bool CookieManager::shouldRejectForSecurityReason(const ParsedCookie* cookie, const KURL& url)
{
// We have to disable the following check because sites like Facebook and
// Gmail currently do not follow the spec.
#if 0
// Check if path attribute is a prefix of the request URI.
if (!url.path().startsWith(cookie->path())) {
LOG_ERROR("Cookie %s is rejected because its path does not math the URL %s\n", cookie->toString().utf8().data(), url.string().utf8().data());
return true;
}
#endif
// ignore domain security if protocol doesn't have domains
if (shouldIgnoreDomain(cookie->protocol()))
return false;
// Reject Cookie if domain is empty
if (!cookie->domain().length())
return true;
if (!cookie->hasDefaultDomain()) {
// Check if the domain contains an embedded dot.
int dotPosition = cookie->domain().find(".", 1);
if (dotPosition == -1 || static_cast<unsigned int>(dotPosition) == cookie->domain().length()) {
LOG_ERROR("Cookie %s is rejected because its domain does not contain an embedded dot.\n", cookie->toString().utf8().data());
return true;
}
}
// The request host should domain match the Domain attribute.
// Domain string starts with a dot, so a.b.com should domain match .a.b.com.
// add a "." at beginning of host name, because it can handle many cases such as
// a.b.com matches b.com, a.b.com matches .B.com and a.b.com matches .A.b.Com
// and so on.
String hostDomainName = url.host();
hostDomainName = hostDomainName.startsWith(".") ? hostDomainName : "." + hostDomainName;
if (!hostDomainName.endsWith(cookie->domain(), false)) {
LOG_ERROR("Cookie %s is rejected because its domain does not domain match the URL %s\n", cookie->toString().utf8().data(), url.string().utf8().data());
return true;
}
// We should check for an embedded dot in the portion of string in the host not in the domain
// but to match firefox behaviour we do not.
return false;
}
void CookieManager::checkAndTreatCookie(ParsedCookie* candidateCookie, BackingStoreRemovalPolicy postToBackingStore, CookieFilter filter)
{
CookieLog("CookieManager - checkAndTreatCookie - processing url with domain - %s & protocol %s\n", candidateCookie->domain().utf8().data(), candidateCookie->protocol().utf8().data());
// A cookie which is not from http shouldn't have a httpOnly property.
if (filter == NoHttpOnlyCookie && candidateCookie->isHttpOnly()) {
delete candidateCookie;
return;
}
const bool ignoreDomain = shouldIgnoreDomain(candidateCookie->protocol());
// Determine which protocol tree to add the cookie to. Create one if necessary.
CookieMap* curMap = 0;
if (m_managerMap.contains(candidateCookie->protocol()))
curMap = m_managerMap.get(candidateCookie->protocol());
else {
// Check if it is a secure version, if it is, link it to the non-secure version
// Link curMap to the new protocol as well as the old one if it doesn't exist
if (candidateCookie->protocol() == "https") {
curMap = m_managerMap.get("http");
if (!curMap) {
curMap = new CookieMap("http");
m_managerMap.add("http", curMap);
}
} else if (candidateCookie->protocol() == "wss") {
curMap = m_managerMap.get("ws");
if (!curMap) {
curMap = new CookieMap("ws");
m_managerMap.add("ws", curMap);
}
} else
curMap = new CookieMap(candidateCookie->protocol());
CookieLog("CookieManager - adding protocol cookiemap - %s\n", curMap->getName().utf8().data());
m_managerMap.add(candidateCookie->protocol(), curMap);
}
// If protocol support domain, we have to traverse the domain tree to find the right
// cookieMap to handle with
if (!ignoreDomain)
curMap = findOrCreateCookieMap(curMap, candidateCookie->domain(), candidateCookie->hasExpired());
// Now that we have the proper map for this cookie, we can modify it
// If cookie does not exist and has expired, delete it
// If cookie exists and it has expired, so we must remove it from the map, if not update it
// If cookie expired and came from the BackingStore (therefore does not exist), we have to remove from database
// If cookie does not exist & it's valid, add it to the current map
if (candidateCookie->hasExpired() || candidateCookie->isForceExpired()) {
// Special case for getBackingStoreCookies() to catch expired cookies
if (postToBackingStore == BackingStoreCookieEntry)
m_cookieBackingStore->remove(candidateCookie);
else if (curMap) {
// RemoveCookie will return 0 if the cookie doesn't exist.
ParsedCookie* expired = curMap->removeCookie(candidateCookie, filter);
// Cookie is useless, Remove the cookie from the backingstore if it exists.
// Backup check for BackingStoreCookieEntry incase someone incorrectly uses this enum.
if (expired && postToBackingStore != BackingStoreCookieEntry && !expired->isSession()) {
CookieLog("CookieManager - expired cookie is nonsession, deleting from db");
m_cookieBackingStore->remove(expired);
}
delete expired;
} else
delete candidateCookie;
} else {
ASSERT(curMap);
addCookieToMap(curMap, candidateCookie, postToBackingStore, filter);
}
}
