ensure key names are consistent when parsing the cookie string since

cookie-keys are not case sensitive, but json-keys are.
2025-06-17 07:50:52 -07:00 · 2020-05-26 09:11:10 -04:00 · 2020-05-26 09:11:10 -04:00 · 6029dece41
commit 6029dece41
parent d334b58f45
2 changed files with 8 additions and 4 deletions
--- a/src/main/java/org/json/Cookie.java
+++ b/src/main/java/org/json/Cookie.java
@ -1,5 +1,7 @@
 package org.json;

+import java.util.Locale;
+
 /*
 Copyright (c) 2002 JSON.org

@ -74,7 +76,9 @@ public class Cookie {
     * The name will be stored under the key "name", and the value will be
     * stored under the key "value". This method does not do checking or
     * validation of the parameters. It only converts the cookie string into
-     * a JSONObject.
+     * a JSONObject. All attribute names are converted to lower case keys in the
+     * JSONObject (HttpOnly =&gt; httponly). If an attribute is specified more than
+     * once, only the value found closer to the end of the cookie-string is kept.
     * @param string The cookie specification string.
     * @return A JSONObject containing "name", "value", and possibly other
     *  members.
@ -104,7 +108,7 @@ public class Cookie {
        x.next();
        // parse the remaining cookie attributes
        while (x.more()) {
-            name = unescape(x.nextTo("=;")).trim();
+            name = unescape(x.nextTo("=;")).trim().toLowerCase(Locale.ROOT);
            // don't allow a cookies attributes to overwrite it's name or value.
            if("name".equalsIgnoreCase(name)) {
                throw new JSONException("Illegal attribute name: 'name'");
--- a/src/test/java/org/json/junit/CookieTest.java
+++ b/src/test/java/org/json/junit/CookieTest.java
@ -84,7 +84,7 @@ public class CookieTest {
            JSONObject jo = Cookie.toJSONObject(cookieStr);
            assertTrue("has key 'name'", jo.has("name"));
            assertTrue("has key 'value'", jo.has("value"));
-            assertTrue("has key 'myAttribute'", jo.has("myAttribute"));
+            assertTrue("has key 'myAttribute'", jo.has("myattribute"));
    }

    /**
@ -177,7 +177,7 @@ public class CookieTest {
            "thisWont=beIncluded;"+
            "secure";
        String expectedCookieStr = 
-            "{\"thisWont\":\"beIncluded\","+
+            "{\"thiswont\":\"beIncluded\","+
            "\"path\":\"/\","+
            "\"expires\":\"Wed, 19-Mar-2014 17:53:53 GMT\","+
            "\"domain\":\".yahoo.com\","+