From 0cd1cdaeb5100aacfef19dbd012d01af46af07e7 Mon Sep 17 00:00:00 2001
From: Bryce Thornton <brycethornton@gmail.com>
Date: Sun, 18 Jul 2010 19:43:07 -0400
Subject: [PATCH] Allow for any possible TLD when using the :all option with the cookie session store. This works for subdomain.mysite.local, google.co.uk, google.com.au, etc. [#5147 state:resolved]

---
 .../lib/action_dispatch/middleware/cookies.rb      |   24 ++++++++++++++-----
 actionpack/test/dispatch/cookies_test.rb           |   19 ++++++++++++++-
 2 files changed, 34 insertions(+), 9 deletions(-)

diff --git a/actionpack/lib/action_dispatch/middleware/cookies.rb b/actionpack/lib/action_dispatch/middleware/cookies.rb
index 4d33cd3..fe5b195 100644
--- a/actionpack/lib/action_dispatch/middleware/cookies.rb
+++ b/actionpack/lib/action_dispatch/middleware/cookies.rb
@@ -69,12 +69,22 @@ module ActionDispatch
 
     class CookieJar < Hash #:nodoc:
 
-      # This regular expression is used to split the levels of a domain
-      # So www.example.co.uk gives:
-      # $1 => www.
-      # $2 => example
-      # $3 => co.uk
-      DOMAIN_REGEXP = /^(.*\.)*(.*)\.(...|...\...|....|..\...|..)$/
+      # This regular expression is used to split the levels of a domain.
+      # The top level domain can be any string without a period or
+      # **.**, ***.** style TLDs like co.uk or com.au
+      #
+      # www.example.co.uk gives:
+      # $1 => example
+      # $2 => co.uk
+      #
+      # example.com gives:
+      # $1 => example
+      # $2 => com
+      #
+      # lots.of.subdomains.example.local gives:
+      # $1 => example
+      # $2 => local
+      DOMAIN_REGEXP = /([^.]*)\.([^.]*|..\...|...\...)$/
 
       def self.build(request)
         secret = request.env[TOKEN_KEY]
@@ -104,7 +114,7 @@ module ActionDispatch
 
         if options[:domain] == :all
           @host =~ DOMAIN_REGEXP
-          options[:domain] = ".#{$2}.#{$3}"
+          options[:domain] = ".#{$1}.#{$2}"
         end
       end
 
diff --git a/actionpack/test/dispatch/cookies_test.rb b/actionpack/test/dispatch/cookies_test.rb
index b04c1a4..0f6a769 100644
--- a/actionpack/test/dispatch/cookies_test.rb
+++ b/actionpack/test/dispatch/cookies_test.rb
@@ -227,9 +227,24 @@ class CookiesTest < ActionController::TestCase
   end
 
   def test_cookie_with_all_domain_option
+    @request.host = "www.nextangle.co.uk"
     get :set_cookie_with_domain
     assert_response :success
-    assert_cookie_header "user_name=rizwanreza; domain=.nextangle.com; path=/"
+    assert_cookie_header "user_name=rizwanreza; domain=.nextangle.co.uk; path=/"
+  end
+
+  def test_cookie_with_all_domain_option_using_a_non_standard_tld
+    @request.host = "two.subdomains.nextangle.local"
+    get :set_cookie_with_domain
+    assert_response :success
+    assert_cookie_header "user_name=rizwanreza; domain=.nextangle.local; path=/"
+  end
+
+  def test_cookie_with_all_domain_option_using_an_australian_style_tld
+    @request.host = "nextangle.com.au"
+    get :set_cookie_with_domain
+    assert_response :success
+    assert_cookie_header "user_name=rizwanreza; domain=.nextangle.com.au; path=/"
   end
 
   def test_deleting_cookie_with_all_domain_option
@@ -247,4 +262,4 @@ class CookiesTest < ActionController::TestCase
         assert_equal expected.split("\n"), header
       end
     end
-end
\ No newline at end of file
+end
-- 
1.6.0.4