2 * Copyright (C) 2006, 2007, 2008 Apple Inc. All rights reserved.
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
13 * THIS SOFTWARE IS PROVIDED BY APPLE COMPUTER, INC. ``AS IS'' AND ANY
14 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
16 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE COMPUTER, INC. OR
17 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
18 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
19 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
20 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
21 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
23 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 #include "CookieJar.h"
32 #include "CookieStorageCFNet.h"
35 #include "PlatformString.h"
36 #include "ResourceHandle.h"
37 #include "SoftLinking.h"
38 #include <CFNetwork/CFHTTPCookiesPriv.h>
39 #include <CoreFoundation/CoreFoundation.h>
42 #include <WebKitSystemInterface/WebKitSystemInterface.h>
48 static const CFStringRef s_setCookieKeyCF = CFSTR("Set-Cookie");
49 static const CFStringRef s_cookieCF = CFSTR("Cookie");
53 SOFT_LINK_DEBUG_LIBRARY(CFNetwork)
55 SOFT_LINK_LIBRARY(CFNetwork)
58 SOFT_LINK_FRAMEWORK_IN_CORESERVICES_UMBRELLA(CFNetwork)
61 SOFT_LINK_OPTIONAL(CFNetwork, CFHTTPCookieCopyDomain, CFStringRef, __cdecl, (CFHTTPCookieRef))
62 SOFT_LINK_OPTIONAL(CFNetwork, CFHTTPCookieGetExpirationTime, CFAbsoluteTime, __cdecl, (CFHTTPCookieRef))
63 SOFT_LINK_OPTIONAL(CFNetwork, CFHTTPCookieCopyName, CFStringRef, __cdecl, (CFHTTPCookieRef))
64 SOFT_LINK_OPTIONAL(CFNetwork, CFHTTPCookieCopyPath, CFStringRef, __cdecl, (CFHTTPCookieRef))
65 SOFT_LINK_OPTIONAL(CFNetwork, CFHTTPCookieCopyValue, CFStringRef, __cdecl, (CFHTTPCookieRef))
67 static inline RetainPtr<CFStringRef> cookieDomain(CFHTTPCookieRef cookie)
69 if (CFHTTPCookieCopyDomainPtr())
70 return RetainPtr<CFStringRef>(AdoptCF, CFHTTPCookieCopyDomainPtr()(cookie));
71 return CFHTTPCookieGetDomain(cookie);
74 static inline CFAbsoluteTime cookieExpirationTime(CFHTTPCookieRef cookie)
76 if (CFHTTPCookieGetExpirationTimePtr())
77 return CFHTTPCookieGetExpirationTimePtr()(cookie);
78 return CFDateGetAbsoluteTime(CFHTTPCookieGetExpiratonDate(cookie));
81 static inline RetainPtr<CFStringRef> cookieName(CFHTTPCookieRef cookie)
83 if (CFHTTPCookieCopyNamePtr())
84 return RetainPtr<CFStringRef>(AdoptCF, CFHTTPCookieCopyNamePtr()(cookie));
85 return CFHTTPCookieGetName(cookie);
88 static inline RetainPtr<CFStringRef> cookiePath(CFHTTPCookieRef cookie)
90 if (CFHTTPCookieCopyPathPtr())
91 return RetainPtr<CFStringRef>(AdoptCF, CFHTTPCookieCopyPathPtr()(cookie));
92 return CFHTTPCookieGetPath(cookie);
95 static inline RetainPtr<CFStringRef> cookieValue(CFHTTPCookieRef cookie)
97 if (CFHTTPCookieCopyValuePtr())
98 return RetainPtr<CFStringRef>(AdoptCF, CFHTTPCookieCopyValuePtr()(cookie));
99 return CFHTTPCookieGetValue(cookie);
102 static RetainPtr<CFArrayRef> filterCookies(CFArrayRef unfilteredCookies)
104 CFIndex count = CFArrayGetCount(unfilteredCookies);
105 RetainPtr<CFMutableArrayRef> filteredCookies(AdoptCF, CFArrayCreateMutable(0, count, &kCFTypeArrayCallBacks));
106 for (CFIndex i = 0; i < count; ++i) {
107 CFHTTPCookieRef cookie = (CFHTTPCookieRef)CFArrayGetValueAtIndex(unfilteredCookies, i);
109 // <rdar://problem/5632883> CFHTTPCookieStorage would store an empty cookie,
110 // which would be sent as "Cookie: =". We have a workaround in setCookies() to prevent
111 // that, but we also need to avoid sending cookies that were previously stored, and
112 // there's no harm to doing this check because such a cookie is never valid.
113 if (!CFStringGetLength(cookieName(cookie).get()))
116 if (CFHTTPCookieIsHTTPOnly(cookie))
119 CFArrayAppendValue(filteredCookies.get(), cookie);
121 return filteredCookies;
124 void setCookies(Document* document, const KURL& url, const String& value)
126 // <rdar://problem/5632883> CFHTTPCookieStorage stores an empty cookie, which would be sent as "Cookie: =".
130 RetainPtr<CFHTTPCookieStorageRef> cookieStorage = currentCFHTTPCookieStorage();
134 RetainPtr<CFURLRef> urlCF(AdoptCF, url.createCFURL());
135 RetainPtr<CFURLRef> firstPartyForCookiesCF(AdoptCF, document->firstPartyForCookies().createCFURL());
137 // <http://bugs.webkit.org/show_bug.cgi?id=6531>, <rdar://4409034>
138 // cookiesWithResponseHeaderFields doesn't parse cookies without a value
139 String cookieString = value.contains('=') ? value : value + "=";
141 RetainPtr<CFStringRef> cookieStringCF(AdoptCF, cookieString.createCFString());
142 RetainPtr<CFDictionaryRef> headerFieldsCF(AdoptCF, CFDictionaryCreate(kCFAllocatorDefault,
143 (const void**)&s_setCookieKeyCF, (const void**)&cookieStringCF, 1,
144 &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks));
146 RetainPtr<CFArrayRef> cookiesCF(AdoptCF, CFHTTPCookieCreateWithResponseHeaderFields(kCFAllocatorDefault,
147 headerFieldsCF.get(), urlCF.get()));
149 CFHTTPCookieStorageSetCookies(cookieStorage.get(), filterCookies(cookiesCF.get()).get(), urlCF.get(), firstPartyForCookiesCF.get());
152 String cookies(const Document* /*document*/, const KURL& url)
154 RetainPtr<CFHTTPCookieStorageRef> cookieStorage = currentCFHTTPCookieStorage();
158 RetainPtr<CFURLRef> urlCF(AdoptCF, url.createCFURL());
160 bool secure = url.protocolIs("https");
161 RetainPtr<CFArrayRef> cookiesCF(AdoptCF, CFHTTPCookieStorageCopyCookiesForURL(cookieStorage.get(), urlCF.get(), secure));
162 RetainPtr<CFDictionaryRef> headerCF(AdoptCF, CFHTTPCookieCopyRequestHeaderFields(kCFAllocatorDefault, filterCookies(cookiesCF.get()).get()));
163 return (CFStringRef)CFDictionaryGetValue(headerCF.get(), s_cookieCF);
166 String cookieRequestHeaderFieldValue(const Document* /*document*/, const KURL& url)
168 RetainPtr<CFHTTPCookieStorageRef> cookieStorage = currentCFHTTPCookieStorage();
172 RetainPtr<CFURLRef> urlCF(AdoptCF, url.createCFURL());
174 bool secure = url.protocolIs("https");
175 RetainPtr<CFArrayRef> cookiesCF(AdoptCF, CFHTTPCookieStorageCopyCookiesForURL(cookieStorage.get(), urlCF.get(), secure));
176 RetainPtr<CFDictionaryRef> headerCF(AdoptCF, CFHTTPCookieCopyRequestHeaderFields(kCFAllocatorDefault, cookiesCF.get()));
177 return (CFStringRef)CFDictionaryGetValue(headerCF.get(), s_cookieCF);
180 bool cookiesEnabled(const Document* /*document*/)
182 CFHTTPCookieStorageAcceptPolicy policy = CFHTTPCookieStorageAcceptPolicyOnlyFromMainDocumentDomain;
183 if (RetainPtr<CFHTTPCookieStorageRef> cookieStorage = currentCFHTTPCookieStorage())
184 policy = CFHTTPCookieStorageGetCookieAcceptPolicy(cookieStorage.get());
185 return policy == CFHTTPCookieStorageAcceptPolicyOnlyFromMainDocumentDomain || policy == CFHTTPCookieStorageAcceptPolicyAlways;
188 bool getRawCookies(const Document*, const KURL& url, Vector<Cookie>& rawCookies)
191 RetainPtr<CFHTTPCookieStorageRef> cookieStorage = currentCFHTTPCookieStorage();
195 RetainPtr<CFURLRef> urlCF(AdoptCF, url.createCFURL());
197 bool sendSecureCookies = url.protocolIs("https");
198 RetainPtr<CFArrayRef> cookiesCF(AdoptCF, CFHTTPCookieStorageCopyCookiesForURL(cookieStorage.get(), urlCF.get(), sendSecureCookies));
200 CFIndex count = CFArrayGetCount(cookiesCF.get());
201 rawCookies.reserveCapacity(count);
203 for (CFIndex i = 0; i < count; i++) {
204 CFHTTPCookieRef cookie = (CFHTTPCookieRef)CFArrayGetValueAtIndex(cookiesCF.get(), i);
205 String name = cookieName(cookie).get();
206 String value = cookieValue(cookie).get();
207 String domain = cookieDomain(cookie).get();
208 String path = cookiePath(cookie).get();
210 double expires = (cookieExpirationTime(cookie) + kCFAbsoluteTimeIntervalSince1970) * 1000;
212 bool httpOnly = CFHTTPCookieIsHTTPOnly(cookie);
213 bool secure = CFHTTPCookieIsSecure(cookie);
214 bool session = false; // FIXME: Need API for if a cookie is a session cookie.
216 rawCookies.uncheckedAppend(Cookie(name, value, domain, path, expires, httpOnly, secure, session));
222 void deleteCookie(const Document*, const KURL& url, const String& name)
224 RetainPtr<CFHTTPCookieStorageRef> cookieStorage = currentCFHTTPCookieStorage();
228 RetainPtr<CFURLRef> urlCF(AdoptCF, url.createCFURL());
230 bool sendSecureCookies = url.protocolIs("https");
231 RetainPtr<CFArrayRef> cookiesCF(AdoptCF, CFHTTPCookieStorageCopyCookiesForURL(cookieStorage.get(), urlCF.get(), sendSecureCookies));
233 CFIndex count = CFArrayGetCount(cookiesCF.get());
234 for (CFIndex i = 0; i < count; i++) {
235 CFHTTPCookieRef cookie = (CFHTTPCookieRef)CFArrayGetValueAtIndex(cookiesCF.get(), i);
236 if (String(cookieName(cookie).get()) == name) {
237 CFHTTPCookieStorageDeleteCookie(cookieStorage.get(), cookie);
243 void getHostnamesWithCookies(HashSet<String>& hostnames)
245 RetainPtr<CFHTTPCookieStorageRef> cookieStorage = currentCFHTTPCookieStorage();
249 RetainPtr<CFArrayRef> cookiesCF(AdoptCF, CFHTTPCookieStorageCopyCookies(cookieStorage.get()));
253 CFIndex count = CFArrayGetCount(cookiesCF.get());
254 for (CFIndex i = 0; i < count; ++i) {
255 CFHTTPCookieRef cookie = static_cast<CFHTTPCookieRef>(const_cast<void *>(CFArrayGetValueAtIndex(cookiesCF.get(), i)));
256 RetainPtr<CFStringRef> domain = cookieDomain(cookie);
257 hostnames.add(domain.get());
261 void deleteCookiesForHostname(const String& hostname)
263 RetainPtr<CFHTTPCookieStorageRef> cookieStorage = currentCFHTTPCookieStorage();
267 RetainPtr<CFArrayRef> cookiesCF(AdoptCF, CFHTTPCookieStorageCopyCookies(cookieStorage.get()));
271 CFIndex count = CFArrayGetCount(cookiesCF.get());
272 for (CFIndex i = count - 1; i >=0; i--) {
273 CFHTTPCookieRef cookie = static_cast<CFHTTPCookieRef>(const_cast<void *>(CFArrayGetValueAtIndex(cookiesCF.get(), i)));
274 RetainPtr<CFStringRef> domain = cookieDomain(cookie);
275 if (String(domain.get()) == hostname)
276 CFHTTPCookieStorageDeleteCookie(cookieStorage.get(), cookie);
280 void deleteAllCookies()
282 RetainPtr<CFHTTPCookieStorageRef> cookieStorage = currentCFHTTPCookieStorage();
286 CFHTTPCookieStorageDeleteAllCookies(cookieStorage.get());
289 } // namespace WebCore
291 #endif // USE(CFNETWORK)