1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: t; c-basic-offset: 8 -*- */
5 * Copyright (C) 2007 Red Hat, Inc.
15 #include "soup-cookie.h"
16 #include "soup-date.h"
17 #include "soup-headers.h"
18 #include "soup-message.h"
19 #include "soup-message-headers.h"
24 * @short_description: HTTP Cookies
25 * @see_also: #SoupMessage
27 * #SoupCookie implements HTTP cookies, primarily as described by
29 * url="http://wp.netscape.com/newsref/std/cookie_spec.html">the
30 * original Netscape cookie specification</ulink>, but with slight
31 * modifications based on <ulink
32 * url="http://www.ietf.org/rfc/rfc2109.txt">RFC 2109</ulink>, <ulink
33 * url="http://msdn2.microsoft.com/en-us/library/ms533046.aspx">Microsoft's
34 * HttpOnly extension attribute</ulink>, and observed real-world usage
35 * (and, in particular, based on what Firefox does).
37 * To have a #SoupSession handle cookies for your appliction
38 * automatically, use a #SoupCookieJar.
43 * @name: the cookie name
44 * @value: the cookie value
45 * @domain: the "domain" attribute, or else the hostname that the
47 * @path: the "path" attribute, or %NULL
48 * @expires: the cookie expiration time, or %NULL for a session cookie
49 * @secure: %TRUE if the cookie should only be tranferred over SSL
50 * @http_only: %TRUE if the cookie should not be exposed to scripts
54 * @name and @value will be set for all cookies. If the cookie is
55 * generated from a string that appears to have no name, then @name
56 * will be the empty string.
58 * @domain and @path give the host or domain, and path within that
59 * host/domain, to restrict this cookie to. If @domain starts with
60 * ".", that indicates a domain (which matches the string after the
61 * ".", or any hostname that has @domain as a suffix). Otherwise, it
62 * is a hostname and must match exactly.
64 * @expires will be non-%NULL if the cookie uses either the original
65 * "expires" attribute, or the "max-age" attribute specified in RFC
66 * 2109. If @expires is %NULL, it indicates that neither "expires" nor
67 * "max-age" was specified, and the cookie expires at the end of the
70 * If @http_only is set, the cookie should not be exposed to untrusted
71 * code (eg, javascript), so as to minimize the danger posed by
72 * cross-site scripting attacks.
78 soup_cookie_get_type (void)
80 static volatile gsize type_volatile = 0;
82 if (g_once_init_enter (&type_volatile)) {
83 GType type = g_boxed_type_register_static (
84 g_intern_static_string ("SoupCookie"),
85 (GBoxedCopyFunc) soup_cookie_copy,
86 (GBoxedFreeFunc) soup_cookie_free);
87 g_once_init_leave (&type_volatile, type);
94 * @cookie: a #SoupCookie
98 * Return value: a copy of @cookie
103 soup_cookie_copy (SoupCookie *cookie)
105 SoupCookie *copy = g_slice_new0 (SoupCookie);
107 copy->name = g_strdup (cookie->name);
108 copy->value = g_strdup (cookie->value);
109 copy->domain = g_strdup (cookie->domain);
110 copy->path = g_strdup (cookie->path);
112 copy->expires = soup_date_copy(cookie->expires);
113 copy->secure = cookie->secure;
114 copy->http_only = cookie->http_only;
120 * soup_cookie_domain_matches:
121 * @cookie: a #SoupCookie
124 * Checks if the @cookie's domain and @host match in the sense that
125 * @cookie should be sent when making a request to @host, or that
126 * @cookie should be accepted when receiving a response from @host.
128 * Return value: %TRUE if the domains match, %FALSE otherwise
133 soup_cookie_domain_matches (SoupCookie *cookie, const char *host)
139 g_return_val_if_fail (cookie != NULL, FALSE);
140 g_return_val_if_fail (host != NULL, FALSE);
142 domain = cookie->domain;
144 if (!g_ascii_strcasecmp (domain, host))
148 if (!g_ascii_strcasecmp (domain + 1, host))
150 dlen = strlen (domain);
151 while ((match = strstr (host, domain))) {
159 static inline const char *
160 skip_lws (const char *s)
162 while (g_ascii_isspace (*s))
167 static inline const char *
168 unskip_lws (const char *s, const char *start)
170 while (s > start && g_ascii_isspace (*(s - 1)))
175 #define is_attr_ender(ch) ((ch) < ' ' || (ch) == ';' || (ch) == ',' || (ch) == '=')
176 #define is_value_ender(ch) ((ch) < ' ' || (ch) == ';')
179 parse_value (const char **val_p, gboolean copy)
181 const char *start, *end, *p;
187 start = skip_lws (p);
188 for (p = start; !is_value_ender (*p); p++)
190 end = unskip_lws (p, start);
193 value = g_strndup (start, end - start);
202 parse_date (const char **val_p)
207 value = parse_value (val_p, TRUE);
208 date = soup_date_new_from_string (value);
214 parse_one_cookie (const char *header, SoupURI *origin)
216 const char *start, *end, *p;
220 g_return_val_if_fail (origin == NULL || origin->host, NULL);
222 cookie = g_slice_new0 (SoupCookie);
225 start = skip_lws (header);
226 for (p = start; !is_attr_ender (*p); p++)
229 end = unskip_lws (p, start);
230 cookie->name = g_strndup (start, end - start);
232 /* No NAME; Set cookie->name to "" and then rewind to
233 * re-parse the string as a VALUE.
235 cookie->name = g_strdup ("");
239 /* Parse the VALUE */
240 cookie->value = parse_value (&p, TRUE);
242 /* Parse attributes */
244 start = skip_lws (p + 1);
245 for (p = start; !is_attr_ender (*p); p++)
247 end = unskip_lws (p, start);
249 has_value = (*p == '=');
250 #define MATCH_NAME(name) ((end - start == strlen (name)) && !g_ascii_strncasecmp (start, name, end - start))
252 if (MATCH_NAME ("domain") && has_value) {
253 cookie->domain = parse_value (&p, TRUE);
254 if (!*cookie->domain) {
255 g_free (cookie->domain);
256 cookie->domain = NULL;
258 } else if (MATCH_NAME ("expires") && has_value) {
259 cookie->expires = parse_date (&p);
260 } else if (MATCH_NAME ("httponly")) {
261 cookie->http_only = TRUE;
263 parse_value (&p, FALSE);
264 } else if (MATCH_NAME ("max-age") && has_value) {
265 char *max_age_str = parse_value (&p, TRUE), *mae;
266 long max_age = strtol (max_age_str, &mae, 10);
270 soup_cookie_set_max_age (cookie, max_age);
272 g_free (max_age_str);
273 } else if (MATCH_NAME ("path") && has_value) {
274 cookie->path = parse_value (&p, TRUE);
275 if (*cookie->path != '/') {
276 g_free (cookie->path);
279 } else if (MATCH_NAME ("secure")) {
280 cookie->secure = TRUE;
282 parse_value (&p, FALSE);
284 /* Ignore unknown attributes, but we still have
285 * to skip over the value.
288 parse_value (&p, FALSE);
292 if (cookie->domain) {
293 /* Domain must have at least one '.' (not counting an
294 * initial one. (We check this now, rather than
295 * bailing out sooner, because we don't want to force
296 * any cookies after this one in the Set-Cookie header
299 if (!strchr (cookie->domain + 1, '.')) {
300 soup_cookie_free (cookie);
304 /* If the domain string isn't an IP addr, and doesn't
305 * start with a '.', prepend one.
307 if (!g_hostname_is_ip_address (cookie->domain) &&
308 cookie->domain[0] != '.') {
309 char *tmp = g_strdup_printf (".%s", cookie->domain);
310 g_free (cookie->domain);
311 cookie->domain = tmp;
316 /* Sanity-check domain */
317 if (cookie->domain) {
318 if (!soup_cookie_domain_matches (cookie, origin->host)) {
319 soup_cookie_free (cookie);
323 cookie->domain = g_strdup (origin->host);
325 /* The original cookie spec didn't say that pages
326 * could only set cookies for paths they were under.
327 * RFC 2109 adds that requirement, but some sites
328 * depend on the old behavior
329 * (https://bugzilla.mozilla.org/show_bug.cgi?id=156725#c20).
330 * So we don't check the path.
336 slash = strrchr (origin->path, '/');
337 if (!slash || slash == origin->path)
338 cookie->path = g_strdup ("/");
340 cookie->path = g_strndup (origin->path,
341 slash - origin->path);
350 cookie_new_internal (const char *name, const char *value,
351 const char *domain, const char *path,
356 cookie = g_slice_new0 (SoupCookie);
357 cookie->name = g_strdup (name);
358 cookie->value = g_strdup (value);
359 cookie->domain = g_strdup (domain);
360 cookie->path = g_strdup (path);
361 soup_cookie_set_max_age (cookie, max_age);
369 * @value: cookie value
370 * @domain: cookie domain or hostname
371 * @path: cookie path, or %NULL
372 * @max_age: max age of the cookie, or -1 for a session cookie
374 * Creates a new #SoupCookie with the given attributes. (Use
375 * soup_cookie_set_secure() and soup_cookie_set_http_only() if you
376 * need to set those attributes on the returned cookie.)
378 * @max_age is used to set the "expires" attribute on the cookie; pass
379 * -1 to not include the attribute (indicating that the cookie expires
380 * with the current session), 0 for an already-expired cookie, or a
381 * lifetime in seconds. You can use the constants
382 * %SOUP_COOKIE_MAX_AGE_ONE_HOUR, %SOUP_COOKIE_MAX_AGE_ONE_DAY,
383 * %SOUP_COOKIE_MAX_AGE_ONE_WEEK and %SOUP_COOKIE_MAX_AGE_ONE_YEAR (or
384 * multiples thereof) to calculate this value. (If you really care
385 * about setting the exact time that the cookie will expire, use
386 * soup_cookie_set_expires().)
388 * Return value: a new #SoupCookie.
393 soup_cookie_new (const char *name, const char *value,
394 const char *domain, const char *path,
397 g_return_val_if_fail (name != NULL, NULL);
398 g_return_val_if_fail (value != NULL, NULL);
400 /* We ought to return if domain is NULL too, but this used to
401 * do be incorrectly documented as legal, and it wouldn't
402 * break anything as long as you called
403 * soup_cookie_set_domain() immediately after. So we warn but
404 * don't return, to discourage that behavior but not actually
405 * break anyone doing it.
407 g_warn_if_fail (domain != NULL);
409 return cookie_new_internal (name, value, domain, path, max_age);
414 * @header: a cookie string (eg, the value of a Set-Cookie header)
415 * @origin: origin of the cookie, or %NULL
417 * Parses @header and returns a #SoupCookie. (If @header contains
418 * multiple cookies, only the first one will be parsed.)
420 * If @header does not have "path" or "domain" attributes, they will
421 * be defaulted from @origin. If @origin is %NULL, path will default
422 * to "/", but domain will be left as %NULL. Note that this is not a
423 * valid state for a #SoupCookie, and you will need to fill in some
424 * appropriate string for the domain if you want to actually make use
427 * Return value: a new #SoupCookie, or %NULL if it could not be
428 * parsed, or contained an illegal "domain" attribute for a cookie
429 * originating from @origin.
434 soup_cookie_parse (const char *cookie, SoupURI *origin)
436 return parse_one_cookie (cookie, origin);
440 * soup_cookie_get_name:
441 * @cookie: a #SoupCookie
443 * Gets @cookie's name
445 * Return value: @cookie's name
450 soup_cookie_get_name (SoupCookie *cookie)
456 * soup_cookie_set_name:
457 * @cookie: a #SoupCookie
458 * @name: the new name
460 * Sets @cookie's name to @name
465 soup_cookie_set_name (SoupCookie *cookie, const char *name)
467 g_free (cookie->name);
468 cookie->name = g_strdup (name);
472 * soup_cookie_get_value:
473 * @cookie: a #SoupCookie
475 * Gets @cookie's value
477 * Return value: @cookie's value
482 soup_cookie_get_value (SoupCookie *cookie)
484 return cookie->value;
488 * soup_cookie_set_value:
489 * @cookie: a #SoupCookie
490 * @value: the new value
492 * Sets @cookie's value to @value
497 soup_cookie_set_value (SoupCookie *cookie, const char *value)
499 g_free (cookie->value);
500 cookie->value = g_strdup (value);
504 * soup_cookie_get_domain:
505 * @cookie: a #SoupCookie
507 * Gets @cookie's domain
509 * Return value: @cookie's domain
514 soup_cookie_get_domain (SoupCookie *cookie)
516 return cookie->domain;
520 * soup_cookie_set_domain:
521 * @cookie: a #SoupCookie
522 * @domain: the new domain
524 * Sets @cookie's domain to @domain
529 soup_cookie_set_domain (SoupCookie *cookie, const char *domain)
531 g_free (cookie->domain);
532 cookie->domain = g_strdup (domain);
536 * soup_cookie_get_path:
537 * @cookie: a #SoupCookie
539 * Gets @cookie's path
541 * Return value: @cookie's path
546 soup_cookie_get_path (SoupCookie *cookie)
552 * soup_cookie_set_path:
553 * @cookie: a #SoupCookie
554 * @path: the new path
556 * Sets @cookie's path to @path
561 soup_cookie_set_path (SoupCookie *cookie, const char *path)
563 g_free (cookie->path);
564 cookie->path = g_strdup (path);
568 * soup_cookie_set_max_age:
569 * @cookie: a #SoupCookie
570 * @max_age: the new max age
572 * Sets @cookie's max age to @max_age. If @max_age is -1, the cookie
573 * is a session cookie, and will expire at the end of the client's
574 * session. Otherwise, it is the number of seconds until the cookie
575 * expires. You can use the constants %SOUP_COOKIE_MAX_AGE_ONE_HOUR,
576 * %SOUP_COOKIE_MAX_AGE_ONE_DAY, %SOUP_COOKIE_MAX_AGE_ONE_WEEK and
577 * %SOUP_COOKIE_MAX_AGE_ONE_YEAR (or multiples thereof) to calculate
578 * this value. (A value of 0 indicates that the cookie should be
579 * considered already-expired.)
581 * (This sets the same property as soup_cookie_set_expires().)
586 soup_cookie_set_max_age (SoupCookie *cookie, int max_age)
589 soup_date_free (cookie->expires);
592 cookie->expires = NULL;
593 else if (max_age == 0) {
594 /* Use a date way in the past, to protect against
597 cookie->expires = soup_date_new (1970, 1, 1, 0, 0, 0);
599 cookie->expires = soup_date_new_from_now (max_age);
603 * SOUP_COOKIE_MAX_AGE_ONE_HOUR:
605 * A constant corresponding to 1 hour, for use with soup_cookie_new()
606 * and soup_cookie_set_max_age().
611 * SOUP_COOKIE_MAX_AGE_ONE_DAY:
613 * A constant corresponding to 1 day, for use with soup_cookie_new()
614 * and soup_cookie_set_max_age().
619 * SOUP_COOKIE_MAX_AGE_ONE_WEEK:
621 * A constant corresponding to 1 week, for use with soup_cookie_new()
622 * and soup_cookie_set_max_age().
627 * SOUP_COOKIE_MAX_AGE_ONE_YEAR:
629 * A constant corresponding to 1 year, for use with soup_cookie_new()
630 * and soup_cookie_set_max_age().
636 * soup_cookie_get_expires:
637 * @cookie: a #SoupCookie
639 * Gets @cookie's expiration time
641 * Return value: (transfer none): @cookie's expiration time, which is
642 * owned by @cookie and should not be modified or freed.
647 soup_cookie_get_expires (SoupCookie *cookie)
649 return cookie->expires;
653 * soup_cookie_set_expires:
654 * @cookie: a #SoupCookie
655 * @expires: the new expiration time, or %NULL
657 * Sets @cookie's expiration time to @expires. If @expires is %NULL,
658 * @cookie will be a session cookie and will expire at the end of the
661 * (This sets the same property as soup_cookie_set_max_age().)
666 soup_cookie_set_expires (SoupCookie *cookie, SoupDate *expires)
669 soup_date_free (cookie->expires);
672 cookie->expires = soup_date_copy (expires);
674 cookie->expires = NULL;
678 * soup_cookie_get_secure:
679 * @cookie: a #SoupCookie
681 * Gets @cookie's secure attribute
683 * Return value: @cookie's secure attribute
688 soup_cookie_get_secure (SoupCookie *cookie)
690 return cookie->secure;
694 * soup_cookie_set_secure:
695 * @cookie: a #SoupCookie
696 * @secure: the new value for the secure attribute
698 * Sets @cookie's secure attribute to @secure. If %TRUE, @cookie will
699 * only be transmitted from the client to the server over secure
700 * (https) connections.
705 soup_cookie_set_secure (SoupCookie *cookie, gboolean secure)
707 cookie->secure = secure;
711 * soup_cookie_get_http_only:
712 * @cookie: a #SoupCookie
714 * Gets @cookie's HttpOnly attribute
716 * Return value: @cookie's HttpOnly attribute
721 soup_cookie_get_http_only (SoupCookie *cookie)
723 return cookie->http_only;
727 * soup_cookie_set_http_only:
728 * @cookie: a #SoupCookie
729 * @http_only: the new value for the HttpOnly attribute
731 * Sets @cookie's HttpOnly attribute to @http_only. If %TRUE, @cookie
732 * will be marked as "http only", meaning it should not be exposed to
733 * web page scripts or other untrusted code.
738 soup_cookie_set_http_only (SoupCookie *cookie, gboolean http_only)
740 cookie->http_only = http_only;
744 serialize_cookie (SoupCookie *cookie, GString *header, gboolean set_cookie)
746 if (!*cookie->name && !*cookie->value)
751 g_string_append (header, ", ");
753 g_string_append (header, "; ");
756 if (set_cookie || *cookie->name) {
757 g_string_append (header, cookie->name);
758 g_string_append (header, "=");
760 g_string_append (header, cookie->value);
764 if (cookie->expires) {
767 g_string_append (header, "; expires=");
768 timestamp = soup_date_to_string (cookie->expires,
770 g_string_append (header, timestamp);
774 g_string_append (header, "; path=");
775 g_string_append (header, cookie->path);
777 if (cookie->domain) {
778 g_string_append (header, "; domain=");
779 g_string_append (header, cookie->domain);
782 g_string_append (header, "; secure");
783 if (cookie->http_only)
784 g_string_append (header, "; HttpOnly");
788 * soup_cookie_to_set_cookie_header:
789 * @cookie: a #SoupCookie
791 * Serializes @cookie in the format used by the Set-Cookie header
792 * (ie, for sending a cookie from a #SoupServer to a client).
794 * Return value: the header
799 soup_cookie_to_set_cookie_header (SoupCookie *cookie)
801 GString *header = g_string_new (NULL);
803 serialize_cookie (cookie, header, TRUE);
804 return g_string_free (header, FALSE);
808 * soup_cookie_to_cookie_header:
809 * @cookie: a #SoupCookie
811 * Serializes @cookie in the format used by the Cookie header (ie, for
812 * returning a cookie from a #SoupSession to a server).
814 * Return value: the header
819 soup_cookie_to_cookie_header (SoupCookie *cookie)
821 GString *header = g_string_new (NULL);
823 serialize_cookie (cookie, header, FALSE);
824 return g_string_free (header, FALSE);
829 * @cookie: a #SoupCookie
836 soup_cookie_free (SoupCookie *cookie)
838 g_return_if_fail (cookie != NULL);
840 g_free (cookie->name);
841 g_free (cookie->value);
842 g_free (cookie->domain);
843 g_free (cookie->path);
846 soup_date_free (cookie->expires);
848 g_slice_free (SoupCookie, cookie);
852 * soup_cookies_from_response:
853 * @msg: a #SoupMessage containing a "Set-Cookie" response header
855 * Parses @msg's Set-Cookie response headers and returns a #GSList of
856 * #SoupCookie<!-- -->s. Cookies that do not specify "path" or
857 * "domain" attributes will have their values defaulted from @msg.
859 * Return value: (element-type SoupCookie) (transfer full): a #GSList
860 * of #SoupCookie<!-- -->s, which can be freed with
861 * soup_cookies_free().
866 soup_cookies_from_response (SoupMessage *msg)
869 const char *name, *value;
871 GSList *cookies = NULL;
872 SoupMessageHeadersIter iter;
874 origin = soup_message_get_uri (msg);
876 /* We have to use soup_message_headers_iter rather than
877 * soup_message_headers_get_list() since Set-Cookie isn't
878 * properly mergeable/unmergeable.
880 soup_message_headers_iter_init (&iter, msg->response_headers);
881 while (soup_message_headers_iter_next (&iter, &name, &value)) {
882 if (g_ascii_strcasecmp (name, "Set-Cookie") != 0)
885 cookie = parse_one_cookie (value, origin);
887 cookies = g_slist_prepend (cookies, cookie);
889 return g_slist_reverse (cookies);
893 * soup_cookies_from_request:
894 * @msg: a #SoupMessage containing a "Cookie" request header
896 * Parses @msg's Cookie request header and returns a #GSList of
897 * #SoupCookie<!-- -->s. As the "Cookie" header, unlike "Set-Cookie",
898 * only contains cookie names and values, none of the other
899 * #SoupCookie fields will be filled in. (Thus, you can't generally
900 * pass a cookie returned from this method directly to
901 * soup_cookies_to_response().)
903 * Return value: (element-type SoupCookie) (transfer full): a #GSList
904 * of #SoupCookie<!-- -->s, which can be freed with
905 * soup_cookies_free().
910 soup_cookies_from_request (SoupMessage *msg)
913 GSList *cookies = NULL;
916 gpointer name, value;
919 header = soup_message_headers_get_one (msg->request_headers, "Cookie");
923 params = soup_header_parse_semi_param_list (header);
924 g_hash_table_iter_init (&iter, params);
925 while (g_hash_table_iter_next (&iter, &name, &value)) {
927 cookie = cookie_new_internal (name, value,
929 cookies = g_slist_prepend (cookies, cookie);
932 soup_header_free_param_list (params);
934 return g_slist_reverse (cookies);
938 * soup_cookies_to_response:
939 * @cookies: (element-type SoupCookie): a #GSList of #SoupCookie
940 * @msg: a #SoupMessage
942 * Appends a "Set-Cookie" response header to @msg for each cookie in
943 * @cookies. (This is in addition to any other "Set-Cookie" headers
944 * @msg may already have.)
949 soup_cookies_to_response (GSList *cookies, SoupMessage *msg)
953 header = g_string_new (NULL);
955 serialize_cookie (cookies->data, header, TRUE);
956 soup_message_headers_append (msg->response_headers,
957 "Set-Cookie", header->str);
958 g_string_truncate (header, 0);
959 cookies = cookies->next;
961 g_string_free (header, TRUE);
965 * soup_cookies_to_request:
966 * @cookies: (element-type SoupCookie): a #GSList of #SoupCookie
967 * @msg: a #SoupMessage
969 * Adds the name and value of each cookie in @cookies to @msg's
970 * "Cookie" request. (If @msg already has a "Cookie" request header,
971 * these cookies will be appended to the cookies already present. Be
972 * careful that you do not append the same cookies twice, eg, when
973 * requeuing a message.)
978 soup_cookies_to_request (GSList *cookies, SoupMessage *msg)
982 header = g_string_new (soup_message_headers_get_one (msg->request_headers,
985 serialize_cookie (cookies->data, header, FALSE);
986 cookies = cookies->next;
988 soup_message_headers_replace (msg->request_headers,
989 "Cookie", header->str);
990 g_string_free (header, TRUE);
994 * soup_cookies_free: (skip)
995 * @cookies: (element-type SoupCookie): a #GSList of #SoupCookie
1002 soup_cookies_free (GSList *cookies)
1004 g_slist_free_full (cookies, (GDestroyNotify)soup_cookie_free);
1008 * soup_cookies_to_cookie_header:
1009 * @cookies: (element-type SoupCookie): a #GSList of #SoupCookie
1011 * Serializes a #GSList of #SoupCookie into a string suitable for
1012 * setting as the value of the "Cookie" header.
1014 * Return value: the serialization of @cookies
1019 soup_cookies_to_cookie_header (GSList *cookies)
1023 g_return_val_if_fail (cookies != NULL, NULL);
1025 str = g_string_new (NULL);
1027 serialize_cookie (cookies->data, str, FALSE);
1028 cookies = cookies->next;
1031 return g_string_free (str, FALSE);
1035 * soup_cookie_applies_to_uri:
1036 * @cookie: a #SoupCookie
1039 * Tests if @cookie should be sent to @uri.
1041 * (At the moment, this does not check that @cookie's domain matches
1042 * @uri, because it assumes that the caller has already done that.
1043 * But don't rely on that; it may change in the future.)
1045 * Return value: %TRUE if @cookie should be sent to @uri, %FALSE if
1051 soup_cookie_applies_to_uri (SoupCookie *cookie, SoupURI *uri)
1055 if (cookie->secure && uri->scheme != SOUP_URI_SCHEME_HTTPS)
1058 if (cookie->expires && soup_date_is_past (cookie->expires))
1061 /* uri->path is required to be non-NULL */
1062 g_return_val_if_fail (uri->path != NULL, FALSE);
1064 plen = strlen (cookie->path);
1067 if (strncmp (cookie->path, uri->path, plen) != 0)
1069 if (cookie->path[plen - 1] != '/' &&
1070 uri->path[plen] && uri->path[plen] != '/')
1077 * soup_cookie_equal:
1078 * @cookie1: a #SoupCookie
1079 * @cookie2: a #SoupCookie
1081 * Tests if @cookie1 and @cookie2 are equal.
1083 * Note that currently, this does not check that the cookie domains
1084 * match. This may change in the future.
1086 * Return value: whether the cookies are equal.
1089 soup_cookie_equal (SoupCookie *cookie1, SoupCookie *cookie2)
1091 g_return_val_if_fail (cookie1, FALSE);
1092 g_return_val_if_fail (cookie2, FALSE);
1094 return (!strcmp (cookie1->name, cookie2->name) &&
1095 !strcmp (cookie1->value, cookie2->value) &&
1096 !strcmp (cookie1->path, cookie2->path));