void KCookieJar::eatCookiesForDomain(const QString &domain)
{
KHttpCookieList *cookieList = m_cookieDomains[domain];
if (!cookieList || cookieList->isEmpty()) return;
cookieList->clear();
if (cookieList->getAdvice() == KCookieDunno)
{
// This deletes cookieList!
m_cookieDomains.remove(domain);
m_domainList.remove(domain);
}
m_cookiesChanged = true;
}
//
// This function gets the advice for all cookies originating from
// _domain.
//
KCookieAdvice KCookieJar::getDomainAdvice(const QString &_domain)
{
KHttpCookieList *cookieList = m_cookieDomains[_domain];
KCookieAdvice advice;
if (cookieList)
{
advice = cookieList->getAdvice();
}
else
{
advice = KCookieDunno;
}
return advice;
}
//
// This function advices whether a single KHttpCookie object should
// be added to the cookie jar.
//
KCookieAdvice KCookieJar::cookieAdvice(KHttpCookiePtr cookiePtr)
{
if (m_rejectCrossDomainCookies && cookiePtr->isCrossDomain())
return KCookieReject;
QStringList domains;
extractDomains(cookiePtr->host(), domains);
// If the cookie specifies a domain, check whether it is valid. Otherwise,
// accept the cookie anyways but remove the domain="" value to prevent
// cross-site cookie injection.
if (!cookiePtr->domain().isEmpty())
{
if (!domains.contains(cookiePtr->domain()) &&
!cookiePtr->domain().endsWith("."+cookiePtr->host()))
cookiePtr->fixDomain(QString::null);
}
if (m_autoAcceptSessionCookies && (cookiePtr->expireDate() == 0 ||
m_ignoreCookieExpirationDate))
return KCookieAccept;
KCookieAdvice advice = KCookieDunno;
bool isFQDN = true; // First is FQDN
QStringList::Iterator it = domains.begin(); // Start with FQDN which first in the list.
while( (advice == KCookieDunno) && (it != domains.end()))
{
QString domain = *it;
// Check if a policy for the FQDN/domain is set.
if ( domain[0] == '.' || isFQDN )
{
isFQDN = false;
KHttpCookieList *cookieList = m_cookieDomains[domain];
if (cookieList)
advice = cookieList->getAdvice();
}
domains.remove(it);
it = domains.begin(); // Continue from begin of remaining list
}
if (advice == KCookieDunno)
advice = m_globalAdvice;
return advice;
}
//
// Eat a cookie out of the jar.
// cookiePtr should be one of the cookies returned by getCookieList()
//
void KCookieJar::eatCookie(KHttpCookiePtr cookiePtr)
{
QString domain = stripDomain(cookiePtr); // We file the cookie under this domain.
KHttpCookieList *cookieList = m_cookieDomains[domain];
if (cookieList)
{
// This deletes cookiePtr!
if (cookieList->removeRef( cookiePtr ))
m_cookiesChanged = true;
if ((cookieList->isEmpty()) &&
(cookieList->getAdvice() == KCookieDunno))
{
// This deletes cookieList!
m_cookieDomains.remove(domain);
m_domainList.remove(domain);
}
}
}
//
// This function sets the advice for all cookies originating from
// _domain.
//
void KCookieJar::setDomainAdvice(const QString &_domain, KCookieAdvice _advice)
{
QString domain(_domain);
KHttpCookieList *cookieList = m_cookieDomains[domain];
if (cookieList)
{
if (cookieList->getAdvice() != _advice)
{
m_configChanged = true;
// domain is already known
cookieList->setAdvice( _advice);
}
if ((cookieList->isEmpty()) &&
(_advice == KCookieDunno))
{
// This deletes cookieList!
m_cookieDomains.remove(domain);
m_domainList.remove(domain);
}
}
else
{
// domain is not yet known
if (_advice != KCookieDunno)
{
// We should create a domain entry
m_configChanged = true;
// Make a new cookie list
cookieList = new KHttpCookieList();
cookieList->setAutoDelete(true);
cookieList->setAdvice( _advice);
m_cookieDomains.insert( domain, cookieList);
// Update the list of domains
m_domainList.append( domain);
}
}
}
//
// Looks for cookies in the cookie jar which are appropriate for _url.
// Returned is a string containing all appropriate cookies in a format
// which can be added to a HTTP-header without any additional processing.
//
QString KCookieJar::findCookies(const QString &_url, bool useDOMFormat, long windowId, KHttpCookieList *pendingCookies)
{
QString cookieStr;
QStringList domains;
QString fqdn;
QString path;
KHttpCookiePtr cookie;
KCookieAdvice advice = m_globalAdvice;
if (!parseURL(_url, fqdn, path))
return cookieStr;
bool secureRequest = (_url.find( L1("https://"), 0, false) == 0 ||
_url.find( L1("webdavs://"), 0, false) == 0);
// kdDebug(7104) << "findCookies: URL= " << _url << ", secure = " << secureRequest << endl;
extractDomains(fqdn, domains);
KHttpCookieList allCookies;
for(QStringList::ConstIterator it = domains.begin();
true;
++it)
{
KHttpCookieList *cookieList;
if (it == domains.end())
{
cookieList = pendingCookies; // Add pending cookies
pendingCookies = 0;
if (!cookieList)
break;
}
else
{
QString key = (*it).isNull() ? L1("") : (*it);
cookieList = m_cookieDomains[key];
if (!cookieList)
continue; // No cookies for this domain
}
if (cookieList->getAdvice() != KCookieDunno)
advice = cookieList->getAdvice();
for ( cookie=cookieList->first(); cookie != 0; cookie=cookieList->next() )
{
// If the we are setup to automatically accept all session cookies and to
// treat all cookies as session cookies or the current cookie is a session
// cookie, then send the cookie back regardless of either policy.
if (advice == KCookieReject &&
!(m_autoAcceptSessionCookies &&
(m_ignoreCookieExpirationDate || cookie->expireDate() == 0)))
continue;
if (!cookie->match(fqdn, domains, path))
continue;
if( cookie->isSecure() && !secureRequest )
continue;
if( cookie->isHttpOnly() && useDOMFormat )
continue;
// Do not send expired cookies.
if ( cookie->isExpired (time(0)) )
{
// Note there is no need to actually delete the cookie here
// since the cookieserver will invoke ::saveCookieJar because
// of the state change below. This will then do the job of
// deleting the cookie for us.
m_cookiesChanged = true;
continue;
}
if (windowId && (cookie->windowIds().find(windowId) == cookie->windowIds().end()))
{
cookie->windowIds().append(windowId);
}
if (it == domains.end()) // Only needed when processing pending cookies
removeDuplicateFromList(&allCookies, cookie);
allCookies.append(cookie);
}
if (it == domains.end())
break; // Finished.
}
int cookieCount = 0;
int protVersion=0;
for ( cookie=allCookies.first(); cookie != 0; cookie=allCookies.next() )
{
if (cookie->protocolVersion() > protVersion)
protVersion = cookie->protocolVersion();
}
for ( cookie=allCookies.first(); cookie != 0; cookie=allCookies.next() )
{
if (useDOMFormat)
{
if (cookieCount > 0)
cookieStr += L1("; ");
cookieStr += cookie->cookieStr(true);
}
else
{
if (cookieCount == 0)
{
cookieStr += L1("Cookie: ");
if (protVersion > 0)
{
QString version;
version.sprintf("$Version=%d; ", protVersion); // Without quotes
cookieStr += version;
}
}
else
{
cookieStr += L1("; ");
}
cookieStr += cookie->cookieStr(false);
}
cookieCount++;
}
return cookieStr;
}
