TBool CExampleCookieManager::CheckDomainMatch(CCookie& aCookie, const TUriC8& aUri) const { TChar domainSep = '.'; if(aUri.IsPresent(EUriHost)) { THTTPHdrVal attributeVal; aCookie.Attribute(CCookie::EDomain, attributeVal); const TDesC8& domain = aUri.Extract(EUriHost); const TPtrC8 cookieDomain = RemoveQuotes(attributeVal.StrF().DesC()); // Domain matching rules: // if the cookie domain doesn't start with a dot then it must match the uri domain exactly // if it does start with a dot and it TInt matchLoc = domain.FindF(cookieDomain); if((cookieDomain[0] != TUint(domainSep)) && (matchLoc == 0) && (domain.Length() == cookieDomain.Length())) return ETrue; else if((matchLoc != KErrNotFound) && (domain.Left(matchLoc).Locate(domainSep) == KErrNotFound)) return ETrue; } return EFalse; }
TBool CExampleCookieManager::CheckPortMatch(CCookie& aCookie, const TUriC8& aUri) const { THTTPHdrVal val; if(aCookie.Attribute(CCookie::EPort, val) == KErrNone) { TChar portSeparator(','); _LIT8(KDefaultPort, "80"); const TDesC8& port = aUri.IsPresent(EUriPort)? aUri.Extract(EUriPort) : KDefaultPort(); const TPtrC8& portList = RemoveQuotes(val.StrF().DesC()); TInt portPos = portList.FindF(port); // if we do not find the port in the list then do not match if(portPos == KErrNotFound) return EFalse; // if the number was the last in the list then match else if((portPos + port.Length()) == portList.Length()) return ETrue; // check that the number is followed by a separator ie do not match 80 with 8000 else if(portList[portPos + port.Length()] == TUint(portSeparator)) return ETrue; // we have not found a match else return EFalse; } // If the cookie does not have a portlist return ETrue to match any port return ETrue; }
/** Get the credentials from the user. @param aURI [in] The URI being requested @param aRealm [out] The realm being requested @param aAuthenticationType [out] The type of authentication. @param aUsername [out] User name @param aPassword [out] Pass word @return TBool ETrue if credentials being returned else EFalse */ TBool CTestWebBrowser::GetCredentialsL( const TUriC8& aURI, RString aRealm, RStringF aAuthenticationType, RString& aUsername, RString& aPassword ) { // Convert to 16 bit to display HBufC* uriDesBuf = HBufC::NewLC( aURI.UriDes().Length() ); TPtr uriDesPtr( uriDesBuf->Des() ); uriDesPtr.Copy( aURI.UriDes() ); HBufC* uriRealmBuf = HBufC::NewLC( aRealm.DesC().Length() ); TPtr uriRealmPtr( uriRealmBuf->Des() ); uriRealmPtr.Copy( aRealm.DesC() ); HBufC* uriAuthenticationType = HBufC::NewLC ( aAuthenticationType.DesC().Length() ); TPtr uriAuthenticationPtr( uriAuthenticationType->Des() ); uriAuthenticationPtr.Copy ( aAuthenticationType.DesC() ); // Prompt user for input iTestUtils.Test().Printf ( _L( "Enter credentials for URL %S, realm %S\n"), &uriDesPtr, &uriRealmPtr ); iTestUtils.Test().Printf ( _L("Using %S authentication\n"), &uriAuthenticationPtr ); CleanupStack::PopAndDestroy ( 3 ); // Pop and destroy uriDesBuf, uriRealmBuf and uriAuthenticationType HBufC* userDetails16 = HBufC::NewLC ( KMaxUserEntrySize ); HBufC8* userDetails8 = HBufC8::NewLC ( KMaxUserEntrySize ); TPtr userDetailsPtr16( userDetails16->Des() ); TPtr8 userDetailsPtr8( userDetails8->Des() ); iTestUtils.GetAnEntry ( _L( "Username (or QUIT to give up): " ), userDetailsPtr16 ); TBool set = EFalse; if ( userDetailsPtr16.CompareF ( KQuit ) ) { userDetailsPtr8.Copy ( userDetailsPtr16 ); aUsername = aRealm.Pool().OpenStringL ( userDetailsPtr8 ); iTestUtils.GetAnEntry( _L( "Password: " ), userDetailsPtr16 ); userDetailsPtr8.Copy ( userDetailsPtr16 ); aPassword = aRealm.Pool().OpenStringL ( userDetailsPtr8 ); set = ETrue; } CleanupStack::PopAndDestroy ( 2 ); // Pop and destroy userDetails16 & userDetails8 return set; }
TBool CExampleCookieManager::CheckSecureMatch(CCookie& aCookie, const TUriC8& aUri) const { THTTPHdrVal val; TBool secureCookie = aCookie.Attribute(CCookie::ESecure, val) == KErrNone; // if the cookie is not secure we don't care about the uri if(!secureCookie) return ETrue; // Check if the scheme is https - if there is no scheme then assume not if(aUri.IsPresent(EUriScheme)) { _LIT8(KSecureScheme, "https"); const TDesC8& scheme = aUri.Extract(EUriScheme); return scheme.CompareF(KSecureScheme()) == 0; } // The cookie is secure and we don't have a secure transaction return EFalse; }
TBool CHttpTestCaseGet12::GetCredentialsL(const TUriC8& aURI, RString aRealm, RStringF aAuthenticationType, RString& aUsername, RString& aPassword) { iEngine->Utils().LogIt(_L("Supplying credentials")); iEngine->Utils().DumpData(aURI.UriDes()); iEngine->Utils().DumpData(aRealm.DesC()); iEngine->Utils().DumpData(aAuthenticationType.DesC()); _LIT8(KScooby, "scooby"); _LIT8(KDoo, "doo"); RStringPool p = aRealm.Pool(); aUsername = p.OpenStringL(KScooby); aPassword = p.OpenStringL(KDoo); return ETrue; }
void CHttpClientFilter::EnsurePathExistsL(RHTTPTransaction aTransaction) { RHTTPRequest request = aTransaction.Request(); TUriC8 originalUri = request.URI(); // There is alwaya a path in a uri - ensure that it is not empty. const TDesC8& path = originalUri.Extract(EUriPath); TBool pathPresent = (path.Length() > 0); TBool hostPresent = originalUri.IsPresent(EUriHost); // If there is no path then make sure the uri // ends in '/' - server root path. if( hostPresent && !pathPresent ) { _LIT8(KDefaultUriPath, "/"); CUri8* uri = CUri8::NewLC(originalUri); uri->SetComponentL(KDefaultUriPath, EUriPath); request.SetURIL(uri->Uri()); CleanupStack::PopAndDestroy(uri); } }
// ---------------------------------------------------------------------------- // CClientEngine::GetCredentialsL() // // Inherited from MHTTPAuthenticationCallback // Called by framework when we requested authenticated page and framework // needs to know username and password. // ---------------------------------------------------------------------------- TBool CClientEngine::GetCredentialsL(const TUriC8& aURI, RString aRealm, RStringF aAuthenticationType, RString& aUsername, RString& aPassword) { // aURI, aReal and aAuthenticationType are informational only. We only need // to set aUsername and aPassword and return ETrue, if aUsername and // aPassword are provided by user. // Informational only TBuf<KURIBufferSize> authType; TBuf<KURIBufferSize> uri; TBuf<KDefaultBufferSize> authText; authType.Copy(aAuthenticationType.DesC()); uri.Copy(aURI.UriDes()); _LIT(KAuthRequired, "%S requires %S authentication."); authText.Format(KAuthRequired, &uri, &authType); _LIT(KAuthNote, "Authentication required."); CEikonEnv::Static()->InfoWinL(KAuthNote, authText); // Query user name and password TBuf<KDefaultBufferSize> userName; TBuf<KDefaultBufferSize> password; //CAknMultiLineDataQueryDialog* dlg = // CAknMultiLineDataQueryDialog::NewL(userName, password); //if (!dlg->ExecuteLD(R_DIALOG_USER_PASSWORD_QUERY)) // return EFalse; // No credentials given; must return EFalse // Set aUsername and aPassword TBuf8<KDefaultBufferSize> temp; temp.Copy(userName); TRAPD(err, aUsername = aRealm.Pool().OpenStringL(temp)); if (!err) { temp.Copy(password); TRAP(err, aPassword = aRealm.Pool().OpenStringL(temp)); if (!err) return ETrue; } // Return ETrue if user has given credentials (username and password), // otherwise EFlase return EFalse; }
TBool CHttpTestCaseGet14::GetCredentialsL(const TUriC8& aURI, RString aRealm, RStringF aAuthenticationType, RString& aUsername, RString& aPassword) { if(iCallsNum++) { iTestFail=1; iEngine->Utils().LogIt(_L("The test will fail: the credential haven't been kept(the GetCredential function has been called again)")); return EFalse; } iEngine->Utils().LogIt(_L("Supplying credentials")); iEngine->Utils().DumpData(aURI.UriDes()); iEngine->Utils().DumpData(aRealm.DesC()); iEngine->Utils().DumpData(aAuthenticationType.DesC()); _LIT8(KScooby, "scooby"); _LIT8(KDoo, "doo"); RStringPool p = aRealm.Pool(); aUsername = p.OpenStringL(KScooby); aPassword = p.OpenStringL(KDoo); return ETrue; }
TBool CExampleCookieManager::CheckPathMatch(CCookie& aCookie, const TUriC8& aUri) const { THTTPHdrVal attributeVal; aCookie.Attribute(CCookie::EPath, attributeVal); TPtrC8 cookiePath = RemoveQuotes(attributeVal.StrF().DesC()); const TDesC8& uriPath = aUri.Extract(EUriPath); if(uriPath.Length() == 0) { // if the uri has no path then it matches against no cookie path // or a cookie path of just a / const TInt pathLength = cookiePath.Length(); if(pathLength == 0 || pathLength == 1) return ETrue; } else if(uriPath.FindF(cookiePath) == 0) { TChar separator('/'); // Check that the character after the matched bit is a / otherwise // /path would match against /path2 const TInt uriLength = uriPath.Length(); const TInt cookieLength = cookiePath.Length(); if(uriLength == cookieLength) return ETrue; else if(uriLength > cookieLength) { if(cookiePath[cookieLength - 1] == TUint(separator)) return ETrue; else if(uriPath[cookieLength] == TUint(separator)) return ETrue; } } return EFalse; }
/** Inserts the data into the URITbl. @param aUri URI object @param [out] aUriId The URI will be filled upon successful insertion. This ID uniquelly indentifies the URI. @return Returns the number of rows inserted. Normally 1. Otherwise returns with system-wide error code. */ TInt CUriListInterface::InsertIntoUriTblL ( const TUriC8& aUri, TInt& aUriId ) { const TDesC8& id ( iStringPool.String (URILIST::EId,URILIST::Table).DesC() ); aUriId = GetMaxIdValueL ( KUriTblName(), id ) + 1; _LIT8 ( KUriTblInsertStmt, "INSERT INTO %S VALUES (:V1, :V2, :V3, :V4, :V5, :V6, :V7, :V8)" ); RBuf8 sqlStmt; sqlStmt.CreateL ( KMaxDbStmtLen ); CleanupClosePushL ( sqlStmt ); sqlStmt.Format ( KUriTblInsertStmt(), &(KUriTblName()) ); MDBTransaction* dbTrans = iDbAccessor->PrepareTransactionL ( sqlStmt ); CleanupStack::PopAndDestroy (); // sqlStmt CleanupStack::PushL ( TCleanupItem ( CUriListInterface::DestroyTransObj, dbTrans ) ); // We are having 8 parameters for this query. First bind the query with parameter position 0 // and so on dbTrans->BindIntL ( URILIST::EId, aUriId ); dbTrans->BindTextL ( URILIST::EScheme, aUri.IsPresent(EUriScheme) ? aUri.Extract ( EUriScheme ) : KNullDesC8() ); dbTrans->BindTextL ( URILIST::EUserInfo, aUri.IsPresent(EUriUserinfo) ? aUri.Extract ( EUriUserinfo ) : KNullDesC8() ); dbTrans->BindTextL ( URILIST::EHost, aUri.IsPresent(EUriHost) ? aUri.Extract ( EUriHost ) : KNullDesC8() ); dbTrans->BindTextL ( URILIST::EPort, aUri.IsPresent(EUriPort) ? aUri.Extract ( EUriPort ) : KNullDesC8() ); dbTrans->BindTextL ( URILIST::EPath, aUri.IsPresent(EUriPath) ? aUri.Extract ( EUriPath ) : KNullDesC8() ); dbTrans->BindTextL ( URILIST::EQuery, aUri.IsPresent(EUriQuery) ? aUri.Extract ( EUriQuery ) : KNullDesC8() ); dbTrans->BindTextL ( URILIST::EFragments, aUri.IsPresent(EUriFragment) ? aUri.Extract ( EUriFragment ) : KNullDesC8() ); TInt result = dbTrans->ExecuteL (); CleanupStack::PopAndDestroy (); //dbTrans return result; }
{ _LIT8 ( KUriViewInsertStmt, "INSERT INTO %S \ VALUES (:V1, :V2, :V3, :V4, :V5, :V6, :V7, :V8, \ :V9, :V10, :V11, :V12, :V13)" ); RBuf8 sqlStmt; sqlStmt.CreateL ( KMaxDbStmtLen ); CleanupClosePushL ( sqlStmt ); sqlStmt.Format ( KUriViewInsertStmt(), &(KViewName())); MDBTransaction* dbTrans = iDbAccessor->PrepareTransactionL ( sqlStmt ); CleanupStack::PopAndDestroy (); //sqlStmt CleanupStack::PushL ( TCleanupItem ( CUriListInterface::DestroyTransObj, dbTrans ) ); // We are having 8 parameters for this query. First bind the query with parameter position 0 // and so on dbTrans->BindIntL ( URILIST::EId, aInetUri.UriId() ); TUriC8 uri ( aInetUri.Uri().Uri() ); dbTrans->BindTextL ( URILIST::EScheme, uri.IsPresent(EUriScheme) ? uri.Extract ( EUriScheme ) : KNullDesC8() ); dbTrans->BindTextL ( URILIST::EUserInfo, uri.IsPresent(EUriUserinfo) ? uri.Extract ( EUriUserinfo ) : KNullDesC8() ); dbTrans->BindTextL ( URILIST::EHost, uri.IsPresent(EUriHost) ? uri.Extract ( EUriHost ) : KNullDesC8() ); dbTrans->BindTextL ( URILIST::EPort, uri.IsPresent(EUriPort) ? uri.Extract ( EUriPort ) : KNullDesC8() ); dbTrans->BindTextL ( URILIST::EPath, uri.IsPresent(EUriPath) ? uri.Extract ( EUriPath ) : KNullDesC8() ); dbTrans->BindTextL ( URILIST::EQuery, uri.IsPresent(EUriQuery) ? uri.Extract ( EUriQuery ) : KNullDesC8() ); dbTrans->BindTextL ( URILIST::EFragments, uri.IsPresent(EUriFragment) ? uri.Extract ( EUriFragment ) : KNullDesC8() ); CInetUriProperties& properties = aInetUri.Properties (); dbTrans->BindIntL ( URILIST::EPropId - 1, properties.PropId() ); dbTrans->BindIntL ( URILIST::EServiceType - 1, properties.ServiceType() ); dbTrans->BindIntL ( URILIST::EListType - 1, properties.ListType() ); dbTrans->BindIntL ( URILIST::EPermission - 1, properties.Permission() ); dbTrans->BindTextL ( URILIST::EFavouriteName-1, properties.FavouriteName() );
TBool CExampleCookieManager::ValidateCookieL(CCookie& aCookie, const TUriC8& aUri) { THTTPHdrVal attributeVal; if(aCookie.Attribute(CCookie::EPath, attributeVal) == KErrNone) { // if the path attribute exists check it is a prefix of the path // of the uri that issued it (if not reject) RStringF cookiePath = attributeVal.StrF(); const TDesC8& uriPath = aUri.Extract(EUriPath); if(uriPath.FindF(RemoveQuotes(cookiePath.DesC())) != 0) return EFalse; } else { // if the path attribute doesn't exist add it THTTPHdrVal val(iStringPool.OpenFStringL(aUri.Extract(EUriPath))); aCookie.SetAttributeL(CCookie::EPath, val); } if(aCookie.Attribute(CCookie::EDomain, attributeVal) == KErrNone) { const TChar dot('.'); const TDesC8& cookieDomain = attributeVal.StrF().DesC(); const TDesC8& uriDomain = aUri.Extract(EUriHost); // if the domain does not exactly match the uri and does not begin // with a dot then add one if((cookieDomain.Compare(uriDomain) != 0) && (cookieDomain.Locate(dot) != 0)) { _LIT8(KAddDotString, ".%S"); HBufC8* newDomain = HBufC8::NewLC(cookieDomain.Length() + 1); newDomain->Des().AppendFormat(KAddDotString(), &cookieDomain); RStringF domain = iStringPool.OpenFStringL(*newDomain); CleanupStack::PopAndDestroy(newDomain); THTTPHdrVal val(domain); aCookie.SetAttributeL(CCookie::EDomain, val); domain.Close(); } // if the domain does not contain an embedded dot then reject it // ie reject .com or .com. // Start by removing one character from each end. ie start at pos 1 and take a length // which is 2 shorter than the original descriptor TPtrC8 domainMiddle = cookieDomain.Mid(1, cookieDomain.Length() - 2); if(domainMiddle.Locate(dot) == KErrNotFound) return EFalse; // Reject the cookie if the domain differs by two or more levels from the uri // ie if uri=www.x.y.com then accept a cookie with .x.y.com but reject .y.com TInt pos = uriDomain.FindF(cookieDomain); if(pos > 2) { const TDesC8& domainDiff = uriDomain.Left(pos); // Remove one character from each end. ie start at pos 1 and take a length // which is 2 shorter than the original descriptor const TDesC8& diffMiddle = domainDiff.Mid(1, domainDiff.Length() - 2); if(diffMiddle.Locate(dot) != KErrNotFound) return EFalse; } } else { // if the domain attribute is not found add it THTTPHdrVal val(iStringPool.OpenFStringL(aUri.Extract(EUriHost))); aCookie.SetAttributeL(CCookie::EDomain, val); val.StrF().Close(); } if(!CheckPortMatch(aCookie, aUri)) return EFalse; return ETrue; }