# File lib/http/cookie/scanner.rb, line 156
  def scan_set_cookie
    # RFC 6265 4.1.1 & 5.2
    until eos?
      start = pos
      len = nil

      skip_wsp

      name, value = scan_name_value(true)
      if value.nil?
        @logger.warn("Cookie definition lacks a name-value pair.") if @logger
      elsif name.empty?
        @logger.warn("Cookie definition has an empty name.") if @logger
        value = nil
      end
      attrs = {}

      case
      when skip(/,/)
        # The comma is used as separator for concatenating multiple
        # values of a header.
        len = (pos - 1) - start
        break
      when skip(/;/)
        skip_wsp
        aname, avalue = scan_name_value(true)
        next if aname.empty? || value.nil?
        aname.downcase!
        case aname
        when 'expires'
          # RFC 6265 5.2.1
          avalue &&= parse_cookie_date(avalue) or next
        when 'max-age'
          # RFC 6265 5.2.2
          next unless /\A-?\d+\z/.match(avalue)
        when 'domain'
          # RFC 6265 5.2.3
          # An empty value SHOULD be ignored.
          next if avalue.nil? || avalue.empty?
        when 'path'
          # RFC 6265 5.2.4
          # A relative path must be ignored rather than normalizing it
          # to "/".
          next unless /\A\//.match(avalue)
        when 'secure', 'httponly'
          # RFC 6265 5.2.5, 5.2.6
          avalue = true
        end
        attrs[aname] = avalue
      end until eos?

      len ||= pos - start

      if len > HTTP::Cookie::MAX_LENGTH
        @logger.warn("Cookie definition too long: #{name}") if @logger
        next
      end

      yield name, value, attrs if value
    end
  end