From c2bc707a4de91f9ca609a170176eb30e3e45cb10 Mon Sep 17 00:00:00 2001
From: Andrew Coulton <andrewnfcoulton@gmail.com>
Date: Sun, 14 Apr 2013 00:07:46 +0100
Subject: [PATCH] fixed detection of secure cookies received over https

BrowserKit's cookie handling only recognises a secure cookie if the
cookie option is set and the cookie was set over an https request.
The client was not passing the url into the cookiejar update code,
causing Cookie::isSecure() to always return false for every cookie.

Fixes symfony/symfony#7666
---
 src/Symfony/Component/BrowserKit/Client.php           | 2 +-
 src/Symfony/Component/BrowserKit/Tests/ClientTest.php | 9 +++++++++
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/src/Symfony/Component/BrowserKit/Client.php b/src/Symfony/Component/BrowserKit/Client.php
index c57b9e37a1..8664f31ab0 100644
--- a/src/Symfony/Component/BrowserKit/Client.php
+++ b/src/Symfony/Component/BrowserKit/Client.php
@@ -266,7 +266,7 @@ abstract class Client
 
         $response = $this->filterResponse($this->response);
 
-        $this->cookieJar->updateFromResponse($response);
+        $this->cookieJar->updateFromResponse($response, $uri);
 
         $this->redirect = $response->getHeader('Location');
 
diff --git a/src/Symfony/Component/BrowserKit/Tests/ClientTest.php b/src/Symfony/Component/BrowserKit/Tests/ClientTest.php
index e03b73cf0b..49b0c04129 100644
--- a/src/Symfony/Component/BrowserKit/Tests/ClientTest.php
+++ b/src/Symfony/Component/BrowserKit/Tests/ClientTest.php
@@ -205,6 +205,15 @@ class ClientTest extends \PHPUnit_Framework_TestCase
         $this->assertEquals(array('foo' => 'bar'), $client->getCookieJar()->allValues('http://www.example.com/foo/foobar'), '->request() updates the CookieJar');
     }
 
+    public function testRequestSecureCookies()
+    {
+        $client = new TestClient();
+        $client->setNextResponse(new Response('<html><a href="/foo">foo</a></html>', 200, array('Set-Cookie' => 'foo=bar; path=/; secure')));
+        $client->request('GET', 'https://www.example.com/foo/foobar');
+
+        $this->assertTrue($client->getCookieJar()->get('foo','/','www.example.com')->isSecure());
+    }
+
     public function testClick()
     {
         if (!class_exists('Symfony\Component\DomCrawler\Crawler')) {