From 7c687d052d61fcf8a8c7a0364cc0953693569f2c Mon Sep 17 00:00:00 2001
From: Oleg Pudeyev <oleg@bsdpower.com>
Date: Mon, 23 Dec 2019 01:32:18 -0500
Subject: [PATCH] Add same_site attribute and tests

---
 lib/cookiejar/cookie.rb            | 9 +++++++--
 lib/cookiejar/cookie_validation.rb | 2 +-
 spec/cookie_spec.rb                | 4 ++++
 spec/cookie_validation_spec.rb     | 4 ++++
 4 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/lib/cookiejar/cookie.rb b/lib/cookiejar/cookie.rb
index 607a3c7..3b200db 100644
--- a/lib/cookiejar/cookie.rb
+++ b/lib/cookiejar/cookie.rb
@@ -47,6 +47,9 @@ class Cookie
     # indicates specific ports on the HTTP server which should receive this
     # cookie if contacted.
     attr_reader :ports
+    # [String] SameSite cookie attribute value - see
+    # https://tools.ietf.org/html/draft-west-first-party-cookies-07
+    attr_reader :same_site
     # [Time] Time when this cookie was first evaluated and created.
     attr_reader :created_at
 
@@ -240,10 +243,12 @@ def self.compute_search_domains(request_uri)
     # Call {from_set_cookie} to create a new Cookie instance
     def initialize(args)
       @created_at, @name, @value, @domain, @path, @secure,
-      @http_only, @version, @comment, @comment_url, @discard, @ports \
+      @http_only, @version, @comment, @comment_url, @discard, @ports, \
+      @same_site \
       = args.values_at \
         :created_at, :name, :value, :domain, :path, :secure,
-        :http_only, :version, :comment, :comment_url, :discard, :ports
+        :http_only, :version, :comment, :comment_url, :discard, :ports,
+        :same_site
 
       @created_at ||= Time.now
       @expiry = args[:max_age] || args[:expires_at]
diff --git a/lib/cookiejar/cookie_validation.rb b/lib/cookiejar/cookie_validation.rb
index a64c607..73def3a 100644
--- a/lib/cookiejar/cookie_validation.rb
+++ b/lib/cookiejar/cookie_validation.rb
@@ -322,7 +322,7 @@ def self.parse_set_cookie(set_cookie_value)
           when :httponly
             args[:http_only] = true
           when :samesite
-            args[:samesite] = keyvalue.downcase
+            args[:same_site] = keyvalue.downcase
           else
             fail InvalidCookieError, "Unknown cookie parameter '#{key}'"
           end
diff --git a/spec/cookie_spec.rb b/spec/cookie_spec.rb
index 497daa5..b88e500 100644
--- a/spec/cookie_spec.rb
+++ b/spec/cookie_spec.rb
@@ -43,6 +43,10 @@
       expect(cookie.name).to eq 'GALX'
       expect(cookie.secure).to be_truthy
     end
+    it 'should accept SameSite attribute' do
+      cookie = Cookie.from_set_cookie 'https://www.google.com/a/blah', 'GALX=RgmSftjnbPM;samesite=strict'
+      expect(cookie.same_site).to eq 'strict'
+    end
   end
   describe '#from_set_cookie2' do
     it 'should give back the input names and values' do
diff --git a/spec/cookie_validation_spec.rb b/spec/cookie_validation_spec.rb
index e4cae54..24e85e7 100644
--- a/spec/cookie_validation_spec.rb
+++ b/spec/cookie_validation_spec.rb
@@ -74,6 +74,10 @@
       higher = Cookie.from_set_cookie 'http://foo.com/bar/baz/', 'foo=bar;path=/bar/'
       CookieValidation.validate_cookie('http://foo.com/bar/baz/', higher)
     end
+    it 'should accept SameSite attribute' do
+      cookie = Cookie.from_set_cookie 'http://127.0.0.1/', 'foo=bar;samesite=strict'
+      expect(CookieValidation.validate_cookie('http://127.0.0.1/', cookie)).to be_truthy
+    end
   end
   describe '#cookie_base_path' do
     it "should leave '/' alone" do