kcookiejar.cpp

来自「将konqueror浏览器移植到ARM9 2410中」· C++ 代码 · 共 1,257 行 · 第 1/3 页

                          QString &_path)
{
    KURL kurl(_url);
    if (kurl.isMalformed())
       return false;

    _fqdn = kurl.host().lower();

    // Cookie spoofing protection.  Since there is no way a path separator
    // or escape encoded character is allowed in the hostname according
    // to RFC 2396, reject attempts to include such things there!
    if(_fqdn.find('/') > -1 || _fqdn.find('%') > -1)
    {
        return false;  // deny everything!!
    }

    _path = kurl.path();
    if (_path.isEmpty())
       _path = "/";
    return true;
}

void KCookieJar::extractDomains(const QString &_fqdn,
                                QStringList &_domains)
{
    // Use fqdn only if the fqdn consists of numbers.
    if ((_fqdn[0] >= '0') && (_fqdn[0] <= '9'))
    {
       _domains.append( _fqdn );
       return;
    }

    QStringList partList = QStringList::split('.', _fqdn, false);

    if (partList.count())
        partList.remove(partList.begin()); // Remove hostname

    while(partList.count())
    {
       if (partList.count() == 1)
         break; // We only have a TLD left.
       if (partList.count() == 2)
       {
          // If this is a TLD, we should stop. (e.g. co.uk)
          // We assume this is a TLD if it ends with .xx.yy or .x.yy
          if ((partList[0].length() <= 2) &&
              (partList[1].length() == 2))
             break; // This is a TLD.
       }
       QString domain = partList.join(".");
       _domains.append("." + domain);
       _domains.append(domain);
       partList.remove(partList.begin()); // Remove part
    }

    // Only URLs that would get in here are of type
    // "host.foo" or "host.co.fo" so simply append
    // a '.' on top to make sure they are stored under
    // the proper cookie domain.
    if (_domains.isEmpty())
       _domains.append( "." + _fqdn );

    // Always add the FQDN at the end of the list for
    // hostname == cookie-domainname checks!
    _domains.append( _fqdn );
}

//
// This function parses cookie_headers and returns a linked list of
// KHttpCookie objects for all cookies found in cookie_headers.
// If no cookies could be found 0 is returned.
//
// cookie_headers should be a concatenation of all lines of a HTTP-header
// which start with "Set-Cookie". The lines should be separated by '\n's.
//
KHttpCookiePtr KCookieJar::makeCookies(const QString &_url,
                                       const QCString &cookie_headers,
                                       long windowId)
{
    KHttpCookiePtr cookieChain = 0;
    KHttpCookiePtr lastCookie = 0;
    const char *cookieStr = cookie_headers.data();
    QString Name;
    QString Value;
    QString fqdn;
    QString path;

    if (!parseURL(_url, fqdn, path))
    {
        // Error parsing _url
        return 0;
    }

    //  The hard stuff :)
    for(;;)
    {
        // check for "Set-Cookie"
        if (strncasecmp(cookieStr, "Set-Cookie:", 11) == 0)
        {
            cookieStr = parseNameValue(cookieStr+11, Name, Value, true);

            if (Name.isEmpty())
                continue;

            // Host = FQDN
            // Default domain = ""
            // Default path = ""
            KHttpCookie *cookie = new KHttpCookie(fqdn, "", "", Name, Value);
            cookie->mWindowId = windowId;

            // Insert cookie in chain
            if (lastCookie)
               lastCookie->nextCookie = cookie;
            else
               cookieChain = cookie;
            lastCookie = cookie;
        }
        else if (lastCookie && (strncasecmp(cookieStr, "Set-Cookie2:", 12) == 0))
        {
            // What the fuck is this?
            // Does anyone invent his own headers these days?
            // Read the fucking RFC guys! This header is not there!
            cookieStr +=12;
            // Continue with lastCookie
        }
        else
        {
            // This is not the start of a cookie header, skip till next line.
            while (*cookieStr && *cookieStr != '\n')
                cookieStr++;

            if (*cookieStr == '\n')
                cookieStr++;

            if (!*cookieStr)
                break; // End of cookie_headers
            else
                continue; // end of this header, continue with next.
        }

        while ((*cookieStr == ';') || (*cookieStr == ' '))
        {
            cookieStr++;

            // Name-Value pair follows
            cookieStr = parseNameValue(cookieStr, Name, Value);

            Name = Name.lower();

            if (Name == "domain")
            {
                lastCookie->mDomain = Value.lower();
            }
            else if (Name == "max-age")
            {
                int max_age = Value.toInt();
                if (max_age == 0)
                    lastCookie->mExpireDate = 1;
                else
                    lastCookie->mExpireDate = time(0)+max_age;
            }
            else if (Name == "expires")
            {
                // Parse brain-dead netscape cookie-format
                lastCookie->mExpireDate = KRFCDate::parseDate(Value);
            }
            else if (Name == "path")
            {
                lastCookie->mPath = Value;
            }
            else if (Name == "version")
            {
                lastCookie->mProtocolVersion = Value.toInt();
            }
            else if (Name == "secure")
            {
                lastCookie->mSecure = true;
            }
        }

        if (*cookieStr == '\0')
            break; // End of header

        // Skip ';' or '\n'
        cookieStr++;
    }

    return cookieChain;
}

/**
* Parses cookie_domstr and returns a linked list of KHttpCookie objects.
* cookie_domstr should be a semicolon-delimited list of "name=value"
* pairs. Any whitespace before "name" or around '=' is discarded.
* If no cookies are found, 0 is returned.
*/
KHttpCookiePtr KCookieJar::makeDOMCookies(const QString &_url,
                                          const QCString &cookie_domstring,
                                          long windowId)
{
    // A lot copied from above
    KHttpCookiePtr cookieChain = 0;
    KHttpCookiePtr lastCookie = 0;

    const char *cookieStr = cookie_domstring.data();
    QString Name;
    QString Value;
    QString fqdn;
    QString path;

    if (!parseURL(_url, fqdn, path))
    {
        // Error parsing _url
        return 0;
    }

    //  This time it's easy
    while(*cookieStr)
    {
        cookieStr = parseNameValue(cookieStr, Name, Value);

        if (Name.isEmpty()) {
            if (*cookieStr != '\0')
                cookieStr++;         // Skip ';' or '\n'

            continue;
        }

        // Host = FQDN
        // Default domain = ""
        // Default path = ""
        KHttpCookie *cookie = new KHttpCookie(fqdn, QString::null, QString::null,
                                Name, Value );
        cookie->mWindowId = windowId;

        // Insert cookie in chain
        if (lastCookie)
            lastCookie->nextCookie = cookie;
        else
            cookieChain = cookie;

        lastCookie = cookie;

        if (*cookieStr != '\0')
            cookieStr++;         // Skip ';' or '\n'
     }

     return cookieChain;
}

//
// This function hands a KHttpCookie object over to the cookie jar.
//
// On return cookiePtr is set to 0.
//
void KCookieJar::addCookie(KHttpCookiePtr &cookiePtr)
{
    QString domain;
    QStringList domains;
    KHttpCookieList *cookieList = 0L;

    // We always need to do this to make sure that the
    // that cookies of type hostname == cookie-domainname
    // are properly removed and/or updated as necessary!
    extractDomains( cookiePtr->host(), domains );
    for ( QStringList::ConstIterator it = domains.begin();
          (it != domains.end() && !cookieList);
          ++it )
    {
        KHttpCookieList *list= cookieDomains[(*it)];
        if ( !list ) continue;

        for ( KHttpCookiePtr cookie=list->first(); cookie != 0; )
        {
            if ( cookiePtr->name() == cookie->name() &&
                 cookie->match(cookiePtr->host(),domains,cookiePtr->path()) )
            {
                KHttpCookiePtr old_cookie = cookie;
                cookie = list->next();
                list->removeRef( old_cookie );
                break;
            }
            else
            {
                cookie = list->next();
            }
        }
    }

    domain = stripDomain( cookiePtr );
    cookieList = cookieDomains[ domain ];
    if (!cookieList)
    {
        // Make a new cookie list
        cookieList = new KHttpCookieList();

        // All cookies whose domain is not already
        // known to us should be added with KCookieDunno.
        // KCookieDunno means that we use the global policy.
        cookieList->setAdvice( KCookieDunno );

        cookieDomains.insert( domain, cookieList);

        // Update the list of domains
        domainList.append(domain);
    }

    // Add the cookie to the cookie list
    // The cookie list is sorted 'longest path first'
    if (!cookiePtr->isExpired(time(0)))
    {
        cookieList->inSort( cookiePtr );
        cookiesChanged = true;
    }
    else
    {
        delete cookiePtr;
    }
    cookiePtr = 0;
}

//
// This function advices whether a single KHttpCookie object should
// be added to the cookie jar.
//
KCookieAdvice KCookieJar::cookieAdvice(KHttpCookiePtr cookiePtr)
{
    QStringList domains;
    extractDomains(cookiePtr->host(), domains);
    bool isEmptyDomain = cookiePtr->domain().isEmpty();

    if (!isEmptyDomain )
    {
       // Cookie specifies a domain. Check whether it is valid.
       bool valid = false;

       // This checks whether the cookie is valid based on
       // what ::extractDomains returns
       if (!valid)
       {
          if (domains.contains(cookiePtr->domain()))
             valid = true;
       }

       if (!valid)
       {
          // Maybe the domain doesn't start with a "."
          QString domain = "."+cookiePtr->domain();
          if (domains.contains(domain))
             valid = true;
       }

       if (!valid)
       {
          qWarning("WARNING: Host %s tries to set cookie for domain %s",
                    cookiePtr->host().latin1(), cookiePtr->domain().latin1());
          cookiePtr->fixDomain(QString::null);
          isEmptyDomain = true;
       }
    }

    // For empty domain use the FQDN to find a
    // matching advice for the pending cookie.
    QString domain;
    if ( isEmptyDomain )
       domain = domains[0];
    else
       domain = cookiePtr->domain();

    KHttpCookieList *cookieList = cookieDomains[domain];
    KCookieAdvice advice;
    if (cookieList)
    {
        advice = cookieList->getAdvice();
        if (advice == KCookieDunno)
        {
           advice = globalAdvice;
        }
    }
    else
    {
        advice = globalAdvice;
    }
    return advice;
}

//
// This function gets the advice for all cookies originating from
// _domain.
//
KCookieAdvice KCookieJar::getDomainAdvice(const QString &_domain)
{
    KHttpCookieList *cookieList = cookieDomains[_domain];
    KCookieAdvice advice;

    if (cookieList)
    {
        advice = cookieList->getAdvice();
    }
    else
    {
        advice = KCookieDunno;
    }

    return advice;
}

//
// This function sets the advice for all cookies originating from
// _domain.
//
void KCookieJar::setDomainAdvice(const QString &_domain, KCookieAdvice _advice)
{
    QString domain(_domain);
    KHttpCookieList *cookieList = cookieDomains[domain];

    if (cookieList)
    {
        if (cookieList->getAdvice() != _advice);