void setCookiesFromDOM(const NetworkStorageSession& session, const URL& firstParty, const URL& url, const String& value)
{
SoupCookieJar* jar = cookieJarForSession(session);
if (!jar)
return;
GUniquePtr<SoupURI> origin = url.createSoupURI();
GUniquePtr<SoupURI> firstPartyURI = firstParty.createSoupURI();
// Get existing cookies for this origin.
GSList* existingCookies = soup_cookie_jar_get_cookie_list(jar, origin.get(), TRUE);
Vector<String> cookies;
value.split('\n', cookies);
const size_t cookiesCount = cookies.size();
for (size_t i = 0; i < cookiesCount; ++i) {
GUniquePtr<SoupCookie> cookie(soup_cookie_parse(cookies[i].utf8().data(), origin.get()));
if (!cookie)
continue;
// Make sure the cookie is not httpOnly since such cookies should not be set from JavaScript.
if (soup_cookie_get_http_only(cookie.get()))
continue;
// Make sure we do not overwrite httpOnly cookies from JavaScript.
if (httpOnlyCookieExists(existingCookies, soup_cookie_get_name(cookie.get()), soup_cookie_get_path(cookie.get())))
continue;
soup_cookie_jar_add_cookie_with_first_party(jar, firstPartyURI.get(), cookie.release());
}
soup_cookies_free(existingCookies);
}
static inline bool httpOnlyCookieExists(const GSList* cookies, const gchar* name, const gchar* path)
{
for (const GSList* iter = cookies; iter; iter = g_slist_next(iter)) {
SoupCookie* cookie = static_cast<SoupCookie*>(iter->data);
if (!strcmp(soup_cookie_get_name(cookie), name)
&& !g_strcmp0(soup_cookie_get_path(cookie), path)) {
if (soup_cookie_get_http_only(cookie))
return true;
break;
}
}
return false;
}
/* FIXME: moar tests! */
static void
do_cookies_parsing_test (void)
{
SoupSession *session;
SoupMessage *msg;
SoupCookieJar *jar;
GSList *cookies, *iter;
SoupCookie *cookie;
gboolean got1, got2, got3;
debug_printf (1, "\nSoupCookie parsing test\n");
session = soup_test_session_new (SOUP_TYPE_SESSION_ASYNC, NULL);
soup_session_add_feature_by_type (session, SOUP_TYPE_COOKIE_JAR);
jar = SOUP_COOKIE_JAR (soup_session_get_feature (session, SOUP_TYPE_COOKIE_JAR));
/* "httponly" is case-insensitive, and its value (if any) is ignored */
msg = soup_message_new_from_uri ("GET", first_party_uri);
soup_message_headers_append (msg->request_headers, "Echo-Set-Cookie",
"one=1; httponly; max-age=100");
soup_session_send_message (session, msg);
g_object_unref (msg);
msg = soup_message_new_from_uri ("GET", first_party_uri);
soup_message_headers_append (msg->request_headers, "Echo-Set-Cookie",
"two=2; HttpOnly; max-age=100");
soup_session_send_message (session, msg);
g_object_unref (msg);
msg = soup_message_new_from_uri ("GET", first_party_uri);
soup_message_headers_append (msg->request_headers, "Echo-Set-Cookie",
"three=3; httpONLY=Wednesday; max-age=100");
soup_session_send_message (session, msg);
g_object_unref (msg);
cookies = soup_cookie_jar_get_cookie_list (jar, first_party_uri, TRUE);
got1 = got2 = got3 = FALSE;
for (iter = cookies; iter; iter = iter->next) {
cookie = iter->data;
if (!strcmp (soup_cookie_get_name (cookie), "one")) {
got1 = TRUE;
if (!soup_cookie_get_http_only (cookie)) {
debug_printf (1, " cookie 1 is not HttpOnly!\n");
errors++;
}
if (!soup_cookie_get_expires (cookie)) {
debug_printf (1, " cookie 1 did not fully parse!\n");
errors++;
}
} else if (!strcmp (soup_cookie_get_name (cookie), "two")) {
got2 = TRUE;
if (!soup_cookie_get_http_only (cookie)) {
debug_printf (1, " cookie 2 is not HttpOnly!\n");
errors++;
}
if (!soup_cookie_get_expires (cookie)) {
debug_printf (1, " cookie 3 did not fully parse!\n");
errors++;
}
} else if (!strcmp (soup_cookie_get_name (cookie), "three")) {
got3 = TRUE;
if (!soup_cookie_get_http_only (cookie)) {
debug_printf (1, " cookie 3 is not HttpOnly!\n");
errors++;
}
if (!soup_cookie_get_expires (cookie)) {
debug_printf (1, " cookie 3 did not fully parse!\n");
errors++;
}
} else {
debug_printf (1, " got unexpected cookie '%s'\n",
soup_cookie_get_name (cookie));
errors++;
}
soup_cookie_free (cookie);
}
g_slist_free (cookies);
if (!got1) {
debug_printf (1, " didn't get cookie 1\n");
errors++;
}
if (!got2) {
debug_printf (1, " didn't get cookie 2\n");
errors++;
}
if (!got3) {
debug_printf (1, " didn't get cookie 3\n");
errors++;
}
soup_test_session_abort_unref (session);
}