void BaseSessionStore::destroySession(Poco::Net::HTTPServerRequest& request, Poco::Net::HTTPServerResponse& response) { // Get the cookies from the client. Poco::Net::NameValueCollection cookies; // Get the cookies request.getCookies(cookies); // Try to find a cookie with our session key name. Poco::Net::NameValueCollection::ConstIterator cookieIter = cookies.begin(); while (cookieIter != cookies.end()) { if (0 == cookieIter->first.compare(_sessionKeyName)) { // Destroy the session data. destroySession(cookieIter->second); // Invalidate the cookies. Poco::Net::HTTPCookie cookie(_sessionKeyName, cookieIter->second); cookie.setMaxAge(0); response.addCookie(cookie); } ++cookieIter; } }
Poco::Net::NameValueCollection HTTPUtils::splitAndURLDecode(const std::string& encoded) { // TODO use code from Poco::Net::HTMLForm Poco::Net::NameValueCollection nvc; auto arguments = ofSplitString(encoded, "&", true); for (const auto& argument: arguments) { std::vector<std::string> tokens = ofSplitString(argument, "=", true); if (tokens.size() > 0) { std::string key; std::string value; Poco::URI::decode(tokens[0], key); if (tokens.size() > 1) { Poco::URI::decode(tokens[1], value); } nvc.add(key, value); } } return nvc; }
TestResult testWebSocketWithCookie() { HTTPResponse response; HTTPRequest request(HTTPRequest::HTTP_GET, "/lool/adminws/"); std::unique_ptr<HTTPClientSession> session(helpers::createSession(_uri)); // set cookie assert(_jwtCookie != ""); HTTPCookie cookie("jwt", _jwtCookie); Poco::Net::NameValueCollection nvc; nvc.add("jwt", _jwtCookie); request.setCookies(nvc); bool authorized = true; try { _adminWs = std::make_shared<Poco::Net::WebSocket>(*session, request, response); } catch (const Poco::Net::WebSocketException& exc) { Log::info() << "Admin websocket: Not authorized " << Log::end; authorized = false; } TestResult res = TestResult::TEST_FAILED; if (authorized) res = TestResult::TEST_OK; Log::info(std::string("testWebSocketWithCookie: ") + (res == TestResult::TEST_OK ? "OK" : "FAIL")); return res; }
void MultiPartParser::handlePart(const Poco::Net::MessageHeader &header, std::istream &stream) { QueryVar qv; std::string data; if(header.has("Content-Disposition")) { std::string disp; Poco::Net::NameValueCollection nvc; Poco::Net::MessageHeader::splitParameters(header["Content-Disposition"],disp,nvc); qv.SetName(nvc.get("name","")); qv.SetFileName(nvc.get("filename","")); if(header.has("Content-Type")) { qv.SetContentType(header["Content-Type"]); } else { qv.SetContentType(""); } Poco::StreamCopier::copyToString(stream,data); qv.SetData(data); m_vars[qv.GetName()]=qv; } }
// Converts the vector of HTTPCookie objects into a NameValueCollection Poco::Net::NameValueCollection RemoteJobManager::getCookies() { Poco::Net::NameValueCollection nvc; std::vector<Poco::Net::HTTPCookie>::const_iterator it = m_cookies.begin(); while (it != m_cookies.end()) { nvc.add((*it).getName(), (*it).getValue()); ++it; } return nvc; }
AbstractSession& BaseSessionStore::getSession(Poco::Net::HTTPServerRequest& request, Poco::Net::HTTPServerResponse& response) { // Get the cookies from the client. Poco::Net::NameValueCollection cookies; // Get the cookies request.getCookies(cookies); // Try to find a cookie with our session key name. Poco::Net::NameValueCollection::ConstIterator cookieIter = cookies.begin(); std::string sessionId; while (cookieIter != cookies.end()) { if (0 == cookieIter->first.compare(_sessionKeyName)) { if (sessionId.empty()) { sessionId = cookieIter->second; } else { Poco::Net::HTTPCookie cookie(_sessionKeyName); cookie.setMaxAge(0); // Invalidate the cookie. response.addCookie(cookie); } } ++cookieIter; } if (hasSession(sessionId)) { return getSession(sessionId); } else { // Create a new sesssion and return a reference. AbstractSession& session = createSession(); // Create a cookie with the session id. Poco::Net::HTTPCookie cookie(_sessionKeyName, session.getId()); // Send our cookie with the response. response.addCookie(cookie); return session; } }
void handlePart(const Poco::Net::MessageHeader& header, std::istream& stream) { _type = header.get("Content-Type", "(unspecified)"); if (header.has("Content-Disposition")) { std::string disp; Poco::Net::NameValueCollection params; Poco::Net::MessageHeader::splitParameters(header["Content-Disposition"], disp, params); _name = params.get("name", "(unnamed)"); _fileName = params.get("filename", "(unnamed)"); } Poco::CountingInputStream istr(stream); Poco::NullOutputStream ostr; Poco::StreamCopier::copyStream(istr, ostr); _length = istr.chars(); }
std::string HTTPUtils::makeQueryString(const Poco::Net::NameValueCollection& query) { std::stringstream ostr; Poco::Net::NameValueCollection::ConstIterator it = query.begin(); while (it != query.end()) { if (it != query.begin()) ostr << "&"; std::string name; Poco::URI::encode(it->first, "=&+;", name); std::string value; Poco::URI::encode(it->second, "=&+;", value); ostr << name << "=" << value; ++it; } return ostr.str(); }
Poco::Net::NameValueCollection HTTPUtils::splitTextPlainPost(const std::string& textPlain) { Poco::Net::NameValueCollection nvc; std::string result; std::stringstream ss; ss << textPlain; while (std::getline(ss, result)) { std::size_t pos = result.find("="); if (pos != std::string::npos) { std::string key = result.substr(0, pos); std::string value = result.substr(pos + 1); nvc.add(key, value); } } return nvc; }
void PostRouteFileHandler::handlePart(const Poco::Net::MessageHeader& header, std::istream& stream) { if(header.has("Content-Type")) { std::string contentType = header["Content-Type"]; if(!_parent.getSettings().getValidContentTypes().empty() && !isContentTypeValid(contentType)) { ofLogError("PostRouteFileHandler::handlePart") << "Invalid content type: " << contentType; return; // reject } } else { ofLogError("PostRouteFileHandler::handlePart") << "No Content-Type header."; return; } // is this an uploaded file? if(header.has("Content-Disposition"))// && header.has("form-data")) { std::string contentDisposition = header["Content-Disposition"]; Poco::Net::NameValueCollection parameters; Poco::Net::MessageHeader::splitParameters(contentDisposition.begin(), contentDisposition.end(), parameters); std::string formFileName = parameters.get("filename", ""); std::string formFieldName = parameters.get("name", ""); if(!formFileName.empty()) { try { std::stringstream ss; ss << _parent.getSettings().getUploadFolder(); ss << "/"; ss << Poco::UUIDGenerator::defaultGenerator().createOne().toString(); ss << "."; ss << Poco::Path(formFileName).getExtension(); std::string newFilename = ofToDataPath(ss.str(), true); ofFile file(newFilename, ofFile::WriteOnly); Poco::Net::MediaType contentType(header["Content-Type"]); PostUploadEventArgs args(_sessionUUID, _request, _formUUID, formFieldName, formFileName, newFilename, contentType, 0, PostUploadEventArgs::UPLOAD_STARTING); ofNotifyEvent(_parent.events.onHTTPUploadEvent, args, &_parent); ofLogVerbose("PostRouteFileHandler::handlePart") << "Writing file to absolute path : " << file.getAbsolutePath(); // The section below is from StreamCopier::copyStream, // and might be used for upload progress feedback Poco::Buffer<char> buffer(_parent.getSettings().getWriteBufferSize()); std::streamsize sz = 0; stream.read(buffer.begin(), _parent.getSettings().getWriteBufferSize()); std::streamsize n = stream.gcount(); while (n > 0) { if (sz > _parent.getSettings().getMaximumFileUploadSize()) { ofLogError("PostRouteFileHandler::handlePart") << "File upload size exceeded. Removing file."; file.close(); ofFile::removeFile(newFilename, false); return; } sz += n; file.write(buffer.begin(), n); if (stream && file) { stream.read(buffer.begin(), _parent.getSettings().getWriteBufferSize()); n = stream.gcount(); } else { n = 0; } PostUploadEventArgs args(_sessionUUID, _request, _formUUID, formFieldName, formFileName, newFilename, contentType, sz, PostUploadEventArgs::UPLOAD_PROGRESS); ofNotifyEvent(_parent.events.onHTTPUploadEvent, args, &_parent); } file.close(); PostUploadEventArgs finishedArgs(_sessionUUID, _request, _formUUID, formFieldName, formFileName, newFilename, contentType, sz, PostUploadEventArgs::UPLOAD_FINISHED); ofNotifyEvent(_parent.events.onHTTPUploadEvent, finishedArgs, &_parent); } catch (const Poco::Exception& exc) { ofLogError("PostRouteFileHandler::handlePart") << exc.displayText(); } catch (const std::exception& exc) { ofLogError("PostRouteFileHandler::handlePart") << exc.what(); } catch ( ... ) { ofLogError("PostRouteFileHandler::handlePart") << "Uncaught thread exception: Unknown exception."; } } else { ofLogError("PostRouteFileHandler::handlePart") << "No filename in header."; } } }