diff options
| author | Chirayu Krishnappa | 2013-05-10 19:17:56 -0700 |
|---|---|---|
| committer | Chirayu Krishnappa | 2013-05-11 09:28:14 -0700 |
| commit | 3952d35abe334a0e6afd1f6e34a74d984d1e9d24 (patch) | |
| tree | 262d27ddeb64eeac6626aedfd4429790862c7acf | |
| parent | bffe6fa8a60d2b42685c56442a02e0881f00d810 (diff) | |
| download | angular.js-3952d35abe334a0e6afd1f6e34a74d984d1e9d24.tar.bz2 | |
fix($browser): should use first value for a cookie.
With this change, $browser.cookies()["foo"] will behave like
docCookies.getItem("foo") where docCookies is defined at
https://developer.mozilla.org/en-US/docs/DOM/document.cookie
This fixes the issue where, if there's a value for the XSRF-TOKEN cookie
value with the path /, then that value is used for all applications in
the domain even if they set path specific values for XSRF-TOKEN.
Closes #2635
| -rw-r--r-- | src/ng/browser.js | 8 | ||||
| -rwxr-xr-x | test/ng/browserSpecs.js | 7 |
2 files changed, 14 insertions, 1 deletions
diff --git a/src/ng/browser.js b/src/ng/browser.js index bda372be..7a32993f 100644 --- a/src/ng/browser.js +++ b/src/ng/browser.js @@ -297,7 +297,13 @@ function Browser(window, document, $log, $sniffer) { cookie = cookieArray[i]; index = cookie.indexOf('='); if (index > 0) { //ignore nameless cookies - lastCookies[unescape(cookie.substring(0, index))] = unescape(cookie.substring(index + 1)); + var name = unescape(cookie.substring(0, index)); + // the first value that is seen for a cookie is the most + // specific one. values for the same cookie name that + // follow are for less specific paths. + if (lastCookies[name] === undefined) { + lastCookies[name] = unescape(cookie.substring(index + 1)); + } } } } diff --git a/test/ng/browserSpecs.js b/test/ng/browserSpecs.js index eba9bd02..3ec78e61 100755 --- a/test/ng/browserSpecs.js +++ b/test/ng/browserSpecs.js @@ -304,6 +304,13 @@ describe('browser', function() { expect(browser.cookies().foo).toEqual('bar=baz'); }); + it('should return the the first value provided for a cookie', function() { + // For a cookie that has different values that differ by path, the + // value for the most specific path appears first. browser.cookies() + // should provide that value for the cookie. + document.cookie = 'foo="first"; foo="second"'; + expect(browser.cookies()['foo']).toBe('"first"'); + }); it ('should unescape cookie values that were escaped by puts', function() { document.cookie = "cookie2%3Dbar%3Bbaz=val%3Due;path=/"; |