Aren/haiku
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

NetworkCookie: remove unused cookie attributes and add HttpOnly

Browse Source
This commit is contained in:
Hamish Morrison 2013-01-30 16:49:37 +00:00
parent 05f42aaba4
commit 2db5d2bc95
2 changed files with 71 additions and 257 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
headers/os/net/NetworkCookie.h
View File

@ -32,33 +32,27 @@ public:
BNetworkCookie& ParseCookieString(const BString& cookieString); BNetworkCookie& ParseCookieString(const BString& cookieString);
// Modify the cookie fields // Modify the cookie fields
BNetworkCookie& SetComment(const BString& comment); BNetworkCookie& SetName(const BString& name);
BNetworkCookie& SetCommentUrl(const BString& commentUrl); BNetworkCookie& SetValue(const BString& value);
BNetworkCookie& SetDiscard(bool discard);
BNetworkCookie& SetDomain(const BString& domain); BNetworkCookie& SetDomain(const BString& domain);
BNetworkCookie& SetPath(const BString& path);
BNetworkCookie& SetMaxAge(int32 maxAge); BNetworkCookie& SetMaxAge(int32 maxAge);
BNetworkCookie& SetExpirationDate(time_t expireDate); BNetworkCookie& SetExpirationDate(time_t expireDate);
BNetworkCookie& SetExpirationDate(BDateTime& expireDate); BNetworkCookie& SetExpirationDate(BDateTime& expireDate);
BNetworkCookie& SetPath(const BString& path);
BNetworkCookie& SetSecure(bool secure); BNetworkCookie& SetSecure(bool secure);
BNetworkCookie& SetVersion(int8 version); BNetworkCookie& SetHttpOnly(bool httpOnly);
BNetworkCookie& SetName(const BString& name);
BNetworkCookie& SetValue(const BString& value);
// Access the cookie fields // Access the cookie fields
const BString& CommentUrl() const;
const BString& Comment() const;
bool Discard() const;
const BString& Domain() const;
int32 MaxAge() const;
time_t ExpirationDate() const;
const BString& ExpirationString() const;
const BString& Path() const;
bool Secure() const;
int8 Version() const;
const BString& Name() const; const BString& Name() const;
const BString& Value() const; const BString& Value() const;
const BString& Domain() const;
const BString& Path() const;
time_t ExpirationDate() const;
const BString& ExpirationString() const;
bool Secure() const;
bool HttpOnly() const;
const BString& RawCookie(bool full) const; const BString& RawCookie(bool full) const;
bool IsSessionCookie() const; bool IsSessionCookie() const;
bool IsValid(bool strict = false) const; bool IsValid(bool strict = false) const;
bool IsValidForUrl(const BUrl& url) const; bool IsValidForUrl(const BUrl& url) const;
@ -66,16 +60,11 @@ public:
bool IsValidForPath(const BString& path) const; bool IsValidForPath(const BString& path) const;
// Test if cookie fields are defined // Test if cookie fields are defined
bool HasCommentUrl() const;
bool HasComment() const;
bool HasDiscard() const;
bool HasDomain() const;
bool HasMaxAge() const;
bool HasExpirationDate() const;
bool HasPath() const;
bool HasVersion() const;
bool HasName() const; bool HasName() const;
bool HasValue() const; bool HasValue() const;
bool HasDomain() const;
bool HasPath() const;
bool HasExpirationDate() const;
// Test if cookie could be deleted // Test if cookie could be deleted
bool ShouldDeleteAtExit() const; bool ShouldDeleteAtExit() const;
@ -104,23 +93,18 @@ private:
mutable BString fRawFullCookie; mutable BString fRawFullCookie;
mutable bool fRawFullCookieValid; mutable bool fRawFullCookieValid;
BString fComment;
BString fCommentUrl;
bool fDiscard;
BString fDomain; BString fDomain;
BDateTime fExpiration; BDateTime fExpiration;
mutable BString fExpirationString; mutable BString fExpirationString;
mutable bool fExpirationStringValid; mutable bool fExpirationStringValid;
BString fPath; BString fPath;
bool fSecure; bool fSecure;
int8 fVersion; bool fHttpOnly;
BString fName; BString fName;
BString fValue; BString fValue;
bool fHasDiscard;
bool fHasExpirationDate; bool fHasExpirationDate;
bool fSessionCookie; bool fSessionCookie;
bool fHasVersion;
}; };
#endif // _B_NETWORK_COOKIE_H_ #endif // _B_NETWORK_COOKIE_H_

282
src/kits/network/libnetapi/NetworkCookie.cpp
View File

@ -7,35 +7,30 @@
*/ */
#include <cstdlib>
#include <ctime>
#include <new> #include <new>
#include <stdio.h>
#include <stdlib.h>
#include <time.h>
#include <HttpTime.h> #include <HttpTime.h>
#include <NetworkCookie.h> #include <NetworkCookie.h>
#include <cstdio>
#define PRINT(x) printf x; #define PRINT(x) printf x;
using BPrivate::BHttpTime; using BPrivate::BHttpTime;
static const char* kArchivedCookieComment = "be:cookie.comment"; static const char* kArchivedCookieName = "be:cookie.name";
static const char* kArchivedCookieCommentUrl = "be:cookie.commenturl"; static const char* kArchivedCookieValue = "be:cookie.value";
static const char* kArchivedCookieDiscard = "be:cookie.discard"; static const char* kArchivedCookieDomain = "be:cookie.domain";
static const char* kArchivedCookieDomain = "be:cookie.domain"; static const char* kArchivedCookiePath = "be:cookie.path";
static const char* kArchivedCookieExpirationDate = "be:cookie.expiredate"; static const char* kArchivedCookieExpirationDate = "be:cookie.expirationdate";
static const char* kArchivedCookiePath = "be:cookie.path"; static const char* kArchivedCookieSecure = "be:cookie.secure";
static const char* kArchivedCookieSecure = "be:cookie.secure"; static const char* kArchivedCookieHttpOnly = "be:cookie.httponly";
static const char* kArchivedCookieVersion = "be:cookie.version";
static const char* kArchivedCookieName = "be:cookie.name";
static const char* kArchivedCookieValue = "be:cookie.value";
BNetworkCookie::BNetworkCookie(const char* name, const char* value) BNetworkCookie::BNetworkCookie(const char* name, const char* value)
: :
fDiscard(false),
fExpiration(BDateTime::CurrentDateTime(B_GMT_TIME)),
fVersion(0),
fName(name), fName(name),
fValue(value), fValue(value),
fSessionCookie(true) fSessionCookie(true)
@ -45,12 +40,6 @@ BNetworkCookie::BNetworkCookie(const char* name, const char* value)
BNetworkCookie::BNetworkCookie(const BNetworkCookie& other) BNetworkCookie::BNetworkCookie(const BNetworkCookie& other)
:
BArchivable(),
fDiscard(false),
fExpiration(BDateTime::CurrentDateTime(B_GMT_TIME)),
fVersion(0),
fSessionCookie(true)
{ {
_Reset(); _Reset();
*this = other; *this = other;
@ -58,11 +47,6 @@ BNetworkCookie::BNetworkCookie(const BNetworkCookie& other)
BNetworkCookie::BNetworkCookie(const BString& cookieString) BNetworkCookie::BNetworkCookie(const BString& cookieString)
:
fDiscard(false),
fExpiration(BDateTime::CurrentDateTime(B_GMT_TIME)),
fVersion(0),
fSessionCookie(true)
{ {
_Reset(); _Reset();
ParseCookieString(cookieString); ParseCookieString(cookieString);
@ -71,11 +55,6 @@ BNetworkCookie::BNetworkCookie(const BString& cookieString)
BNetworkCookie::BNetworkCookie(const BString& cookieString, BNetworkCookie::BNetworkCookie(const BString& cookieString,
const BUrl& url) const BUrl& url)
:
fDiscard(false),
fExpiration(BDateTime::CurrentDateTime(B_GMT_TIME)),
fVersion(0),
fSessionCookie(true)
{ {
_Reset(); _Reset();
ParseCookieStringFromUrl(cookieString, url); ParseCookieStringFromUrl(cookieString, url);
@ -84,9 +63,6 @@ BNetworkCookie::BNetworkCookie(const BString& cookieString,
BNetworkCookie::BNetworkCookie(BMessage* archive) BNetworkCookie::BNetworkCookie(BMessage* archive)
: :
fDiscard(false),
fExpiration(BDateTime::CurrentDateTime(B_GMT_TIME)),
fVersion(0),
fSessionCookie(true) fSessionCookie(true)
{ {
_Reset(); _Reset();
@ -94,17 +70,10 @@ BNetworkCookie::BNetworkCookie(BMessage* archive)
archive->FindString(kArchivedCookieName, &fName); archive->FindString(kArchivedCookieName, &fName);
archive->FindString(kArchivedCookieValue, &fValue); archive->FindString(kArchivedCookieValue, &fValue);
archive->FindString(kArchivedCookieComment, &fComment);
archive->FindString(kArchivedCookieCommentUrl, &fCommentUrl);
archive->FindString(kArchivedCookieDomain, &fDomain); archive->FindString(kArchivedCookieDomain, &fDomain);
archive->FindString(kArchivedCookiePath, &fPath); archive->FindString(kArchivedCookiePath, &fPath);
archive->FindBool(kArchivedCookieSecure, &fSecure); archive->FindBool(kArchivedCookieSecure, &fSecure);
archive->FindBool(kArchivedCookieHttpOnly, &fHttpOnly);
if (archive->FindBool(kArchivedCookieDiscard, &fDiscard) == B_OK)
fHasDiscard = true;
if (archive->FindInt8(kArchivedCookieVersion, &fVersion) == B_OK)
fHasVersion = true;
int32 expiration; int32 expiration;
if (archive->FindInt32(kArchivedCookieExpirationDate, &expiration) if (archive->FindInt32(kArchivedCookieExpirationDate, &expiration)
@ -115,12 +84,6 @@ BNetworkCookie::BNetworkCookie(BMessage* archive)
BNetworkCookie::BNetworkCookie() BNetworkCookie::BNetworkCookie()
:
fDiscard(false),
fExpiration(BDateTime::CurrentDateTime(B_GMT_TIME)),
fPath("/"),
fVersion(0),
fSessionCookie(true)
{ {
_Reset(); _Reset();
} }
@ -169,28 +132,29 @@ BNetworkCookie::ParseCookieString(const BString& string)
BNetworkCookie& BNetworkCookie&
BNetworkCookie::SetComment(const BString& comment) BNetworkCookie::SetName(const BString& name)
{ {
fComment = comment; fName = name;
fRawFullCookieValid = false; fRawFullCookieValid = false;
fRawCookieValid = false;
return *this; return *this;
} }
BNetworkCookie& BNetworkCookie&
BNetworkCookie::SetCommentUrl(const BString& commentUrl) BNetworkCookie::SetValue(const BString& value)
{ {
fCommentUrl = commentUrl; fValue = value;
fRawFullCookieValid = false; fRawFullCookieValid = false;
fRawCookieValid = false;
return *this; return *this;
} }
BNetworkCookie& BNetworkCookie&
BNetworkCookie::SetDiscard(bool discard) BNetworkCookie::SetPath(const BString& path)
{ {
fDiscard = discard; fPath = path;
fHasDiscard = true;
fRawFullCookieValid = false; fRawFullCookieValid = false;
return *this; return *this;
} }
@ -249,15 +213,6 @@ BNetworkCookie::SetExpirationDate(BDateTime& expireDate)
} }
BNetworkCookie&
BNetworkCookie::SetPath(const BString& path)
{
fPath = path;
fRawFullCookieValid = false;
return *this;
}
BNetworkCookie& BNetworkCookie&
BNetworkCookie::SetSecure(bool secure) BNetworkCookie::SetSecure(bool secure)
{ {
@ -268,31 +223,10 @@ BNetworkCookie::SetSecure(bool secure)
BNetworkCookie& BNetworkCookie&
BNetworkCookie::SetVersion(int8 version) BNetworkCookie::SetHttpOnly(bool httpOnly)
{ {
fVersion = version; fHttpOnly = httpOnly;
fHasVersion = true;
fRawCookieValid = false;
return *this;
}
BNetworkCookie&
BNetworkCookie::SetName(const BString& name)
{
fName = name;
fRawFullCookieValid = false; fRawFullCookieValid = false;
fRawCookieValid = false;
return *this;
}
BNetworkCookie&
BNetworkCookie::SetValue(const BString& value)
{
fValue = value;
fRawFullCookieValid = false;
fRawCookieValid = false;
return *this; return *this;
} }
@ -301,23 +235,16 @@ BNetworkCookie::SetValue(const BString& value)
const BString& const BString&
BNetworkCookie::Comment() const BNetworkCookie::Name() const
{ {
return fComment; return fName;
} }
const BString& const BString&
BNetworkCookie::CommentUrl() const BNetworkCookie::Value() const
{ {
return fCommentUrl; return fValue;
}
bool
BNetworkCookie::Discard() const
{
return fDiscard;
} }
@ -328,10 +255,10 @@ BNetworkCookie::Domain() const
} }
int32 const BString&
BNetworkCookie::MaxAge() const BNetworkCookie::Path() const
{ {
return fExpiration.Time_t() - BDateTime::CurrentDateTime(B_GMT_TIME).Time_t(); return fPath;
} }
@ -356,13 +283,6 @@ BNetworkCookie::ExpirationString() const
} }
const BString&
BNetworkCookie::Path() const
{
return fPath;
}
bool bool
BNetworkCookie::Secure() const BNetworkCookie::Secure() const
{ {
@ -370,24 +290,10 @@ BNetworkCookie::Secure() const
} }
int8 bool
BNetworkCookie::Version() const BNetworkCookie::HttpOnly() const
{ {
return fVersion; return fHttpOnly;
}
const BString&
BNetworkCookie::Name() const
{
return fName;
}
const BString&
BNetworkCookie::Value() const
{
return fValue;
} }
@ -400,23 +306,16 @@ BNetworkCookie::RawCookie(bool full) const
fRawFullCookie << fName << "=" << fValue; fRawFullCookie << fName << "=" << fValue;
if (HasCommentUrl())
fRawFullCookie << "; Comment-Url=" << fCommentUrl;
if (HasComment())
fRawFullCookie << "; Comment=" << fComment;
if (HasDiscard())
fRawFullCookie << "; Discard=" << (fDiscard?"true":"false");
if (HasDomain()) if (HasDomain())
fRawFullCookie << "; Domain=" << fDomain; fRawFullCookie << "; Domain=" << fDomain;
if (HasExpirationDate()) if (HasExpirationDate())
fRawFullCookie << "; Max-Age=" << MaxAge(); fRawFullCookie << "; Expires=" << ExpirationString();
// fRawFullCookie << "; Expires=" << ExpirationString();
if (HasPath()) if (HasPath())
fRawFullCookie << "; Path=" << fPath; fRawFullCookie << "; Path=" << fPath;
if (Secure() && fSecure) if (Secure())
fRawFullCookie << "; Secure=" << (fSecure?"true":"false"); fRawFullCookie << "; Secure";
if (HasVersion()) if (HttpOnly())
fRawFullCookie << ", Version=" << fVersion; fRawFullCookie << "; HttpOnly";
} else if (!full && !fRawCookieValid) { } else if (!full && !fRawCookieValid) {
fRawCookie.Truncate(0); fRawCookie.Truncate(0);
@ -425,7 +324,7 @@ BNetworkCookie::RawCookie(bool full) const
fRawCookie << fName << "=" << fValue; fRawCookie << fName << "=" << fValue;
} }
return full?fRawFullCookie:fRawCookie; return full ? fRawFullCookie : fRawCookie;
} }
@ -442,13 +341,14 @@ BNetworkCookie::IsSessionCookie() const
bool bool
BNetworkCookie::IsValid(bool strict) const BNetworkCookie::IsValid(bool strict) const
{ {
return HasName() && HasValue() && (!strict || HasVersion()); return HasName() && HasValue();
} }
bool bool
BNetworkCookie::IsValidForUrl(const BUrl& url) const BNetworkCookie::IsValidForUrl(const BUrl& url) const
{ {
// TODO: Take secure attribute into account
BString urlHost = url.Host(); BString urlHost = url.Host();
BString urlPath = url.Path(); BString urlPath = url.Path();
@ -480,23 +380,16 @@ BNetworkCookie::IsValidForPath(const BString& path) const
bool bool
BNetworkCookie::HasCommentUrl() const BNetworkCookie::HasName() const
{ {
return fCommentUrl.Length() > 0; return fName.Length() > 0;
} }
bool bool
BNetworkCookie::HasComment() const BNetworkCookie::HasValue() const
{ {
return fComment.Length() > 0; return fValue.Length() > 0;
}
bool
BNetworkCookie::HasDiscard() const
{
return fHasDiscard;
} }
@ -514,27 +407,6 @@ BNetworkCookie::HasPath() const
} }
bool
BNetworkCookie::HasVersion() const
{
return fHasVersion;
}
bool
BNetworkCookie::HasName() const
{
return fName.Length() > 0;
}
bool
BNetworkCookie::HasValue() const
{
return fValue.Length() > 0;
}
bool bool
BNetworkCookie::HasExpirationDate() const BNetworkCookie::HasExpirationDate() const
{ {
@ -548,16 +420,14 @@ BNetworkCookie::HasExpirationDate() const
bool bool
BNetworkCookie::ShouldDeleteAtExit() const BNetworkCookie::ShouldDeleteAtExit() const
{ {
return (HasDiscard() && Discard()) return IsSessionCookie() || ShouldDeleteNow();
|| (!IsSessionCookie() && ShouldDeleteNow())
|| IsSessionCookie();
} }
bool bool
BNetworkCookie::ShouldDeleteNow() const BNetworkCookie::ShouldDeleteNow() const
{ {
if (!IsSessionCookie() && HasExpirationDate()) if (HasExpirationDate())
return (BDateTime::CurrentDateTime(B_GMT_TIME) > fExpiration); return (BDateTime::CurrentDateTime(B_GMT_TIME) > fExpiration);
return false; return false;
@ -585,24 +455,6 @@ BNetworkCookie::Archive(BMessage* into, bool deep) const
// We add optional fields only if they're defined // We add optional fields only if they're defined
if (HasComment()) {
error = into->AddString(kArchivedCookieComment, fComment);
if (error != B_OK)
return error;
}
if (HasCommentUrl()) {
error = into->AddString(kArchivedCookieCommentUrl, fCommentUrl);
if (error != B_OK)
return error;
}
if (HasDiscard()) {
error = into->AddBool(kArchivedCookieDiscard, fDiscard);
if (error != B_OK)
return error;
}
if (HasDomain()) { if (HasDomain()) {
error = into->AddString(kArchivedCookieDomain, fDomain); error = into->AddString(kArchivedCookieDomain, fDomain);
if (error != B_OK) if (error != B_OK)
@ -628,8 +480,8 @@ BNetworkCookie::Archive(BMessage* into, bool deep) const
return error; return error;
} }
if (HasVersion()) { if (HttpOnly()) {
error = into->AddInt8(kArchivedCookieVersion, fVersion); error = into->AddBool(kArchivedCookieHttpOnly, fHttpOnly);
if (error != B_OK) if (error != B_OK)
return error; return error;
} }
@ -663,21 +515,16 @@ BNetworkCookie::operator=(const BNetworkCookie& other)
fExpirationString = other.fExpirationString; fExpirationString = other.fExpirationString;
fExpirationStringValid = other.fExpirationStringValid; fExpirationStringValid = other.fExpirationStringValid;
fComment = other.fComment;
fCommentUrl = other.fCommentUrl;
fDiscard = other.fDiscard;
fDomain = other.fDomain;
fExpiration = other.fExpiration;
fPath = other.fPath;
fSecure = other.fSecure;
fVersion = other.fVersion;
fName = other.fName; fName = other.fName;
fValue = other.fValue; fValue = other.fValue;
fDomain = other.fDomain;
fPath = other.fPath;
fExpiration = other.fExpiration;
fSecure = other.fSecure;
fHttpOnly = other.fHttpOnly;
fHasDiscard = other.fHasDiscard;
fHasExpirationDate = other.fHasExpirationDate; fHasExpirationDate = other.fHasExpirationDate;
fSessionCookie = other.fSessionCookie; fSessionCookie = other.fSessionCookie;
fHasVersion = other.fHasVersion;
return *this; return *this;
} }
@ -708,21 +555,16 @@ BNetworkCookie::operator!=(const BNetworkCookie& other)
void void
BNetworkCookie::_Reset() BNetworkCookie::_Reset()
{ {
fComment.Truncate(0);
fCommentUrl.Truncate(0);
fDomain.Truncate(0); fDomain.Truncate(0);
fPath.Truncate(0); fPath.Truncate(0);
fName.Truncate(0); fName.Truncate(0);
fValue.Truncate(0); fValue.Truncate(0);
fDiscard = false;
fSecure = false; fSecure = false;
fVersion = 0; fHttpOnly = false;
fExpiration = 0; fExpiration = BDateTime();
fHasDiscard = false;
fHasExpirationDate = false; fHasExpirationDate = false;
fSessionCookie = true; fSessionCookie = true;
fHasVersion = false;
fRawCookieValid = false; fRawCookieValid = false;
fRawFullCookieValid = false; fRawFullCookieValid = false;
@ -782,17 +624,8 @@ BNetworkCookie::_ExtractNameValuePair(const BString& cookieString,
name.Trim(); name.Trim();
value.Trim(); value.Trim();
// Cookie comment
if (name == "comment")
SetComment(value);
// Cookie comment URL
else if (name == "comment-url")
SetCommentUrl(value);
// Cookie discard flag
else if (name == "discard")
SetDiscard(value.Length() == 0 || value.ToLower() == "true");
// Cookie max-age // Cookie max-age
else if (name == "maxage") if (name == "maxage")
SetMaxAge(atoi(value.String())); SetMaxAge(atoi(value.String()));
// Cookie expiration date // Cookie expiration date
else if (name == "expires") { else if (name == "expires") {
@ -807,9 +640,6 @@ BNetworkCookie::_ExtractNameValuePair(const BString& cookieString,
// Cookie secure flag // Cookie secure flag
else if (name == "secure") else if (name == "secure")
SetSecure(value.Length() == 0 || value.ToLower() == "true"); SetSecure(value.Length() == 0 || value.ToLower() == "true");
// Cookie version
else if (name == "version")
SetVersion(atoi(value.String()));
} }