MockCookie compares attributes in case-insensitive manner

Closes gh-22786

Author: jhoeller

spring-test/src/main/java/org/springframework/mock/web/MockCookie.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2018 the original author or authors.
+ * Copyright 2002-2019 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -20,12 +20,14 @@
 
 import org.springframework.lang.Nullable;
 import org.springframework.util.Assert;
+import org.springframework.util.StringUtils;
 
 /**
  * Extension of {@code Cookie} with extra attributes, as defined in
  * <a href="https://tools.ietf.org/html/rfc6265">RFC 6265</a>.
  *
  * @author Vedran Pavic
+ * @author Juergen Hoeller
  * @since 5.1
  */
 public class MockCookie extends Cookie {
@@ -39,7 +41,7 @@ public class MockCookie extends Cookie {
 
 	/**
 	 * Constructor with the cookie name and value.
-	 * @param name  the name
+	 * @param name the name
 	 * @param value the value
 	 * @see Cookie#Cookie(String, String)
 	 */
@@ -86,22 +88,22 @@ public static MockCookie parse(String setCookieHeader) {
 
 		MockCookie cookie = new MockCookie(name, value);
 		for (String attribute : attributes) {
-			if (attribute.startsWith("Domain")) {
+			if (StringUtils.startsWithIgnoreCase(attribute, "Domain")) {
 				cookie.setDomain(extractAttributeValue(attribute, setCookieHeader));
 			}
-			else if (attribute.startsWith("Max-Age")) {
+			else if (StringUtils.startsWithIgnoreCase(attribute, "Max-Age")) {
 				cookie.setMaxAge(Integer.parseInt(extractAttributeValue(attribute, setCookieHeader)));
 			}
-			else if (attribute.startsWith("Path")) {
+			else if (StringUtils.startsWithIgnoreCase(attribute, "Path")) {
 				cookie.setPath(extractAttributeValue(attribute, setCookieHeader));
 			}
-			else if (attribute.startsWith("Secure")) {
+			else if (StringUtils.startsWithIgnoreCase(attribute, "Secure")) {
 				cookie.setSecure(true);
 			}
-			else if (attribute.startsWith("HttpOnly")) {
+			else if (StringUtils.startsWithIgnoreCase(attribute, "HttpOnly")) {
 				cookie.setHttpOnly(true);
 			}
-			else if (attribute.startsWith("SameSite")) {
+			else if (StringUtils.startsWithIgnoreCase(attribute, "SameSite")) {
 				cookie.setSameSite(extractAttributeValue(attribute, setCookieHeader));
 			}
 		}

spring-test/src/test/java/org/springframework/mock/web/MockCookieTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2018 the original author or authors.
+ * Copyright 2002-2019 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -34,6 +34,7 @@ public class MockCookieTests {
 	@Rule
 	public final ExpectedException exception = ExpectedException.none();
 
+
 	@Test
 	public void constructCookie() {
 		MockCookie cookie = new MockCookie("SESSION", "123");
@@ -57,9 +58,7 @@ public void setSameSite() {
 
 	@Test
 	public void parseHeaderWithoutAttributes() {
-		MockCookie cookie;
-
-		cookie = MockCookie.parse("SESSION=123");
+		MockCookie cookie = MockCookie.parse("SESSION=123");
 		assertCookie(cookie, "SESSION", "123");
 
 		cookie = MockCookie.parse("SESSION=123;");
@@ -80,6 +79,11 @@ public void parseHeaderWithAttributes() {
 		assertEquals("Lax", cookie.getSameSite());
 	}
 
+	private void assertCookie(MockCookie cookie, String name, String value) {
+		assertEquals(name, cookie.getName());
+		assertEquals(value, cookie.getValue());
+	}
+
 	@Test
 	public void parseNullHeader() {
 		exception.expect(IllegalArgumentException.class);
@@ -103,9 +107,18 @@ public void parseInvalidAttribute() {
 		MockCookie.parse(header);
 	}
 
-	private void assertCookie(MockCookie cookie, String name, String value) {
-		assertEquals(name, cookie.getName());
-		assertEquals(value, cookie.getValue());
+	@Test
+	public void parseHeaderWithAttributesCaseSensitivity() {
+		MockCookie cookie = MockCookie.parse(
+				"SESSION=123; domain=example.com; max-age=60; path=/; secure; httponly; samesite=Lax");
+
+		assertCookie(cookie, "SESSION", "123");
+		assertEquals("example.com", cookie.getDomain());
+		assertEquals(60, cookie.getMaxAge());
+		assertEquals("/", cookie.getPath());
+		assertTrue(cookie.getSecure());
+		assertTrue(cookie.isHttpOnly());
+		assertEquals("Lax", cookie.getSameSite());
 	}
 
 }

spring-web/src/test/java/org/springframework/mock/web/test/MockCookie.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2018 the original author or authors.
+ * Copyright 2002-2019 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -20,12 +20,14 @@
 
 import org.springframework.lang.Nullable;
 import org.springframework.util.Assert;
+import org.springframework.util.StringUtils;
 
 /**
  * Extension of {@code Cookie} with extra attributes, as defined in
  * <a href="https://tools.ietf.org/html/rfc6265">RFC 6265</a>.
  *
  * @author Vedran Pavic
+ * @author Juergen Hoeller
  * @since 5.1
  */
 public class MockCookie extends Cookie {
@@ -39,7 +41,7 @@ public class MockCookie extends Cookie {
 
 	/**
 	 * Constructor with the cookie name and value.
-	 * @param name  the name
+	 * @param name the name
 	 * @param value the value
 	 * @see Cookie#Cookie(String, String)
 	 */
@@ -86,22 +88,22 @@ public static MockCookie parse(String setCookieHeader) {
 
 		MockCookie cookie = new MockCookie(name, value);
 		for (String attribute : attributes) {
-			if (attribute.startsWith("Domain")) {
+			if (StringUtils.startsWithIgnoreCase(attribute, "Domain")) {
 				cookie.setDomain(extractAttributeValue(attribute, setCookieHeader));
 			}
-			else if (attribute.startsWith("Max-Age")) {
+			else if (StringUtils.startsWithIgnoreCase(attribute, "Max-Age")) {
 				cookie.setMaxAge(Integer.parseInt(extractAttributeValue(attribute, setCookieHeader)));
 			}
-			else if (attribute.startsWith("Path")) {
+			else if (StringUtils.startsWithIgnoreCase(attribute, "Path")) {
 				cookie.setPath(extractAttributeValue(attribute, setCookieHeader));
 			}
-			else if (attribute.startsWith("Secure")) {
+			else if (StringUtils.startsWithIgnoreCase(attribute, "Secure")) {
 				cookie.setSecure(true);
 			}
-			else if (attribute.startsWith("HttpOnly")) {
+			else if (StringUtils.startsWithIgnoreCase(attribute, "HttpOnly")) {
 				cookie.setHttpOnly(true);
 			}
-			else if (attribute.startsWith("SameSite")) {
+			else if (StringUtils.startsWithIgnoreCase(attribute, "SameSite")) {
 				cookie.setSameSite(extractAttributeValue(attribute, setCookieHeader));
 			}
 		}