[vlc-devel] [PATCH v3 1/2] core: Move httpcookies.c to core
Antti Ajanki
antti.ajanki at iki.fi
Sun Sep 14 09:27:41 CEST 2014
---
include/vlc_http.h | 29 ++++
modules/access/Makefile.am | 2 +-
modules/access/http.c | 17 +-
modules/access/httpcookies.c | 366 ------------------------------------------
modules/access/httpcookies.h | 62 -------
src/Makefile.am | 1 +
src/libvlccore.sym | 4 +
src/misc/httpcookies.c | 366 ++++++++++++++++++++++++++++++++++++++++++
8 files changed, 409 insertions(+), 438 deletions(-)
delete mode 100644 modules/access/httpcookies.c
delete mode 100644 modules/access/httpcookies.h
create mode 100644 src/misc/httpcookies.c
diff --git a/include/vlc_http.h b/include/vlc_http.h
index ddde13e..47e3139 100644
--- a/include/vlc_http.h
+++ b/include/vlc_http.h
@@ -33,6 +33,9 @@
* HTTP clients.
*/
+#include <vlc_url.h>
+#include <vlc_arrays.h>
+
/* RFC 2617: Basic and Digest Access Authentication */
typedef struct http_auth_t
{
@@ -64,4 +67,30 @@ VLC_API char *http_auth_FormatAuthorizationHeader
const char *, const char *,
const char *, const char * ) VLC_USED;
+/* RFC 6265: cookies */
+
+typedef struct vlc_array_t vlc_http_cookie_jar_t;
+
+VLC_API vlc_http_cookie_jar_t * vlc_http_cookies_new( void ) VLC_USED;
+VLC_API void vlc_http_cookies_destroy( vlc_http_cookie_jar_t * p_jar );
+
+/**
+ * Parse a value of an incoming Set-Cookie header and append the
+ * cookie to the cookie jar if appropriate.
+ *
+ * @param p_jar cookie jar object
+ * @param psz_cookie_header value of Set-Cookie
+ * @return true, if the cookie was added, false otherwise
+ */
+VLC_API bool vlc_http_cookies_append( vlc_http_cookie_jar_t * p_jar, const char * psz_cookie_header, const vlc_url_t * p_url );
+
+/**
+ * Returns a cookie value that match the given URL.
+ *
+ * @params p_jar a cookie jar
+ * @params p_url the URL for which the cookies are returned
+ * @return A string consisting of semicolon-separated cookie NAME=VALUE pairs.
+ */
+VLC_API char *vlc_http_cookies_for_url( vlc_http_cookie_jar_t * p_jar, const vlc_url_t * p_url );
+
#endif /* VLC_HTTP_H */
diff --git a/modules/access/Makefile.am b/modules/access/Makefile.am
index 4ef79bf..f0ad4f4 100644
--- a/modules/access/Makefile.am
+++ b/modules/access/Makefile.am
@@ -356,7 +356,7 @@ libftp_plugin_la_SOURCES = access/ftp.c
libftp_plugin_la_LIBADD = $(SOCKET_LIBS)
access_LTLIBRARIES += libftp_plugin.la
-libhttp_plugin_la_SOURCES = access/http.c access/httpcookies.h access/httpcookies.c
+libhttp_plugin_la_SOURCES = access/http.c
libhttp_plugin_la_LIBADD = $(SOCKET_LIBS)
if HAVE_ZLIB
libhttp_plugin_la_LIBADD += -lz
diff --git a/modules/access/http.c b/modules/access/http.c
index 9afca9f..37df233 100644
--- a/modules/access/http.c
+++ b/modules/access/http.c
@@ -47,7 +47,6 @@
#include <vlc_input.h>
#include <vlc_md5.h>
#include <vlc_http.h>
-#include "httpcookies.h"
#ifdef HAVE_ZLIB_H
# include <zlib.h>
@@ -186,12 +185,12 @@ struct access_sys_t
bool b_persist;
bool b_has_size;
- http_cookie_jar_t * cookies;
+ vlc_http_cookie_jar_t * cookies;
};
/* */
static int OpenWithCookies( vlc_object_t *p_this, const char *psz_access,
- unsigned i_redirect, http_cookie_jar_t *cookies );
+ unsigned i_redirect, vlc_http_cookie_jar_t *cookies );
/* */
static ssize_t Read( access_t *, uint8_t *, size_t );
@@ -229,7 +228,7 @@ static int Open( vlc_object_t *p_this )
* @return vlc error codes
*/
static int OpenWithCookies( vlc_object_t *p_this, const char *psz_access,
- unsigned i_redirect, http_cookie_jar_t *cookies )
+ unsigned i_redirect, vlc_http_cookie_jar_t *cookies )
{
access_t *p_access = (access_t*)p_this;
access_sys_t *p_sys;
@@ -279,7 +278,7 @@ static int OpenWithCookies( vlc_object_t *p_this, const char *psz_access,
/* Only forward an store cookies if the corresponding option is activated */
if( var_CreateGetBool( p_access, "http-forward-cookies" ) )
- p_sys->cookies = (cookies != NULL) ? cookies : http_cookies_new();
+ p_sys->cookies = (cookies != NULL) ? cookies : vlc_http_cookies_new();
else
p_sys->cookies = NULL;
@@ -597,7 +596,7 @@ error:
Disconnect( p_access );
vlc_tls_Delete( p_sys->p_creds );
- http_cookies_destroy( p_sys->cookies );
+ vlc_http_cookies_destroy( p_sys->cookies );
#ifdef HAVE_ZLIB_H
inflateEnd( &p_sys->inflate.stream );
@@ -633,7 +632,7 @@ static void Close( vlc_object_t *p_this )
Disconnect( p_access );
vlc_tls_Delete( p_sys->p_creds );
- http_cookies_destroy( p_sys->cookies );
+ vlc_http_cookies_destroy( p_sys->cookies );
#ifdef HAVE_ZLIB_H
inflateEnd( &p_sys->inflate.stream );
@@ -1173,7 +1172,7 @@ static int Request( access_t *p_access, uint64_t i_tell )
/* Cookies */
if( p_sys->cookies )
{
- char * psz_cookiestring = http_cookies_for_url( p_sys->cookies, &p_sys->url );
+ char * psz_cookiestring = vlc_http_cookies_for_url( p_sys->cookies, &p_sys->url );
if ( psz_cookiestring )
{
msg_Dbg( p_access, "Sending Cookie %s", psz_cookiestring );
@@ -1476,7 +1475,7 @@ static int Request( access_t *p_access, uint64_t i_tell )
{
if( p_sys->cookies )
{
- if ( http_cookies_append( p_sys->cookies, p, &p_sys->url ) )
+ if ( vlc_http_cookies_append( p_sys->cookies, p, &p_sys->url ) )
msg_Dbg( p_access, "Accepting Cookie: %s", p );
else
msg_Dbg( p_access, "Rejected Cookie: %s", p );
diff --git a/modules/access/httpcookies.c b/modules/access/httpcookies.c
deleted file mode 100644
index 2dc0a6b..0000000
--- a/modules/access/httpcookies.c
+++ /dev/null
@@ -1,366 +0,0 @@
-/*****************************************************************************
- * httpcookies.h: HTTP cookie utilities
- *****************************************************************************
- * Copyright (C) 2014 VLC authors and VideoLAN
- * $Id$
- *
- * Authors: Antti Ajanki <antti.ajanki at iki.fi>
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation; either version 2.1 of the License, or
- * (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301, USA.
- *****************************************************************************/
-
-#ifdef HAVE_CONFIG_H
-# include "config.h"
-#endif
-
-#include <stdlib.h>
-#include <stdio.h>
-#include <string.h>
-#include <assert.h>
-
-#include <vlc_common.h>
-#include <vlc_messages.h>
-#include <vlc_strings.h>
-#include "httpcookies.h"
-
-typedef struct http_cookie_t
-{
- char *psz_name;
- char *psz_value;
- char *psz_domain;
- char *psz_path;
- bool b_host_only;
- bool b_secure;
-} http_cookie_t;
-
-static http_cookie_t * cookie_parse( const char * cookie_header, const vlc_url_t * url );
-static void cookie_destroy( http_cookie_t * p_cookie );
-static char * cookie_get_content( const char * cookie );
-static char * cookie_get_domain( const char * cookie );
-static char * cookie_get_attribute_value( const char * cookie, const char *attr );
-static bool cookie_has_attribute( const char * cookie, const char *attr );
-static bool cookie_should_be_sent( const http_cookie_t * cookie, const vlc_url_t * url );
-static bool cookie_is_valid( const http_cookie_t * cookie, const char *host );
-static bool cookie_domain_matches( const http_cookie_t * cookie, const char *host );
-static bool cookie_path_matches( const http_cookie_t * cookie, const char *path );
-static bool cookie_domain_is_public_suffix( const char *domain );
-static char * cookie_default_path( const char *request_path );
-
-http_cookie_jar_t * http_cookies_new()
-{
- return vlc_array_new();
-}
-
-void http_cookies_destroy( http_cookie_jar_t * p_jar )
-{
- if ( !p_jar )
- return;
-
- int i;
- for( i = 0; i < vlc_array_count( p_jar ); i++ )
- cookie_destroy( vlc_array_item_at_index( p_jar, i ) );
- vlc_array_destroy( p_jar );
-}
-
-bool http_cookies_append( http_cookie_jar_t * p_jar, const char * psz_cookie_header, const vlc_url_t *p_url )
-{
- int i;
-
- http_cookie_t *cookie = cookie_parse( psz_cookie_header, p_url );
- if( !cookie || !cookie_is_valid( cookie, p_url->psz_host ) )
- {
- cookie_destroy( cookie );
- return false;
- }
-
- for( i = 0; i < vlc_array_count( p_jar ); i++ )
- {
- http_cookie_t *iter = vlc_array_item_at_index( p_jar, i );
-
- assert( iter->psz_name );
- assert( iter->psz_domain );
- assert( iter->psz_path );
-
- bool domains_match =
- vlc_ascii_strcasecmp( cookie->psz_domain, iter->psz_domain ) == 0;
- bool paths_match = strcmp( cookie->psz_path, iter->psz_path ) == 0;
- bool names_match = strcmp( cookie->psz_name, iter->psz_name ) == 0;
- if( domains_match && paths_match && names_match )
- {
- /* Remove previous value for this cookie */
- vlc_array_remove( p_jar, i );
- cookie_destroy(iter);
- break;
- }
- }
- vlc_array_append( p_jar, cookie );
-
- return true;
-}
-
-
-char *http_cookies_for_url( http_cookie_jar_t * p_jar, const vlc_url_t * p_url )
-{
- int i;
- char *psz_cookiebuf = NULL;
- for( i = 0; i < vlc_array_count( p_jar ); i++ )
- {
- const http_cookie_t * cookie = vlc_array_item_at_index( p_jar, i );
- if ( cookie_should_be_sent( cookie, p_url ) )
- {
- char *psz_updated_buf = NULL;
- if ( asprintf(&psz_updated_buf, "%s%s%s=%s",
- psz_cookiebuf ? psz_cookiebuf : "",
- psz_cookiebuf ? "; " : "",
- cookie->psz_name ? cookie->psz_name : "",
- cookie->psz_value ? cookie->psz_value : "") == -1 )
- {
- // TODO: report error
- free( psz_cookiebuf );
- return NULL;
- }
- free( psz_cookiebuf );
- psz_cookiebuf = psz_updated_buf;
- }
- }
-
- return psz_cookiebuf;
-}
-
-static http_cookie_t * cookie_parse( const char * cookie_header, const vlc_url_t * url )
-{
- http_cookie_t *cookie = calloc( 1, sizeof( http_cookie_t ) );
- if ( unlikely( !cookie ) )
- return NULL;
-
- char *content = cookie_get_content( cookie_header );
- if ( !content )
- {
- cookie_destroy( cookie );
- return NULL;
- }
-
- const char *eq = strchr( content, '=' );
- if ( eq )
- {
- cookie->psz_name = strndup( content, eq-content );
- cookie->psz_value = strdup( eq + 1 );
- }
- else
- {
- cookie->psz_name = strdup( content );
- cookie->psz_value = NULL;
- }
-
- cookie->psz_domain = cookie_get_domain( cookie_header );
- if ( !cookie->psz_domain || strlen(cookie->psz_domain) == 0 )
- {
- free(cookie->psz_domain);
- cookie->psz_domain = strdup( url->psz_host );
- cookie->b_host_only = true;
- }
- else
- cookie->b_host_only = false;
-
- cookie->psz_path = cookie_get_attribute_value( cookie_header, "path" );
- if ( !cookie->psz_path || strlen(cookie->psz_path) == 0 )
- {
- free(cookie->psz_path);
- cookie->psz_path = cookie_default_path( url->psz_path );
- }
-
- cookie->b_secure = cookie_has_attribute( cookie_header, "secure" );
-
- FREENULL( content );
-
- if ( !cookie->psz_domain || !cookie->psz_path || !cookie->psz_name )
- {
- cookie_destroy( cookie );
- return NULL;
- }
-
- return cookie;
-}
-
-static void cookie_destroy( http_cookie_t * p_cookie )
-{
- if ( !p_cookie )
- return;
-
- free( p_cookie->psz_name );
- free( p_cookie->psz_value );
- free( p_cookie->psz_domain );
- free( p_cookie->psz_path );
- free( p_cookie );
-}
-
-/* Get the NAME=VALUE part of the Cookie */
-static char * cookie_get_content( const char * cookie )
-{
- size_t content_length = strcspn( cookie, ";" );
- return strndup( cookie, content_length );
-}
-
-/* Get the domain where the cookie is stored */
-static char * cookie_get_domain( const char * cookie )
-{
- char *domain = cookie_get_attribute_value( cookie, "domain" );
- if ( domain && *domain == '.' )
- {
- const char *real_domain = domain + strspn( domain, "." );
- memmove( domain, real_domain, strlen( real_domain ) + 1 );
- }
- return domain;
-}
-
-static char * cookie_get_attribute_value( const char * cookie, const char *attr )
-{
- if( !cookie || !attr )
- return NULL;
-
- size_t attrlen = strlen( attr );
- const char * str = strchr( cookie, ';' );
- while( str )
- {
- /* skip ; and blank */
- str++;
- str = str + strspn( str, " " );
-
- if( !vlc_ascii_strncasecmp( str, attr, attrlen ) &&
- ( str[attrlen] == '=' ) )
- {
- str += attrlen + 1;
- size_t value_length = strcspn( str, ";" );
- return strndup( str, value_length );
- }
-
- str = strchr( str, ';' );
- }
- return NULL;
-}
-
-static bool cookie_has_attribute( const char * cookie, const char *attr )
-{
- if( !cookie || !attr )
- return false;
-
- size_t attrlen = strlen(attr);
- const char * str = strchr(cookie, ';');
- while( str )
- {
- /* skip ; and blank */
- str++;
- str = str + strspn( str, " " );
-
- if( !vlc_ascii_strncasecmp( str, attr, attrlen ) &&
- ( str[attrlen] == '=' || str[attrlen] == ';' || str[attrlen] == '\0' ) )
- return true;
-
- str = strchr(str, ';');
- }
- return false;
-}
-
-static bool cookie_should_be_sent( const http_cookie_t * cookie, const vlc_url_t * url )
-{
- bool protocol_ok = !cookie->b_secure ||
- ( url->psz_protocol && strcasecmp(url->psz_protocol, "https") == 0 );
- bool domain_ok = cookie_domain_matches( cookie, url->psz_host );
- bool path_ok = cookie_path_matches( cookie, url->psz_path );
- return protocol_ok && domain_ok && path_ok;
-}
-
-/* Check if a cookie from host should be added to the cookie jar */
-static bool cookie_is_valid( const http_cookie_t * cookie, const char *host )
-{
- return cookie && cookie->psz_name && strlen(cookie->psz_name) > 0 &&
- cookie->psz_domain &&
- !cookie_domain_is_public_suffix(cookie->psz_domain) &&
- cookie_domain_matches(cookie, host);
-}
-
-static bool cookie_domain_matches( const http_cookie_t * cookie, const char *host )
-{
- assert( !cookie || cookie->psz_domain );
-
- // TODO: should convert domain names to punycode before comparing
-
- if ( !cookie || !host )
- return false;
- if ( vlc_ascii_strcasecmp(cookie->psz_domain, host) == 0 )
- return true;
- else if ( cookie->b_host_only )
- return false;
-
- size_t host_len = strlen(host);
- size_t cookie_domain_len = strlen(cookie->psz_domain);
- int i = host_len - cookie_domain_len;
- bool is_suffix = ( i > 0 ) &&
- vlc_ascii_strcasecmp( &host[i], cookie->psz_domain ) == 0;
- bool has_dot_before_suffix = host[i-1] == '.';
- bool host_is_ipv4 = strspn(host, "0123456789.") == host_len;
- bool host_is_ipv6 = strchr(host, ':') != NULL;
- return is_suffix && has_dot_before_suffix &&
- !( host_is_ipv4 || host_is_ipv6 );
-}
-
-static bool cookie_path_matches( const http_cookie_t * cookie, const char *uripath )
-{
- if ( !cookie || !uripath )
- return false;
- else if ( strcmp(cookie->psz_path, uripath) == 0 )
- return true;
-
- size_t path_len = strlen( uripath );
- size_t prefix_len = strlen( cookie->psz_path );
- return ( path_len > prefix_len ) &&
- ( strncmp(uripath, cookie->psz_path, prefix_len) == 0 ) &&
- ( uripath[prefix_len - 1] == '/' || uripath[prefix_len] == '/' );
-}
-
-static bool cookie_domain_is_public_suffix( const char *domain )
-{
- // FIXME: should check if domain is one of "public suffixes" at
- // http://publicsuffix.org/. The purpose of this check is to
- // prevent a host from setting a "too wide" cookie, for example
- // "example.com" should not be able to set a cookie for "com".
- // The current implementation prevents all top-level domains.
- return domain && !strchr(domain, '.');
-}
-
-static char * cookie_default_path( const char *request_path )
-{
- if ( !request_path || *request_path != '/' )
- return strdup("/");
-
- char *path;
- const char *query_start = strchr( request_path, '?' );
- if ( query_start )
- path = strndup( request_path, query_start - request_path );
- else
- path = strdup( request_path );
-
- if ( !path )
- return NULL;
-
- char *last_slash = strrchr(path, '/');
- assert(last_slash);
- if ( last_slash == path )
- path[1] = '\0';
- else
- *last_slash = '\0';
-
- return path;
-}
diff --git a/modules/access/httpcookies.h b/modules/access/httpcookies.h
deleted file mode 100644
index bf73191..0000000
--- a/modules/access/httpcookies.h
+++ /dev/null
@@ -1,62 +0,0 @@
-/*****************************************************************************
- * httpcookies.h: HTTP cookie utilities
- *****************************************************************************
- * Copyright (C) 2014 VLC authors and VideoLAN
- * $Id$
- *
- * Authors: Antti Ajanki <antti.ajanki at iki.fi>
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation; either version 2.1 of the License, or
- * (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301, USA.
- *****************************************************************************/
-
-#ifndef HTTPCOOKIES_H_
-#define HTTPCOOKIES_H_ 1
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#include <vlc_url.h>
-#include <vlc_arrays.h>
-
-typedef struct vlc_array_t http_cookie_jar_t;
-
-http_cookie_jar_t * http_cookies_new( void );
-void http_cookies_destroy( http_cookie_jar_t * p_jar );
-
-/**
- * Parse a value of an incoming Set-Cookie header and append the
- * cookie to the cookie jar if appropriate.
- *
- * @param p_jar cookie jar object
- * @param psz_cookie_header value of Set-Cookie
- * @return true, if the cookie was added, false otherwise
- */
-bool http_cookies_append( http_cookie_jar_t * p_jar, const char * psz_cookie_header, const vlc_url_t * p_url );
-
-/**
- * Returns a cookie value that match the given URL.
- *
- * @params p_jar a cookie jar
- * @params p_url the URL for which the cookies are returned
- * @return A string consisting of semicolon-separated cookie NAME=VALUE pairs.
- */
-char *http_cookies_for_url( http_cookie_jar_t * p_jar, const vlc_url_t * p_url );
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/src/Makefile.am b/src/Makefile.am
index cdddc8d..9111e73 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -480,6 +480,7 @@ SOURCES_libvlc_common = \
misc/filter.c \
misc/filter_chain.c \
misc/http_auth.c \
+ misc/httpcookies.c \
misc/fingerprinter.c \
misc/text_style.c \
misc/subpicture.c \
diff --git a/src/libvlccore.sym b/src/libvlccore.sym
index 2808f5f..6bab760 100644
--- a/src/libvlccore.sym
+++ b/src/libvlccore.sym
@@ -144,6 +144,10 @@ http_auth_Reset
http_auth_ParseWwwAuthenticateHeader
http_auth_ParseAuthenticationInfoHeader
http_auth_FormatAuthorizationHeader
+vlc_http_cookies_new
+vlc_http_cookies_destroy
+vlc_http_cookies_append
+vlc_http_cookies_for_url
httpd_ClientIP
httpd_FileDelete
httpd_FileNew
diff --git a/src/misc/httpcookies.c b/src/misc/httpcookies.c
new file mode 100644
index 0000000..9eccbe7
--- /dev/null
+++ b/src/misc/httpcookies.c
@@ -0,0 +1,366 @@
+/*****************************************************************************
+ * httpcookies.h: HTTP cookie utilities
+ *****************************************************************************
+ * Copyright (C) 2014 VLC authors and VideoLAN
+ * $Id$
+ *
+ * Authors: Antti Ajanki <antti.ajanki at iki.fi>
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation; either version 2.1 of the License, or
+ * (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301, USA.
+ *****************************************************************************/
+
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <assert.h>
+
+#include <vlc_common.h>
+#include <vlc_messages.h>
+#include <vlc_strings.h>
+#include <vlc_http.h>
+
+typedef struct http_cookie_t
+{
+ char *psz_name;
+ char *psz_value;
+ char *psz_domain;
+ char *psz_path;
+ bool b_host_only;
+ bool b_secure;
+} http_cookie_t;
+
+static http_cookie_t * cookie_parse( const char * cookie_header, const vlc_url_t * url );
+static void cookie_destroy( http_cookie_t * p_cookie );
+static char * cookie_get_content( const char * cookie );
+static char * cookie_get_domain( const char * cookie );
+static char * cookie_get_attribute_value( const char * cookie, const char *attr );
+static bool cookie_has_attribute( const char * cookie, const char *attr );
+static bool cookie_should_be_sent( const http_cookie_t * cookie, const vlc_url_t * url );
+static bool cookie_is_valid( const http_cookie_t * cookie, const char *host );
+static bool cookie_domain_matches( const http_cookie_t * cookie, const char *host );
+static bool cookie_path_matches( const http_cookie_t * cookie, const char *path );
+static bool cookie_domain_is_public_suffix( const char *domain );
+static char * cookie_default_path( const char *request_path );
+
+vlc_http_cookie_jar_t * vlc_http_cookies_new()
+{
+ return vlc_array_new();
+}
+
+void vlc_http_cookies_destroy( vlc_http_cookie_jar_t * p_jar )
+{
+ if ( !p_jar )
+ return;
+
+ int i;
+ for( i = 0; i < vlc_array_count( p_jar ); i++ )
+ cookie_destroy( vlc_array_item_at_index( p_jar, i ) );
+ vlc_array_destroy( p_jar );
+}
+
+bool vlc_http_cookies_append( vlc_http_cookie_jar_t * p_jar, const char * psz_cookie_header, const vlc_url_t *p_url )
+{
+ int i;
+
+ http_cookie_t *cookie = cookie_parse( psz_cookie_header, p_url );
+ if( !cookie || !cookie_is_valid( cookie, p_url->psz_host ) )
+ {
+ cookie_destroy( cookie );
+ return false;
+ }
+
+ for( i = 0; i < vlc_array_count( p_jar ); i++ )
+ {
+ http_cookie_t *iter = vlc_array_item_at_index( p_jar, i );
+
+ assert( iter->psz_name );
+ assert( iter->psz_domain );
+ assert( iter->psz_path );
+
+ bool domains_match =
+ vlc_ascii_strcasecmp( cookie->psz_domain, iter->psz_domain ) == 0;
+ bool paths_match = strcmp( cookie->psz_path, iter->psz_path ) == 0;
+ bool names_match = strcmp( cookie->psz_name, iter->psz_name ) == 0;
+ if( domains_match && paths_match && names_match )
+ {
+ /* Remove previous value for this cookie */
+ vlc_array_remove( p_jar, i );
+ cookie_destroy(iter);
+ break;
+ }
+ }
+ vlc_array_append( p_jar, cookie );
+
+ return true;
+}
+
+
+char *vlc_http_cookies_for_url( vlc_http_cookie_jar_t * p_jar, const vlc_url_t * p_url )
+{
+ int i;
+ char *psz_cookiebuf = NULL;
+ for( i = 0; i < vlc_array_count( p_jar ); i++ )
+ {
+ const http_cookie_t * cookie = vlc_array_item_at_index( p_jar, i );
+ if ( cookie_should_be_sent( cookie, p_url ) )
+ {
+ char *psz_updated_buf = NULL;
+ if ( asprintf(&psz_updated_buf, "%s%s%s=%s",
+ psz_cookiebuf ? psz_cookiebuf : "",
+ psz_cookiebuf ? "; " : "",
+ cookie->psz_name ? cookie->psz_name : "",
+ cookie->psz_value ? cookie->psz_value : "") == -1 )
+ {
+ // TODO: report error
+ free( psz_cookiebuf );
+ return NULL;
+ }
+ free( psz_cookiebuf );
+ psz_cookiebuf = psz_updated_buf;
+ }
+ }
+
+ return psz_cookiebuf;
+}
+
+static http_cookie_t * cookie_parse( const char * cookie_header, const vlc_url_t * url )
+{
+ http_cookie_t *cookie = calloc( 1, sizeof( http_cookie_t ) );
+ if ( unlikely( !cookie ) )
+ return NULL;
+
+ char *content = cookie_get_content( cookie_header );
+ if ( !content )
+ {
+ cookie_destroy( cookie );
+ return NULL;
+ }
+
+ const char *eq = strchr( content, '=' );
+ if ( eq )
+ {
+ cookie->psz_name = strndup( content, eq-content );
+ cookie->psz_value = strdup( eq + 1 );
+ }
+ else
+ {
+ cookie->psz_name = strdup( content );
+ cookie->psz_value = NULL;
+ }
+
+ cookie->psz_domain = cookie_get_domain( cookie_header );
+ if ( !cookie->psz_domain || strlen(cookie->psz_domain) == 0 )
+ {
+ free(cookie->psz_domain);
+ cookie->psz_domain = strdup( url->psz_host );
+ cookie->b_host_only = true;
+ }
+ else
+ cookie->b_host_only = false;
+
+ cookie->psz_path = cookie_get_attribute_value( cookie_header, "path" );
+ if ( !cookie->psz_path || strlen(cookie->psz_path) == 0 )
+ {
+ free(cookie->psz_path);
+ cookie->psz_path = cookie_default_path( url->psz_path );
+ }
+
+ cookie->b_secure = cookie_has_attribute( cookie_header, "secure" );
+
+ FREENULL( content );
+
+ if ( !cookie->psz_domain || !cookie->psz_path || !cookie->psz_name )
+ {
+ cookie_destroy( cookie );
+ return NULL;
+ }
+
+ return cookie;
+}
+
+static void cookie_destroy( http_cookie_t * p_cookie )
+{
+ if ( !p_cookie )
+ return;
+
+ free( p_cookie->psz_name );
+ free( p_cookie->psz_value );
+ free( p_cookie->psz_domain );
+ free( p_cookie->psz_path );
+ free( p_cookie );
+}
+
+/* Get the NAME=VALUE part of the Cookie */
+static char * cookie_get_content( const char * cookie )
+{
+ size_t content_length = strcspn( cookie, ";" );
+ return strndup( cookie, content_length );
+}
+
+/* Get the domain where the cookie is stored */
+static char * cookie_get_domain( const char * cookie )
+{
+ char *domain = cookie_get_attribute_value( cookie, "domain" );
+ if ( domain && *domain == '.' )
+ {
+ const char *real_domain = domain + strspn( domain, "." );
+ memmove( domain, real_domain, strlen( real_domain ) + 1 );
+ }
+ return domain;
+}
+
+static char * cookie_get_attribute_value( const char * cookie, const char *attr )
+{
+ if( !cookie || !attr )
+ return NULL;
+
+ size_t attrlen = strlen( attr );
+ const char * str = strchr( cookie, ';' );
+ while( str )
+ {
+ /* skip ; and blank */
+ str++;
+ str = str + strspn( str, " " );
+
+ if( !vlc_ascii_strncasecmp( str, attr, attrlen ) &&
+ ( str[attrlen] == '=' ) )
+ {
+ str += attrlen + 1;
+ size_t value_length = strcspn( str, ";" );
+ return strndup( str, value_length );
+ }
+
+ str = strchr( str, ';' );
+ }
+ return NULL;
+}
+
+static bool cookie_has_attribute( const char * cookie, const char *attr )
+{
+ if( !cookie || !attr )
+ return false;
+
+ size_t attrlen = strlen(attr);
+ const char * str = strchr(cookie, ';');
+ while( str )
+ {
+ /* skip ; and blank */
+ str++;
+ str = str + strspn( str, " " );
+
+ if( !vlc_ascii_strncasecmp( str, attr, attrlen ) &&
+ ( str[attrlen] == '=' || str[attrlen] == ';' || str[attrlen] == '\0' ) )
+ return true;
+
+ str = strchr(str, ';');
+ }
+ return false;
+}
+
+static bool cookie_should_be_sent( const http_cookie_t * cookie, const vlc_url_t * url )
+{
+ bool protocol_ok = !cookie->b_secure ||
+ ( url->psz_protocol && strcasecmp(url->psz_protocol, "https") == 0 );
+ bool domain_ok = cookie_domain_matches( cookie, url->psz_host );
+ bool path_ok = cookie_path_matches( cookie, url->psz_path );
+ return protocol_ok && domain_ok && path_ok;
+}
+
+/* Check if a cookie from host should be added to the cookie jar */
+static bool cookie_is_valid( const http_cookie_t * cookie, const char *host )
+{
+ return cookie && cookie->psz_name && strlen(cookie->psz_name) > 0 &&
+ cookie->psz_domain &&
+ !cookie_domain_is_public_suffix(cookie->psz_domain) &&
+ cookie_domain_matches(cookie, host);
+}
+
+static bool cookie_domain_matches( const http_cookie_t * cookie, const char *host )
+{
+ assert( !cookie || cookie->psz_domain );
+
+ // TODO: should convert domain names to punycode before comparing
+
+ if ( !cookie || !host )
+ return false;
+ if ( vlc_ascii_strcasecmp(cookie->psz_domain, host) == 0 )
+ return true;
+ else if ( cookie->b_host_only )
+ return false;
+
+ size_t host_len = strlen(host);
+ size_t cookie_domain_len = strlen(cookie->psz_domain);
+ int i = host_len - cookie_domain_len;
+ bool is_suffix = ( i > 0 ) &&
+ vlc_ascii_strcasecmp( &host[i], cookie->psz_domain ) == 0;
+ bool has_dot_before_suffix = host[i-1] == '.';
+ bool host_is_ipv4 = strspn(host, "0123456789.") == host_len;
+ bool host_is_ipv6 = strchr(host, ':') != NULL;
+ return is_suffix && has_dot_before_suffix &&
+ !( host_is_ipv4 || host_is_ipv6 );
+}
+
+static bool cookie_path_matches( const http_cookie_t * cookie, const char *uripath )
+{
+ if ( !cookie || !uripath )
+ return false;
+ else if ( strcmp(cookie->psz_path, uripath) == 0 )
+ return true;
+
+ size_t path_len = strlen( uripath );
+ size_t prefix_len = strlen( cookie->psz_path );
+ return ( path_len > prefix_len ) &&
+ ( strncmp(uripath, cookie->psz_path, prefix_len) == 0 ) &&
+ ( uripath[prefix_len - 1] == '/' || uripath[prefix_len] == '/' );
+}
+
+static bool cookie_domain_is_public_suffix( const char *domain )
+{
+ // FIXME: should check if domain is one of "public suffixes" at
+ // http://publicsuffix.org/. The purpose of this check is to
+ // prevent a host from setting a "too wide" cookie, for example
+ // "example.com" should not be able to set a cookie for "com".
+ // The current implementation prevents all top-level domains.
+ return domain && !strchr(domain, '.');
+}
+
+static char * cookie_default_path( const char *request_path )
+{
+ if ( !request_path || *request_path != '/' )
+ return strdup("/");
+
+ char *path;
+ const char *query_start = strchr( request_path, '?' );
+ if ( query_start )
+ path = strndup( request_path, query_start - request_path );
+ else
+ path = strdup( request_path );
+
+ if ( !path )
+ return NULL;
+
+ char *last_slash = strrchr(path, '/');
+ assert(last_slash);
+ if ( last_slash == path )
+ path[1] = '\0';
+ else
+ *last_slash = '\0';
+
+ return path;
+}
--
1.7.10.4
More information about the vlc-devel
mailing list