void setCookiesFromDOM(const NetworkStorageSession& session, const URL& firstParty, const URL& url, const String& value) { SoupCookieJar* jar = cookieJarForSession(session); if (!jar) return; GUniquePtr<SoupURI> origin = url.createSoupURI(); GUniquePtr<SoupURI> firstPartyURI = firstParty.createSoupURI(); // Get existing cookies for this origin. GSList* existingCookies = soup_cookie_jar_get_cookie_list(jar, origin.get(), TRUE); Vector<String> cookies; value.split('\n', cookies); const size_t cookiesCount = cookies.size(); for (size_t i = 0; i < cookiesCount; ++i) { GUniquePtr<SoupCookie> cookie(soup_cookie_parse(cookies[i].utf8().data(), origin.get())); if (!cookie) continue; // Make sure the cookie is not httpOnly since such cookies should not be set from JavaScript. if (soup_cookie_get_http_only(cookie.get())) continue; // Make sure we do not overwrite httpOnly cookies from JavaScript. if (httpOnlyCookieExists(existingCookies, soup_cookie_get_name(cookie.get()), soup_cookie_get_path(cookie.get()))) continue; soup_cookie_jar_add_cookie_with_first_party(jar, firstPartyURI.get(), cookie.release()); } soup_cookies_free(existingCookies); }
void deleteCookie(const NetworkStorageSession& session, const URL& url, const String& name) { SoupCookieJar* jar = cookieJarForSession(session); if (!jar) return; GUniquePtr<SoupURI> uri = url.createSoupURI(); GUniquePtr<GSList> cookies(soup_cookie_jar_get_cookie_list(jar, uri.get(), TRUE)); if (!cookies) return; CString cookieName = name.utf8(); bool wasDeleted = false; for (GSList* iter = cookies.get(); iter; iter = g_slist_next(iter)) { SoupCookie* cookie = static_cast<SoupCookie*>(iter->data); if (!wasDeleted && cookieName == cookie->name) { soup_cookie_jar_delete_cookie(jar, cookie); wasDeleted = true; } soup_cookie_free(cookie); } }
bool getRawCookies(const NetworkStorageSession& session, const URL& /*firstParty*/, const URL& url, Vector<Cookie>& rawCookies) { rawCookies.clear(); SoupCookieJar* jar = cookieJarForSession(session); if (!jar) return false; GUniquePtr<SoupURI> uri = url.createSoupURI(); GUniquePtr<GSList> cookies(soup_cookie_jar_get_cookie_list(jar, uri.get(), TRUE)); if (!cookies) return false; for (GSList* iter = cookies.get(); iter; iter = g_slist_next(iter)) { SoupCookie* cookie = static_cast<SoupCookie*>(iter->data); rawCookies.append(Cookie(String::fromUTF8(cookie->name), String::fromUTF8(cookie->value), String::fromUTF8(cookie->domain), String::fromUTF8(cookie->path), cookie->expires ? static_cast<double>(soup_date_to_time_t(cookie->expires)) * 1000 : 0, cookie->http_only, cookie->secure, !cookie->expires)); soup_cookie_free(cookie); } return true; }
/* Open database containing policies for cookie domains. * Create database and setup table structure if it does not exist yet. */ static void _cookie_permission_manager_open_database(CookiePermissionManager *self) { CookiePermissionManagerPrivate *priv=self->priv; const gchar *configDir; gchar *error=NULL; gint success; sqlite3_stmt *statement=NULL; /* Close any open database */ if(priv->database) { g_free(priv->databaseFilename); priv->databaseFilename=NULL; sqlite3_close(priv->database); priv->database=NULL; g_object_notify_by_pspec(G_OBJECT(self), CookiePermissionManagerProperties[PROP_DATABASE]); g_object_notify_by_pspec(G_OBJECT(self), CookiePermissionManagerProperties[PROP_DATABASE_FILENAME]); } /* Build path to database file */ configDir=midori_extension_get_config_dir(priv->extension); if(!configDir) return; if(katze_mkdir_with_parents(configDir, 0700)) { g_warning(_("Could not create configuration folder for extension: %s"), g_strerror(errno)); _cookie_permission_manager_error(self, _("Could not create configuration folder for extension.")); return; } /* Open database */ priv->databaseFilename=g_build_filename(configDir, COOKIE_PERMISSION_DATABASE, NULL); success=sqlite3_open(priv->databaseFilename, &priv->database); if(success!=SQLITE_OK) { g_warning(_("Could not open database of extenstion: %s"), sqlite3_errmsg(priv->database)); g_free(priv->databaseFilename); priv->databaseFilename=NULL; if(priv->database) sqlite3_close(priv->database); priv->database=NULL; _cookie_permission_manager_error(self, _("Could not open database of extension.")); return; } /* Create table structure if it does not exist */ success=sqlite3_exec(priv->database, "CREATE TABLE IF NOT EXISTS " "policies(domain text, value integer);", NULL, NULL, &error); if(success==SQLITE_OK) { success=sqlite3_exec(priv->database, "CREATE UNIQUE INDEX IF NOT EXISTS " "domain ON policies (domain);", NULL, NULL, &error); } if(success==SQLITE_OK) { success=sqlite3_exec(priv->database, "PRAGMA journal_mode=TRUNCATE;", NULL, NULL, &error); } if(success!=SQLITE_OK || error) { _cookie_permission_manager_error(self, _("Could not set up database structure of extension.")); if(error) { g_critical(_("Failed to execute database statement: %s"), error); sqlite3_free(error); } g_free(priv->databaseFilename); priv->databaseFilename=NULL; sqlite3_close(priv->database); priv->database=NULL; return; } // Delete all cookies allowed only in one session success=sqlite3_prepare_v2(priv->database, "SELECT domain FROM policies WHERE value=? ORDER BY domain DESC;", -1, &statement, NULL); if(statement && success==SQLITE_OK) success=sqlite3_bind_int(statement, 1, COOKIE_PERMISSION_MANAGER_POLICY_ACCEPT_FOR_SESSION); if(statement && success==SQLITE_OK) { while(sqlite3_step(statement)==SQLITE_ROW) { gchar *domain=(gchar*)sqlite3_column_text(statement, 0); GSList *cookies, *cookie; #ifdef HAVE_LIBSOUP_2_40_0 SoupURI *uri; uri=soup_uri_new(NULL); soup_uri_set_host(uri, domain); soup_uri_set_path(uri, "/"); cookies=soup_cookie_jar_get_cookie_list(priv->cookieJar, uri, TRUE); for(cookie=cookies; cookie; cookie=cookie->next) { soup_cookie_jar_delete_cookie(priv->cookieJar, (SoupCookie*)cookie->data); } soup_cookies_free(cookies); soup_uri_free(uri); #else cookies=soup_cookie_jar_all_cookies(priv->cookieJar); for(cookie=cookies; cookie; cookie=cookie->next) { if(soup_cookie_domain_matches((SoupCookie*)cookie->data, domain)) { soup_cookie_jar_delete_cookie(priv->cookieJar, (SoupCookie*)cookie->data); } } soup_cookies_free(cookies); #endif } } else g_warning(_("SQL fails: %s"), sqlite3_errmsg(priv->database)); sqlite3_finalize(statement); g_object_notify_by_pspec(G_OBJECT(self), CookiePermissionManagerProperties[PROP_DATABASE]); g_object_notify_by_pspec(G_OBJECT(self), CookiePermissionManagerProperties[PROP_DATABASE_FILENAME]); }
/* FIXME: moar tests! */ static void do_cookies_parsing_test (void) { SoupSession *session; SoupMessage *msg; SoupCookieJar *jar; GSList *cookies, *iter; SoupCookie *cookie; gboolean got1, got2, got3; debug_printf (1, "\nSoupCookie parsing test\n"); session = soup_test_session_new (SOUP_TYPE_SESSION_ASYNC, NULL); soup_session_add_feature_by_type (session, SOUP_TYPE_COOKIE_JAR); jar = SOUP_COOKIE_JAR (soup_session_get_feature (session, SOUP_TYPE_COOKIE_JAR)); /* "httponly" is case-insensitive, and its value (if any) is ignored */ msg = soup_message_new_from_uri ("GET", first_party_uri); soup_message_headers_append (msg->request_headers, "Echo-Set-Cookie", "one=1; httponly; max-age=100"); soup_session_send_message (session, msg); g_object_unref (msg); msg = soup_message_new_from_uri ("GET", first_party_uri); soup_message_headers_append (msg->request_headers, "Echo-Set-Cookie", "two=2; HttpOnly; max-age=100"); soup_session_send_message (session, msg); g_object_unref (msg); msg = soup_message_new_from_uri ("GET", first_party_uri); soup_message_headers_append (msg->request_headers, "Echo-Set-Cookie", "three=3; httpONLY=Wednesday; max-age=100"); soup_session_send_message (session, msg); g_object_unref (msg); cookies = soup_cookie_jar_get_cookie_list (jar, first_party_uri, TRUE); got1 = got2 = got3 = FALSE; for (iter = cookies; iter; iter = iter->next) { cookie = iter->data; if (!strcmp (soup_cookie_get_name (cookie), "one")) { got1 = TRUE; if (!soup_cookie_get_http_only (cookie)) { debug_printf (1, " cookie 1 is not HttpOnly!\n"); errors++; } if (!soup_cookie_get_expires (cookie)) { debug_printf (1, " cookie 1 did not fully parse!\n"); errors++; } } else if (!strcmp (soup_cookie_get_name (cookie), "two")) { got2 = TRUE; if (!soup_cookie_get_http_only (cookie)) { debug_printf (1, " cookie 2 is not HttpOnly!\n"); errors++; } if (!soup_cookie_get_expires (cookie)) { debug_printf (1, " cookie 3 did not fully parse!\n"); errors++; } } else if (!strcmp (soup_cookie_get_name (cookie), "three")) { got3 = TRUE; if (!soup_cookie_get_http_only (cookie)) { debug_printf (1, " cookie 3 is not HttpOnly!\n"); errors++; } if (!soup_cookie_get_expires (cookie)) { debug_printf (1, " cookie 3 did not fully parse!\n"); errors++; } } else { debug_printf (1, " got unexpected cookie '%s'\n", soup_cookie_get_name (cookie)); errors++; } soup_cookie_free (cookie); } g_slist_free (cookies); if (!got1) { debug_printf (1, " didn't get cookie 1\n"); errors++; } if (!got2) { debug_printf (1, " didn't get cookie 2\n"); errors++; } if (!got3) { debug_printf (1, " didn't get cookie 3\n"); errors++; } soup_test_session_abort_unref (session); }