pax_global_header00006660000000000000000000000064125520171160014512gustar00rootroot0000000000000052 comment=bbd0df6bca3cac22138225d6a36243ce767d5881 lua-resty-cookie-0.1.0/000077500000000000000000000000001255201711600147045ustar00rootroot00000000000000lua-resty-cookie-0.1.0/.gitignore000066400000000000000000000001231255201711600166700ustar00rootroot00000000000000*.swp *.swo *~ go t/servroot/ reindex *.t_ tags luacov.report.out luacov.stats.out lua-resty-cookie-0.1.0/Makefile000066400000000000000000000006451255201711600163510ustar00rootroot00000000000000OPENRESTY_PREFIX=/usr/local/openresty PREFIX ?= /usr/local LUA_INCLUDE_DIR ?= $(PREFIX)/include LUA_LIB_DIR ?= $(PREFIX)/lib/lua/$(LUA_VERSION) INSTALL ?= install .PHONY: all test install all: ; install: all $(INSTALL) -d $(DESTDIR)/$(LUA_LIB_DIR)/resty/ $(INSTALL) lib/resty/*.lua $(DESTDIR)/$(LUA_LIB_DIR)/resty/ test: all PATH=$(OPENRESTY_PREFIX)/nginx/sbin:$$PATH prove -I../test-nginx/lib -r t lua-resty-cookie-0.1.0/README.md000066400000000000000000000132701255201711600161660ustar00rootroot00000000000000Name ==== lua-resty-cookie - This library parses HTTP Cookie header for Nginx and returns each field in the cookie. Table of Contents ================= * [Name](#name) * [Status](#status) * [Synopsis](#synopsis) * [Methods](#methods) * [new](#new) * [get](#get) * [get_all](#get_all) * [set](#set) * [Installation](#installation) * [Authors](#authors) * [Copyright and License](#copyright-and-license) Status ====== This library is production ready. Synopsis ======== ```lua lua_package_path "/path/to/lua-resty-cookie/lib/?.lua;;"; server { location /test { content_by_lua ' local ck = require "resty.cookie" local cookie, err = ck:new() if not cookie then ngx.log(ngx.ERR, err) return end -- get single cookie local field, err = cookie:get("lang") if not field then ngx.log(ngx.ERR, err) return end ngx.say("lang", " => ", field) -- get all cookies local fields, err = cookie:get_all() if not fields then ngx.log(ngx.ERR, err) return end for k, v in pairs(fields) do ngx.say(k, " => ", v) end -- set one cookie local ok, err = cookie:set({ key = "Name", value = "Bob", path = "/", domain = "example.com", secure = true, httponly = true, expires = "Wed, 09 Jun 2021 10:18:14 GMT", max_age = 50, extension = "a4334aebaec" }) if not ok then ngx.log(ngx.ERR, err) return end -- set another cookie, both cookies will appear in HTTP response local ok, err = cookie:set({ key = "Age", value = "20", }) if not ok then ngx.log(ngx.ERR, err) return end '; } } ``` Methods ======= [Back to TOC](#table-of-contents) new --- `syntax: cookie_obj = cookie()` Create a new cookie object for current request. You can get parsed cookie from client or set cookie to client later using this object. [Back to TOC](#table-of-contents) get --- `syntax: cookie_val, err = cookie_obj:get(cookie_name)` Get a single client cookie value. On error, returns `nil` and an error message. [Back to TOC](#table-of-contents) get_all ------- `syntax: fields, err = cookie_obj:get_all()` Get all client cookie key/value pairs in a lua table. On error, returns `nil` and an error message. [Back to TOC](#table-of-contents) set --- ```lua syntax: ok, err = cookie_obj:set({ key = "Name", value = "Bob", path = "/", domain = "example.com", secure = true, httponly = true, expires = "Wed, 09 Jun 2021 10:18:14 GMT", max_age = 50, extension = "a4334aebaec" }) ``` Set a cookie to client. This will add a new 'Set-Cookie' response header. `key` and `value` are required, all other fields are optional. If the same cookie (whole cookie string, e.g. "Name=Bob; Expires=Wed, 09 Jun 2021 10:18:14 GMT; Max-Age=50; Domain=example.com; Path=/; Secure; HttpOnly;") has already been setted, new cookie will be ignored. [Back to TOC](#table-of-contents) Installation ============ You need to compile [ngx_lua](https://github.com/chaoslawful/lua-nginx-module/tags) with your Nginx. You need to configure the [lua_package_path](https://github.com/chaoslawful/lua-nginx-module#lua_package_path) directive to add the path of your `lua-resty-cookie` source tree to ngx_lua's Lua module search path, as in # nginx.conf http { lua_package_path "/path/to/lua-resty-cookie/lib/?.lua;;"; ... } and then load the library in Lua: local ck = require "resty.cookie" [Back to TOC](#table-of-contents) Authors ======= Jiale Zhi , CloudFlare Inc. Yichun Zhang (agentzh) , CloudFlare Inc. [Back to TOC](#table-of-contents) Copyright and License ===================== This module is licensed under the BSD license. Copyright (C) 2013, by Jiale Zhi , CloudFlare Inc. Copyright (C) 2013, by Yichun Zhang , CloudFlare Inc. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. [Back to TOC](#table-of-contents) lua-resty-cookie-0.1.0/lib/000077500000000000000000000000001255201711600154525ustar00rootroot00000000000000lua-resty-cookie-0.1.0/lib/resty/000077500000000000000000000000001255201711600166205ustar00rootroot00000000000000lua-resty-cookie-0.1.0/lib/resty/cookie.lua000066400000000000000000000121531255201711600205760ustar00rootroot00000000000000-- Copyright (C) 2013 Jiale Zhi (calio), Cloudflare Inc. -- See RFC6265 http://tools.ietf.org/search/rfc6265 -- require "luacov" local type = type local byte = string.byte local sub = string.sub local format = string.format local log = ngx.log local ERR = ngx.ERR local ngx_header = ngx.header local EQUAL = byte("=") local SEMICOLON = byte(";") local SPACE = byte(" ") local HTAB = byte("\t") local ok, new_tab = pcall(require, "table.new") if not ok then new_tab = function (narr, nrec) return {} end end local ok, clear_tab = pcall(require, "table.clear") if not ok then clear_tab = function(tab) for k, _ in pairs(tab) do tab[k] = nil end end end local _M = new_tab(0, 2) _M._VERSION = '0.01' local mt = { __index = _M } local function get_cookie_table(text_cookie) if type(text_cookie) ~= "string" then log(ERR, format("expect text_cookie to be \"string\" but found %s", type(text_cookie))) return {} end local EXPECT_KEY = 1 local EXPECT_VALUE = 2 local EXPECT_SP = 3 local n = 0 local len = #text_cookie for i=1, len do if byte(text_cookie, i) == SEMICOLON then n = n + 1 end end local cookie_table = new_tab(0, n + 1) local state = EXPECT_SP local i = 1 local j = 1 local key, value while j <= len do if state == EXPECT_KEY then if byte(text_cookie, j) == EQUAL then key = sub(text_cookie, i, j - 1) state = EXPECT_VALUE i = j + 1 end elseif state == EXPECT_VALUE then if byte(text_cookie, j) == SEMICOLON or byte(text_cookie, j) == SPACE or byte(text_cookie, j) == HTAB then value = sub(text_cookie, i, j - 1) cookie_table[key] = value key, value = nil, nil state = EXPECT_SP i = j + 1 end elseif state == EXPECT_SP then if byte(text_cookie, j) ~= SPACE and byte(text_cookie, j) ~= HTAB then state = EXPECT_KEY i = j j = j - 1 end end j = j + 1 end if key ~= nil and value == nil then cookie_table[key] = sub(text_cookie, i) end return cookie_table end function _M.new(self) local _cookie = ngx.var.http_cookie --if not _cookie then --return nil, "no cookie found in current request" --end return setmetatable({ _cookie = _cookie, set_cookie_table = new_tab(4, 0) }, mt) end function _M.get(self, key) if not self._cookie then return nil, "no cookie found in the current request" end if self.cookie_table == nil then self.cookie_table = get_cookie_table(self._cookie) end return self.cookie_table[key] end function _M.get_all(self) local err if not self._cookie then return nil, "no cookie found in the current request" end if self.cookie_table == nil then self.cookie_table = get_cookie_table(self._cookie) end return self.cookie_table end local function bake(cookie) if not cookie.key or not cookie.value then return nil, 'missing cookie field "key" or "value"' end if cookie["max-age"] then cookie.max_age = cookie["max-age"] end local str = cookie.key .. "=" .. cookie.value .. (cookie.expires and "; Expires=" .. cookie.expires or "") .. (cookie.max_age and "; Max-Age=" .. cookie.max_age or "") .. (cookie.domain and "; Domain=" .. cookie.domain or "") .. (cookie.path and "; Path=" .. cookie.path or "") .. (cookie.secure and "; Secure" or "") .. (cookie.httponly and "; HttpOnly" or "") .. (cookie.extension and "; " .. cookie.extension or "") return str end function _M.set(self, cookie) local cookie_str, err = bake(cookie) if not cookie_str then return nil, err end local set_cookie = ngx_header['Set-Cookie'] local set_cookie_type = type(set_cookie) local t = self.set_cookie_table clear_tab(t) if set_cookie_type == "string" then -- only one cookie has been setted if set_cookie ~= cookie_str then t[1] = set_cookie t[2] = cookie_str ngx_header['Set-Cookie'] = t end elseif set_cookie_type == "table" then -- more than one cookies has been setted local size = #set_cookie -- we can not set cookie like ngx.header['Set-Cookie'][3] = val -- so create a new table, copy all the values, and then set it back for i=1, size do t[i] = ngx_header['Set-Cookie'][i] if t[i] == cookie_str then -- new cookie is duplicated return true end end t[size + 1] = cookie_str ngx_header['Set-Cookie'] = t else -- no cookie has been setted ngx_header['Set-Cookie'] = cookie_str end return true end return _M lua-resty-cookie-0.1.0/t/000077500000000000000000000000001255201711600151475ustar00rootroot00000000000000lua-resty-cookie-0.1.0/t/sanity.t000066400000000000000000000160521255201711600166470ustar00rootroot00000000000000# vim:set ft= ts=4 sw=4 et: use Test::Nginx::Socket; use Cwd qw(cwd); repeat_each(2); plan tests => repeat_each() * (blocks() * 3 + 4); my $pwd = cwd(); our $HttpConfig = qq{ lua_package_path "$pwd/lib/?.lua;;"; lua_package_cpath "/usr/local/openresty-debug/lualib/?.so;/usr/local/openresty/lualib/?.so;;"; }; $ENV{TEST_NGINX_RESOLVER} = '8.8.8.8'; #no_long_string(); log_level('debug'); run_tests(); __DATA__ === TEST 1: sanity --- http_config eval: $::HttpConfig --- config location /t { content_by_lua ' local ck = require "resty.cookie" local cookie, err = ck:new() if not cookie then ngx.log(ngx.ERR, err) return end local fields = cookie:get_all() for k, v in pairs(fields) do ngx.say(k, " => ", v) end '; } --- request GET /t --- more_headers Cookie: SID=31d4d96e407aad42; lang=en-US --- no_error_log [error] --- response_body SID => 31d4d96e407aad42 lang => en-US === TEST 2: sanity 2 --- http_config eval: $::HttpConfig --- config location /t { content_by_lua ' local ck = require "resty.cookie" local cookie, err = ck:new() if not cookie then ngx.log(ngx.ERR, err) return end local field = cookie:get("lang") ngx.say("lang", " => ", field) '; } --- request GET /t --- more_headers Cookie: SID=31d4d96e407aad42; lang=en-US --- no_error_log [error] --- response_body lang => en-US === TEST 3: no cookie header --- http_config eval: $::HttpConfig --- config location /t { content_by_lua ' local ck = require "resty.cookie" local cookie, err = ck:new() if not cookie then ngx.log(ngx.ERR, err) ngx.say(err) return end local field, err = cookie:get("lang") if not field then ngx.log(ngx.ERR, err) ngx.say(err) return end ngx.say("lang", " => ", field) '; } --- request GET /t --- error_log no cookie found in the current request --- response_body no cookie found in the current request === TEST 4: empty value --- http_config eval: $::HttpConfig --- config location /t { content_by_lua ' local ck = require "resty.cookie" local cookie, err = ck:new() if not cookie then ngx.log(ngx.ERR, err) return end local fields = cookie:get_all() for k, v in pairs(fields) do ngx.say(k, " => ", v) end '; } --- request GET /t --- more_headers Cookie: SID= --- no_error_log [error] --- response_body SID => === TEST 5: cookie with space/tab --- http_config eval: $::HttpConfig --- config location /t { content_by_lua ' local ck = require "resty.cookie" local cookie, err = ck:new() if not cookie then ngx.log(ngx.ERR, err) return end local fields = cookie:get_all() for k, v in pairs(fields) do ngx.say(k, " => ", v) end '; } --- request GET /t --- more_headers eval: "Cookie: SID=foo\t" --- no_error_log [error] --- response_body SID => foo === TEST 6: set cookie --- http_config eval: $::HttpConfig --- config location /t { content_by_lua ' local ck = require "resty.cookie" local cookie, err = ck:new() if not cookie then ngx.log(ngx.ERR, err) return end local ok, err = cookie:set({ key = "Name", value = "Bob", path = "/", domain = "example.com", secure = true, httponly = true, expires = "Wed, 09 Jun 2021 10:18:14 GMT", max_age = 50, extension = "a4334aebaec" }) if not ok then ngx.log(ngx.ERR, err) return end ngx.say("Set cookie") '; } --- request GET /t --- no_error_log [error] --- response_headers Set-Cookie: Name=Bob; Expires=Wed, 09 Jun 2021 10:18:14 GMT; Max-Age=50; Domain=example.com; Path=/; Secure; HttpOnly; a4334aebaec --- response_body Set cookie === TEST 7: set multiple cookie --- http_config eval: $::HttpConfig --- config location /t { content_by_lua ' local ck = require "resty.cookie" local cookie, err = ck:new() if not cookie then ngx.log(ngx.ERR, err) return end local ok, err = cookie:set({ key = "Name", value = "Bob", path = "/", }) if not ok then ngx.log(ngx.ERR, err) return end local ok, err = cookie:set({ key = "Age", value = "20", }) if not ok then ngx.log(ngx.ERR, err) return end local ok, err = cookie:set({ key = "ID", value = "0xf7898", expires = "Wed, 09 Jun 2021 10:18:14 GMT" }) if not ok then ngx.log(ngx.ERR, err) return end ngx.say("Set cookie") '; } --- request GET /t --- no_error_log [error] --- comment because "--- response_headers" does not work with multiple headers with the same key, so use "--- raw_response_headers_like" instead --- raw_response_headers_like: Set-Cookie: Name=Bob; Path=/\r\nSet-Cookie: Age=20\r\nSet-Cookie: ID=0xf7898; Expires=Wed, 09 Jun 2021 10:18:14 GMT --- response_body Set cookie === TEST 8: remove duplicated cookies in cookie:set --- http_config eval: $::HttpConfig --- config location /t { content_by_lua ' local ck = require "resty.cookie" local cookie, err = ck:new() if not cookie then ngx.log(ngx.ERR, err) return end local ok, err = cookie:set({ key = "Name", value = "Bob", path = "/", }) if not ok then ngx.log(ngx.ERR, err) return end local ok, err = cookie:set({ key = "Age", value = "20", }) if not ok then ngx.log(ngx.ERR, err) return end local ok, err = cookie:set({ key = "Name", value = "Bob", path = "/", }) if not ok then ngx.log(ngx.ERR, err) return end ngx.say("Set cookie") '; } --- request GET /t --- no_error_log [error] --- raw_response_headers_like: Set-Cookie: Name=Bob; Path=/\r\nSet-Cookie: Age=20\r\n --- raw_response_headers_unlike: Set-Cookie: Name=Bob; Path=/\r\nSet-Cookie: Age=20\r\nSet-Cookie: Name=Bob; Path=/ --- response_body Set cookie