#include <config.h>
#endif
-#include <stdio.h>
#include <string.h>
-#include "soup-cookie.h"
#include "soup-cookie-jar.h"
-#include "soup-date.h"
-#include "soup-marshal.h"
-#include "soup-message.h"
-#include "soup-session-feature.h"
-#include "soup-uri.h"
+#include "soup-misc-private.h"
+#include "soup.h"
/**
* SECTION:soup-cookie-jar
- * @short_description: Automatic cookie handling for #SoupSession
+ * @short_description: Automatic cookie handling for SoupSession
*
* A #SoupCookieJar stores #SoupCookie<!-- -->s and arrange for them
* to be sent with the appropriate #SoupMessage<!-- -->s.
* of long-term cookie persistence.
**/
-static void soup_cookie_jar_session_feature_init (SoupSessionFeatureInterface *feature_interface, gpointer interface_data);
-static void request_queued (SoupSessionFeature *feature, SoupSession *session,
- SoupMessage *msg);
-static void request_started (SoupSessionFeature *feature, SoupSession *session,
- SoupMessage *msg, SoupSocket *socket);
-static void request_unqueued (SoupSessionFeature *feature, SoupSession *session,
- SoupMessage *msg);
-
-G_DEFINE_TYPE_WITH_CODE (SoupCookieJar, soup_cookie_jar, G_TYPE_OBJECT,
- G_IMPLEMENT_INTERFACE (SOUP_TYPE_SESSION_FEATURE,
- soup_cookie_jar_session_feature_init))
-
enum {
CHANGED,
LAST_SIGNAL
PROP_0,
PROP_READ_ONLY,
+ PROP_ACCEPT_POLICY,
LAST_PROP
};
typedef struct {
gboolean constructed, read_only;
- GHashTable *domains;
+ GHashTable *domains, *serials;
+ guint serial;
+ SoupCookieJarAcceptPolicy accept_policy;
} SoupCookieJarPrivate;
-#define SOUP_COOKIE_JAR_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), SOUP_TYPE_COOKIE_JAR, SoupCookieJarPrivate))
-static void set_property (GObject *object, guint prop_id,
- const GValue *value, GParamSpec *pspec);
-static void get_property (GObject *object, guint prop_id,
- GValue *value, GParamSpec *pspec);
+static void soup_cookie_jar_session_feature_init (SoupSessionFeatureInterface *feature_interface, gpointer interface_data);
+
+G_DEFINE_TYPE_WITH_CODE (SoupCookieJar, soup_cookie_jar, G_TYPE_OBJECT,
+ G_ADD_PRIVATE (SoupCookieJar)
+ G_IMPLEMENT_INTERFACE (SOUP_TYPE_SESSION_FEATURE,
+ soup_cookie_jar_session_feature_init))
static void
soup_cookie_jar_init (SoupCookieJar *jar)
{
- SoupCookieJarPrivate *priv = SOUP_COOKIE_JAR_GET_PRIVATE (jar);
+ SoupCookieJarPrivate *priv = soup_cookie_jar_get_instance_private (jar);
- priv->domains = g_hash_table_new_full (g_str_hash, g_str_equal,
+ priv->domains = g_hash_table_new_full (soup_str_case_hash,
+ soup_str_case_equal,
g_free, NULL);
+ priv->serials = g_hash_table_new (NULL, NULL);
+ priv->accept_policy = SOUP_COOKIE_JAR_ACCEPT_ALWAYS;
}
static void
-constructed (GObject *object)
+soup_cookie_jar_constructed (GObject *object)
{
- SoupCookieJarPrivate *priv = SOUP_COOKIE_JAR_GET_PRIVATE (object);
+ SoupCookieJarPrivate *priv =
+ soup_cookie_jar_get_instance_private (SOUP_COOKIE_JAR (object));
priv->constructed = TRUE;
}
static void
-finalize (GObject *object)
+soup_cookie_jar_finalize (GObject *object)
{
- SoupCookieJarPrivate *priv = SOUP_COOKIE_JAR_GET_PRIVATE (object);
+ SoupCookieJarPrivate *priv =
+ soup_cookie_jar_get_instance_private (SOUP_COOKIE_JAR (object));
GHashTableIter iter;
gpointer key, value;
while (g_hash_table_iter_next (&iter, &key, &value))
soup_cookies_free (value);
g_hash_table_destroy (priv->domains);
+ g_hash_table_destroy (priv->serials);
G_OBJECT_CLASS (soup_cookie_jar_parent_class)->finalize (object);
}
static void
+soup_cookie_jar_set_property (GObject *object, guint prop_id,
+ const GValue *value, GParamSpec *pspec)
+{
+ SoupCookieJarPrivate *priv =
+ soup_cookie_jar_get_instance_private (SOUP_COOKIE_JAR (object));
+
+ switch (prop_id) {
+ case PROP_READ_ONLY:
+ priv->read_only = g_value_get_boolean (value);
+ break;
+ case PROP_ACCEPT_POLICY:
+ priv->accept_policy = g_value_get_enum (value);
+ break;
+ default:
+ G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
+ break;
+ }
+}
+
+static void
+soup_cookie_jar_get_property (GObject *object, guint prop_id,
+ GValue *value, GParamSpec *pspec)
+{
+ SoupCookieJarPrivate *priv =
+ soup_cookie_jar_get_instance_private (SOUP_COOKIE_JAR (object));
+
+ switch (prop_id) {
+ case PROP_READ_ONLY:
+ g_value_set_boolean (value, priv->read_only);
+ break;
+ case PROP_ACCEPT_POLICY:
+ g_value_set_enum (value, priv->accept_policy);
+ break;
+ default:
+ G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
+ break;
+ }
+}
+
+static gboolean
+soup_cookie_jar_real_is_persistent (SoupCookieJar *jar)
+{
+ return FALSE;
+}
+
+static void
soup_cookie_jar_class_init (SoupCookieJarClass *jar_class)
{
GObjectClass *object_class = G_OBJECT_CLASS (jar_class);
- g_type_class_add_private (jar_class, sizeof (SoupCookieJarPrivate));
+ object_class->constructed = soup_cookie_jar_constructed;
+ object_class->finalize = soup_cookie_jar_finalize;
+ object_class->set_property = soup_cookie_jar_set_property;
+ object_class->get_property = soup_cookie_jar_get_property;
- object_class->constructed = constructed;
- object_class->finalize = finalize;
- object_class->set_property = set_property;
- object_class->get_property = get_property;
+ jar_class->is_persistent = soup_cookie_jar_real_is_persistent;
/**
- * SoupCookieJar::changed
+ * SoupCookieJar::changed:
* @jar: the #SoupCookieJar
* @old_cookie: the old #SoupCookie value
* @new_cookie: the new #SoupCookie value
G_SIGNAL_RUN_FIRST,
G_STRUCT_OFFSET (SoupCookieJarClass, changed),
NULL, NULL,
- soup_marshal_NONE__BOXED_BOXED,
+ NULL,
G_TYPE_NONE, 2,
SOUP_TYPE_COOKIE | G_SIGNAL_TYPE_STATIC_SCOPE,
SOUP_TYPE_COOKIE | G_SIGNAL_TYPE_STATIC_SCOPE);
"Whether or not the cookie jar is read-only",
FALSE,
G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
-}
-
-static void
-soup_cookie_jar_session_feature_init (SoupSessionFeatureInterface *feature_interface,
- gpointer interface_data)
-{
- feature_interface->request_queued = request_queued;
- feature_interface->request_started = request_started;
- feature_interface->request_unqueued = request_unqueued;
-}
-
-static void
-set_property (GObject *object, guint prop_id,
- const GValue *value, GParamSpec *pspec)
-{
- SoupCookieJarPrivate *priv =
- SOUP_COOKIE_JAR_GET_PRIVATE (object);
-
- switch (prop_id) {
- case PROP_READ_ONLY:
- priv->read_only = g_value_get_boolean (value);
- break;
- default:
- G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
- break;
- }
-}
-
-static void
-get_property (GObject *object, guint prop_id,
- GValue *value, GParamSpec *pspec)
-{
- SoupCookieJarPrivate *priv =
- SOUP_COOKIE_JAR_GET_PRIVATE (object);
- switch (prop_id) {
- case PROP_READ_ONLY:
- g_value_set_boolean (value, priv->read_only);
- break;
- default:
- G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
- break;
- }
+ /**
+ * SOUP_COOKIE_JAR_ACCEPT_POLICY:
+ *
+ * Alias for the #SoupCookieJar:accept-policy property.
+ *
+ * Since: 2.30
+ */
+ /**
+ * SoupCookieJar:accept-policy:
+ *
+ * The policy the jar should follow to accept or reject cookies
+ *
+ * Since: 2.30
+ */
+ g_object_class_install_property (
+ object_class, PROP_ACCEPT_POLICY,
+ g_param_spec_enum (SOUP_COOKIE_JAR_ACCEPT_POLICY,
+ "Accept-policy",
+ "The policy the jar should follow to accept or reject cookies",
+ SOUP_TYPE_COOKIE_JAR_ACCEPT_POLICY,
+ SOUP_COOKIE_JAR_ACCEPT_ALWAYS,
+ G_PARAM_READWRITE));
}
/**
return g_object_new (SOUP_TYPE_COOKIE_JAR, NULL);
}
+/**
+ * soup_cookie_jar_save:
+ * @jar: a #SoupCookieJar
+ *
+ * This function exists for backward compatibility, but does not do
+ * anything any more; cookie jars are saved automatically when they
+ * are changed.
+ *
+ * Since: 2.24
+ *
+ * Deprecated: This is a no-op.
+ */
void
soup_cookie_jar_save (SoupCookieJar *jar)
{
soup_cookie_jar_changed (SoupCookieJar *jar,
SoupCookie *old, SoupCookie *new)
{
- SoupCookieJarPrivate *priv = SOUP_COOKIE_JAR_GET_PRIVATE (jar);
+ SoupCookieJarPrivate *priv = soup_cookie_jar_get_instance_private (jar);
+
+ if (old && old != new)
+ g_hash_table_remove (priv->serials, old);
+ if (new) {
+ priv->serial++;
+ g_hash_table_insert (priv->serials, new, GUINT_TO_POINTER (priv->serial));
+ }
if (priv->read_only || !priv->constructed)
return;
g_signal_emit (jar, signals[CHANGED], 0, old, new);
}
-/**
- * soup_cookie_jar_get_cookies:
- * @jar: a #SoupCookieJar
- * @uri: a #SoupURI
- * @for_http: whether or not the return value is being passed directly
- * to an HTTP operation
- *
- * Retrieves (in Cookie-header form) the list of cookies that would
- * be sent with a request to @uri.
- *
- * If @for_http is %TRUE, the return value will include cookies marked
- * "HttpOnly" (that is, cookies that the server wishes to keep hidden
- * from client-side scripting operations such as the JavaScript
- * document.cookies property). Since #SoupCookieJar sets the Cookie
- * header itself when making the actual HTTP request, you should
- * almost certainly be setting @for_http to %FALSE if you are calling
- * this.
- *
- * Return value: the cookies, in string form, or %NULL if there are no
- * cookies for @uri.
- *
- * Since: 2.24
- **/
-char *
-soup_cookie_jar_get_cookies (SoupCookieJar *jar, SoupURI *uri,
- gboolean for_http)
+static int
+compare_cookies (gconstpointer a, gconstpointer b, gpointer jar)
+{
+ SoupCookie *ca = (SoupCookie *)a;
+ SoupCookie *cb = (SoupCookie *)b;
+ SoupCookieJarPrivate *priv = soup_cookie_jar_get_instance_private (jar);
+ int alen, blen;
+ guint aserial, bserial;
+
+ /* "Cookies with longer path fields are listed before cookies
+ * with shorter path field."
+ */
+ alen = ca->path ? strlen (ca->path) : 0;
+ blen = cb->path ? strlen (cb->path) : 0;
+ if (alen != blen)
+ return blen - alen;
+
+ /* "Among cookies that have equal length path fields, cookies
+ * with earlier creation dates are listed before cookies with
+ * later creation dates."
+ */
+ aserial = GPOINTER_TO_UINT (g_hash_table_lookup (priv->serials, ca));
+ bserial = GPOINTER_TO_UINT (g_hash_table_lookup (priv->serials, cb));
+ return aserial - bserial;
+}
+
+static GSList *
+get_cookies (SoupCookieJar *jar, SoupURI *uri, gboolean for_http, gboolean copy_cookies)
{
SoupCookieJarPrivate *priv;
GSList *cookies, *domain_cookies;
- char *domain, *cur, *next_domain, *result;
+ char *domain, *cur, *next_domain;
GSList *new_head, *cookies_to_remove = NULL, *p;
- g_return_val_if_fail (SOUP_IS_COOKIE_JAR (jar), NULL);
- priv = SOUP_COOKIE_JAR_GET_PRIVATE (jar);
+ priv = soup_cookie_jar_get_instance_private (jar);
+
+ if (!uri->host)
+ return NULL;
/* The logic here is a little weird, but the plan is that if
* uri->host is "www.foo.com", we will end up looking up
new_head);
} else if (soup_cookie_applies_to_uri (cookie, uri) &&
(for_http || !cookie->http_only))
- cookies = g_slist_append (cookies, cookie);
+ cookies = g_slist_append (cookies, copy_cookies ? soup_cookie_copy (cookie) : cookie);
domain_cookies = next;
}
}
g_slist_free (cookies_to_remove);
+ return g_slist_sort_with_data (cookies, compare_cookies, jar);
+}
+
+/**
+ * soup_cookie_jar_get_cookies:
+ * @jar: a #SoupCookieJar
+ * @uri: a #SoupURI
+ * @for_http: whether or not the return value is being passed directly
+ * to an HTTP operation
+ *
+ * Retrieves (in Cookie-header form) the list of cookies that would
+ * be sent with a request to @uri.
+ *
+ * If @for_http is %TRUE, the return value will include cookies marked
+ * "HttpOnly" (that is, cookies that the server wishes to keep hidden
+ * from client-side scripting operations such as the JavaScript
+ * document.cookies property). Since #SoupCookieJar sets the Cookie
+ * header itself when making the actual HTTP request, you should
+ * almost certainly be setting @for_http to %FALSE if you are calling
+ * this.
+ *
+ * Return value: (nullable): the cookies, in string form, or %NULL if
+ * there are no cookies for @uri.
+ *
+ * Since: 2.24
+ **/
+char *
+soup_cookie_jar_get_cookies (SoupCookieJar *jar, SoupURI *uri,
+ gboolean for_http)
+{
+ GSList *cookies;
+
+ g_return_val_if_fail (SOUP_IS_COOKIE_JAR (jar), NULL);
+ g_return_val_if_fail (uri != NULL, NULL);
+
+ cookies = get_cookies (jar, uri, for_http, FALSE);
+
if (cookies) {
- /* FIXME: sort? */
- result = soup_cookies_to_cookie_header (cookies);
+ char *result = soup_cookies_to_cookie_header (cookies);
g_slist_free (cookies);
+
+ if (!*result) {
+ g_free (result);
+ result = NULL;
+ }
return result;
} else
return NULL;
}
/**
+ * soup_cookie_jar_get_cookie_list:
+ * @jar: a #SoupCookieJar
+ * @uri: a #SoupURI
+ * @for_http: whether or not the return value is being passed directly
+ * to an HTTP operation
+ *
+ * Retrieves the list of cookies that would be sent with a request to @uri
+ * as a #GSList of #SoupCookie objects.
+ *
+ * If @for_http is %TRUE, the return value will include cookies marked
+ * "HttpOnly" (that is, cookies that the server wishes to keep hidden
+ * from client-side scripting operations such as the JavaScript
+ * document.cookies property). Since #SoupCookieJar sets the Cookie
+ * header itself when making the actual HTTP request, you should
+ * almost certainly be setting @for_http to %FALSE if you are calling
+ * this.
+ *
+ * Return value: (transfer full) (element-type Soup.Cookie): a #GSList
+ * with the cookies in the @jar that would be sent with a request to @uri.
+ *
+ * Since: 2.40
+ **/
+GSList *
+soup_cookie_jar_get_cookie_list (SoupCookieJar *jar, SoupURI *uri, gboolean for_http)
+{
+ g_return_val_if_fail (SOUP_IS_COOKIE_JAR (jar), NULL);
+ g_return_val_if_fail (uri != NULL, NULL);
+
+ return get_cookies (jar, uri, for_http, TRUE);
+}
+
+/**
* soup_cookie_jar_add_cookie:
* @jar: a #SoupCookieJar
- * @cookie: a #SoupCookie
+ * @cookie: (transfer full): a #SoupCookie
*
* Adds @cookie to @jar, emitting the 'changed' signal if we are modifying
* an existing cookie or adding a valid new cookie ('valid' means
*
* @cookie will be 'stolen' by the jar, so don't free it afterwards.
*
- * Since: 2.24
+ * Since: 2.26
**/
void
soup_cookie_jar_add_cookie (SoupCookieJar *jar, SoupCookie *cookie)
{
SoupCookieJarPrivate *priv;
- GSList *old_cookies, *oc, *prev = NULL;
+ GSList *old_cookies, *oc, *last = NULL;
SoupCookie *old_cookie;
g_return_if_fail (SOUP_IS_COOKIE_JAR (jar));
g_return_if_fail (cookie != NULL);
- priv = SOUP_COOKIE_JAR_GET_PRIVATE (jar);
+ /* Never accept cookies for public domains. */
+ if (!g_hostname_is_ip_address (cookie->domain) &&
+ soup_tld_domain_is_public_suffix (cookie->domain)) {
+ soup_cookie_free (cookie);
+ return;
+ }
+
+ priv = soup_cookie_jar_get_instance_private (jar);
old_cookies = g_hash_table_lookup (priv->domains, cookie->domain);
for (oc = old_cookies; oc; oc = oc->next) {
old_cookie = oc->data;
- if (!strcmp (cookie->name, old_cookie->name)) {
+ if (!strcmp (cookie->name, old_cookie->name) &&
+ !g_strcmp0 (cookie->path, old_cookie->path)) {
if (cookie->expires && soup_date_is_past (cookie->expires)) {
/* The new cookie has an expired date,
* this is the way the the server has
return;
}
- prev = oc;
+ last = oc;
}
/* The new cookie is... a new cookie */
return;
}
- if (prev)
- prev = g_slist_append (prev, cookie);
+ if (last)
+ last->next = g_slist_append (NULL, cookie);
else {
old_cookies = g_slist_append (NULL, cookie);
g_hash_table_insert (priv->domains, g_strdup (cookie->domain),
soup_cookie_jar_changed (jar, NULL, cookie);
}
+static const char *
+normalize_cookie_domain (const char *domain)
+{
+ /* Trim any leading dot if present to transform the cookie
+ * domain into a valid hostname.
+ */
+ if (domain != NULL && domain[0] == '.')
+ return domain + 1;
+ return domain;
+}
+
+static gboolean
+incoming_cookie_is_third_party (SoupCookie *cookie, SoupURI *first_party)
+{
+ const char *normalized_cookie_domain;
+ const char *cookie_base_domain;
+ const char *first_party_base_domain;
+
+ if (first_party == NULL || first_party->host == NULL)
+ return TRUE;
+
+ normalized_cookie_domain = normalize_cookie_domain (cookie->domain);
+ cookie_base_domain = soup_tld_get_base_domain (normalized_cookie_domain, NULL);
+ if (cookie_base_domain == NULL)
+ cookie_base_domain = cookie->domain;
+
+ first_party_base_domain = soup_tld_get_base_domain (first_party->host, NULL);
+ if (first_party_base_domain == NULL)
+ first_party_base_domain = first_party->host;
+ return !soup_host_matches_host (cookie_base_domain, first_party_base_domain);
+}
+
+/**
+ * soup_cookie_jar_add_cookie_with_first_party:
+ * @jar: a #SoupCookieJar
+ * @first_party: the URI for the main document
+ * @cookie: (transfer full): a #SoupCookie
+ *
+ * Adds @cookie to @jar, emitting the 'changed' signal if we are modifying
+ * an existing cookie or adding a valid new cookie ('valid' means
+ * that the cookie's expire date is not in the past).
+ *
+ * @first_party will be used to reject cookies coming from third party
+ * resources in case such a security policy is set in the @jar.
+ *
+ * @cookie will be 'stolen' by the jar, so don't free it afterwards.
+ *
+ * Since: 2.40
+ **/
+void
+soup_cookie_jar_add_cookie_with_first_party (SoupCookieJar *jar, SoupURI *first_party, SoupCookie *cookie)
+{
+ SoupCookieJarPrivate *priv;
+
+ g_return_if_fail (SOUP_IS_COOKIE_JAR (jar));
+ g_return_if_fail (first_party != NULL);
+ g_return_if_fail (cookie != NULL);
+
+ priv = soup_cookie_jar_get_instance_private (jar);
+ if (priv->accept_policy == SOUP_COOKIE_JAR_ACCEPT_NEVER) {
+ soup_cookie_free (cookie);
+ return;
+ }
+
+ if (priv->accept_policy == SOUP_COOKIE_JAR_ACCEPT_ALWAYS ||
+ !incoming_cookie_is_third_party (cookie, first_party)) {
+ /* will steal or free soup_cookie */
+ soup_cookie_jar_add_cookie (jar, cookie);
+ } else {
+ soup_cookie_free (cookie);
+ }
+}
+
/**
* soup_cookie_jar_set_cookie:
* @jar: a #SoupCookieJar
* Adds @cookie to @jar, exactly as though it had appeared in a
* Set-Cookie header returned from a request to @uri.
*
+ * Keep in mind that if the #SoupCookieJarAcceptPolicy
+ * %SOUP_COOKIE_JAR_ACCEPT_NO_THIRD_PARTY is set you'll need to use
+ * soup_cookie_jar_set_cookie_with_first_party(), otherwise the jar
+ * will have no way of knowing if the cookie is being set by a third
+ * party or not.
+ *
* Since: 2.24
**/
void
const char *cookie)
{
SoupCookie *soup_cookie;
+ SoupCookieJarPrivate *priv;
g_return_if_fail (SOUP_IS_COOKIE_JAR (jar));
+ g_return_if_fail (uri != NULL);
g_return_if_fail (cookie != NULL);
+ if (!uri->host)
+ return;
+
+ priv = soup_cookie_jar_get_instance_private (jar);
+ if (priv->accept_policy == SOUP_COOKIE_JAR_ACCEPT_NEVER)
+ return;
+
+ g_return_if_fail (priv->accept_policy != SOUP_COOKIE_JAR_ACCEPT_NO_THIRD_PARTY);
+
soup_cookie = soup_cookie_parse (cookie, uri);
if (soup_cookie) {
/* will steal or free soup_cookie */
}
}
+/**
+ * soup_cookie_jar_set_cookie_with_first_party:
+ * @jar: a #SoupCookieJar
+ * @uri: the URI setting the cookie
+ * @first_party: the URI for the main document
+ * @cookie: the stringified cookie to set
+ *
+ * Adds @cookie to @jar, exactly as though it had appeared in a
+ * Set-Cookie header returned from a request to @uri. @first_party
+ * will be used to reject cookies coming from third party resources in
+ * case such a security policy is set in the @jar.
+ *
+ * Since: 2.30
+ **/
+void
+soup_cookie_jar_set_cookie_with_first_party (SoupCookieJar *jar,
+ SoupURI *uri,
+ SoupURI *first_party,
+ const char *cookie)
+{
+ SoupCookie *soup_cookie;
+
+ g_return_if_fail (SOUP_IS_COOKIE_JAR (jar));
+ g_return_if_fail (uri != NULL);
+ g_return_if_fail (first_party != NULL);
+ g_return_if_fail (cookie != NULL);
+
+ if (!uri->host)
+ return;
+
+ soup_cookie = soup_cookie_parse (cookie, uri);
+ if (soup_cookie)
+ soup_cookie_jar_add_cookie_with_first_party (jar, first_party, soup_cookie);
+}
+
static void
process_set_cookie_header (SoupMessage *msg, gpointer user_data)
{
SoupCookieJar *jar = user_data;
+ SoupCookieJarPrivate *priv = soup_cookie_jar_get_instance_private (jar);
GSList *new_cookies, *nc;
+ if (priv->accept_policy == SOUP_COOKIE_JAR_ACCEPT_NEVER)
+ return;
+
new_cookies = soup_cookies_from_response (msg);
- for (nc = new_cookies; nc; nc = nc->next)
- soup_cookie_jar_add_cookie (jar, nc->data);
+ for (nc = new_cookies; nc; nc = nc->next) {
+ SoupURI *first_party = soup_message_get_first_party (msg);
+
+ if ((priv->accept_policy == SOUP_COOKIE_JAR_ACCEPT_NO_THIRD_PARTY &&
+ !incoming_cookie_is_third_party (nc->data, first_party)) ||
+ priv->accept_policy == SOUP_COOKIE_JAR_ACCEPT_ALWAYS)
+ soup_cookie_jar_add_cookie (jar, nc->data);
+ else
+ soup_cookie_free (nc->data);
+ }
g_slist_free (new_cookies);
}
static void
-request_queued (SoupSessionFeature *feature, SoupSession *session,
- SoupMessage *msg)
-{
- soup_message_add_header_handler (msg, "got-headers",
- "Set-Cookie",
- G_CALLBACK (process_set_cookie_header),
- feature);
-}
-
-static void
-request_started (SoupSessionFeature *feature, SoupSession *session,
- SoupMessage *msg, SoupSocket *socket)
+msg_starting_cb (SoupMessage *msg, gpointer feature)
{
SoupCookieJar *jar = SOUP_COOKIE_JAR (feature);
char *cookies;
}
static void
-request_unqueued (SoupSessionFeature *feature, SoupSession *session,
- SoupMessage *msg)
+soup_cookie_jar_request_queued (SoupSessionFeature *feature,
+ SoupSession *session,
+ SoupMessage *msg)
+{
+ g_signal_connect (msg, "starting",
+ G_CALLBACK (msg_starting_cb),
+ feature);
+
+ soup_message_add_header_handler (msg, "got-headers",
+ "Set-Cookie",
+ G_CALLBACK (process_set_cookie_header),
+ feature);
+}
+
+static void
+soup_cookie_jar_request_unqueued (SoupSessionFeature *feature,
+ SoupSession *session,
+ SoupMessage *msg)
{
g_signal_handlers_disconnect_by_func (msg, process_set_cookie_header, feature);
}
+static void
+soup_cookie_jar_session_feature_init (SoupSessionFeatureInterface *feature_interface,
+ gpointer interface_data)
+{
+ feature_interface->request_queued = soup_cookie_jar_request_queued;
+ feature_interface->request_unqueued = soup_cookie_jar_request_unqueued;
+}
+
/**
* soup_cookie_jar_all_cookies:
* @jar: a #SoupCookieJar
* The cookies in the list are a copy of the original, so
* you have to free them when you are done with them.
*
- * Return value: a #GSList with all the cookies in the @jar.
+ * Return value: (transfer full) (element-type Soup.Cookie): a #GSList
+ * with all the cookies in the @jar.
*
- * Since: 2.24
+ * Since: 2.26
**/
GSList *
soup_cookie_jar_all_cookies (SoupCookieJar *jar)
g_return_val_if_fail (SOUP_IS_COOKIE_JAR (jar), NULL);
- priv = SOUP_COOKIE_JAR_GET_PRIVATE (jar);
+ priv = soup_cookie_jar_get_instance_private (jar);
g_hash_table_iter_init (&iter, priv->domains);
*
* Deletes @cookie from @jar, emitting the 'changed' signal.
*
- * Since: 2.24
+ * Since: 2.26
**/
void
soup_cookie_jar_delete_cookie (SoupCookieJar *jar,
{
SoupCookieJarPrivate *priv;
GSList *cookies, *p;
- char *domain;
g_return_if_fail (SOUP_IS_COOKIE_JAR (jar));
g_return_if_fail (cookie != NULL);
- priv = SOUP_COOKIE_JAR_GET_PRIVATE (jar);
+ priv = soup_cookie_jar_get_instance_private (jar);
- domain = g_strdup (cookie->domain);
-
- cookies = g_hash_table_lookup (priv->domains, domain);
+ cookies = g_hash_table_lookup (priv->domains, cookie->domain);
if (cookies == NULL)
return;
if (soup_cookie_equal (cookie, c)) {
cookies = g_slist_delete_link (cookies, p);
g_hash_table_insert (priv->domains,
- domain,
+ g_strdup (cookie->domain),
cookies);
soup_cookie_jar_changed (jar, c, NULL);
soup_cookie_free (c);
}
}
}
+
+/**
+ * SoupCookieJarAcceptPolicy:
+ * @SOUP_COOKIE_JAR_ACCEPT_ALWAYS: accept all cookies unconditionally.
+ * @SOUP_COOKIE_JAR_ACCEPT_NEVER: reject all cookies unconditionally.
+ * @SOUP_COOKIE_JAR_ACCEPT_NO_THIRD_PARTY: accept all cookies set by
+ * the main document loaded in the application using libsoup. An
+ * example of the most common case, web browsers, would be: If
+ * http://www.example.com is the page loaded, accept all cookies set
+ * by example.com, but if a resource from http://www.third-party.com
+ * is loaded from that page reject any cookie that it could try to
+ * set. For libsoup to be able to tell apart first party cookies from
+ * the rest, the application must call soup_message_set_first_party()
+ * on each outgoing #SoupMessage, setting the #SoupURI of the main
+ * document. If no first party is set in a message when this policy is
+ * in effect, cookies will be assumed to be third party by default.
+ *
+ * The policy for accepting or rejecting cookies returned in
+ * responses.
+ *
+ * Since: 2.30
+ */
+
+/**
+ * soup_cookie_jar_get_accept_policy:
+ * @jar: a #SoupCookieJar
+ *
+ * Gets @jar's #SoupCookieJarAcceptPolicy
+ *
+ * Returns: the #SoupCookieJarAcceptPolicy set in the @jar
+ *
+ * Since: 2.30
+ **/
+SoupCookieJarAcceptPolicy
+soup_cookie_jar_get_accept_policy (SoupCookieJar *jar)
+{
+ SoupCookieJarPrivate *priv;
+
+ g_return_val_if_fail (SOUP_IS_COOKIE_JAR (jar), SOUP_COOKIE_JAR_ACCEPT_ALWAYS);
+
+ priv = soup_cookie_jar_get_instance_private (jar);
+ return priv->accept_policy;
+}
+
+/**
+ * soup_cookie_jar_set_accept_policy:
+ * @jar: a #SoupCookieJar
+ * @policy: a #SoupCookieJarAcceptPolicy
+ *
+ * Sets @policy as the cookie acceptance policy for @jar.
+ *
+ * Since: 2.30
+ **/
+void
+soup_cookie_jar_set_accept_policy (SoupCookieJar *jar,
+ SoupCookieJarAcceptPolicy policy)
+{
+ SoupCookieJarPrivate *priv;
+
+ g_return_if_fail (SOUP_IS_COOKIE_JAR (jar));
+
+ priv = soup_cookie_jar_get_instance_private (jar);
+
+ if (priv->accept_policy != policy) {
+ priv->accept_policy = policy;
+ g_object_notify (G_OBJECT (jar), SOUP_COOKIE_JAR_ACCEPT_POLICY);
+ }
+}
+
+/**
+ * soup_cookie_jar_is_persistent:
+ * @jar: a #SoupCookieJar
+ *
+ * Gets whether @jar stores cookies persistenly.
+ *
+ * Returns: %TRUE if @jar storage is persistent or %FALSE otherwise.
+ *
+ * Since: 2.40
+ **/
+gboolean
+soup_cookie_jar_is_persistent (SoupCookieJar *jar)
+{
+ g_return_val_if_fail (SOUP_IS_COOKIE_JAR (jar), FALSE);
+
+ return SOUP_COOKIE_JAR_GET_CLASS (jar)->is_persistent (jar);
+}
projects / platform / upstream / libsoup.git / blobdiff