Replace usage of CGI::Cookie (#2328)

Earlopain · web-flow · commit 3c1a46de3f63 · 2025-05-17T11:16:16.000+09:00
In Ruby 3.5, `cgi` will only contain functions related to escaping/unescaping. https://bugs.ruby-lang.org/issues/21258 This is not an exact replicate of course, (`CGI::Cookie`) has some validations and coerces on setters but considering for that purpose this is, they don't seem necessary? During construction of the object rack already does conversions as necessary and setters don't make much sense, and aren't documented/tested for. Although, for improved backwards compatibility, it wouldn't be much effort to make them `attr_accesor` instead.
diff --git a/lib/rack/mock_response.rb b/lib/rack/mock_response.rb
@@ -1,6 +1,5 @@
 # frozen_string_literal: true
 
-require 'cgi/cookie'
 require 'time'
 
 require_relative 'response'
@@ -11,6 +10,35 @@ module Rack
   # MockRequest.
 
   class MockResponse < Rack::Response
+    if RUBY_VERSION >= '3.5'
+      class Cookie
+        attr_reader :name, :value, :path, :domain, :expires, :secure
+
+        def initialize(args)
+          @name = args["name"]
+          @value = args["value"]
+          @path = args["path"]
+          @domain = args["domain"]
+          @expires = args["expires"]
+          @secure = args["secure"]
+        end
+
+        def method_missing(method_name, *args, &block)
+          @value.send(method_name, *args, &block)
+        end
+        # :nocov:
+        ruby2_keywords(:method_missing) if respond_to?(:ruby2_keywords, true)
+        # :nocov:
+
+        def respond_to_missing?(method_name, include_all = false)
+          @value.respond_to?(method_name, include_all) || super
+        end
+      end
+    else
+      require 'cgi/cookie'
+      Cookie = CGI::Cookie
+    end
+
     class << self
       alias [] new
     end
@@ -83,7 +111,7 @@ def parse_cookies_from_header
         Array(set_cookie_header).each do |cookie|
           cookie_name, cookie_filling = cookie.split('=', 2)
           cookie_attributes = identify_cookie_attributes cookie_filling
-          parsed_cookie = CGI::Cookie.new(
+          parsed_cookie = Cookie.new(
             'name' => cookie_name.strip,
             'value' => cookie_attributes.fetch('value'),
             'path' => cookie_attributes.fetch('path', nil),
@@ -100,7 +128,7 @@ def parse_cookies_from_header
     def identify_cookie_attributes(cookie_filling)
       cookie_bits = cookie_filling.split(';')
       cookie_attributes = Hash.new
-      cookie_attributes.store('value', cookie_bits[0].strip)
+      cookie_attributes.store('value', Array(cookie_bits[0].strip))
       cookie_bits.drop(1).each do |bit|
         if bit.include? '='
           cookie_attribute, attribute_value = bit.split('=', 2)
diff --git a/test/spec_mock_response.rb b/test/spec_mock_response.rb
@@ -84,6 +84,7 @@
   it "provides access to session cookies" do
     res = Rack::MockRequest.new(app).get("")
     session_cookie = res.cookie("session_test")
+    session_cookie[0].must_equal "session_test"
     session_cookie.value[0].must_equal "session_test"
     session_cookie.domain.must_equal "test.com"
     session_cookie.path.must_equal "/"
diff --git a/test/spec_request.rb b/test/spec_request.rb
@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 require_relative 'helper'
-require 'cgi'
+require 'cgi/escape'
 require 'forwardable'
 require 'securerandom'
 
