blob: 6619bf82d1aa8ed03c1555b1a81a20cbd7511ec3 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
|
## Check setting of cookies
COOKIE ASK http://w.y.z/ Set-Cookie: some_value=value1; Path="/"; expires=%NEXTYEAR%
CHECK http://w.y.z/ Cookie: some_value=value1
COOKIE ASK http://a.b.c/ Set-Cookie: some_value=value2; Path="/"
CHECK http://a.b.c/ Cookie: some_value=value2
## Check if clearing cookie jar works
CLEAR COOKIES
CHECK http://w.y.z/
CHECK http://a.b.c/
## Check cookie syntax
COOKIE ASK http://w.y.z/ Set-Cookie: some_value=value with spaces
CHECK http://w.y.z/ Cookie: some_value=value with spaces
COOKIE ASK http://a.b.c/ Set-Cookie: some_value="quoted value"
CHECK http://a.b.c/ Cookie: some_value="quoted value"
# Without a = sign, the cookie gets interpreted as the value for a cookie with no name
# This is what IE and Netscape does
COOKIE ASK http://a.b.c/ Set-Cookie: some_value
CHECK http://a.b.c/ Cookie: some_value; some_value="quoted value"
COOKIE ASK http://a.b.c/ Set-Cookie: some_other_value
CHECK http://a.b.c/ Cookie: some_other_value; some_value="quoted value"
CLEAR COOKIES
# This doesn't work with old-style netscape cookies, it should work with RFC2965 cookies
COOKIE ASK http://a.b.c/ Set-Cookie: some_value="quoted value; and such"
# IE & Netscape does this:
CHECK http://a.b.c/ Cookie: some_value="quoted value
# Mozilla does:
# CHECK http://a.b.c/ Cookie: some_value="quoted value; and such"
# COOKIE ASK http://a.b.c/ Set-Cookie: some_value="quoted value;
# CHECK http://a.b.c/ Cookie: some_value=
# Note that we parse RFC2965 cookies like Mozilla does
CLEAR COOKIES
## Check if deleting cookies works
COOKIE ASK http://w.y.z/ Set-Cookie: some_value=value1; Path="/"; expires=%NEXTYEAR%
CHECK http://w.y.z/ Cookie: some_value=value1
COOKIE ASK http://w.y.z/ Set-Cookie: some_value=value1; Path="/"; expires=%LASTYEAR%
CHECK http://w.y.z/
## Check if updating cookies works
COOKIE ASK http://w.y.z/ Set-Cookie: some_value=value2; Path="/"; expires=%NEXTYEAR%
COOKIE ASK http://w.y.z/ Set-Cookie: some_value=value3; Path="/"; expires=%NEXTYEAR%
CHECK http://w.y.z/ Cookie: some_value=value3
## Check if multiple cookies work
COOKIE ASK http://w.y.z/ Set-Cookie: some_value2=foobar; Path="/"; expires=%NEXTYEAR%
CHECK http://w.y.z/ Cookie: some_value2=foobar; some_value=value3
COOKIE ASK http://w.y.z/ Set-Cookie: some_value=; Path="/"; expires=%LASTYEAR%
CHECK http://w.y.z/ Cookie: some_value2=foobar
CLEAR COOKIES
## Check if path restrictions work
COOKIE ASK http://w.y.z/ Set-Cookie: some_value=value1; Path="/Foo"; expires=%NEXTYEAR%
CHECK http://w.y.z/
CHECK http://w.y.z/Foo Cookie: some_value=value1
CHECK http://w.y.z/Foo/ Cookie: some_value=value1
CHECK http://w.y.z/Foo/bar Cookie: some_value=value1
CLEAR COOKIES
## Check if default path works
# RFC2965 says that we should default to the URL path, but netscape cookies default to /
COOKIE ASK http://w.y.z/Foo/ Set-Cookie: some_value=value1; expires=%NEXTYEAR%
CHECK http://w.y.z/
CHECK http://w.y.z/Foo Cookie: some_value=value1
CHECK http://w.y.z/FooBar
CHECK http://w.y.z/Foo/ Cookie: some_value=value1
CHECK http://w.y.z/Foo/bar Cookie: some_value=value1
CLEAR COOKIES
## Check if cookies are correctly ordered based on path
COOKIE ASK http://w.y.z/ Set-Cookie: some_value=value1; Path="/Foo"; expires=%NEXTYEAR%
COOKIE ASK http://w.y.z/ Set-Cookie: some_value2=value2; Path="/Foo/Bar"; expires=%NEXTYEAR%
CHECK http://w.y.z/Foo/Bar Cookie: some_value2=value2; some_value=value1
COOKIE ASK http://w.y.z/ Set-Cookie: some_value3=value3; Path="/"; expires=%NEXTYEAR%
CHECK http://w.y.z/Foo/Bar Cookie: some_value2=value2; some_value=value1; some_value3=value3
CLEAR COOKIES
## Check cookies with same name but different paths
COOKIE ASK http://w.y.z/Foo/ Set-Cookie: some_value=value1; expires=%NEXTYEAR%
COOKIE ASK http://w.y.z/Bar/ Set-Cookie: some_value=value2; expires=%NEXTYEAR%
CHECK http://w.y.z/Foo/Bar Cookie: some_value=value1
CHECK http://w.y.z/Bar/Foo Cookie: some_value=value2
COOKIE ASK http://w.y.z/ Set-Cookie: some_value=value3; expires=%NEXTYEAR%
CHECK http://w.y.z/Foo/Bar Cookie: some_value=value1; some_value=value3
## Check secure cookie handling
COOKIE ASK https://secure.y.z/ Set-Cookie: some_value2=value2; Path="/"; expires=%NEXTYEAR%; secure
CHECK https://secure.y.z/Foo/bar Cookie: some_value2=value2
CHECK http://secure.y.z/Foo/bar
CLEAR COOKIES
COOKIE ASK http://secure.y.z/ Set-Cookie: some_value3=value3; Path="/"; expires=%NEXTYEAR%; secure
CHECK https://secure.y.z/Foo/bar Cookie: some_value3=value3
CHECK http://secure.y.z/Foo/bar
CLEAR COOKIES
## Check domain restrictions #1
COOKIE ASK http://www.acme.com/ Set-Cookie: some_value=value1; Domain=".acme.com"; expires=%NEXTYEAR%
CHECK http://www.acme.com/ Cookie: some_value=value1
CHECK http://www.abc.com/
CHECK http://frop.acme.com/ Cookie: some_value=value1
CLEAR COOKIES
## Check domain restrictions #2
COOKIE ASK http://novell.com/ Set-Cookie: some_value=value1; Domain=".novell.com"; expires=%NEXTYEAR%
CHECK http://novell.com/ Cookie: some_value=value1
CHECK http://www.novell.com/ Cookie: some_value=value1
CLEAR COOKIES
COOKIE ASK http://novell.com/ Set-Cookie: some_value=value1; Domain="novell.com"; expires=%NEXTYEAR%
CHECK http://novell.com/ Cookie: some_value=value1
CHECK http://www.novell.com/ Cookie: some_value=value1
CLEAR COOKIES
## Check domain restrictions #3
COOKIE ASK http://novell.com/ Set-Cookie: some_value=value1; expires=%NEXTYEAR%
CHECK http://novell.com/ Cookie: some_value=value1
# FIXME: Allegedly IE sends cookies to sub-domains as well!
# See e.g. https://bugzilla.mozilla.org/show_bug.cgi?id=223027
CHECK http://www.novell.com/
CLEAR COOKIES
## Check domain restrictions #4
COOKIE ASK http://novell.com/ Set-Cookie: some_value=value1; Domain=".com"; expires=%NEXTYEAR%
CHECK http://novell.com/ Cookie: some_value=value1
# If the specified domain is too broad, we default to host only
CHECK http://www.novell.com/
CHECK http://com/
CHECK http://sun.com/
## Check domain restrictions #5
CLEAR COOKIES
COOKIE ASK http://novell.co.uk/ Set-Cookie: some_value=value1; Domain=".co.uk"; expires=%NEXTYEAR%
CHECK http://novell.co.uk/ Cookie: some_value=value1
# If the specified domain is too broad, we default to host only
CHECK http://www.novell.co.uk/
CHECK http://co.uk/
CHECK http://sun.co.uk/
COOKIE ASK http://x.y.z.foobar.com/ Set-Cookie: set_by=x.y.z.foobar.com; Domain=".foobar.com"; expires=%NEXTYEAR%
CHECK http://x.y.z.foobar.com/ Cookie: set_by=x.y.z.foobar.com
CHECK http://y.z.foobar.com/ Cookie: set_by=x.y.z.foobar.com
CHECK http://z.foobar.com/ Cookie: set_by=x.y.z.foobar.com
CHECK http://www.foobar.com/ Cookie: set_by=x.y.z.foobar.com
CHECK http://foobar.com/ Cookie: set_by=x.y.z.foobar.com
CLEAR COOKIES
## Check domain restrictions #6
COOKIE ASK http://x.y.z.frop.com/ Set-Cookie: set_by=x.y.z.frop.com; Domain=".foobar.com"; expires=%NEXTYEAR%
COOKIE ASK http://x.y.z.frop.com/ Set-Cookie: set_by2=x.y.z.frop.com; Domain=".com"; expires=%NEXTYEAR%
CHECK http://x.y.z.foobar.com/
CHECK http://y.z.foobar.com/
CHECK http://z.foobar.com/
CHECK http://www.foobar.com/
CHECK http://foobar.com/
CLEAR COOKIES
## Check domain restrictions #7
COOKIE ASK http://frop.com/ Set-Cookie: set_by=x.y.z.frop.com; Domain=".foobar.com"; expires=%NEXTYEAR%
COOKIE ASK http://frop.com/ Set-Cookie: set_by2=x.y.z.frop.com; Domain=".com"; expires=%NEXTYEAR%
CHECK http://x.y.z.foobar.com/
CHECK http://y.z.foobar.com/
CHECK http://z.foobar.com/
CHECK http://www.foobar.com/
CHECK http://foobar.com/
CLEAR COOKIES
## Check domain restrictions #8
CONFIG AcceptSessionCookies true
COOKIE ACCEPT http://www.foobar.com Set-Cookie: from=foobar.com; domain=bar.com; Path="/"
CHECK http://bar.com
CLEAR COOKIES
## Check cookies with IP address hostnames
COOKIE ASK http://192.168.0.1 Set-Cookie: name1=value1; Path="/"; expires=%NEXTYEAR%
COOKIE ASK http://192.168.0.1 Set-Cookie: name11=value11; domain="test.local"; Path="/"; expires=%NEXTYEAR%
COOKIE ASK http://192.168.0.1:8080 Set-Cookie: name2=value2; Path="/"; expires=%NEXTYEAR%
COOKIE ASK https://192.168.0.1 Set-Cookie: name3=value3; Path="/"; expires=%NEXTYEAR%; secure
CHECK http://192.168.0.1 Cookie: name11=value11; name1=value1
CHECK http://192.168.0.1:8080 Cookie: name2=value2
CHECK https://192.168.0.1 Cookie: name3=value3; name11=value11; name1=value1
CHECK http://192.168.0.10
CHECK http://192.168.0
|
