one is only sent in a sub folder.
sub test05
{
my $self = shift( @_ );
my $jar = $self->jar;
return( $self->ok( $jar->exists( 'session_token' ) && $jar->exists( 'csrf_token' ) ) );
}
t/CookieTest.pm view on Meta::CPAN
{
return( $self->ok(0) );
};
# To properly elapse the cookie, it needs to have the same property values
$csrf->elapse;
$csrf->path( '/' );
defined( $rv = $jar->set( $csrf ) ) || do
{
return( $self->ok(0) );
};
return( $self->ok( $jar->exists( 'site_prefs' ) ) );
}
sub test07
{
my $self = shift( @_ );
my $rv;
my $r = $self->request;
my $jar = $self->jar;
my $c = $jar->make(
name => 'secret_cookie',
( run in 1.969 second using v1.01-cache-2.11-cpan-0bb4e1dffa6 )