QVariant CookieModel::data(const QModelIndex &index, int role) const
{
if (index.row() < 0 || index.row() >= m_cookies.size())
return QVariant();
switch (role) {
case Qt::DisplayRole:
case Qt::EditRole: {
QNetworkCookie cookie = m_cookies.at(index.row());
switch (index.column()) {
case 0:
return cookie.domain();
case 1:
return cookie.name();
case 2:
return cookie.path();
case 3:
return cookie.isSecure() ? tr("true") : tr("false");
case 4:
return cookie.isSessionCookie() ? tr("Session cookie") : cookie.expirationDate().toString();
case 5:
return cookie.value();
}
}
case Qt::FontRole: {
QFont font;
font.setPointSize(10);
return font;
}
}
return QVariant();
}
CookieWidget::CookieWidget(const QNetworkCookie &cookie, QWidget *parent): QWidget(parent)
{
setupUi(this);
setAutoFillBackground(true);
m_nameLabel->setText(cookie.name());
m_domainLabel->setText(cookie.domain());
connect(m_viewButton, &QPushButton::clicked, this, &CookieWidget::viewClicked);
connect(m_deleteButton, &QPushButton::clicked, this, &CookieWidget::deleteClicked);
}
void connectWindowClass::checkThisCookie(QNetworkCookie cookie)
{
if(cookie.name() == "dlrowolleh" || cookie.name() == "coniunctio")
{
for(int j = 0; j < cookieList.size(); ++j)
{
if(cookieList.at(j).name() == cookie.name())
{
cookieList.removeAt(j);
break;
}
}
cookie.setExpirationDate(QDateTime::currentDateTime().addYears(8));
cookieList.append(cookie);
}
adjustSize();
}
CookieDialog::CookieDialog(const QNetworkCookie &cookie, QWidget *parent): QDialog(parent)
{
setupUi(this);
m_nameLineEdit->setText(cookie.name());
m_domainLineEdit->setText(cookie.domain());
m_valueLineEdit->setText(cookie.value());
m_pathLineEdit->setText(cookie.path());
m_dateEdit->setDate(cookie.expirationDate().date());
m_isSecureComboBox->addItem(cookie.isSecure() ? tr("yes") : tr("no"));
m_isHttpOnlyComboBox->addItem(cookie.isHttpOnly() ? tr("yes") : tr("no"));
m_addButton->setVisible(false);
m_cancelButton->setText(tr("Close"));
}
void CookiesContentsWidget::addCookie(const QNetworkCookie &cookie)
{
const QString domain = (cookie.domain().startsWith('.') ? cookie.domain().mid(1) : cookie.domain());
QStandardItem *domainItem = findDomain(domain);
if (domainItem)
{
for (int i = 0; i < domainItem->rowCount(); ++i)
{
if (domainItem->child(i, 0)->text() == cookie.name() && domainItem->child(i, 0)->data(Qt::UserRole).toString() == cookie.path())
{
return;
}
}
}
else
{
domainItem = new QStandardItem(HistoryManager::getIcon(QUrl(QStringLiteral("http://%1/").arg(domain))), domain);
domainItem->setToolTip(domain);
m_model->appendRow(domainItem);
if (sender())
{
m_model->sort(0);
}
}
QStandardItem *cookieItem = new QStandardItem(QString(cookie.name()));
cookieItem->setData(cookie.path(), Qt::UserRole);
cookieItem->setData(cookie.domain(), (Qt::UserRole + 1));
cookieItem->setToolTip(cookie.name());
cookieItem->setFlags(cookieItem->flags() | Qt::ItemNeverHasChildren);
domainItem->appendRow(cookieItem);
domainItem->setText(QStringLiteral("%1 (%2)").arg(domain).arg(domainItem->rowCount()));
}
void ShibLoginDialog::onNewCookieCreated(const QUrl& url, const QNetworkCookie& cookie)
{
QString name = cookie.name();
if (url.host() == url_.host() && name == kSeahubShibCookieName) {
QString value = cookie.value();
Account account = parseAccount(value);
if (seafApplet->accountManager()->saveAccount(account) < 0) {
seafApplet->warningBox(tr("Failed to save current account"), this);
reject();
} else {
accept();
}
}
}
void ShibbolethWebView::onNewCookiesForUrl (const QList<QNetworkCookie>& cookieList, const QUrl& url)
{
QList<QNetworkCookie> otherCookies;
QNetworkCookie shibCookie;
Q_FOREACH (const QNetworkCookie& cookie, cookieList) {
if (cookie.name().startsWith ("_shibsession_")) {
if (shibCookie.name().isEmpty()) {
shibCookie = cookie;
} else {
qWarning() << "Too many Shibboleth session cookies at once!";
}
} else {
otherCookies << cookie;
}
}
if (!otherCookies.isEmpty()) {
Q_EMIT otherCookiesReceived(otherCookies, url);
}
if (!shibCookie.name().isEmpty()) {
Q_EMIT shibbolethCookieReceived(shibCookie, _account);
}
}
bool CookieJar::rejectCookie(const QString &domain, const QNetworkCookie &cookie) const
{
Q_UNUSED(domain)
const QString &cookieDomain = cookie.domain();
if (!m_allowCookies) {
bool result = listMatchesDomain(m_whitelist, cookieDomain);
if (!result) {
#ifdef COOKIE_DEBUG
qDebug() << "not in whitelist" << cookie;
#endif
return true;
}
}
if (m_allowCookies) {
bool result = listMatchesDomain(m_blacklist, cookieDomain);
if (result) {
#ifdef COOKIE_DEBUG
qDebug() << "found in blacklist" << cookie;
#endif
return true;
}
}
// This feature is now natively in QtWebKit 2.3
#if QTWEBKIT_TO_2_3
if (m_blockThirdParty) {
bool result = matchDomain(cookieDomain, domain);
if (!result) {
#ifdef COOKIE_DEBUG
qDebug() << "purged for domain mismatch" << cookie << cookieDomain << domain;
#endif
return true;
}
}
#endif
if (m_filterTrackingCookie && cookie.name().startsWith("__utm")) {
#ifdef COOKIE_DEBUG
qDebug() << "purged as tracking " << cookie;
#endif
return true;
}
return false;
}
bool CookieStore::insertCookie(const QNetworkCookie& cookie, const QUrl& firstUrl)
{
sqlite3_stmt* stmt;
int rc;
QByteArray domain = cookie.domain().toLatin1();
QByteArray path = cookie.path().toLatin1();
QByteArray name = cookie.name();
QByteArray fdomain = firstUrl.host().toLower().toLatin1();
QByteArray expiration;
if (cookie.isSessionCookie()) {
expiration = "0";
} else {
expiration = cookie.expirationDate().toString().toLatin1();
}
QByteArray content = cookie.toRawForm();
rc = sqlite3_prepare(m_db,
"insert into thirdPartyCookies (domain, path, name, fdomain, expiration, content) values (?, ?, ?, ?, ?, ?)",
-1, &stmt, 0);
if (rc != SQLITE_OK) {
qDebug() << "insertCookie prepare fail:" << rc;
return false;
}
QByteArray text[6] = {domain, path, name, fdomain, expiration, content};
for (int i = 0; i < 6; ++i) {
rc = sqlite3_bind_text(stmt, i + 1, text[i].constData(), text[i].size(), SQLITE_TRANSIENT);
if (rc != SQLITE_OK) {
qDebug() << "insertCookie bind fail:" << i;
sqlite3_finalize(stmt);
return false;
}
}
rc = sqlite3_step(stmt);
if (rc != SQLITE_DONE) {
qDebug() << "insertCookie step (execute) fail";
sqlite3_finalize(stmt);
return false;
}
sqlite3_finalize(stmt);
return true;
}
bool CookieJar::hasCookie(const QNetworkCookie &cookie) const
{
QUrl url;
url.setScheme(cookie.isSecure() ? QLatin1String("https") : QLatin1String("http"));
url.setHost(cookie.domain().startsWith(QLatin1Char('.')) ? cookie.domain().mid(1) : cookie.domain());
url.setPath(cookie.path());
const QList<QNetworkCookie> cookies(getCookiesForUrl(url));
for (int i = 0; i < cookies.count(); ++i)
{
if (cookies.at(i).domain() == cookie.domain() && cookies.at(i).name() == cookie.name())
{
return true;
}
}
return false;
}
bool CookieJar::rejectCookie(const QString &domain, const QNetworkCookie &cookie) const
{
const QString &cookieDomain = cookie.domain();
if (!m_allowCookies) {
int result = listContainsDomain(m_whitelist, cookieDomain);
if (result != 1) {
#ifdef COOKIE_DEBUG
qDebug() << "not in whitelist" << cookie;
#endif
return true;
}
}
if (m_allowCookies) {
int result = listContainsDomain(m_blacklist, cookieDomain);
if (result == 1) {
#ifdef COOKIE_DEBUG
qDebug() << "found in blacklist" << cookie;
#endif
return true;
}
}
if (m_blockThirdParty) {
bool result = !containsDomain(cookieDomain, domain);
if (result) {
#ifdef COOKIE_DEBUG
qDebug() << "purged for domain mismatch" << cookie << cookieDomain << domain;
#endif
return true;
}
}
if (m_filterTrackingCookie && cookie.name().startsWith("__utm")) {
#ifdef COOKIE_DEBUG
qDebug() << "purged as tracking " << cookie;
#endif
return true;
}
return false;
}
void ShibLoginDialog::onNewCookieCreated(const QUrl& url, const QNetworkCookie& cookie)
{
if (cookie_seen_) {
return;
}
QString name = cookie.name();
QString value = cookie.value();
if (url.host() == url_.host() && name == kSeahubShibCookieName) {
Account account = parseAccount(value);
if (!account.isValid()) {
qWarning("wrong account information from server");
return;
}
cookie_seen_ = true;
if (seafApplet->accountManager()->saveAccount(account) < 0) {
seafApplet->warningBox(tr("Failed to save current account"), this);
reject();
} else {
accept();
}
}
}
void CookiesContentsWidget::removeCookie(const QNetworkCookie &cookie)
{
const QString domain = (cookie.domain().startsWith('.') ? cookie.domain().mid(1) : cookie.domain());
QStandardItem *domainItem = findDomain(domain);
if (domainItem)
{
QPoint point;
for (int j = 0; j < domainItem->rowCount(); ++j)
{
if (domainItem->child(j, 0)->text() == cookie.name() && domainItem->child(j, 0)->data(Qt::UserRole).toString() == cookie.path())
{
point = m_ui->cookiesView->visualRect(domainItem->child(j, 0)->index()).center();
domainItem->removeRow(j);
break;
}
}
if (domainItem->rowCount() == 0)
{
m_model->invisibleRootItem()->removeRow(domainItem->row());
}
else
{
domainItem->setText(QStringLiteral("%1 (%2)").arg(domain).arg(domainItem->rowCount()));
}
if (!point.isNull())
{
const QModelIndex index = m_ui->cookiesView->indexAt(point);
m_ui->cookiesView->setCurrentIndex(index);
m_ui->cookiesView->selectionModel()->select(index, QItemSelectionModel::Select);
}
}
}
bool CookieStore::deleteCookie(const QNetworkCookie& cookie, const QUrl& firstUrl)
{
sqlite3_stmt *stmt;
int rc;
QByteArray domain = cookie.domain().toLatin1();
QByteArray path = cookie.path().toLatin1();
QByteArray name = cookie.name();
QByteArray fdomain = firstUrl.host().toLower().toLatin1();
QByteArray text[4] = {domain, path, name, fdomain};
rc = sqlite3_prepare(m_db,
"delete from thirdPartyCookies where (domain = ? and path = ? and name = ? and fdomain = ?)",
-1, &stmt, 0);
if (rc != SQLITE_OK) {
qDebug() << "deleteCookie prepare fail.";
return false;
}
for (int i = 0; i < 4; ++i) {
rc = sqlite3_bind_text(stmt, i + 1, text[i].constData(), text[i].size(), SQLITE_TRANSIENT);
if (rc != SQLITE_OK) {
qDebug() << "deleteCookie bind fail.";
sqlite3_finalize(stmt);
return false;
}
}
rc = sqlite3_step(stmt);
if (rc != SQLITE_DONE) {
qDebug() << "deleteCookie step (execute) fail";
sqlite3_finalize(stmt);
return false;
}
sqlite3_finalize(stmt);
return true;
}
void CookieJar::saveCookies()
{
QString fName = m_appPath;
fName += "cookies";
QSettings cnFile(fName, QSettings::IniFormat);
cnFile.clear();
cnFile.setValue("login", m_sVkLogin);
QList<QNetworkCookie> cookies = allCookies();
cnFile.beginWriteArray("cookies");
for(int i=0; i<cookies.size(); i++) {
QNetworkCookie cook = cookies.at(i);
cnFile.setArrayIndex(i);
cnFile.setValue("name", cook.name());
cnFile.setValue("value", cook.value());
cnFile.setValue("domain", cook.domain());
cnFile.setValue("path", cook.path());
}
cnFile.endArray();
}
QList<QNetworkCookie> QNetworkCookiePrivate::parseSetCookieHeaderLine(const QByteArray &cookieString)
{
// According to http://wp.netscape.com/newsref/std/cookie_spec.html,<
// the Set-Cookie response header is of the format:
//
// Set-Cookie: NAME=VALUE; expires=DATE; path=PATH; domain=DOMAIN_NAME; secure
//
// where only the NAME=VALUE part is mandatory
//
// We do not support RFC 2965 Set-Cookie2-style cookies
QList<QNetworkCookie> result;
QDateTime now = QDateTime::currentDateTime().toUTC();
int position = 0;
const int length = cookieString.length();
while (position < length) {
QNetworkCookie cookie;
// The first part is always the "NAME=VALUE" part
QPair<QByteArray,QByteArray> field = nextField(cookieString, position, true);
if (field.first.isEmpty() || field.second.isNull())
// parsing error
break;
cookie.setName(field.first);
cookie.setValue(field.second);
position = nextNonWhitespace(cookieString, position);
bool endOfCookie = false;
while (!endOfCookie && position < length) {
switch (cookieString.at(position++)) {
case ',':
// end of the cookie
endOfCookie = true;
break;
case ';':
// new field in the cookie
field = nextField(cookieString, position, false);
field.first = field.first.toLower(); // everything but the NAME=VALUE is case-insensitive
if (field.first == "expires") {
position -= field.second.length();
int end;
for (end = position; end < length; ++end)
if (isValueSeparator(cookieString.at(end)))
break;
QByteArray dateString = cookieString.mid(position, end - position).trimmed();
position = end;
QDateTime dt = parseDateString(dateString.toLower());
if (!dt.isValid()) {
return result;
}
cookie.setExpirationDate(dt);
} else if (field.first == "domain") {
QByteArray rawDomain = field.second;
QString maybeLeadingDot;
if (rawDomain.startsWith('.')) {
maybeLeadingDot = QLatin1Char('.');
rawDomain = rawDomain.mid(1);
}
QString normalizedDomain = QUrl::fromAce(QUrl::toAce(QString::fromUtf8(rawDomain)));
if (normalizedDomain.isEmpty() && !rawDomain.isEmpty())
return result;
cookie.setDomain(maybeLeadingDot + normalizedDomain);
} else if (field.first == "max-age") {
bool ok = false;
int secs = field.second.toInt(&ok);
if (!ok)
return result;
cookie.setExpirationDate(now.addSecs(secs));
} else if (field.first == "path") {
QString path = QUrl::fromPercentEncoding(field.second);
cookie.setPath(path);
} else if (field.first == "secure") {
cookie.setSecure(true);
} else if (field.first == "httponly") {
cookie.setHttpOnly(true);
} else if (field.first == "comment") {
//cookie.setComment(QString::fromUtf8(field.second));
} else if (field.first == "version") {
if (field.second != "1") {
// oops, we don't know how to handle this cookie
return result;
}
} else {
// got an unknown field in the cookie
// what do we do?
}
position = nextNonWhitespace(cookieString, position);
}
}
if (!cookie.name().isEmpty())
result += cookie;
}
return result;
}
bool SharedCookieJarQt::deleteCookie(const QNetworkCookie& cookie)
{
if (!QNetworkCookieJar::deleteCookie(cookie))
return false;
if (!m_database.isOpen())
return false;
QSqlQuery sqlQuery(m_database);
sqlQuery.prepare(QLatin1String("DELETE FROM cookies WHERE cookieId=:cookieIdvalue"));
sqlQuery.bindValue(QLatin1String(":cookieIdvalue"), cookie.domain().append(QLatin1String(cookie.name())));
sqlQuery.exec();
return true;
}
void ShibbolethAccessManager::setCookie(const QNetworkCookie& cookie)
{
qDebug() << "Got new shibboleth cookie:" << cookie.name();
_cookie = cookie;
}
QList<QNetworkCookie> QNetworkCookiePrivate::parseSetCookieHeaderLine(const QByteArray &cookieString)
{
// According to http://wp.netscape.com/newsref/std/cookie_spec.html,<
// the Set-Cookie response header is of the format:
//
// Set-Cookie: NAME=VALUE; expires=DATE; path=PATH; domain=DOMAIN_NAME; secure
//
// where only the NAME=VALUE part is mandatory
//
// We do not support RFC 2965 Set-Cookie2-style cookies
QList<QNetworkCookie> result;
const QDateTime now = QDateTime::currentDateTimeUtc();
int position = 0;
const int length = cookieString.length();
while (position < length) {
QNetworkCookie cookie;
// The first part is always the "NAME=VALUE" part
QPair<QByteArray,QByteArray> field = nextField(cookieString, position, true);
if (field.first.isEmpty())
// parsing error
break;
cookie.setName(field.first);
cookie.setValue(field.second);
position = nextNonWhitespace(cookieString, position);
while (position < length) {
switch (cookieString.at(position++)) {
case ';':
// new field in the cookie
field = nextField(cookieString, position, false);
field.first = field.first.toLower(); // everything but the NAME=VALUE is case-insensitive
if (field.first == "expires") {
position -= field.second.length();
int end;
for (end = position; end < length; ++end)
if (isValueSeparator(cookieString.at(end)))
break;
QByteArray dateString = cookieString.mid(position, end - position).trimmed();
position = end;
QDateTime dt = parseDateString(dateString.toLower());
if (dt.isValid())
cookie.setExpirationDate(dt);
//if unparsed, ignore the attribute but not the whole cookie (RFC6265 section 5.2.1)
} else if (field.first == "domain") {
QByteArray rawDomain = field.second;
//empty domain should be ignored (RFC6265 section 5.2.3)
if (!rawDomain.isEmpty()) {
QString maybeLeadingDot;
if (rawDomain.startsWith('.')) {
maybeLeadingDot = QLatin1Char('.');
rawDomain = rawDomain.mid(1);
}
//IDN domains are required by RFC6265, accepting utf8 as well doesn't break any test cases.
QString normalizedDomain = QUrl::fromAce(QUrl::toAce(QString::fromUtf8(rawDomain)));
if (!normalizedDomain.isEmpty()) {
cookie.setDomain(maybeLeadingDot + normalizedDomain);
} else {
//Normalization fails for malformed domains, e.g. "..example.org", reject the cookie now
//rather than accepting it but never sending it due to domain match failure, as the
//strict reading of RFC6265 would indicate.
return result;
}
}
} else if (field.first == "max-age") {
bool ok = false;
int secs = field.second.toInt(&ok);
if (ok) {
if (secs <= 0) {
//earliest representable time (RFC6265 section 5.2.2)
cookie.setExpirationDate(QDateTime::fromSecsSinceEpoch(0));
} else {
cookie.setExpirationDate(now.addSecs(secs));
}
}
//if unparsed, ignore the attribute but not the whole cookie (RFC6265 section 5.2.2)
} else if (field.first == "path") {
if (field.second.startsWith('/')) {
// ### we should treat cookie paths as an octet sequence internally
// However RFC6265 says we should assume UTF-8 for presentation as a string
cookie.setPath(QString::fromUtf8(field.second));
} else {
// if the path doesn't start with '/' then set the default path (RFC6265 section 5.2.4)
// and also IETF test case path0030 which has valid and empty path in the same cookie
cookie.setPath(QString());
}
} else if (field.first == "secure") {
cookie.setSecure(true);
} else if (field.first == "httponly") {
cookie.setHttpOnly(true);
} else {
// ignore unknown fields in the cookie (RFC6265 section 5.2, rule 6)
}
position = nextNonWhitespace(cookieString, position);
}
}
if (!cookie.name().isEmpty())
result += cookie;
}
return result;
}
