Hi.  I'm not sure if this is the correct mailing list for this, but.... I
think that WEBrick::Cookie::parse_set_cookie should return an
array of cookies rather than just one.  RFC2109 section 4.2.2 says:

  Informally, the Set-Cookie response header comprises the token Set-
  Cookie:, followed by a comma-separated list of one or more cookies.

I've found at least one site (http://mail.google.com/mail/) sending multiple
cookies in one Set-Cookie header.  I've included a patch below that made
it work a bit better for me.  Sorry the patch is kind of long because I
indented stuff....

This also seems to be a problem in CGI::Cookie::parse.

--Aaron

--- lib/webrick/cookie.rb.old	2006-09-01 20:38:39.000000000 -0700
+++ lib/webrick/cookie.rb	2006-09-01 20:41:04.000000000 -0700
@@ -77,28 +77,32 @@
     end
 
     def self.parse_set_cookie(str)
-      cookie_elem = str.split(/;/)
-      first_elem = cookie_elem.shift
-      first_elem.strip!
-      key, value = first_elem.split(/=/, 2)
-      cookie = new(key, HTTPUtils.dequote(value))
-      cookie_elem.each{|pair|
-        pair.strip!
-        key, value = pair.split(/=/, 2)
-        if value
-          value = HTTPUtils.dequote(value.strip)
-        end
-        case key.downcase
-        when "domain"  then cookie.domain  = value
-        when "path"    then cookie.path    = value
-        when "expires" then cookie.expires = value
-        when "max-age" then cookie.max_age = Integer(value)
-        when "comment" then cookie.comment = value
-        when "version" then cookie.version = Integer(value)
-        when "secure"  then cookie.secure = true
-        end
+      cookies = []
+      str.gsub(/(,([^;,]*=)|,$)/) { "\r\n#{$2}" }.split(/\r\n/).each { |c|
+        cookie_elem = c.split(/;/)
+        first_elem = cookie_elem.shift
+        first_elem.strip!
+        key, value = first_elem.split(/=/, 2)
+        cookie = new(key, HTTPUtils.dequote(value))
+        cookie_elem.each{|pair|
+          pair.strip!
+          key, value = pair.split(/=/, 2)
+          if value
+            value = HTTPUtils.dequote(value.strip)
+          end
+          case key.downcase
+          when "domain"  then cookie.domain  = value
+          when "path"    then cookie.path    = value
+          when "expires" then cookie.expires = value
+          when "max-age" then cookie.max_age = Integer(value)
+          when "comment" then cookie.comment = value
+          when "version" then cookie.version = Integer(value)
+          when "secure"  then cookie.secure = true
+          end
+        }
+        cookies << cookie
       }
-      return cookie
+      return cookies
     end
   end
 end