Q_CORE_EXPORT QString qTopLevelDomain(const QString &domain)
{
QStringList sections = domain.toLower().split(QLatin1Char('.'), QString::SkipEmptyParts);
if (sections.isEmpty())
return QString();
QString level, tld;
for (int j = sections.count() - 1; j >= 0; --j) {
level.prepend(QLatin1Char('.') + sections.at(j));
if (qIsEffectiveTLD(level.right(level.size() - 1)))
tld = level;
}
return tld;
}
/*!
Adds the cookies in the list \a cookieList to this cookie
jar. Default values for path and domain are taken from the \a
url object.
Returns true if one or more cookies are set for \a url,
otherwise false.
If a cookie already exists in the cookie jar, it will be
overridden by those in \a cookieList.
The default QNetworkCookieJar class implements only a very basic
security policy (it makes sure that the cookies' domain and path
match the reply's). To enhance the security policy with your own
algorithms, override setCookiesFromUrl().
Also, QNetworkCookieJar does not have a maximum cookie jar
size. Reimplement this function to discard older cookies to create
room for new ones.
\sa cookiesForUrl(), QNetworkAccessManager::setCookieJar()
*/
bool QNetworkCookieJar::setCookiesFromUrl(const QList<QNetworkCookie> &cookieList,
const QUrl &url)
{
Q_D(QNetworkCookieJar);
QString defaultDomain = url.host();
QString pathAndFileName = url.path();
QString defaultPath = pathAndFileName.left(pathAndFileName.lastIndexOf(QLatin1Char('/'))+1);
if (defaultPath.isEmpty())
defaultPath = QLatin1Char('/');
int added = 0;
QDateTime now = QDateTime::currentDateTime();
foreach (QNetworkCookie cookie, cookieList) {
bool isDeletion = !cookie.isSessionCookie() &&
cookie.expirationDate() < now;
// validate the cookie & set the defaults if unset
if (cookie.path().isEmpty())
cookie.setPath(defaultPath);
// don't do path checking. See http://bugreports.qt-project.org/browse/QTBUG-5815
// else if (!isParentPath(pathAndFileName, cookie.path())) {
// continue; // not accepted
// }
if (cookie.domain().isEmpty()) {
cookie.setDomain(defaultDomain);
} else {
// Ensure the domain starts with a dot if its field was not empty
// in the HTTP header. There are some servers that forget the
// leading dot and this is actually forbidden according to RFC 2109,
// but all browsers accept it anyway so we do that as well.
if (!cookie.domain().startsWith(QLatin1Char('.')))
cookie.setDomain(QLatin1Char('.') + cookie.domain());
QString domain = cookie.domain();
if (!(isParentDomain(domain, defaultDomain)
|| isParentDomain(defaultDomain, domain)))
continue; // not accepted
// the check for effective TLDs makes the "embedded dot" rule from RFC 2109 section 4.3.2
// redundant; the "leading dot" rule has been relaxed anyway, see above
// we remove the leading dot for this check
if (qIsEffectiveTLD(domain.remove(0, 1)))
continue; // not accepted
}
for (int i = 0; i < d->allCookies.size(); ++i) {
// does this cookie already exist?
const QNetworkCookie ¤t = d->allCookies.at(i);
if (cookie.name() == current.name() &&
cookie.domain() == current.domain() &&
cookie.path() == current.path()) {
// found a match
d->allCookies.removeAt(i);
break;
}
}
// did not find a match
if (!isDeletion) {
int countForDomain = 0;
for (int i = d->allCookies.size() - 1; i >= 0; --i) {
// Start from the end and delete the oldest cookies to keep a maximum count of 50.
const QNetworkCookie ¤t = d->allCookies.at(i);
if (isParentDomain(cookie.domain(), current.domain())
|| isParentDomain(current.domain(), cookie.domain())) {
if (countForDomain >= 49)
d->allCookies.removeAt(i);
else
++countForDomain;
}
}
d->allCookies += cookie;
++added;
}
}
