Module: Rack

Defined in:

lib/sinatra_opal_patches.rb

Overview

---

1. Rack::Utils.parse_cookies_header — keep ‘+` literal in cookie values.

Upstream (vendor/rack/utils.rb:247 in our shim) routes the cookie value through ‘Rack::Utils.unescape` → `URI.decode_www_form_component` → `s.tr(’+‘, ’ ‘)`. Cookies are NOT form-encoded; that `+`-to-space conversion is a form-data convention. Combined with Opal’s ‘CGI.escape` (= `encodeURI`) which leaves `+` UNescaped on write, any cookie value containing a literal `+` (e.g. an email like `demo+foo@example.com`) round-trips as `demo foo@example.com`.

Upstream MRI Rack happens to round-trip correctly because its ‘URI.encode_www_form_component` does escape `+` to `%2B`, so the wire never carries a raw `+`. On the Opal stack the asymmetry is visible. Fix it on the read side by decoding cookie values with `CGI.unescapeURIComponent` (≈ JS `decodeURIComponent`), which decodes every percent-encoded octet (including `%2B`/`%40`) but leaves a literal `+` untouched.

---

Defined Under Namespace

Modules: Utils