+2

.gitignore

··· 1 1 + _build 2 2 + .*.swp

+1

.ocamlformat

··· 1 1 + version=0.27.0

+18

LICENSE.md

··· 1 1 + (* 2 2 + * ISC License 3 3 + * 4 4 + * Copyright (c) 2025 Anil Madhavapeddy <anil@recoil.org> 5 5 + * 6 6 + * Permission to use, copy, modify, and distribute this software for any 7 7 + * purpose with or without fee is hereby granted, provided that the above 8 8 + * copyright notice and this permission notice appear in all copies. 9 9 + * 10 10 + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 11 + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 12 + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 13 + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 14 + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 15 + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 16 + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 17 + * 18 18 + *)

+64

README.md

··· 1 1 + # Cookeio - HTTP Cookie Management for OCaml 2 2 + 3 3 + Cookeio is an OCaml library for managing HTTP cookies. 4 4 + 5 5 + ## Overview 6 6 + 7 7 + HTTP cookies are a mechanism for maintaining client-side state in web 8 8 + applications. Originally specified to allow "server side connections to store 9 9 + and retrieve information on the client side," cookies enable persistent storage 10 10 + of user preferences, session data, shopping cart contents, and authentication 11 11 + tokens. 12 12 + 13 13 + This library provides a complete cookie jar implementation following 14 14 + established standards while integrating with OCaml's for efficient asynchronous 15 15 + operations. 16 16 + 17 17 + ## Cookie Attributes 18 18 + 19 19 + The library supports all standard HTTP cookie attributes: 20 20 + 21 21 + - **Domain**: Controls which domains can access the cookie using tail matching 22 22 + - **Path**: Defines URL subsets where the cookie is valid 23 23 + - **Secure**: Restricts transmission to HTTPS connections only 24 24 + - **HttpOnly**: Prevents JavaScript access to the cookie 25 25 + - **Expires**: Sets cookie lifetime (session cookies when omitted) 26 26 + - **SameSite**: Controls cross-site request behavior (`Strict`, `Lax`, or `None`) 27 27 + 28 28 + ## Usage 29 29 + 30 30 + ```ocaml 31 31 + (* Create a new cookie jar *) 32 32 + let jar = Cookeio.create () in 33 33 + 34 34 + (* Parse a Set-Cookie header *) 35 35 + let cookie = Cookeio.parse_set_cookie 36 36 + ~domain:"example.com" 37 37 + ~path:"/" 38 38 + "session=abc123; Secure; HttpOnly; SameSite=Strict" in 39 39 + 40 40 + (* Add cookie to jar *) 41 41 + Option.iter (Cookeio.add_cookie jar) cookie; 42 42 + 43 43 + (* Get cookies for a request *) 44 44 + let cookies = Cookeio.get_cookies jar 45 45 + ~domain:"example.com" 46 46 + ~path:"/api" 47 47 + ~is_secure:true in 48 48 + 49 49 + (* Generate Cookie header *) 50 50 + let header = Cookeio.make_cookie_header cookies 51 51 + ``` 52 52 + 53 53 + ## Storage and Persistence 54 54 + 55 55 + Cookies can be persisted to disk in Mozilla format for compatibility with other 56 56 + tools: 57 57 + 58 58 + ```ocaml 59 59 + (* Save cookies to file *) 60 60 + Cookeio.save (Eio.Path.of_string "cookies.txt") jar; 61 61 + 62 62 + (* Load cookies from file *) 63 63 + let jar = Cookeio.load (Eio.Path.of_string "cookies.txt") 64 64 + ```

+35

cookeio.opam

··· 1 1 + # This file is generated by dune, edit dune-project instead 2 2 + opam-version: "2.0" 3 3 + synopsis: "Cookie parsing and management library using Eio" 4 4 + description: 5 5 + "Cookeio provides cookie management functionality for OCaml applications, including parsing Set-Cookie headers, managing cookie jars, and supporting the Mozilla cookies.txt format for persistence." 6 6 + maintainer: ["Anil Madhavapeddy"] 7 7 + authors: ["Anil Madhavapeddy"] 8 8 + license: "ISC" 9 9 + homepage: "https://github.com/avsm/cookeio" 10 10 + bug-reports: "https://github.com/avsm/cookeio/issues" 11 11 + depends: [ 12 12 + "ocaml" {>= "5.2.0"} 13 13 + "dune" {>= "3.19"} 14 14 + "eio" {>= "1.0"} 15 15 + "logs" {>= "0.9.0"} 16 16 + "ptime" {>= "1.1.0"} 17 17 + "alcotest" {with-test} 18 18 + "odoc" {with-doc} 19 19 + ] 20 20 + build: [ 21 21 + ["dune" "subst"] {dev} 22 22 + [ 23 23 + "dune" 24 24 + "build" 25 25 + "-p" 26 26 + name 27 27 + "-j" 28 28 + jobs 29 29 + "@install" 30 30 + "@runtest" {with-test} 31 31 + "@doc" {with-doc} 32 32 + ] 33 33 + ] 34 34 + dev-repo: "git+https://github.com/avsm/cookeio.git" 35 35 + x-maintenance-intent: ["(latest)"]

+23

dune-project

··· 1 1 + (lang dune 3.19) 2 2 + 3 3 + (name cookeio) 4 4 + 5 5 + (generate_opam_files true) 6 6 + 7 7 + (source (github avsm/cookeio)) 8 8 + 9 9 + (authors "Anil Madhavapeddy") 10 10 + (maintainers "Anil Madhavapeddy") 11 11 + (license ISC) 12 12 + 13 13 + (package 14 14 + (name cookeio) 15 15 + (synopsis "Cookie parsing and management library using Eio") 16 16 + (description "Cookeio provides cookie management functionality for OCaml applications, including parsing Set-Cookie headers, managing cookie jars, and supporting the Mozilla cookies.txt format for persistence.") 17 17 + (depends 18 18 + (ocaml (>= 5.2.0)) 19 19 + dune 20 20 + (eio (>= 1.0)) 21 21 + (logs (>= 0.9.0)) 22 22 + (ptime (>= 1.1.0)) 23 23 + (alcotest :with-test)))

+397

lib/cookeio.ml

··· 1 1 + let src = Logs.Src.create "cookeio" ~doc:"Cookie management" 2 2 + 3 3 + module Log = (val Logs.src_log src : Logs.LOG) 4 4 + 5 5 + type same_site = [ `Strict | `Lax | `None ] 6 6 + (** Cookie same-site policy *) 7 7 + 8 8 + type t = { 9 9 + domain : string; 10 10 + path : string; 11 11 + name : string; 12 12 + value : string; 13 13 + secure : bool; 14 14 + http_only : bool; 15 15 + expires : Ptime.t option; 16 16 + same_site : same_site option; 17 17 + creation_time : Ptime.t; 18 18 + last_access : Ptime.t; 19 19 + } 20 20 + (** HTTP Cookie *) 21 21 + 22 22 + type jar = { mutable cookies : t list; mutex : Eio.Mutex.t } 23 23 + (** Cookie jar for storing and managing cookies *) 24 24 + 25 25 + (** {1 Cookie Accessors} *) 26 26 + 27 27 + let domain cookie = cookie.domain 28 28 + let path cookie = cookie.path 29 29 + let name cookie = cookie.name 30 30 + let value cookie = cookie.value 31 31 + let secure cookie = cookie.secure 32 32 + let http_only cookie = cookie.http_only 33 33 + let expires cookie = cookie.expires 34 34 + let same_site cookie = cookie.same_site 35 35 + let creation_time cookie = cookie.creation_time 36 36 + let last_access cookie = cookie.last_access 37 37 + 38 38 + let make ~domain ~path ~name ~value ?(secure = false) ?(http_only = false) 39 39 + ?expires ?same_site ~creation_time ~last_access () = 40 40 + { domain; path; name; value; secure; http_only; expires; same_site; creation_time; last_access } 41 41 + 42 42 + (** {1 Cookie Jar Creation} *) 43 43 + 44 44 + let create () = 45 45 + Log.debug (fun m -> m "Creating new empty cookie jar"); 46 46 + { cookies = []; mutex = Eio.Mutex.create () } 47 47 + 48 48 + (** {1 Cookie Matching Helpers} *) 49 49 + 50 50 + let domain_matches cookie_domain request_domain = 51 51 + (* Cookie domain .example.com matches example.com and sub.example.com *) 52 52 + if String.starts_with ~prefix:"." cookie_domain then 53 53 + let domain_suffix = String.sub cookie_domain 1 (String.length cookie_domain - 1) in 54 54 + request_domain = domain_suffix 55 55 + || String.ends_with ~suffix:("." ^ domain_suffix) request_domain 56 56 + else cookie_domain = request_domain 57 57 + 58 58 + let path_matches cookie_path request_path = 59 59 + (* Cookie path /foo matches /foo, /foo/, /foo/bar *) 60 60 + String.starts_with ~prefix:cookie_path request_path 61 61 + 62 62 + let is_expired cookie clock = 63 63 + match cookie.expires with 64 64 + | None -> false (* Session cookie *) 65 65 + | Some exp_time -> 66 66 + let now = 67 67 + Ptime.of_float_s (Eio.Time.now clock) 68 68 + |> Option.value ~default:Ptime.epoch 69 69 + in 70 70 + Ptime.compare now exp_time > 0 71 71 + 72 72 + (** {1 Cookie Parsing} *) 73 73 + 74 74 + let parse_cookie_attribute attr attr_value cookie = 75 75 + let attr_lower = String.lowercase_ascii attr in 76 76 + match attr_lower with 77 77 + | "domain" -> make ~domain:attr_value ~path:(path cookie) ~name:(name cookie) 78 78 + ~value:(value cookie) ~secure:(secure cookie) ~http_only:(http_only cookie) 79 79 + ?expires:(expires cookie) ?same_site:(same_site cookie) 80 80 + ~creation_time:(creation_time cookie) ~last_access:(last_access cookie) () 81 81 + | "path" -> make ~domain:(domain cookie) ~path:attr_value ~name:(name cookie) 82 82 + ~value:(value cookie) ~secure:(secure cookie) ~http_only:(http_only cookie) 83 83 + ?expires:(expires cookie) ?same_site:(same_site cookie) 84 84 + ~creation_time:(creation_time cookie) ~last_access:(last_access cookie) () 85 85 + | "expires" -> ( 86 86 + try 87 87 + let time, _tz_offset, _tz_string = 88 88 + Ptime.of_rfc3339 attr_value |> Result.get_ok 89 89 + in 90 90 + make ~domain:(domain cookie) ~path:(path cookie) ~name:(name cookie) 91 91 + ~value:(value cookie) ~secure:(secure cookie) ~http_only:(http_only cookie) 92 92 + ~expires:time ?same_site:(same_site cookie) 93 93 + ~creation_time:(creation_time cookie) ~last_access:(last_access cookie) () 94 94 + with _ -> 95 95 + Log.debug (fun m -> m "Failed to parse expires: %s" attr_value); 96 96 + cookie) 97 97 + | "max-age" -> ( 98 98 + try 99 99 + let seconds = int_of_string attr_value in 100 100 + let now = Unix.time () in 101 101 + let expires = Ptime.of_float_s (now +. float_of_int seconds) in 102 102 + make ~domain:(domain cookie) ~path:(path cookie) ~name:(name cookie) 103 103 + ~value:(value cookie) ~secure:(secure cookie) ~http_only:(http_only cookie) 104 104 + ?expires ?same_site:(same_site cookie) 105 105 + ~creation_time:(creation_time cookie) ~last_access:(last_access cookie) () 106 106 + with _ -> cookie) 107 107 + | "secure" -> make ~domain:(domain cookie) ~path:(path cookie) ~name:(name cookie) 108 108 + ~value:(value cookie) ~secure:true ~http_only:(http_only cookie) 109 109 + ?expires:(expires cookie) ?same_site:(same_site cookie) 110 110 + ~creation_time:(creation_time cookie) ~last_access:(last_access cookie) () 111 111 + | "httponly" -> make ~domain:(domain cookie) ~path:(path cookie) ~name:(name cookie) 112 112 + ~value:(value cookie) ~secure:(secure cookie) ~http_only:true 113 113 + ?expires:(expires cookie) ?same_site:(same_site cookie) 114 114 + ~creation_time:(creation_time cookie) ~last_access:(last_access cookie) () 115 115 + | "samesite" -> 116 116 + let same_site_val = 117 117 + match String.lowercase_ascii attr_value with 118 118 + | "strict" -> Some `Strict 119 119 + | "lax" -> Some `Lax 120 120 + | "none" -> Some `None 121 121 + | _ -> None 122 122 + in 123 123 + make ~domain:(domain cookie) ~path:(path cookie) ~name:(name cookie) 124 124 + ~value:(value cookie) ~secure:(secure cookie) ~http_only:(http_only cookie) 125 125 + ?expires:(expires cookie) ?same_site:same_site_val 126 126 + ~creation_time:(creation_time cookie) ~last_access:(last_access cookie) () 127 127 + | _ -> cookie 128 128 + 129 129 + let rec parse_set_cookie ~domain:request_domain ~path:request_path header_value = 130 130 + Log.debug (fun m -> m "Parsing Set-Cookie: %s" header_value); 131 131 + 132 132 + (* Split into attributes *) 133 133 + let parts = String.split_on_char ';' header_value |> List.map String.trim in 134 134 + 135 135 + match parts with 136 136 + | [] -> None 137 137 + | name_value :: attrs -> ( 138 138 + (* Parse name=value *) 139 139 + match String.index_opt name_value '=' with 140 140 + | None -> None 141 141 + | Some eq_pos -> 142 142 + let name = String.sub name_value 0 eq_pos |> String.trim in 143 143 + let cookie_value = 144 144 + String.sub name_value (eq_pos + 1) 145 145 + (String.length name_value - eq_pos - 1) 146 146 + |> String.trim 147 147 + in 148 148 + 149 149 + let now = 150 150 + Ptime.of_float_s (Unix.time ()) |> Option.value ~default:Ptime.epoch 151 151 + in 152 152 + let base_cookie = 153 153 + make ~domain:request_domain ~path:request_path ~name ~value:cookie_value ~secure:false ~http_only:false 154 154 + ?expires:None ?same_site:None ~creation_time:now ~last_access:now () 155 155 + in 156 156 + 157 157 + (* Parse attributes *) 158 158 + let cookie = 159 159 + List.fold_left 160 160 + (fun cookie attr -> 161 161 + match String.index_opt attr '=' with 162 162 + | None -> parse_cookie_attribute attr "" cookie 163 163 + | Some eq -> 164 164 + let attr_name = String.sub attr 0 eq |> String.trim in 165 165 + let attr_value = 166 166 + String.sub attr (eq + 1) (String.length attr - eq - 1) 167 167 + |> String.trim 168 168 + in 169 169 + parse_cookie_attribute attr_name attr_value cookie) 170 170 + base_cookie attrs 171 171 + in 172 172 + 173 173 + Log.debug (fun m -> m "Parsed cookie: %a" pp cookie); 174 174 + Some cookie) 175 175 + 176 176 + and make_cookie_header cookies = 177 177 + cookies 178 178 + |> List.map (fun c -> Printf.sprintf "%s=%s" (name c) (value c)) 179 179 + |> String.concat "; " 180 180 + 181 181 + (** {1 Pretty Printing} *) 182 182 + 183 183 + and pp_same_site ppf = function 184 184 + | `Strict -> Format.pp_print_string ppf "Strict" 185 185 + | `Lax -> Format.pp_print_string ppf "Lax" 186 186 + | `None -> Format.pp_print_string ppf "None" 187 187 + 188 188 + and pp ppf cookie = 189 189 + Format.fprintf ppf 190 190 + "@[<hov 2>{ name=%S;@ value=%S;@ domain=%S;@ path=%S;@ secure=%b;@ \ 191 191 + http_only=%b;@ expires=%a;@ same_site=%a }@]" 192 192 + (name cookie) (value cookie) (domain cookie) (path cookie) (secure cookie) 193 193 + (http_only cookie) 194 194 + (Format.pp_print_option Ptime.pp) 195 195 + (expires cookie) 196 196 + (Format.pp_print_option pp_same_site) 197 197 + (same_site cookie) 198 198 + 199 199 + let pp_jar ppf jar = 200 200 + Eio.Mutex.lock jar.mutex; 201 201 + let cookies = jar.cookies in 202 202 + Eio.Mutex.unlock jar.mutex; 203 203 + 204 204 + Format.fprintf ppf "@[<v>CookieJar with %d cookies:@," (List.length cookies); 205 205 + List.iter (fun cookie -> Format.fprintf ppf " %a@," pp cookie) cookies; 206 206 + Format.fprintf ppf "@]" 207 207 + 208 208 + (** {1 Cookie Management} *) 209 209 + 210 210 + let add_cookie jar cookie = 211 211 + Log.debug (fun m -> 212 212 + m "Adding cookie: %s=%s for domain %s" (name cookie) (value cookie) 213 213 + (domain cookie)); 214 214 + 215 215 + Eio.Mutex.lock jar.mutex; 216 216 + (* Remove existing cookie with same name, domain, and path *) 217 217 + jar.cookies <- 218 218 + List.filter 219 219 + (fun c -> 220 220 + not 221 221 + (name c = name cookie && domain c = domain cookie 222 222 + && path c = path cookie)) 223 223 + jar.cookies; 224 224 + jar.cookies <- cookie :: jar.cookies; 225 225 + Eio.Mutex.unlock jar.mutex 226 226 + 227 227 + let get_cookies jar ~domain:request_domain ~path:request_path ~is_secure = 228 228 + Log.debug (fun m -> 229 229 + m "Getting cookies for domain=%s path=%s secure=%b" request_domain request_path is_secure); 230 230 + 231 231 + Eio.Mutex.lock jar.mutex; 232 232 + let applicable = 233 233 + List.filter 234 234 + (fun cookie -> 235 235 + domain_matches (domain cookie) request_domain 236 236 + && path_matches (path cookie) request_path 237 237 + && ((not (secure cookie)) || is_secure)) 238 238 + jar.cookies 239 239 + in 240 240 + 241 241 + (* Update last access time *) 242 242 + let now = 243 243 + Ptime.of_float_s (Unix.time ()) |> Option.value ~default:Ptime.epoch 244 244 + in 245 245 + let updated = 246 246 + List.map 247 247 + (fun c -> 248 248 + if List.memq c applicable then 249 249 + make ~domain:(domain c) ~path:(path c) ~name:(name c) ~value:(value c) 250 250 + ~secure:(secure c) ~http_only:(http_only c) ?expires:(expires c) 251 251 + ?same_site:(same_site c) ~creation_time:(creation_time c) ~last_access:now () 252 252 + else c) 253 253 + jar.cookies 254 254 + in 255 255 + jar.cookies <- updated; 256 256 + Eio.Mutex.unlock jar.mutex; 257 257 + 258 258 + Log.debug (fun m -> m "Found %d applicable cookies" (List.length applicable)); 259 259 + applicable 260 260 + 261 261 + let clear jar = 262 262 + Log.info (fun m -> m "Clearing all cookies"); 263 263 + Eio.Mutex.lock jar.mutex; 264 264 + jar.cookies <- []; 265 265 + Eio.Mutex.unlock jar.mutex 266 266 + 267 267 + let clear_expired jar ~clock = 268 268 + Eio.Mutex.lock jar.mutex; 269 269 + let before_count = List.length jar.cookies in 270 270 + jar.cookies <- List.filter (fun c -> not (is_expired c clock)) jar.cookies; 271 271 + let removed = before_count - List.length jar.cookies in 272 272 + Eio.Mutex.unlock jar.mutex; 273 273 + Log.info (fun m -> m "Cleared %d expired cookies" removed) 274 274 + 275 275 + let clear_session_cookies jar = 276 276 + Eio.Mutex.lock jar.mutex; 277 277 + let before_count = List.length jar.cookies in 278 278 + jar.cookies <- List.filter (fun c -> expires c <> None) jar.cookies; 279 279 + let removed = before_count - List.length jar.cookies in 280 280 + Eio.Mutex.unlock jar.mutex; 281 281 + Log.info (fun m -> m "Cleared %d session cookies" removed) 282 282 + 283 283 + let count jar = 284 284 + Eio.Mutex.lock jar.mutex; 285 285 + let n = List.length jar.cookies in 286 286 + Eio.Mutex.unlock jar.mutex; 287 287 + n 288 288 + 289 289 + let get_all_cookies jar = 290 290 + Eio.Mutex.lock jar.mutex; 291 291 + let cookies = jar.cookies in 292 292 + Eio.Mutex.unlock jar.mutex; 293 293 + cookies 294 294 + 295 295 + let is_empty jar = 296 296 + Eio.Mutex.lock jar.mutex; 297 297 + let empty = jar.cookies = [] in 298 298 + Eio.Mutex.unlock jar.mutex; 299 299 + empty 300 300 + 301 301 + (** {1 Mozilla Format} *) 302 302 + 303 303 + let to_mozilla_format_internal jar = 304 304 + let buffer = Buffer.create 1024 in 305 305 + Buffer.add_string buffer "# Netscape HTTP Cookie File\n"; 306 306 + Buffer.add_string buffer "# This is a generated file! Do not edit.\n\n"; 307 307 + 308 308 + List.iter 309 309 + (fun cookie -> 310 310 + let include_subdomains = 311 311 + if String.starts_with ~prefix:"." (domain cookie) then "TRUE" else "FALSE" 312 312 + in 313 313 + let secure_flag = if secure cookie then "TRUE" else "FALSE" in 314 314 + let expires_str = 315 315 + match expires cookie with 316 316 + | None -> "0" (* Session cookie *) 317 317 + | Some t -> 318 318 + let epoch = Ptime.to_float_s t |> int_of_float |> string_of_int in 319 319 + epoch 320 320 + in 321 321 + 322 322 + Buffer.add_string buffer 323 323 + (Printf.sprintf "%s\t%s\t%s\t%s\t%s\t%s\t%s\n" (domain cookie) 324 324 + include_subdomains (path cookie) secure_flag expires_str (name cookie) 325 325 + (value cookie))) 326 326 + jar.cookies; 327 327 + 328 328 + Buffer.contents buffer 329 329 + 330 330 + let to_mozilla_format jar = 331 331 + Eio.Mutex.lock jar.mutex; 332 332 + let result = to_mozilla_format_internal jar in 333 333 + Eio.Mutex.unlock jar.mutex; 334 334 + result 335 335 + 336 336 + let from_mozilla_format content = 337 337 + Log.debug (fun m -> m "Parsing Mozilla format cookies"); 338 338 + let jar = create () in 339 339 + 340 340 + let lines = String.split_on_char '\n' content in 341 341 + List.iter 342 342 + (fun line -> 343 343 + let line = String.trim line in 344 344 + if line <> "" && not (String.starts_with ~prefix:"#" line) then 345 345 + match String.split_on_char '\t' line with 346 346 + | [ domain; _include_subdomains; path; secure; expires; name; value ] -> 347 347 + let now = 348 348 + Ptime.of_float_s (Unix.time ()) 349 349 + |> Option.value ~default:Ptime.epoch 350 350 + in 351 351 + let expires = 352 352 + let exp_int = try int_of_string expires with _ -> 0 in 353 353 + if exp_int = 0 then None 354 354 + else Ptime.of_float_s (float_of_int exp_int) 355 355 + in 356 356 + 357 357 + let cookie = 358 358 + make ~domain ~path ~name ~value 359 359 + ~secure:(secure = "TRUE") ~http_only:false 360 360 + ?expires ?same_site:None 361 361 + ~creation_time:now ~last_access:now () 362 362 + in 363 363 + add_cookie jar cookie; 364 364 + Log.debug (fun m -> m "Loaded cookie: %s=%s" name value) 365 365 + | _ -> Log.warn (fun m -> m "Invalid cookie line: %s" line)) 366 366 + lines; 367 367 + 368 368 + Log.info (fun m -> m "Loaded %d cookies" (List.length jar.cookies)); 369 369 + jar 370 370 + 371 371 + (** {1 File Operations} *) 372 372 + 373 373 + let load path = 374 374 + Log.info (fun m -> m "Loading cookies from %a" Eio.Path.pp path); 375 375 + 376 376 + try 377 377 + let content = Eio.Path.load path in 378 378 + from_mozilla_format content 379 379 + with 380 380 + | Eio.Io _ -> 381 381 + Log.info (fun m -> m "Cookie file not found, creating empty jar"); 382 382 + create () 383 383 + | exn -> 384 384 + Log.err (fun m -> m "Failed to load cookies: %s" (Printexc.to_string exn)); 385 385 + create () 386 386 + 387 387 + let save path jar = 388 388 + Log.info (fun m -> 389 389 + m "Saving %d cookies to %a" (List.length jar.cookies) Eio.Path.pp path); 390 390 + 391 391 + let content = to_mozilla_format jar in 392 392 + 393 393 + try 394 394 + Eio.Path.save ~create:(`Or_truncate 0o600) path content; 395 395 + Log.debug (fun m -> m "Cookies saved successfully") 396 396 + with exn -> 397 397 + Log.err (fun m -> m "Failed to save cookies: %s" (Printexc.to_string exn))

+181

lib/cookeio.mli

··· 1 1 + (** Cookie management library for OCaml 2 2 + 3 3 + HTTP cookies are a mechanism that allows "server side 4 4 + connections to store and retrieve information on the client side." 5 5 + Originally designed to enable persistent client-side state for web 6 6 + applications, cookies are essential for storing user preferences, session 7 7 + data, shopping cart contents, and authentication tokens. 8 8 + 9 9 + This library provides a complete cookie jar implementation following 10 10 + established web standards while integrating Eio for efficient asynchronous operations. 11 11 + 12 12 + {2 Cookie Format and Structure} 13 13 + 14 14 + Cookies are set via the Set-Cookie HTTP response header with the basic 15 15 + format: [NAME=VALUE] with optional attributes including: 16 16 + - [expires]: Optional cookie lifetime specification 17 17 + - [domain]: Specifying valid domains using tail matching 18 18 + - [path]: Defining URL subset for cookie validity 19 19 + - [secure]: Transmission over secure channels only 20 20 + - [httponly]: Not accessible to JavaScript 21 21 + - [samesite]: Cross-site request behavior control 22 22 + 23 23 + {2 Domain and Path Matching} 24 24 + 25 25 + The library implements standard domain and path matching rules: 26 26 + - Domain matching uses "tail matching" (e.g., "acme.com" matches 27 27 + "anvil.acme.com") 28 28 + - Path matching allows subset URL specification for fine-grained control 29 29 + - More specific path mappings are sent first in Cookie headers 30 30 + 31 31 + *) 32 32 + 33 33 + type same_site = [ `Strict | `Lax | `None ] 34 34 + (** Cookie same-site policy for controlling cross-site request behavior. 35 35 + 36 36 + - [`Strict]: Cookie only sent for same-site requests, providing maximum 37 37 + protection 38 38 + - [`Lax]: Cookie sent for same-site requests and top-level navigation 39 39 + (default for modern browsers) 40 40 + - [`None]: Cookie sent for all cross-site requests (requires [secure] flag) 41 41 + *) 42 42 + 43 43 + type t 44 44 + (** HTTP Cookie representation with all standard attributes. 45 45 + 46 46 + A cookie represents a name-value pair with associated metadata that controls 47 47 + its scope, security, and lifetime. Cookies with the same [name], [domain], 48 48 + and [path] will overwrite each other when added to a cookie jar. *) 49 49 + 50 50 + type jar 51 51 + (** Cookie jar for storing and managing cookies. 52 52 + 53 53 + A cookie jar maintains a collection of cookies with automatic cleanup of 54 54 + expired entries and enforcement of storage limits. It implements the 55 55 + standard browser behavior for cookie storage, including: 56 56 + - Automatic removal of expired cookies 57 57 + - LRU eviction when storage limits are exceeded 58 58 + - Domain and path-based cookie retrieval 59 59 + - Mozilla format persistence for cross-tool compatibility *) 60 60 + 61 61 + (** {1 Cookie Accessors} *) 62 62 + 63 63 + val domain : t -> string 64 64 + (** Get the domain of a cookie *) 65 65 + 66 66 + val path : t -> string 67 67 + (** Get the path of a cookie *) 68 68 + 69 69 + val name : t -> string 70 70 + (** Get the name of a cookie *) 71 71 + 72 72 + val value : t -> string 73 73 + (** Get the value of a cookie *) 74 74 + 75 75 + val secure : t -> bool 76 76 + (** Check if cookie is secure only *) 77 77 + 78 78 + val http_only : t -> bool 79 79 + (** Check if cookie is HTTP only *) 80 80 + 81 81 + val expires : t -> Ptime.t option 82 82 + (** Get the expiry time of a cookie *) 83 83 + 84 84 + val same_site : t -> same_site option 85 85 + (** Get the same-site policy of a cookie *) 86 86 + 87 87 + val creation_time : t -> Ptime.t 88 88 + (** Get the creation time of a cookie *) 89 89 + 90 90 + val last_access : t -> Ptime.t 91 91 + (** Get the last access time of a cookie *) 92 92 + 93 93 + val make : domain:string -> path:string -> name:string -> value:string -> 94 94 + ?secure:bool -> ?http_only:bool -> ?expires:Ptime.t -> 95 95 + ?same_site:same_site -> creation_time:Ptime.t -> last_access:Ptime.t -> 96 96 + unit -> t 97 97 + (** Create a new cookie with the given attributes *) 98 98 + 99 99 + (** {1 Cookie Jar Creation and Loading} *) 100 100 + 101 101 + val create : unit -> jar 102 102 + (** Create an empty cookie jar *) 103 103 + 104 104 + val load : Eio.Fs.dir_ty Eio.Path.t -> jar 105 105 + (** Load cookies from Mozilla format file *) 106 106 + 107 107 + val save : Eio.Fs.dir_ty Eio.Path.t -> jar -> unit 108 108 + (** Save cookies to Mozilla format file *) 109 109 + 110 110 + (** {1 Cookie Jar Management} *) 111 111 + 112 112 + val add_cookie : jar -> t -> unit 113 113 + (** Add a cookie to the jar *) 114 114 + 115 115 + val get_cookies : 116 116 + jar -> domain:string -> path:string -> is_secure:bool -> t list 117 117 + (** Get cookies applicable for a URL *) 118 118 + 119 119 + val clear : jar -> unit 120 120 + (** Clear all cookies *) 121 121 + 122 122 + val clear_expired : jar -> clock:_ Eio.Time.clock -> unit 123 123 + (** Clear expired cookies *) 124 124 + 125 125 + val clear_session_cookies : jar -> unit 126 126 + (** Clear session cookies (those without expiry) *) 127 127 + 128 128 + val count : jar -> int 129 129 + (** Get the number of cookies in the jar *) 130 130 + 131 131 + val get_all_cookies : jar -> t list 132 132 + (** Get all cookies in the jar *) 133 133 + 134 134 + val is_empty : jar -> bool 135 135 + (** Check if the jar is empty *) 136 136 + 137 137 + (** {1 Cookie Creation and Parsing} *) 138 138 + 139 139 + val parse_set_cookie : domain:string -> path:string -> string -> t option 140 140 + (** Parse Set-Cookie header value into a cookie. 141 141 + 142 142 + Parses a Set-Cookie header value following RFC specifications: 143 143 + - Basic format: [NAME=VALUE; attribute1; attribute2=value2] 144 144 + - Supports all standard attributes: [expires], [domain], [path], [secure], 145 145 + [httponly], [samesite] 146 146 + - Returns [None] if parsing fails or cookie is invalid 147 147 + - The [domain] and [path] parameters provide the request context for default 148 148 + values 149 149 + 150 150 + Example: 151 151 + [parse_set_cookie ~domain:"example.com" ~path:"/" "session=abc123; Secure; 152 152 + HttpOnly"] *) 153 153 + 154 154 + val make_cookie_header : t list -> string 155 155 + (** Create cookie header value from cookies. 156 156 + 157 157 + Formats a list of cookies into a Cookie header value suitable for HTTP 158 158 + requests. 159 159 + - Format: [name1=value1; name2=value2; name3=value3] 160 160 + - Only includes cookie names and values, not attributes 161 161 + - Cookies should already be filtered for the target domain/path 162 162 + - More specific path mappings should be ordered first in the input list 163 163 + 164 164 + Example: [make_cookie_header cookies] might return 165 165 + ["session=abc123; theme=dark"] *) 166 166 + 167 167 + (** {1 Pretty Printing} *) 168 168 + 169 169 + val pp : Format.formatter -> t -> unit 170 170 + (** Pretty print a cookie *) 171 171 + 172 172 + val pp_jar : Format.formatter -> jar -> unit 173 173 + (** Pretty print a cookie jar *) 174 174 + 175 175 + (** {1 Mozilla Format} *) 176 176 + 177 177 + val to_mozilla_format : jar -> string 178 178 + (** Write cookies in Mozilla format *) 179 179 + 180 180 + val from_mozilla_format : string -> jar 181 181 + (** Parse Mozilla format cookies *)

+4

lib/dune

··· 1 1 + (library 2 2 + (name cookeio) 3 3 + (public_name cookeio) 4 4 + (libraries eio logs ptime unix))

+11

test/cookies.txt

··· 1 1 + # Netscape HTTP Cookie File 2 2 + # http://curl.haxx.se/rfc/cookie_spec.html 3 3 + # This is a generated file! Do not edit. 4 4 + 5 5 + example.com FALSE /foo/ FALSE 0 cookie-1 v$1 6 6 + .example.com TRUE /foo/ FALSE 0 cookie-2 v$2 7 7 + example.com FALSE /foo/ FALSE 1257894000 cookie-3 v$3 8 8 + example.com FALSE /foo/ FALSE 1257894000 cookie-4 v$4 9 9 + example.com FALSE /foo/ TRUE 1257894000 cookie-5 v$5 10 10 + #HttpOnly_example.com FALSE /foo/ FALSE 1257894000 cookie-6 v$6 11 11 + #HttpOnly_.example.com TRUE /foo/ FALSE 1257894000 cookie-7 v$7

+4

test/dune

··· 1 1 + (test 2 2 + (name test_cookeio) 3 3 + (libraries cookeio alcotest eio eio.unix eio_main ptime) 4 4 + (deps cookies.txt))

+251

test/test_cookeio.ml

··· 1 1 + open Cookeio 2 2 + 3 3 + let cookie_testable : Cookeio.t Alcotest.testable = 4 4 + Alcotest.testable 5 5 + (fun ppf c -> 6 6 + Format.fprintf ppf 7 7 + "{ name=%S; value=%S; domain=%S; path=%S; secure=%b; http_only=%b; \ 8 8 + expires=%a; same_site=%a }" 9 9 + (Cookeio.name c) (Cookeio.value c) (Cookeio.domain c) (Cookeio.path c) (Cookeio.secure c) (Cookeio.http_only c) 10 10 + (Format.pp_print_option Ptime.pp) 11 11 + (Cookeio.expires c) 12 12 + (Format.pp_print_option (fun ppf -> function 13 13 + | `Strict -> Format.pp_print_string ppf "Strict" 14 14 + | `Lax -> Format.pp_print_string ppf "Lax" 15 15 + | `None -> Format.pp_print_string ppf "None")) 16 16 + (Cookeio.same_site c)) 17 17 + (fun c1 c2 -> 18 18 + Cookeio.name c1 = Cookeio.name c2 && Cookeio.value c1 = Cookeio.value c2 && Cookeio.domain c1 = Cookeio.domain c2 19 19 + && Cookeio.path c1 = Cookeio.path c2 && Cookeio.secure c1 = Cookeio.secure c2 20 20 + && Cookeio.http_only c1 = Cookeio.http_only c2 21 21 + && Option.equal Ptime.equal (Cookeio.expires c1) (Cookeio.expires c2) 22 22 + && Option.equal ( = ) (Cookeio.same_site c1) (Cookeio.same_site c2)) 23 23 + 24 24 + let test_load_mozilla_cookies () = 25 25 + let content = 26 26 + {|# Netscape HTTP Cookie File 27 27 + # http://curl.haxx.se/rfc/cookie_spec.html 28 28 + # This is a generated file! Do not edit. 29 29 + 30 30 + example.com FALSE /foo/ FALSE 0 cookie-1 v$1 31 31 + .example.com TRUE /foo/ FALSE 0 cookie-2 v$2 32 32 + example.com FALSE /foo/ FALSE 1257894000 cookie-3 v$3 33 33 + example.com FALSE /foo/ FALSE 1257894000 cookie-4 v$4 34 34 + example.com FALSE /foo/ TRUE 1257894000 cookie-5 v$5 35 35 + #HttpOnly_example.com FALSE /foo/ FALSE 1257894000 cookie-6 v$6 36 36 + #HttpOnly_.example.com TRUE /foo/ FALSE 1257894000 cookie-7 v$7 37 37 + |} 38 38 + in 39 39 + let jar = from_mozilla_format content in 40 40 + let cookies = get_all_cookies jar in 41 41 + 42 42 + (* Check total number of cookies (should skip commented lines) *) 43 43 + Alcotest.(check int) "cookie count" 5 (List.length cookies); 44 44 + Alcotest.(check int) "count function" 5 (count jar); 45 45 + Alcotest.(check bool) "not empty" false (is_empty jar); 46 46 + 47 47 + let find_cookie name = List.find (fun c -> Cookeio.name c = name) cookies in 48 48 + 49 49 + (* Test cookie-1: session cookie on exact domain *) 50 50 + let cookie1 = find_cookie "cookie-1" in 51 51 + Alcotest.(check string) "cookie-1 domain" "example.com" (Cookeio.domain cookie1); 52 52 + Alcotest.(check string) "cookie-1 path" "/foo/" (Cookeio.path cookie1); 53 53 + Alcotest.(check string) "cookie-1 name" "cookie-1" (Cookeio.name cookie1); 54 54 + Alcotest.(check string) "cookie-1 value" "v$1" (Cookeio.value cookie1); 55 55 + Alcotest.(check bool) "cookie-1 secure" false (Cookeio.secure cookie1); 56 56 + Alcotest.(check bool) "cookie-1 http_only" false (Cookeio.http_only cookie1); 57 57 + Alcotest.(check (option (Alcotest.testable Ptime.pp Ptime.equal))) 58 58 + "cookie-1 expires" None (Cookeio.expires cookie1); 59 59 + Alcotest.( 60 60 + check 61 61 + (option 62 62 + (Alcotest.testable 63 63 + (fun ppf -> function 64 64 + | `Strict -> Format.pp_print_string ppf "Strict" 65 65 + | `Lax -> Format.pp_print_string ppf "Lax" 66 66 + | `None -> Format.pp_print_string ppf "None") 67 67 + ( = )))) 68 68 + "cookie-1 same_site" None (Cookeio.same_site cookie1); 69 69 + 70 70 + (* Test cookie-2: session cookie on subdomain pattern *) 71 71 + let cookie2 = find_cookie "cookie-2" in 72 72 + Alcotest.(check string) "cookie-2 domain" ".example.com" (Cookeio.domain cookie2); 73 73 + Alcotest.(check string) "cookie-2 path" "/foo/" (Cookeio.path cookie2); 74 74 + Alcotest.(check string) "cookie-2 name" "cookie-2" (Cookeio.name cookie2); 75 75 + Alcotest.(check string) "cookie-2 value" "v$2" (Cookeio.value cookie2); 76 76 + Alcotest.(check bool) "cookie-2 secure" false (Cookeio.secure cookie2); 77 77 + Alcotest.(check bool) "cookie-2 http_only" false (Cookeio.http_only cookie2); 78 78 + Alcotest.(check (option (Alcotest.testable Ptime.pp Ptime.equal))) 79 79 + "cookie-2 expires" None (Cookeio.expires cookie2); 80 80 + 81 81 + (* Test cookie-3: non-session cookie with expiry *) 82 82 + let cookie3 = find_cookie "cookie-3" in 83 83 + let expected_expiry = Ptime.of_float_s 1257894000.0 in 84 84 + Alcotest.(check string) "cookie-3 domain" "example.com" (Cookeio.domain cookie3); 85 85 + Alcotest.(check string) "cookie-3 path" "/foo/" (Cookeio.path cookie3); 86 86 + Alcotest.(check string) "cookie-3 name" "cookie-3" (Cookeio.name cookie3); 87 87 + Alcotest.(check string) "cookie-3 value" "v$3" (Cookeio.value cookie3); 88 88 + Alcotest.(check bool) "cookie-3 secure" false (Cookeio.secure cookie3); 89 89 + Alcotest.(check bool) "cookie-3 http_only" false (Cookeio.http_only cookie3); 90 90 + Alcotest.(check (option (Alcotest.testable Ptime.pp Ptime.equal))) 91 91 + "cookie-3 expires" expected_expiry (Cookeio.expires cookie3); 92 92 + 93 93 + (* Test cookie-4: another non-session cookie *) 94 94 + let cookie4 = find_cookie "cookie-4" in 95 95 + Alcotest.(check string) "cookie-4 domain" "example.com" (Cookeio.domain cookie4); 96 96 + Alcotest.(check string) "cookie-4 path" "/foo/" (Cookeio.path cookie4); 97 97 + Alcotest.(check string) "cookie-4 name" "cookie-4" (Cookeio.name cookie4); 98 98 + Alcotest.(check string) "cookie-4 value" "v$4" (Cookeio.value cookie4); 99 99 + Alcotest.(check bool) "cookie-4 secure" false (Cookeio.secure cookie4); 100 100 + Alcotest.(check bool) "cookie-4 http_only" false (Cookeio.http_only cookie4); 101 101 + Alcotest.(check (option (Alcotest.testable Ptime.pp Ptime.equal))) 102 102 + "cookie-4 expires" expected_expiry (Cookeio.expires cookie4); 103 103 + 104 104 + (* Test cookie-5: secure cookie *) 105 105 + let cookie5 = find_cookie "cookie-5" in 106 106 + Alcotest.(check string) "cookie-5 domain" "example.com" (Cookeio.domain cookie5); 107 107 + Alcotest.(check string) "cookie-5 path" "/foo/" (Cookeio.path cookie5); 108 108 + Alcotest.(check string) "cookie-5 name" "cookie-5" (Cookeio.name cookie5); 109 109 + Alcotest.(check string) "cookie-5 value" "v$5" (Cookeio.value cookie5); 110 110 + Alcotest.(check bool) "cookie-5 secure" true (Cookeio.secure cookie5); 111 111 + Alcotest.(check bool) "cookie-5 http_only" false (Cookeio.http_only cookie5); 112 112 + Alcotest.(check (option (Alcotest.testable Ptime.pp Ptime.equal))) 113 113 + "cookie-5 expires" expected_expiry (Cookeio.expires cookie5) 114 114 + 115 115 + let test_load_from_file env = 116 116 + (* This test loads from the actual test/cookies.txt file using the load function *) 117 117 + let cwd = Eio.Stdenv.cwd env in 118 118 + let cookie_path = Eio.Path.(cwd / "cookies.txt") in 119 119 + let jar = load cookie_path in 120 120 + let cookies = get_all_cookies jar in 121 121 + 122 122 + (* Should have the same 5 cookies as the string test *) 123 123 + Alcotest.(check int) "file load cookie count" 5 (List.length cookies); 124 124 + 125 125 + let find_cookie name = List.find (fun c -> Cookeio.name c = name) cookies in 126 126 + 127 127 + (* Verify a few key cookies are loaded correctly *) 128 128 + let cookie1 = find_cookie "cookie-1" in 129 129 + Alcotest.(check string) "file cookie-1 value" "v$1" (Cookeio.value cookie1); 130 130 + Alcotest.(check string) "file cookie-1 domain" "example.com" (Cookeio.domain cookie1); 131 131 + Alcotest.(check bool) "file cookie-1 secure" false (Cookeio.secure cookie1); 132 132 + Alcotest.(check (option (Alcotest.testable Ptime.pp Ptime.equal))) 133 133 + "file cookie-1 expires" None (Cookeio.expires cookie1); 134 134 + 135 135 + let cookie5 = find_cookie "cookie-5" in 136 136 + Alcotest.(check string) "file cookie-5 value" "v$5" (Cookeio.value cookie5); 137 137 + Alcotest.(check bool) "file cookie-5 secure" true (Cookeio.secure cookie5); 138 138 + let expected_expiry = Ptime.of_float_s 1257894000.0 in 139 139 + Alcotest.(check (option (Alcotest.testable Ptime.pp Ptime.equal))) 140 140 + "file cookie-5 expires" expected_expiry (Cookeio.expires cookie5); 141 141 + 142 142 + (* Verify subdomain cookie *) 143 143 + let cookie2 = find_cookie "cookie-2" in 144 144 + Alcotest.(check string) "file cookie-2 domain" ".example.com" (Cookeio.domain cookie2); 145 145 + Alcotest.(check (option (Alcotest.testable Ptime.pp Ptime.equal))) 146 146 + "file cookie-2 expires" None (Cookeio.expires cookie2) 147 147 + 148 148 + let test_cookie_matching () = 149 149 + let jar = create () in 150 150 + 151 151 + (* Add test cookies with different domain patterns *) 152 152 + let exact_cookie = 153 153 + Cookeio.make ~domain:"example.com" ~path:"/" ~name:"exact" ~value:"test1" 154 154 + ~secure:false ~http_only:false ?expires:None ?same_site:None 155 155 + ~creation_time:Ptime.epoch ~last_access:Ptime.epoch () 156 156 + in 157 157 + let subdomain_cookie = 158 158 + Cookeio.make ~domain:".example.com" ~path:"/" ~name:"subdomain" ~value:"test2" 159 159 + ~secure:false ~http_only:false ?expires:None ?same_site:None 160 160 + ~creation_time:Ptime.epoch ~last_access:Ptime.epoch () 161 161 + in 162 162 + let secure_cookie = 163 163 + Cookeio.make ~domain:"example.com" ~path:"/" ~name:"secure" ~value:"test3" 164 164 + ~secure:true ~http_only:false ?expires:None ?same_site:None 165 165 + ~creation_time:Ptime.epoch ~last_access:Ptime.epoch () 166 166 + in 167 167 + 168 168 + add_cookie jar exact_cookie; 169 169 + add_cookie jar subdomain_cookie; 170 170 + add_cookie jar secure_cookie; 171 171 + 172 172 + (* Test exact domain matching *) 173 173 + let cookies_http = 174 174 + get_cookies jar ~domain:"example.com" ~path:"/" ~is_secure:false 175 175 + in 176 176 + Alcotest.(check int) "http cookies count" 2 (List.length cookies_http); 177 177 + 178 178 + let cookies_https = 179 179 + get_cookies jar ~domain:"example.com" ~path:"/" ~is_secure:true 180 180 + in 181 181 + Alcotest.(check int) "https cookies count" 3 (List.length cookies_https); 182 182 + 183 183 + (* Test subdomain matching *) 184 184 + let cookies_sub = 185 185 + get_cookies jar ~domain:"sub.example.com" ~path:"/" ~is_secure:false 186 186 + in 187 187 + Alcotest.(check int) "subdomain cookies count" 1 (List.length cookies_sub); 188 188 + let sub_cookie = List.hd cookies_sub in 189 189 + Alcotest.(check string) "subdomain cookie name" "subdomain" (Cookeio.name sub_cookie) 190 190 + 191 191 + let test_empty_jar () = 192 192 + let jar = create () in 193 193 + Alcotest.(check bool) "empty jar" true (is_empty jar); 194 194 + Alcotest.(check int) "empty count" 0 (count jar); 195 195 + Alcotest.(check (list cookie_testable)) 196 196 + "empty cookies" [] (get_all_cookies jar); 197 197 + 198 198 + let cookies = 199 199 + get_cookies jar ~domain:"example.com" ~path:"/" ~is_secure:false 200 200 + in 201 201 + Alcotest.(check int) "no matching cookies" 0 (List.length cookies) 202 202 + 203 203 + let test_round_trip_mozilla_format () = 204 204 + let jar = create () in 205 205 + 206 206 + let test_cookie = 207 207 + Cookeio.make ~domain:"example.com" ~path:"/test/" ~name:"test" ~value:"value" 208 208 + ~secure:true ~http_only:false ?expires:(Ptime.of_float_s 1257894000.0) 209 209 + ~same_site:`Strict ~creation_time:Ptime.epoch ~last_access:Ptime.epoch () 210 210 + in 211 211 + 212 212 + add_cookie jar test_cookie; 213 213 + 214 214 + (* Convert to Mozilla format and back *) 215 215 + let mozilla_format = to_mozilla_format jar in 216 216 + let jar2 = from_mozilla_format mozilla_format in 217 217 + let cookies2 = get_all_cookies jar2 in 218 218 + 219 219 + Alcotest.(check int) "round trip count" 1 (List.length cookies2); 220 220 + let cookie2 = List.hd cookies2 in 221 221 + Alcotest.(check string) "round trip name" "test" (Cookeio.name cookie2); 222 222 + Alcotest.(check string) "round trip value" "value" (Cookeio.value cookie2); 223 223 + Alcotest.(check string) "round trip domain" "example.com" (Cookeio.domain cookie2); 224 224 + Alcotest.(check string) "round trip path" "/test/" (Cookeio.path cookie2); 225 225 + Alcotest.(check bool) "round trip secure" true (Cookeio.secure cookie2); 226 226 + (* Note: http_only and same_site are lost in Mozilla format *) 227 227 + Alcotest.(check (option (Alcotest.testable Ptime.pp Ptime.equal))) 228 228 + "round trip expires" 229 229 + (Ptime.of_float_s 1257894000.0) 230 230 + (Cookeio.expires cookie2) 231 231 + 232 232 + let () = 233 233 + Eio_main.run @@ fun env -> 234 234 + let open Alcotest in 235 235 + run "Cookeio Tests" 236 236 + [ 237 237 + ( "mozilla_format", 238 238 + [ 239 239 + test_case "Load Mozilla format from string" `Quick 240 240 + test_load_mozilla_cookies; 241 241 + test_case "Load Mozilla format from file" `Quick (fun () -> 242 242 + test_load_from_file env); 243 243 + test_case "Round trip Mozilla format" `Quick 244 244 + test_round_trip_mozilla_format; 245 245 + ] ); 246 246 + ( "cookie_matching", 247 247 + [ test_case "Domain and security matching" `Quick test_cookie_matching ] 248 248 + ); 249 249 + ( "basic_operations", 250 250 + [ test_case "Empty jar operations" `Quick test_empty_jar ] ); 251 251 + ]