# File lib/cookiejar/cookie_validation.rb, line 230
    def self.validate_cookie request_uri, cookie
      uri = to_uri request_uri
      request_host = effective_host uri.host
      request_path = uri.path
      request_secure = (uri.scheme == 'https')
      cookie_host = cookie.domain
      cookie_path = cookie.path
      
      errors = []
    
      # From RFC 2965, Section 3.3.2 Rejecting Cookies
    
      # A user agent rejects (SHALL NOT store its information) if the 
      # Version attribute is missing. Note that the legacy Set-Cookie
      # directive will result in an implicit version 0.
      unless cookie.version
        errors << "Version missing"
      end

      # The value for the Path attribute is not a prefix of the request-URI
      unless request_path.start_with? cookie_path 
        errors << "Path is not a prefix of the request uri path"
      end

      unless cookie_host =~ IPADDR || #is an IPv4 or IPv6 address
        cookie_host =~ /.\../ || #contains an embedded dot
        cookie_host == '.local' #is the domain cookie for local addresses
        errors << "Domain format is illegal"
      end
    
      # The effective host name that derives from the request-host does
      # not domain-match the Domain attribute.
      #
      # The request-host is a HDN (not IP address) and has the form HD,
      # where D is the value of the Domain attribute, and H is a string
      # that contains one or more dots.
      unless domains_match cookie_host, uri
        errors << "Domain is inappropriate based on request URI hostname"
      end
    
      # The Port attribute has a "port-list", and the request-port was
      # not in the list.
      unless cookie.ports.nil? || cookie.ports.length != 0
        unless cookie.ports.find_index uri.port
          errors << "Ports list does not contain request URI port"
        end
      end

      raise (InvalidCookieError.new errors) unless errors.empty?

      # Note: 'secure' is not explicitly defined as an SSL channel, and no
      # test is defined around validity and the 'secure' attribute
      true
    end