Added support for HTTP/2 Cookie Headers

[peelle]

Hi! I am really enjoying learning Cro. Thank you!

Missing Feature: HTTP/2 requests can send multiple Cookie headers. Cro::HTTP::Request will only check the first. This makes sense for HTTP/1.1 since it only allows one.

Solution: I checked the http-version string on unpack, to choose which behavior to use.

Motivation: I was trying to implement sessions and the request object kept losing my cookie, but not the CSRF cookie. After a lot of learning, I realized that browsers were sending multiple Cookie headers via HTTP/2. I saw this behavior with both Chrome and Safari. When I set the Cro server to only accept 1.1, the browsers would only send 1 Cookie header, and the request object could parse it without issue.

Relevant RFC Section

Thanks!

[patrickbkr]

Oh! Good catch, research and implementation. Thank you!

[patrickbkr]

We are currently searching for people to help developing Cro further. We can use help in any area. (The most pressing need is people willing to review PRs, given we have a "one review required to merge a PR" rule.) Would you want to join?

[peelle]

Thank you for the kind words. Yes, I'd love to join and help out.

[patrickbkr]

Great! Thank you! In case you are not aware of the current situation of the project: Originally developed by Edument (always open source, but with commercial offerings), they recently handed the project over to the community. Now we're in the process of finding developers willing to help. Currently it's me and I know @coke has signalled interest. Not forgetting a few others happily creating PRs. We haven't made a release yet, but that's mostly because there are a few PRs outstanding that I want to get in. (My PRs are blocked on requiring a review.) Are there things you want to do specifically / are interested in working on?

…

On August 5, 2024 5:05:34 PM GMT+02:00, "James ( Jeremy ) Carman" ***@***.***> wrote: Thank you for the kind words. Yes, I'd love to join and help out. -- Reply to this email directly or view it on GitHub: #198 (comment) You are receiving this because you modified the open/close state. Message ID: ***@***.***>

[peelle]

I would enjoy doing PR reviews and fixing/updating tests first while I'm still getting comfortable with Cro. I don't have any strong desires currently. I can probably be most useful with the WebApp and OpenAPI sections. That aligns with my Perl work experience. I have some interest in learning more about web sockets, but that area is still very new to me.

[patrickbkr]

That sounds nice. Are you aware of the #cro IRC channel on libera? I think that and GitHub issues are the two places where discussion happens. Can I egoistically point you to cro-http #191, #192 and #193 and cro-core #41 and #40?

…

On August 6, 2024 5:46:07 PM GMT+02:00, "James ( Jeremy ) Carman" ***@***.***> wrote: I would enjoy doing PR reviews and fixing/updating tests first while I'm still getting comfortable with Cro. I don't have any strong desires currently. I can probably be most useful with the WebApp and OpenAPI sections. That aligns with my Perl work experience. I have some interest in learning more about web sockets, but that area is still very new to me. -- Reply to this email directly or view it on GitHub: #198 (comment) You are receiving this because you modified the open/close state. Message ID: ***@***.***>