Exemplo n.º 1
0
void KCookieJar::eatCookiesForDomain(const QString &domain)
{
   KHttpCookieList *cookieList = m_cookieDomains[domain];
   if (!cookieList || cookieList->isEmpty()) return;

   cookieList->clear();
   if (cookieList->getAdvice() == KCookieDunno)
   {
       // This deletes cookieList!
       m_cookieDomains.remove(domain);
       m_domainList.remove(domain);
   }
   m_cookiesChanged = true;
}
Exemplo n.º 2
0
//
// This function gets the advice for all cookies originating from
// _domain.
//
KCookieAdvice KCookieJar::getDomainAdvice(const QString &_domain)
{
    KHttpCookieList *cookieList = m_cookieDomains[_domain];
    KCookieAdvice advice;

    if (cookieList)
    {
        advice = cookieList->getAdvice();
    }
    else
    {
        advice = KCookieDunno;
    }

    return advice;
}
Exemplo n.º 3
0
//
// This function advices whether a single KHttpCookie object should
// be added to the cookie jar.
//
KCookieAdvice KCookieJar::cookieAdvice(KHttpCookiePtr cookiePtr)
{
    if (m_rejectCrossDomainCookies && cookiePtr->isCrossDomain())
       return KCookieReject;

    QStringList domains;

    extractDomains(cookiePtr->host(), domains);

    // If the cookie specifies a domain, check whether it is valid. Otherwise,
    // accept the cookie anyways but remove the domain="" value to prevent
    // cross-site cookie injection.
    if (!cookiePtr->domain().isEmpty())
    {
      if (!domains.contains(cookiePtr->domain()) && 
          !cookiePtr->domain().endsWith("."+cookiePtr->host()))
          cookiePtr->fixDomain(QString::null);
    }

    if (m_autoAcceptSessionCookies && (cookiePtr->expireDate() == 0 ||
        m_ignoreCookieExpirationDate))
       return KCookieAccept;

    KCookieAdvice advice = KCookieDunno;
    bool isFQDN = true; // First is FQDN
    QStringList::Iterator it = domains.begin(); // Start with FQDN which first in the list.
    while( (advice == KCookieDunno) && (it != domains.end()))
    {
       QString domain = *it;
       // Check if a policy for the FQDN/domain is set.
       if ( domain[0] == '.' || isFQDN )
       {
          isFQDN = false;
          KHttpCookieList *cookieList = m_cookieDomains[domain];
          if (cookieList)
             advice = cookieList->getAdvice();
       }
       domains.remove(it);
       it = domains.begin(); // Continue from begin of remaining list
    }

    if (advice == KCookieDunno)
        advice = m_globalAdvice;

    return advice;
}
Exemplo n.º 4
0
//
// Eat a cookie out of the jar.
// cookiePtr should be one of the cookies returned by getCookieList()
//
void KCookieJar::eatCookie(KHttpCookiePtr cookiePtr)
{
    QString domain = stripDomain(cookiePtr); // We file the cookie under this domain.
    KHttpCookieList *cookieList = m_cookieDomains[domain];

    if (cookieList)
    {
        // This deletes cookiePtr!
        if (cookieList->removeRef( cookiePtr ))
           m_cookiesChanged = true;

        if ((cookieList->isEmpty()) &&
            (cookieList->getAdvice() == KCookieDunno))
        {
            // This deletes cookieList!
            m_cookieDomains.remove(domain);

            m_domainList.remove(domain);
        }
    }
}
Exemplo n.º 5
0
//
// This function sets the advice for all cookies originating from
// _domain.
//
void KCookieJar::setDomainAdvice(const QString &_domain, KCookieAdvice _advice)
{
    QString domain(_domain);
    KHttpCookieList *cookieList = m_cookieDomains[domain];

    if (cookieList)
    {
        if (cookieList->getAdvice() != _advice)
        {
           m_configChanged = true;
           // domain is already known
           cookieList->setAdvice( _advice);
        }

        if ((cookieList->isEmpty()) &&
            (_advice == KCookieDunno))
        {
            // This deletes cookieList!
            m_cookieDomains.remove(domain);
            m_domainList.remove(domain);
        }
    }
    else
    {
        // domain is not yet known
        if (_advice != KCookieDunno)
        {
            // We should create a domain entry
            m_configChanged = true;
            // Make a new cookie list
            cookieList = new KHttpCookieList();
            cookieList->setAutoDelete(true);
            cookieList->setAdvice( _advice);
            m_cookieDomains.insert( domain, cookieList);
            // Update the list of domains
            m_domainList.append( domain);
        }
    }
}
Exemplo n.º 6
0
//
// Looks for cookies in the cookie jar which are appropriate for _url.
// Returned is a string containing all appropriate cookies in a format
// which can be added to a HTTP-header without any additional processing.
//
QString KCookieJar::findCookies(const QString &_url, bool useDOMFormat, long windowId, KHttpCookieList *pendingCookies)
{
    QString cookieStr;
    QStringList domains;
    QString fqdn;
    QString path;
    KHttpCookiePtr cookie;
    KCookieAdvice advice = m_globalAdvice;

    if (!parseURL(_url, fqdn, path))
        return cookieStr;

    bool secureRequest = (_url.find( L1("https://"), 0, false) == 0 ||
                          _url.find( L1("webdavs://"), 0, false) == 0);

    // kdDebug(7104) << "findCookies: URL= " << _url << ", secure = " << secureRequest << endl;

    extractDomains(fqdn, domains);

    KHttpCookieList allCookies;

    for(QStringList::ConstIterator it = domains.begin();
        true;
        ++it)
    {
       KHttpCookieList *cookieList;
       if (it == domains.end())
       {
          cookieList = pendingCookies; // Add pending cookies
          pendingCookies = 0;
          if (!cookieList)
             break;
       }
       else
       {
          QString key = (*it).isNull() ? L1("") : (*it);
          cookieList = m_cookieDomains[key];
          if (!cookieList)
             continue; // No cookies for this domain
       }

       if (cookieList->getAdvice() != KCookieDunno)
          advice = cookieList->getAdvice();

       for ( cookie=cookieList->first(); cookie != 0; cookie=cookieList->next() )
       {
          // If the we are setup to automatically accept all session cookies and to
          // treat all cookies as session cookies or the current cookie is a session
          // cookie, then send the cookie back regardless of either policy.
          if (advice == KCookieReject &&
              !(m_autoAcceptSessionCookies && 
                (m_ignoreCookieExpirationDate || cookie->expireDate() == 0)))
              continue;

          if (!cookie->match(fqdn, domains, path))
             continue;

          if( cookie->isSecure() && !secureRequest )
             continue;

          if( cookie->isHttpOnly() && useDOMFormat )
             continue;

          // Do not send expired cookies.
          if ( cookie->isExpired (time(0)) )
          {
             // Note there is no need to actually delete the cookie here
             // since the cookieserver will invoke ::saveCookieJar because
             // of the state change below. This will then do the job of
             // deleting the cookie for us.
             m_cookiesChanged = true;
             continue;
          }

          if (windowId && (cookie->windowIds().find(windowId) == cookie->windowIds().end()))
          {
             cookie->windowIds().append(windowId);
          }

          if (it == domains.end()) // Only needed when processing pending cookies
             removeDuplicateFromList(&allCookies, cookie);

          allCookies.append(cookie);
       }
       if (it == domains.end())
          break; // Finished.
    }

    int cookieCount = 0;

    int protVersion=0; 
    for ( cookie=allCookies.first(); cookie != 0; cookie=allCookies.next() )
    {
       if (cookie->protocolVersion() > protVersion)
          protVersion = cookie->protocolVersion();
    }

    for ( cookie=allCookies.first(); cookie != 0; cookie=allCookies.next() )
    {
       if (useDOMFormat)
       {
          if (cookieCount > 0)
             cookieStr += L1("; ");
          cookieStr += cookie->cookieStr(true);
       }
       else
       {
          if (cookieCount == 0)
          {
             cookieStr += L1("Cookie: ");
             if (protVersion > 0)
             {
                QString version;
                version.sprintf("$Version=%d; ", protVersion); // Without quotes
                cookieStr += version;
             }
          }
          else
          {
             cookieStr += L1("; ");
          }
          cookieStr += cookie->cookieStr(false);
       }
       cookieCount++;
    }

    return cookieStr;
}