Annotation of parser3/src/types/pa_vcookie.C, revision 1.92
1.6 paf 1: /** @file
2: Parser: cookie class.
3:
1.86 moko 4: Copyright (c) 2001-2012 Art. Lebedev Studio (http://www.artlebedev.com)
1.34 paf 5: Author: Alexandr Petrosian <paf@design.ru> (http://paf.design.ru)
1.44 paf 6: */
1.6 paf 7:
1.11 paf 8: #include "pa_sapi.h"
1.3 paf 9: #include "pa_common.h"
1.1 paf 10: #include "pa_vcookie.h"
11: #include "pa_vstring.h"
1.49 paf 12: #include "pa_vdate.h"
1.56 paf 13: #include "pa_vhash.h"
1.74 misha 14: #include "pa_request.h"
1.56 paf 15:
1.92 ! moko 16: volatile const char * IDENT_PA_VCOOKIE_C="$Id: pa_vcookie.C,v 1.91 2015/09/22 23:55:54 moko Exp $" IDENT_PA_VCOOKIE_H;
1.86 moko 17:
1.56 paf 18: // defines
19:
20: #define PATH_NAME "path"
21: #define PATH_VALUE_DEFAULT "/"
1.1 paf 22:
23: #define SESSION_NAME "session"
24: #define DEFAULT_EXPIRES_DAYS 90
1.9 paf 25:
1.72 misha 26: #define COOKIE_FIELDS_ELEMENT_NAME "fields"
27:
1.56 paf 28: // statics
29:
30: static const String path_name(PATH_NAME);
31: static const String path_value_default(PATH_VALUE_DEFAULT);
32:
1.1 paf 33: // VCookie
34:
1.74 misha 35: VCookie::VCookie(Request_charsets& acharsets, Request_info& arequest_info):
36: fcharsets(acharsets),
37: frequest_info(arequest_info) {
38: }
39:
1.80 misha 40: Value* VCookie::get_element(const String& aname) {
1.89 misha 41: #ifndef OPTIMIZE_BYTECODE_GET_ELEMENT__SPECIAL
1.28 parser 42: // $CLASS
1.46 paf 43: if(aname==CLASS_NAME)
1.28 parser 44: return this;
45:
1.76 misha 46: // $CLASS_NAME
47: if(aname==CLASS_NAMETEXT)
48: return new VString(cookie_class_name);
1.89 misha 49: #endif
1.76 misha 50:
1.74 misha 51: // $fields
1.72 misha 52: if(aname==COOKIE_FIELDS_ELEMENT_NAME){
1.74 misha 53: if(should_refill())
54: refill();
55:
56: HashStringValue *result=new HashStringValue(before);
1.72 misha 57: after.for_each<HashStringValue*>(copy_all_overwrite_to, result);
58: deleted.for_each<HashStringValue*>(remove_key_from, result);
59: return new VHash(*result);
60: }
61:
1.1 paf 62: // $cookie
1.46 paf 63: if(deleted.get(aname)) // deleted?
1.1 paf 64: return 0;
65:
1.90 moko 66: if(Value* after_meaning=after.get(aname)) { // assigned 'after'?
1.56 paf 67: if(HashStringValue *hash=after_meaning->get_hash())
68: return hash->get(value_name);
1.2 paf 69: else
70: return after_meaning;
1.90 moko 71: }
1.1 paf 72:
1.74 misha 73: if(should_refill())
74: refill();
75:
1.1 paf 76: // neither deleted nor assigned
77: // return any value it had 'before'
1.56 paf 78: return before.get(aname);
1.1 paf 79: }
80:
1.84 misha 81: time_t expires_sec(double days_till_expire) {
82: time_t result=time(NULL)+(time_t)(60*60*24*days_till_expire);
83: struct tm* tms=gmtime(&result);
84: if(!tms)
85: throw Exception(DATE_RANGE_EXCEPTION_TYPE,
86: 0,
87: "bad expires time (seconds from epoch=%u)", result);
88: return result;
89: }
90:
1.88 moko 91: const VJunction* VCookie::put_element(const String& aname, Value* avalue) {
1.1 paf 92: // $cookie
1.56 paf 93: Value* lvalue;
1.84 misha 94: if(HashStringValue *hash=avalue->get_hash()) {
1.85 misha 95: if(Value* expires=hash->get(expires_name)){
96: const String* string;
97: if(!(expires->is_string() && (string=expires->get_string()) && (*string==SESSION_NAME)))
1.92 ! moko 98: if(!expires->as(VDATE_TYPE))
! 99: if(double days_till_expire=expires->as_double())
! 100: expires_sec(days_till_expire);
1.85 misha 101: }
1.56 paf 102: lvalue=hash->get(value_name);
1.84 misha 103: } else
1.50 paf 104: lvalue=avalue;
1.51 paf 105:
106: if(lvalue && lvalue->is_string()) {
107: // taint string being assigned
1.56 paf 108: String& tainted=*new String;
109: tainted.append(*lvalue->get_string(), String::L_TAINTED, true /*forced*/);
110: lvalue=new VString(tainted);
1.51 paf 111: }
1.1 paf 112:
1.71 misha 113: if( !lvalue || lvalue->as_string().is_empty() ) {
114: deleted.put(aname, avalue);
115: after.put(aname, 0);
116: } else {
117: after.put(aname, avalue);
118: deleted.put(aname, 0);
119: }
1.64 paf 120: return PUT_ELEMENT_REPLACED_ELEMENT;
1.1 paf 121: }
122:
1.56 paf 123: static Value& expires_vdate(double days_till_expire) {
1.91 moko 124: return *new VDate((pa_time_t)expires_sec(days_till_expire));
1.1 paf 125: }
126:
1.25 parser 127: /*
1.49 paf 128: @todo
1.87 misha 129: http://curl.haxx.se/rfc/cookie_spec.html
130: http://www.w3.org/Protocols/rfc2109/rfc2109
1.25 parser 131: When sending cookies to a server,
132: all cookies with a more specific path mapping should be sent before cookies
133: with less specific path mappings.
134: For example, a cookie "name1=foo" with a path mapping of "/" should be sent after
135: a cookie "name1=foo2" with a path mapping of "/bar" if they are both to be sent.
136:
1.74 misha 137: There are limitations on the number of cookies that a client can store at any one time.
138: This is a specification of the minimum number of cookies that a client should be prepared
139: to receive and store.
140: 300 total cookies
141: 4 kilobytes per cookie, where the name and the OPAQUE_STRING combine
142: to form the 4 kilobyte limit.
143: 20 cookies per server or domain. (note that completely specified hosts
144: and domains are treated as separate entities and have a 20 cookie limitation
145: for each, not combined)
1.25 parser 146: */
1.74 misha 147:
148: const String* output_set_cookie_value(
149: HashStringValue::key_type aname,
150: HashStringValue::value_type ameaning,
151: bool adelete){
152: String* result=new String();
1.1 paf 153: // attribute=
1.79 misha 154: *result << String(aname, String::L_HTTP_COOKIE) << "=";
1.74 misha 155:
1.56 paf 156: Value* lmeaning;
1.1 paf 157: // figure out 'meaning'
1.61 paf 158: // Set-Cookie: (attribute)=(value); path=/
159: HashStringValue *hash;
160: double default_expires_days=adelete?-DEFAULT_EXPIRES_DAYS:+DEFAULT_EXPIRES_DAYS;
161: if((hash=ameaning->get_hash())) { // ...[hash value]
162: // clone to safely change it
1.74 misha 163: lmeaning=new VHash(*hash);
164: hash=lmeaning->get_hash();
165:
1.61 paf 166: // $expires
167: if(Value* expires=hash->get(expires_name)) {
168: const String* string;
169: if(expires->is_string() && (string=expires->get_string()) && (*string==SESSION_NAME)) {
170: // $expires[session]
171: hash->remove(expires_name);
172: } else {
1.80 misha 173: if(Value* vdate=expires->as(VDATE_TYPE))
1.61 paf 174: hash->put(expires_name, vdate); // $expires[DATE]
175: else if(double days_till_expire=expires->as_double())
176: hash->put(expires_name, &expires_vdate(days_till_expire)); // $expires(days)
177: else
178: hash->remove(expires_name); // $expires(0)
179: }
180: } else // $expires not assigned, defaulting
181: hash->put(expires_name, &expires_vdate(default_expires_days));
182: } else { // ...[string value]
183: Value* wrap_meaning=new VHash;
184: hash=wrap_meaning->get_hash();
185: // wrapping lmeaning into hash
186: hash->put(value_name, ameaning);
187: // string = $expires not assigned, defaulting
188: hash->put(expires_name, &expires_vdate(default_expires_days));
189: // replacing lmeaning with hash-wrapped one
190: lmeaning=wrap_meaning;
191: }
192:
193: if(adelete) {// removing value
1.25 parser 194: /*
1.87 misha 195: http://curl.haxx.se/rfc/cookie_spec.html
196: http://www.w3.org/Protocols/rfc2109/rfc2109
1.25 parser 197: to delete a cookie, it can do so by returning a cookie with the same name,
198: and an expires time which is in the past
199: */
200:
1.1 paf 201: // Set-Cookie: (attribute)=; path=/
1.61 paf 202: lmeaning->get_hash()->remove(value_name);
1.1 paf 203: }
1.74 misha 204:
1.1 paf 205: // defaulting path
1.56 paf 206: if(!lmeaning->get_hash()->get(path_name))
1.74 misha 207: lmeaning->get_hash()->put(path_name, new VString(path_value_default));
1.1 paf 208:
1.56 paf 209: // append lmeaning
1.74 misha 210: *result << attributed_meaning_to_string(*lmeaning, String::L_HTTP_COOKIE, true, true /* allow bool attr */);
1.1 paf 211:
1.74 misha 212: return result;
1.1 paf 213: }
1.74 misha 214:
215:
216: struct Cookie_pass_info {
217: SAPI_Info* sapi_info;
218: Request_charsets* charsets;
219: };
220:
221: void output_set_cookie_header(
222: HashStringValue::key_type aattribute,
223: HashStringValue::value_type ameaning,
224: bool adelete,
225: Cookie_pass_info& cookie_info
226: ){
1.82 misha 227: SAPI::add_header_attribute(*cookie_info.sapi_info, "set-cookie",
1.79 misha 228: output_set_cookie_value(aattribute, ameaning, adelete)->untaint_cstr(String::L_AS_IS, 0, cookie_info.charsets));
1.56 paf 229: }
1.74 misha 230:
231: void output_after(
232: HashStringValue::key_type aattribute,
233: HashStringValue::value_type ameaning,
234: Cookie_pass_info& cookie_info
235: ){
236: output_set_cookie_header(aattribute, ameaning, false, cookie_info);
237: }
238:
239: void output_deleted(
240: HashStringValue::key_type aattribute,
241: HashStringValue::value_type ameaning,
242: Cookie_pass_info& cookie_info
243: ){
244: if(ameaning)
245: output_set_cookie_header(aattribute, ameaning, true, cookie_info);
246: }
247:
1.56 paf 248: void VCookie::output_result(SAPI_Info& sapi_info) {
1.74 misha 249: Cookie_pass_info cookie_info={&sapi_info, &fcharsets};
250:
251: after.for_each<Cookie_pass_info&>(output_after, cookie_info);
252: deleted.for_each<Cookie_pass_info&>(output_deleted, cookie_info);
253: }
254:
255: bool VCookie::should_refill(){
256: return !(
257: &fcharsets.source()==filled_source
258: && &fcharsets.client()==filled_client
259: );
260: }
261:
262: //#include <stdio.h>
263: void VCookie::refill(){
264: //request_info.cookie="test-session=value%3D5; test-default1=value%3D1; test-default2=value%3D2; test-tomorrow=value%3D3";
265: //request_info.cookie="enabled=yes; auth.uid=196325308053599810; enabled=yes; msnames; msuri"; // mdm
266: if(!frequest_info.cookie)
267: return;
268: /*
269: FILE *f=fopen("c:\\temp\\a", "wt");
270: fprintf(f, "cookie=%s", request_info.cookie);
271: fclose(f);
272: */
273: char *cookies=strdup(frequest_info.cookie);
274: char *current=cookies;
275: //_asm int 3;
276: do {
277: if(char *attribute=search_stop(current, '='))
278: if(char *meaning=search_stop(current, ';')) {
279: const String& sattribute=
1.83 misha 280: *new String(unescape_chars(attribute, strlen(attribute), &fcharsets.source(), true), String::L_TAINTED);
1.74 misha 281: const String& smeaning=
1.83 misha 282: *new String(unescape_chars(meaning, strlen(meaning), &fcharsets.source(), true), String::L_TAINTED);
1.74 misha 283: before.put(sattribute, new VString(smeaning));
284:
285: //if(sattribute == "test_js") throw Exception(0, 0, "'%s' '%s'", meaning, smeaning.cstr());
286: }
287: } while(current);
288:
289: filled_source=&fcharsets.source();
290: filled_client=&fcharsets.client();
1.1 paf 291: }
1.74 misha 292:
E-mail:
![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to pa_vcookie.C CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [parser3project] / parser3 / src / types