TBool CExampleCookieManager::CheckDomainMatch(CCookie& aCookie, const TUriC8& aUri) const
{
TChar domainSep = '.';
if(aUri.IsPresent(EUriHost))
{
THTTPHdrVal attributeVal;
aCookie.Attribute(CCookie::EDomain, attributeVal);
const TDesC8& domain = aUri.Extract(EUriHost);
const TPtrC8 cookieDomain = RemoveQuotes(attributeVal.StrF().DesC());
// Domain matching rules:
// if the cookie domain doesn't start with a dot then it must match the uri domain exactly
// if it does start with a dot and it
TInt matchLoc = domain.FindF(cookieDomain);
if((cookieDomain[0] != TUint(domainSep)) &&
(matchLoc == 0) &&
(domain.Length() == cookieDomain.Length()))
return ETrue;
else if((matchLoc != KErrNotFound) &&
(domain.Left(matchLoc).Locate(domainSep) == KErrNotFound))
return ETrue;
}
return EFalse;
}
TBool CExampleCookieManager::CheckPortMatch(CCookie& aCookie, const TUriC8& aUri) const
{
THTTPHdrVal val;
if(aCookie.Attribute(CCookie::EPort, val) == KErrNone)
{
TChar portSeparator(',');
_LIT8(KDefaultPort, "80");
const TDesC8& port = aUri.IsPresent(EUriPort)? aUri.Extract(EUriPort) : KDefaultPort();
const TPtrC8& portList = RemoveQuotes(val.StrF().DesC());
TInt portPos = portList.FindF(port);
// if we do not find the port in the list then do not match
if(portPos == KErrNotFound)
return EFalse;
// if the number was the last in the list then match
else if((portPos + port.Length()) == portList.Length())
return ETrue;
// check that the number is followed by a separator ie do not match 80 with 8000
else if(portList[portPos + port.Length()] == TUint(portSeparator))
return ETrue;
// we have not found a match
else
return EFalse;
}
// If the cookie does not have a portlist return ETrue to match any port
return ETrue;
}
/**
Get the credentials from the user.
@param aURI [in] The URI being requested
@param aRealm [out] The realm being requested
@param aAuthenticationType [out] The type of authentication.
@param aUsername [out] User name
@param aPassword [out] Pass word
@return TBool ETrue if credentials being returned else EFalse
*/
TBool CTestWebBrowser::GetCredentialsL( const TUriC8& aURI,
RString aRealm,
RStringF aAuthenticationType,
RString& aUsername,
RString& aPassword )
{
// Convert to 16 bit to display
HBufC* uriDesBuf = HBufC::NewLC( aURI.UriDes().Length() );
TPtr uriDesPtr( uriDesBuf->Des() );
uriDesPtr.Copy( aURI.UriDes() );
HBufC* uriRealmBuf = HBufC::NewLC( aRealm.DesC().Length() );
TPtr uriRealmPtr( uriRealmBuf->Des() );
uriRealmPtr.Copy( aRealm.DesC() );
HBufC* uriAuthenticationType = HBufC::NewLC ( aAuthenticationType.DesC().Length() );
TPtr uriAuthenticationPtr( uriAuthenticationType->Des() );
uriAuthenticationPtr.Copy ( aAuthenticationType.DesC() );
// Prompt user for input
iTestUtils.Test().Printf ( _L( "Enter credentials for URL %S, realm %S\n"), &uriDesPtr, &uriRealmPtr );
iTestUtils.Test().Printf ( _L("Using %S authentication\n"), &uriAuthenticationPtr );
CleanupStack::PopAndDestroy ( 3 ); // Pop and destroy uriDesBuf, uriRealmBuf and uriAuthenticationType
HBufC* userDetails16 = HBufC::NewLC ( KMaxUserEntrySize );
HBufC8* userDetails8 = HBufC8::NewLC ( KMaxUserEntrySize );
TPtr userDetailsPtr16( userDetails16->Des() );
TPtr8 userDetailsPtr8( userDetails8->Des() );
iTestUtils.GetAnEntry ( _L( "Username (or QUIT to give up): " ), userDetailsPtr16 );
TBool set = EFalse;
if ( userDetailsPtr16.CompareF ( KQuit ) )
{
userDetailsPtr8.Copy ( userDetailsPtr16 );
aUsername = aRealm.Pool().OpenStringL ( userDetailsPtr8 );
iTestUtils.GetAnEntry( _L( "Password: " ), userDetailsPtr16 );
userDetailsPtr8.Copy ( userDetailsPtr16 );
aPassword = aRealm.Pool().OpenStringL ( userDetailsPtr8 );
set = ETrue;
}
CleanupStack::PopAndDestroy ( 2 ); // Pop and destroy userDetails16 & userDetails8
return set;
}
TBool CExampleCookieManager::CheckSecureMatch(CCookie& aCookie, const TUriC8& aUri) const
{
THTTPHdrVal val;
TBool secureCookie = aCookie.Attribute(CCookie::ESecure, val) == KErrNone;
// if the cookie is not secure we don't care about the uri
if(!secureCookie)
return ETrue;
// Check if the scheme is https - if there is no scheme then assume not
if(aUri.IsPresent(EUriScheme))
{
_LIT8(KSecureScheme, "https");
const TDesC8& scheme = aUri.Extract(EUriScheme);
return scheme.CompareF(KSecureScheme()) == 0;
}
// The cookie is secure and we don't have a secure transaction
return EFalse;
}
TBool CHttpTestCaseGet12::GetCredentialsL(const TUriC8& aURI, RString aRealm, RStringF aAuthenticationType, RString& aUsername, RString& aPassword)
{
iEngine->Utils().LogIt(_L("Supplying credentials"));
iEngine->Utils().DumpData(aURI.UriDes());
iEngine->Utils().DumpData(aRealm.DesC());
iEngine->Utils().DumpData(aAuthenticationType.DesC());
_LIT8(KScooby, "scooby");
_LIT8(KDoo, "doo");
RStringPool p = aRealm.Pool();
aUsername = p.OpenStringL(KScooby);
aPassword = p.OpenStringL(KDoo);
return ETrue;
}
void CHttpClientFilter::EnsurePathExistsL(RHTTPTransaction aTransaction)
{
RHTTPRequest request = aTransaction.Request();
TUriC8 originalUri = request.URI();
// There is alwaya a path in a uri - ensure that it is not empty.
const TDesC8& path = originalUri.Extract(EUriPath);
TBool pathPresent = (path.Length() > 0);
TBool hostPresent = originalUri.IsPresent(EUriHost);
// If there is no path then make sure the uri
// ends in '/' - server root path.
if( hostPresent && !pathPresent )
{
_LIT8(KDefaultUriPath, "/");
CUri8* uri = CUri8::NewLC(originalUri);
uri->SetComponentL(KDefaultUriPath, EUriPath);
request.SetURIL(uri->Uri());
CleanupStack::PopAndDestroy(uri);
}
}
// ----------------------------------------------------------------------------
// CClientEngine::GetCredentialsL()
//
// Inherited from MHTTPAuthenticationCallback
// Called by framework when we requested authenticated page and framework
// needs to know username and password.
// ----------------------------------------------------------------------------
TBool CClientEngine::GetCredentialsL(const TUriC8& aURI,
RString aRealm,
RStringF aAuthenticationType,
RString& aUsername,
RString& aPassword)
{
// aURI, aReal and aAuthenticationType are informational only. We only need
// to set aUsername and aPassword and return ETrue, if aUsername and
// aPassword are provided by user.
// Informational only
TBuf<KURIBufferSize> authType;
TBuf<KURIBufferSize> uri;
TBuf<KDefaultBufferSize> authText;
authType.Copy(aAuthenticationType.DesC());
uri.Copy(aURI.UriDes());
_LIT(KAuthRequired, "%S requires %S authentication.");
authText.Format(KAuthRequired, &uri, &authType);
_LIT(KAuthNote, "Authentication required.");
CEikonEnv::Static()->InfoWinL(KAuthNote, authText);
// Query user name and password
TBuf<KDefaultBufferSize> userName;
TBuf<KDefaultBufferSize> password;
//CAknMultiLineDataQueryDialog* dlg =
// CAknMultiLineDataQueryDialog::NewL(userName, password);
//if (!dlg->ExecuteLD(R_DIALOG_USER_PASSWORD_QUERY))
// return EFalse; // No credentials given; must return EFalse
// Set aUsername and aPassword
TBuf8<KDefaultBufferSize> temp;
temp.Copy(userName);
TRAPD(err, aUsername = aRealm.Pool().OpenStringL(temp));
if (!err)
{
temp.Copy(password);
TRAP(err, aPassword = aRealm.Pool().OpenStringL(temp));
if (!err) return ETrue;
}
// Return ETrue if user has given credentials (username and password),
// otherwise EFlase
return EFalse;
}
TBool CHttpTestCaseGet14::GetCredentialsL(const TUriC8& aURI, RString aRealm, RStringF aAuthenticationType, RString& aUsername, RString& aPassword)
{
if(iCallsNum++)
{
iTestFail=1;
iEngine->Utils().LogIt(_L("The test will fail: the credential haven't been kept(the GetCredential function has been called again)"));
return EFalse;
}
iEngine->Utils().LogIt(_L("Supplying credentials"));
iEngine->Utils().DumpData(aURI.UriDes());
iEngine->Utils().DumpData(aRealm.DesC());
iEngine->Utils().DumpData(aAuthenticationType.DesC());
_LIT8(KScooby, "scooby");
_LIT8(KDoo, "doo");
RStringPool p = aRealm.Pool();
aUsername = p.OpenStringL(KScooby);
aPassword = p.OpenStringL(KDoo);
return ETrue;
}
TBool CExampleCookieManager::CheckPathMatch(CCookie& aCookie, const TUriC8& aUri) const
{
THTTPHdrVal attributeVal;
aCookie.Attribute(CCookie::EPath, attributeVal);
TPtrC8 cookiePath = RemoveQuotes(attributeVal.StrF().DesC());
const TDesC8& uriPath = aUri.Extract(EUriPath);
if(uriPath.Length() == 0)
{
// if the uri has no path then it matches against no cookie path
// or a cookie path of just a /
const TInt pathLength = cookiePath.Length();
if(pathLength == 0 || pathLength == 1)
return ETrue;
}
else if(uriPath.FindF(cookiePath) == 0)
{
TChar separator('/');
// Check that the character after the matched bit is a / otherwise
// /path would match against /path2
const TInt uriLength = uriPath.Length();
const TInt cookieLength = cookiePath.Length();
if(uriLength == cookieLength)
return ETrue;
else if(uriLength > cookieLength)
{
if(cookiePath[cookieLength - 1] == TUint(separator))
return ETrue;
else if(uriPath[cookieLength] == TUint(separator))
return ETrue;
}
}
return EFalse;
}
/**
Inserts the data into the URITbl.
@param aUri URI object
@param [out] aUriId The URI will be filled upon successful insertion. This ID
uniquelly indentifies the URI.
@return Returns the number of rows inserted. Normally 1. Otherwise returns with
system-wide error code.
*/
TInt CUriListInterface::InsertIntoUriTblL ( const TUriC8& aUri, TInt& aUriId )
{
const TDesC8& id ( iStringPool.String (URILIST::EId,URILIST::Table).DesC() );
aUriId = GetMaxIdValueL ( KUriTblName(), id ) + 1;
_LIT8 ( KUriTblInsertStmt, "INSERT INTO %S VALUES (:V1, :V2, :V3, :V4, :V5, :V6, :V7, :V8)" );
RBuf8 sqlStmt;
sqlStmt.CreateL ( KMaxDbStmtLen );
CleanupClosePushL ( sqlStmt );
sqlStmt.Format ( KUriTblInsertStmt(), &(KUriTblName()) );
MDBTransaction* dbTrans = iDbAccessor->PrepareTransactionL ( sqlStmt );
CleanupStack::PopAndDestroy (); // sqlStmt
CleanupStack::PushL ( TCleanupItem ( CUriListInterface::DestroyTransObj, dbTrans ) );
// We are having 8 parameters for this query. First bind the query with parameter position 0
// and so on
dbTrans->BindIntL ( URILIST::EId, aUriId );
dbTrans->BindTextL ( URILIST::EScheme, aUri.IsPresent(EUriScheme) ? aUri.Extract ( EUriScheme ) : KNullDesC8() );
dbTrans->BindTextL ( URILIST::EUserInfo, aUri.IsPresent(EUriUserinfo) ? aUri.Extract ( EUriUserinfo ) : KNullDesC8() );
dbTrans->BindTextL ( URILIST::EHost, aUri.IsPresent(EUriHost) ? aUri.Extract ( EUriHost ) : KNullDesC8() );
dbTrans->BindTextL ( URILIST::EPort, aUri.IsPresent(EUriPort) ? aUri.Extract ( EUriPort ) : KNullDesC8() );
dbTrans->BindTextL ( URILIST::EPath, aUri.IsPresent(EUriPath) ? aUri.Extract ( EUriPath ) : KNullDesC8() );
dbTrans->BindTextL ( URILIST::EQuery, aUri.IsPresent(EUriQuery) ? aUri.Extract ( EUriQuery ) : KNullDesC8() );
dbTrans->BindTextL ( URILIST::EFragments, aUri.IsPresent(EUriFragment) ? aUri.Extract ( EUriFragment ) : KNullDesC8() );
TInt result = dbTrans->ExecuteL ();
CleanupStack::PopAndDestroy (); //dbTrans
return result;
}
{
_LIT8 ( KUriViewInsertStmt, "INSERT INTO %S \
VALUES (:V1, :V2, :V3, :V4, :V5, :V6, :V7, :V8, \
:V9, :V10, :V11, :V12, :V13)" );
RBuf8 sqlStmt;
sqlStmt.CreateL ( KMaxDbStmtLen );
CleanupClosePushL ( sqlStmt );
sqlStmt.Format ( KUriViewInsertStmt(), &(KViewName()));
MDBTransaction* dbTrans = iDbAccessor->PrepareTransactionL ( sqlStmt );
CleanupStack::PopAndDestroy (); //sqlStmt
CleanupStack::PushL ( TCleanupItem ( CUriListInterface::DestroyTransObj, dbTrans ) );
// We are having 8 parameters for this query. First bind the query with parameter position 0
// and so on
dbTrans->BindIntL ( URILIST::EId, aInetUri.UriId() );
TUriC8 uri ( aInetUri.Uri().Uri() );
dbTrans->BindTextL ( URILIST::EScheme, uri.IsPresent(EUriScheme) ? uri.Extract ( EUriScheme ) : KNullDesC8() );
dbTrans->BindTextL ( URILIST::EUserInfo, uri.IsPresent(EUriUserinfo) ? uri.Extract ( EUriUserinfo ) : KNullDesC8() );
dbTrans->BindTextL ( URILIST::EHost, uri.IsPresent(EUriHost) ? uri.Extract ( EUriHost ) : KNullDesC8() );
dbTrans->BindTextL ( URILIST::EPort, uri.IsPresent(EUriPort) ? uri.Extract ( EUriPort ) : KNullDesC8() );
dbTrans->BindTextL ( URILIST::EPath, uri.IsPresent(EUriPath) ? uri.Extract ( EUriPath ) : KNullDesC8() );
dbTrans->BindTextL ( URILIST::EQuery, uri.IsPresent(EUriQuery) ? uri.Extract ( EUriQuery ) : KNullDesC8() );
dbTrans->BindTextL ( URILIST::EFragments, uri.IsPresent(EUriFragment) ? uri.Extract ( EUriFragment ) : KNullDesC8() );
CInetUriProperties& properties = aInetUri.Properties ();
dbTrans->BindIntL ( URILIST::EPropId - 1, properties.PropId() );
dbTrans->BindIntL ( URILIST::EServiceType - 1, properties.ServiceType() );
dbTrans->BindIntL ( URILIST::EListType - 1, properties.ListType() );
dbTrans->BindIntL ( URILIST::EPermission - 1, properties.Permission() );
dbTrans->BindTextL ( URILIST::EFavouriteName-1, properties.FavouriteName() );
TBool CExampleCookieManager::ValidateCookieL(CCookie& aCookie, const TUriC8& aUri)
{
THTTPHdrVal attributeVal;
if(aCookie.Attribute(CCookie::EPath, attributeVal) == KErrNone)
{
// if the path attribute exists check it is a prefix of the path
// of the uri that issued it (if not reject)
RStringF cookiePath = attributeVal.StrF();
const TDesC8& uriPath = aUri.Extract(EUriPath);
if(uriPath.FindF(RemoveQuotes(cookiePath.DesC())) != 0)
return EFalse;
}
else
{
// if the path attribute doesn't exist add it
THTTPHdrVal val(iStringPool.OpenFStringL(aUri.Extract(EUriPath)));
aCookie.SetAttributeL(CCookie::EPath, val);
}
if(aCookie.Attribute(CCookie::EDomain, attributeVal) == KErrNone)
{
const TChar dot('.');
const TDesC8& cookieDomain = attributeVal.StrF().DesC();
const TDesC8& uriDomain = aUri.Extract(EUriHost);
// if the domain does not exactly match the uri and does not begin
// with a dot then add one
if((cookieDomain.Compare(uriDomain) != 0) &&
(cookieDomain.Locate(dot) != 0))
{
_LIT8(KAddDotString, ".%S");
HBufC8* newDomain = HBufC8::NewLC(cookieDomain.Length() + 1);
newDomain->Des().AppendFormat(KAddDotString(), &cookieDomain);
RStringF domain = iStringPool.OpenFStringL(*newDomain);
CleanupStack::PopAndDestroy(newDomain);
THTTPHdrVal val(domain);
aCookie.SetAttributeL(CCookie::EDomain, val);
domain.Close();
}
// if the domain does not contain an embedded dot then reject it
// ie reject .com or .com.
// Start by removing one character from each end. ie start at pos 1 and take a length
// which is 2 shorter than the original descriptor
TPtrC8 domainMiddle = cookieDomain.Mid(1, cookieDomain.Length() - 2);
if(domainMiddle.Locate(dot) == KErrNotFound)
return EFalse;
// Reject the cookie if the domain differs by two or more levels from the uri
// ie if uri=www.x.y.com then accept a cookie with .x.y.com but reject .y.com
TInt pos = uriDomain.FindF(cookieDomain);
if(pos > 2)
{
const TDesC8& domainDiff = uriDomain.Left(pos);
// Remove one character from each end. ie start at pos 1 and take a length
// which is 2 shorter than the original descriptor
const TDesC8& diffMiddle = domainDiff.Mid(1, domainDiff.Length() - 2);
if(diffMiddle.Locate(dot) != KErrNotFound)
return EFalse;
}
}
else
{
// if the domain attribute is not found add it
THTTPHdrVal val(iStringPool.OpenFStringL(aUri.Extract(EUriHost)));
aCookie.SetAttributeL(CCookie::EDomain, val);
val.StrF().Close();
}
if(!CheckPortMatch(aCookie, aUri))
return EFalse;
return ETrue;
}
