Q_CORE_EXPORT QString qTopLevelDomain(const QString &domain) { QStringList sections = domain.toLower().split(QLatin1Char('.'), QString::SkipEmptyParts); if (sections.isEmpty()) return QString(); QString level, tld; for (int j = sections.count() - 1; j >= 0; --j) { level.prepend(QLatin1Char('.') + sections.at(j)); if (qIsEffectiveTLD(level.right(level.size() - 1))) tld = level; } return tld; }
/*! Adds the cookies in the list \a cookieList to this cookie jar. Default values for path and domain are taken from the \a url object. Returns true if one or more cookies are set for \a url, otherwise false. If a cookie already exists in the cookie jar, it will be overridden by those in \a cookieList. The default QNetworkCookieJar class implements only a very basic security policy (it makes sure that the cookies' domain and path match the reply's). To enhance the security policy with your own algorithms, override setCookiesFromUrl(). Also, QNetworkCookieJar does not have a maximum cookie jar size. Reimplement this function to discard older cookies to create room for new ones. \sa cookiesForUrl(), QNetworkAccessManager::setCookieJar() */ bool QNetworkCookieJar::setCookiesFromUrl(const QList<QNetworkCookie> &cookieList, const QUrl &url) { Q_D(QNetworkCookieJar); QString defaultDomain = url.host(); QString pathAndFileName = url.path(); QString defaultPath = pathAndFileName.left(pathAndFileName.lastIndexOf(QLatin1Char('/'))+1); if (defaultPath.isEmpty()) defaultPath = QLatin1Char('/'); int added = 0; QDateTime now = QDateTime::currentDateTime(); foreach (QNetworkCookie cookie, cookieList) { bool isDeletion = !cookie.isSessionCookie() && cookie.expirationDate() < now; // validate the cookie & set the defaults if unset if (cookie.path().isEmpty()) cookie.setPath(defaultPath); // don't do path checking. See http://bugreports.qt-project.org/browse/QTBUG-5815 // else if (!isParentPath(pathAndFileName, cookie.path())) { // continue; // not accepted // } if (cookie.domain().isEmpty()) { cookie.setDomain(defaultDomain); } else { // Ensure the domain starts with a dot if its field was not empty // in the HTTP header. There are some servers that forget the // leading dot and this is actually forbidden according to RFC 2109, // but all browsers accept it anyway so we do that as well. if (!cookie.domain().startsWith(QLatin1Char('.'))) cookie.setDomain(QLatin1Char('.') + cookie.domain()); QString domain = cookie.domain(); if (!(isParentDomain(domain, defaultDomain) || isParentDomain(defaultDomain, domain))) continue; // not accepted // the check for effective TLDs makes the "embedded dot" rule from RFC 2109 section 4.3.2 // redundant; the "leading dot" rule has been relaxed anyway, see above // we remove the leading dot for this check if (qIsEffectiveTLD(domain.remove(0, 1))) continue; // not accepted } for (int i = 0; i < d->allCookies.size(); ++i) { // does this cookie already exist? const QNetworkCookie ¤t = d->allCookies.at(i); if (cookie.name() == current.name() && cookie.domain() == current.domain() && cookie.path() == current.path()) { // found a match d->allCookies.removeAt(i); break; } } // did not find a match if (!isDeletion) { int countForDomain = 0; for (int i = d->allCookies.size() - 1; i >= 0; --i) { // Start from the end and delete the oldest cookies to keep a maximum count of 50. const QNetworkCookie ¤t = d->allCookies.at(i); if (isParentDomain(cookie.domain(), current.domain()) || isParentDomain(current.domain(), cookie.domain())) { if (countForDomain >= 49) d->allCookies.removeAt(i); else ++countForDomain; } } d->allCookies += cookie; ++added; } }