-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
4 changed files
with
531 additions
and
23 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -23,5 +23,6 @@ project | |
; | ||
|
||
exe burl : | ||
cookie.cpp | ||
main.cpp | ||
; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,346 @@ | ||
// | ||
// Copyright (c) 2024 Mohammad Nejati | ||
// | ||
// Distributed under the Boost Software License, Version 1.0. (See accompanying | ||
// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) | ||
// | ||
// Official repository: https://github.com/cppalliance/http_io | ||
// | ||
|
||
#include "cookie.hpp" | ||
|
||
#include <iomanip> | ||
#include <sstream> | ||
|
||
namespace{ | ||
|
||
struct name_chars_t | ||
{ | ||
constexpr | ||
bool | ||
operator()(char c) const noexcept | ||
{ | ||
return | ||
c > 0x20 && c != 0x7F && | ||
c != '(' && c != ')' && c != '<' && c != '>' && c != '@' && | ||
c != ',' && c != ';' && c != ':' && c != '\\' && c != '"' && | ||
c != '/' && c != '[' && c != ']' && c != '?' && c != '=' && | ||
c != '{' && c != '}'; | ||
} | ||
}; | ||
|
||
constexpr auto name_chars = name_chars_t{}; | ||
|
||
struct value_chars_t | ||
{ | ||
constexpr | ||
bool | ||
operator()(char c) const noexcept | ||
{ | ||
return | ||
(c == 0x21 ) || | ||
(c >= 0x23 && c <= 0x2B) || | ||
(c >= 0x2D && c <= 0x3A) || | ||
(c >= 0x3C && c <= 0x5B) || | ||
(c >= 0x5D && c <= 0x7E); | ||
} | ||
}; | ||
|
||
constexpr auto value_chars = value_chars_t{}; | ||
|
||
constexpr auto attr_chars = | ||
urls::grammar::all_chars - | ||
urls::grammar::lut_chars("\x1F\x7f;"); | ||
|
||
bool | ||
domain_match( | ||
core::string_view r_domain, | ||
core::string_view c_domain, | ||
bool subdomains) noexcept | ||
{ | ||
if(!subdomains) | ||
return r_domain == c_domain; | ||
|
||
if(c_domain.starts_with('.')) | ||
c_domain.remove_prefix(1); | ||
|
||
if(r_domain.ends_with(c_domain)) | ||
{ | ||
if(r_domain.size() == c_domain.size()) | ||
return true; | ||
|
||
return r_domain[r_domain.size() - c_domain.size() - 1] == '.'; | ||
} | ||
|
||
return false; | ||
} | ||
|
||
bool | ||
path_match( | ||
core::string_view r_path, | ||
core::string_view c_path) noexcept | ||
{ | ||
if(r_path.empty()) | ||
return true; | ||
|
||
if(r_path.starts_with(c_path)) | ||
{ | ||
if(r_path.size() == c_path.size()) | ||
return true; | ||
|
||
if(c_path.ends_with('/')) | ||
return true; | ||
|
||
return r_path[r_path.size() - c_path.size()] == '/'; | ||
} | ||
|
||
return false; | ||
} | ||
|
||
} // namespace | ||
|
||
boost::system::result<cookie> | ||
parse_cookie(core::string_view sv) | ||
{ | ||
namespace ug = urls::grammar; | ||
|
||
const auto parse_rs = ug::parse( | ||
sv, | ||
ug::tuple_rule( | ||
ug::token_rule(name_chars), | ||
ug::squelch(ug::delim_rule('=')), | ||
ug::optional_rule(ug::token_rule(value_chars)), | ||
ug::range_rule( | ||
ug::tuple_rule( | ||
ug::squelch(ug::delim_rule(';')), | ||
ug::squelch(ug::optional_rule(ug::delim_rule(' '))), | ||
ug::token_rule(attr_chars - ug::lut_chars('=')), | ||
ug::squelch(ug::optional_rule(ug::delim_rule('='))), | ||
ug::optional_rule(ug::token_rule(attr_chars)))))); | ||
|
||
if(parse_rs.has_error()) | ||
return parse_rs.error(); | ||
|
||
auto rs = cookie{}; | ||
rs.name = std::get<0>(parse_rs.value()); | ||
rs.value = std::get<1>(parse_rs.value()); | ||
|
||
for( auto&& attr : std::get<2>(parse_rs.value())) | ||
{ | ||
auto name = std::get<0>(attr); | ||
auto value = std::get<1>(attr); | ||
|
||
if(ug::ci_is_equal(name, "Expires")) | ||
{ | ||
if(!value) | ||
return ug::error::invalid; | ||
// TODO: There are more date formats; we need a | ||
// better parsing method. | ||
auto tm = std::tm{}; | ||
auto ss = std::stringstream{ *value }; | ||
if(value->find('-') != core::string_view::npos) | ||
ss >> std::get_time(&tm, "%a, %d-%b-%Y %H:%M:%S GMT"); | ||
else | ||
ss >> std::get_time(&tm, "%a, %d %b %Y %H:%M:%S GMT"); | ||
rs.expires = std::chrono::system_clock::from_time_t( | ||
std::mktime(&tm)); | ||
} | ||
else if(ug::ci_is_equal(name, "Max-Age")) | ||
{ | ||
if(!value) | ||
return ug::error::invalid; | ||
// Convert to expiry date | ||
// TODO: replace std::stoll | ||
rs.expires = | ||
std::chrono::system_clock::now() + | ||
std::chrono::seconds{ std::stoll(*value) }; | ||
} | ||
else if(ug::ci_is_equal(name, "Domain")) | ||
{ | ||
if(!value) | ||
return ug::error::invalid; | ||
|
||
rs.domain = *value; | ||
} | ||
else if(ug::ci_is_equal(name, "Path")) | ||
{ | ||
if(!value) | ||
return ug::error::invalid; | ||
rs.path = *value; | ||
} | ||
else if(ug::ci_is_equal(name, "SameSite")) | ||
{ | ||
if(ug::ci_is_equal(value.value_or(""), "Strict")) | ||
rs.same_site = cookie::same_site_t::strict; | ||
else if(ug::ci_is_equal(value.value_or(""), "Lax")) | ||
rs.same_site = cookie::same_site_t::lax; | ||
else if(ug::ci_is_equal(value.value_or(""), "None")) | ||
rs.same_site = cookie::same_site_t::none; | ||
else | ||
return ug::error::invalid; | ||
} | ||
else if(ug::ci_is_equal(name, "Partitioned")) | ||
{ | ||
rs.partitioned = true; | ||
} | ||
else if(ug::ci_is_equal(name, "Secure")) | ||
{ | ||
rs.secure = true; | ||
} | ||
else if(ug::ci_is_equal(name, "HttpOnly")) | ||
{ | ||
rs.http_only = true; | ||
} | ||
} | ||
|
||
// "__Secure-" prefix requirements | ||
if(core::string_view{ rs.name }.starts_with("__Host-")) | ||
{ | ||
if(!rs.secure) | ||
return ug::error::invalid; | ||
} | ||
|
||
// "__Host-" prefix requirements | ||
if(core::string_view{ rs.name }.starts_with("__Host-")) | ||
{ | ||
if(!rs.secure) | ||
return ug::error::invalid; | ||
|
||
if(!rs.path || rs.path.value() != "/") | ||
return ug::error::invalid; | ||
|
||
if(rs.domain) | ||
return ug::error::invalid; | ||
} | ||
|
||
return rs; | ||
} | ||
|
||
void | ||
cookie_jar::add(urls::url_view url, cookie c) | ||
{ | ||
auto m = meta_t{}; | ||
|
||
if(c.domain.has_value()) | ||
{ | ||
// TODO: Verify with the current URL and Public Suffix List | ||
} | ||
else | ||
{ | ||
m.subdomains = false; | ||
c.domain.emplace(url.encoded_host()); | ||
} | ||
|
||
if(!c.path.has_value()) | ||
{ | ||
c.path.emplace(); | ||
auto segs = url.encoded_segments(); | ||
auto end = std::prev(segs.end(), !segs.empty()); | ||
for(auto it = segs.begin(); it != end; ++it) | ||
{ | ||
c.path->push_back('/'); | ||
c.path->append(it->begin(), it->end()); | ||
} | ||
if(c.path->empty()) | ||
c.path->push_back('/'); | ||
} | ||
|
||
cookies_.erase( | ||
std::remove_if( | ||
cookies_.begin(), | ||
cookies_.end(), | ||
[&](const pair_t& p) { | ||
return | ||
c.name == p.c.name && | ||
c.path == p.c.path && | ||
c.domain == p.c.domain; | ||
}), | ||
cookies_.end()); | ||
|
||
// Check expiry date last to allow servers to remove cookies | ||
if(c.expires.has_value() && | ||
c.expires.value() < std::chrono::system_clock::now()) | ||
{ | ||
return; | ||
} | ||
|
||
cookies_.emplace_back(m, std::move(c)); | ||
} | ||
|
||
std::string | ||
cookie_jar::make_field(urls::url_view url) | ||
{ | ||
const auto r_domain = url.host(); | ||
const auto r_path = url.encoded_path(); | ||
const auto r_is_secure = url.scheme_id() == urls::scheme::https; | ||
const auto now = std::chrono::system_clock::now(); | ||
|
||
auto rs = std::string{}; | ||
for(auto it = cookies_.begin(); it != cookies_.end();) | ||
{ | ||
if(it->c.expires.has_value() && it->c.expires <= now) | ||
{ | ||
it = cookies_.erase(it); | ||
continue; | ||
} | ||
|
||
if( !domain_match(r_domain, it->c.domain.value(), it->m.subdomains) || | ||
!path_match(r_path, it->c.path.value()) || | ||
(it->c.secure && !r_is_secure)) | ||
{ | ||
++it; | ||
continue; | ||
} | ||
|
||
rs.append(it->c.name); | ||
rs.push_back('='); | ||
rs.append(it->c.value.value_or("")); | ||
rs.append("; "); | ||
|
||
++it; | ||
} | ||
return rs; | ||
} | ||
|
||
std::ostream& | ||
operator<<(std::ostream& os, const cookie_jar& cj) | ||
{ | ||
for(const auto&p : cj.cookies_) | ||
{ | ||
os | ||
<< p.m.subdomains << ' ' | ||
<< p.c.name << '=' << p.c.value.value_or("") | ||
<< "; Domain=" << p.c.domain.value() | ||
<< "; Path=" << p.c.path.value(); | ||
|
||
if(p.c.secure) | ||
os << "; Secure"; | ||
|
||
if(p.c.http_only) | ||
os << "; HttpOnly"; | ||
|
||
if(p.c.expires) | ||
{ | ||
auto tt = std::chrono::system_clock::to_time_t(*p.c.expires); | ||
std::tm tm = *std::gmtime(&tt); | ||
os | ||
<< "; Expires=" | ||
<< std::put_time(&tm, "%a, %d %b %Y %H:%M:%S GMT"); | ||
} | ||
os << std::endl; | ||
} | ||
return os; | ||
} | ||
|
||
std::istream& | ||
operator>>(std::istream& is, cookie_jar& cj) | ||
{ | ||
for(std::string line; getline(is, line);) | ||
{ | ||
auto sv = core::string_view{ line }; | ||
auto meta = cookie_jar::meta_t{ sv.starts_with("1 ") }; | ||
auto cookie = parse_cookie(sv.substr(2)).value(); | ||
cj.cookies_.emplace_back(meta, std::move(cookie)); | ||
} | ||
return is; | ||
} |
Oops, something went wrong.