From 4dab7d81a7a843541088d397011ac2f132791ff7 Mon Sep 17 00:00:00 2001
From: Marcel Hellkamp <marc@gsites.de>
Date: Thu, 25 Oct 2018 19:35:10 +0200
Subject: fix #1106: SameSite cookie attribute fails when using redirect

- Accept `BaseRequest.set_cookie()` arguments in snake_case and lowercase form. This affects the `max_age` and `same_site` arguments.
- Skip render/parse step when cloning SimpleCookie.
---
 test/test_environ.py | 30 +++++++++++++++++++++++++++---
 1 file changed, 27 insertions(+), 3 deletions(-)

(limited to 'test')

diff --git a/test/test_environ.py b/test/test_environ.py
index d3bebde..bd6d3b1 100755
--- a/test/test_environ.py
+++ b/test/test_environ.py
@@ -7,7 +7,7 @@ import sys
 import itertools
 
 import bottle
-from bottle import request, tob, touni, tonat, json_dumps, HTTPError, parse_date
+from bottle import request, tob, touni, tonat, json_dumps, HTTPError, parse_date, CookieError
 from . import tools
 import wsgiref.util
 import base64
@@ -645,8 +645,32 @@ class TestResponse(unittest.TestCase):
         r.set_cookie('name2', 'value', httponly=False)
         cookies = sorted([value for name, value in r.headerlist
                    if name.title() == 'Set-Cookie'])
-        self.assertEqual(cookies[0].lower(), 'name1=value; httponly')
-        self.assertEqual(cookies[1], 'name2=value')
+        self.assertEqual('name1=value; httponly', cookies[0].lower())
+        self.assertEqual('name2=value', cookies[1])
+
+    def test_set_cookie_samesite(self):
+        r = BaseResponse()
+        r.set_cookie('name1', 'value', same_site="lax")
+        r.set_cookie('name2', 'value', same_site="strict")
+
+        try:
+            r.set_cookie('name3', 'value', same_site='invalid')
+            self.fail("Should raise CookieError")
+        except CookieError:
+            pass
+
+        cookies = sorted([value for name, value in r.headerlist
+                   if name.title() == 'Set-Cookie'])
+        self.assertEqual('name1=value; samesite=lax', cookies[0].lower())
+        self.assertEqual('name2=value; samesite=strict', cookies[1].lower())
+
+    def test_clone_cookie(self):
+        r = BaseResponse()
+        r.set_cookie('name1', 'value', same_site="strict")
+        r2 = r.copy(BaseResponse)
+        cookies = sorted([value for name, value in r2.headerlist
+                   if name.title() == 'Set-Cookie'])
+        self.assertEqual('name1=value; samesite=strict', cookies[0].lower())
 
     def test_delete_cookie(self):
         response = BaseResponse()
-- 
cgit v1.2.1