| blob | 3f281a6ddab12c708a5370eb9343fce9b524c0d4 |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 // Portions of this code based on Mozilla:
6 // (netwerk/cookie/src/nsCookieService.cpp)
7 /* ***** BEGIN LICENSE BLOCK *****
8 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
9 *
10 * The contents of this file are subject to the Mozilla Public License Version
11 * 1.1 (the "License"); you may not use this file except in compliance with
12 * the License. You may obtain a copy of the License at
13 * http://www.mozilla.org/MPL/
14 *
15 * Software distributed under the License is distributed on an "AS IS" basis,
16 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
17 * for the specific language governing rights and limitations under the
18 * License.
19 *
20 * The Original Code is mozilla.org code.
21 *
22 * The Initial Developer of the Original Code is
23 * Netscape Communications Corporation.
24 * Portions created by the Initial Developer are Copyright (C) 2003
25 * the Initial Developer. All Rights Reserved.
26 *
27 * Contributor(s):
28 * Daniel Witte (dwitte@stanford.edu)
29 * Michiel van Leeuwen (mvl@exedo.nl)
30 *
31 * Alternatively, the contents of this file may be used under the terms of
32 * either the GNU General Public License Version 2 or later (the "GPL"), or
33 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
34 * in which case the provisions of the GPL or the LGPL are applicable instead
35 * of those above. If you wish to allow use of your version of this file only
36 * under the terms of either the GPL or the LGPL, and not to allow others to
37 * use your version of this file under the terms of the MPL, indicate your
38 * decision by deleting the provisions above and replace them with the notice
39 * and other provisions required by the GPL or the LGPL. If you do not delete
40 * the provisions above, a recipient may use your version of this file under
41 * the terms of any one of the MPL, the GPL or the LGPL.
42 *
43 * ***** END LICENSE BLOCK ***** */
67 // Returns true if |c| occurs in |chars|
68 // TODO(erikwright): maybe make this take an iterator, could check for end also?
71 }
72 // Seek the iterator to the first occurrence of a character in |chars|.
73 // Returns true if it hit the end, false otherwise.
78 }
80 }
81 // Seek the iterator to the first occurrence of a character not in |chars|.
82 // Returns true if it hit the end, false otherwise.
87 }
89 }
94 }
96 }
98 // Validate whether |value| is a valid token according to [RFC7230],
99 // Section 3.2.6.
104 // Check that |value| has no separators.
109 // Check that |value| has no CTLs.
113 }
116 }
118 // Validate value, which may be according to RFC 6265
119 // cookie-value = *cookie-octet / ( DQUOTE *cookie-octet DQUOTE )
120 // cookie-octet = %x21 / %x23-2B / %x2D-3A / %x3C-5B / %x5D-7E
121 // ; US-ASCII characters excluding CTLs,
122 // ; whitespace DQUOTE, comma, semicolon,
123 // ; and backslash
125 // Number of characters to skip in validation at beginning and end of string.
137 }
139 }
143 }
146 // The greatest common denominator of cookie attribute values is
147 // <any CHAR except CTLs or ";"> according to RFC 6265.
151 }
153 }
171 }
176 }
179 }
183 }
187 ? COOKIE_PRIORITY_DEFAULT
189 }
198 }
207 }
211 }
215 }
219 }
223 }
227 }
231 }
235 is_first_party_only);
236 }
240 }
252 }
253 }
255 }
262 // We found a character we should treat as an end of string.
264 }
266 }
275 // Seek past any whitespace before the "token" (the name).
276 // token_start should point at the first character in the token
281 // Seek over the token, to the token separator.
282 // token_real_end should point at the token separator, i.e. '='.
283 // If it == end after the seek, we probably have a token-value.
287 // Ignore any whitespace between the token and the token separator.
288 // token_end should point after the last interesting token character,
289 // pointing at either whitespace, or at '=' (and equal to token_real_end).
292 // Skip over any whitespace to the first non-whitespace character.
294 // Point after it.
296 }
299 // Seek us back to the end of the token.
302 }
310 // Seek past any whitespace that might in-between the token and value.
312 // value_start should point at the first character of the value.
315 // Just look for ';' to terminate ('=' allowed).
316 // We can hit the end, maybe they didn't terminate.
319 // Will be pointed at the ; seperator or the end.
322 // Ignore any unwanted whitespace after the value.
327 }
328 }
338 }
347 }
349 // Parse all token/value pairs and populate pairs_.
353 // Ok, here we go. We should be expecting to be starting somewhere
354 // before the cookie line, not including any header name...
358 // TODO(erikwright): Make sure we're stripping \r\n in the network code.
359 // Then we can log any unexpected terminators.
363 TokenValuePair pair;
370 // We have a token-value, we didn't have any token name.
372 // For the first time around, we want to treat single values
373 // as a value with an empty name. (Mozilla bug 169091).
374 // IE seems to also have this behavior, ex "AAA", and "AAA=10" will
375 // set 2 different cookies, and setting "BBB" will then replace "AAA".
377 // Rewind to the beginning of what we thought was the token name,
378 // and let it get parsed as a value.
381 // Any not-first attribute we want to treat a value as a
382 // name with an empty value... This is so something like
383 // "secure;" will get parsed as a Token name, and not a value.
385 }
387 // We have a TOKEN=VALUE.
390 }
392 // OK, now try to parse a value.
396 // OK, we're finished with a Token/Value.
399 // From RFC2109: "Attributes (names) (attr) are case-insensitive."
402 // Ignore Set-Cookie directives contaning control characters. See
403 // http://crbug.com/238041.
408 }
412 // We've processed a token/value pair, we're either at the end of
413 // the string or a ValueSeparator like ';', which we want to skip.
416 }
417 }
420 // Ignore Set-Cookie directive where name and value are both empty.
424 }
426 // We skip over the first token/value, the user supplied one.
445 /* some attribute we don't know or don't care about. */
446 }
447 }
448 }
458 }
459 }
467 }
468 }
482 }
484 }
487 // The first pair (name/value of cookie at pairs_[0]) cannot be cleared.
488 // Cookie attributes that don't have a value at the moment, are represented
489 // with an index being equal to 0.
506 }
508 }