search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
define-ibuffer-filter: Discard wrong filters
[emacs.git] / lisp / url / url-cookie.el
blob6848230c28faffbd576fb85f818b67455a7cda4c
1 ;;; url-cookie.el --- URL cookie support
2
3 ;; Copyright (C) 1996-1999, 2004-2016 Free Software Foundation, Inc.
4
5 ;; Keywords: comm, data, processes, hypermedia
6
7 ;; This file is part of GNU Emacs.
8 ;;
9 ;; GNU Emacs is free software: you can redistribute it and/or modify
10 ;; it under the terms of the GNU General Public License as published by
11 ;; the Free Software Foundation, either version 3 of the License, or
12 ;; (at your option) any later version.
13
14 ;; GNU Emacs is distributed in the hope that it will be useful,
15 ;; but WITHOUT ANY WARRANTY; without even the implied warranty of
16 ;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 ;; GNU General Public License for more details.
18
19 ;; You should have received a copy of the GNU General Public License
20 ;; along with GNU Emacs. If not, see <http://www.gnu.org/licenses/>.
21
22 ;;; Commentary:
23
24 ;;; Code:
25
26 (require 'url-util)
27 (require 'url-parse)
28 (require 'url-domsuf)
29
30 (eval-when-compile (require 'cl-lib))
31
32 (defgroup url-cookie nil
33 "URL cookies."
34 :prefix "url-"
35 :prefix "url-cookie-"
36 :group 'url)
37
38 ;; A cookie is stored internally as a vector of 7 slots
39 ;; [ url-cookie NAME VALUE EXPIRES LOCALPART DOMAIN SECURE ]
40
41 (cl-defstruct (url-cookie
42 (:constructor url-cookie-create)
43 (:copier nil)
44 (:type vector)
45 :named)
46 name value expires localpart domain secure)
47
48 (defvar url-cookie-storage nil "Where cookies are stored.")
49 (defvar url-cookie-secure-storage nil "Where secure cookies are stored.")
50 (defcustom url-cookie-file nil
51 "File where cookies are stored on disk."
52 :type '(choice (const :tag "Default" :value nil) file)
53 :group 'url-file
54 :group 'url-cookie)
55
56 (defcustom url-cookie-confirmation nil
57 "If non-nil, confirmation by the user is required to accept HTTP cookies."
58 :type 'boolean
59 :group 'url-cookie)
60
61 (defcustom url-cookie-multiple-line nil
62 "If nil, HTTP requests put all cookies for the server on one line.
63 Some web servers, such as http://www.hotmail.com/, only accept cookies
64 when they are on one line. This is broken behavior, but just try
65 telling Microsoft that."
66 :type 'boolean
67 :group 'url-cookie)
68
69 (defvar url-cookies-changed-since-last-save nil
70 "Whether the cookies list has changed since the last save operation.")
71
72 (defun url-cookie-parse-file (&optional fname)
73 "Load FNAME, default `url-cookie-file'."
74 ;; It's completely normal for the cookies file not to exist yet.
75 (load (or fname url-cookie-file) t t))
76
77 (defun url-cookie-clean-up (&optional secure)
78 (let ((var (if secure 'url-cookie-secure-storage 'url-cookie-storage))
79 new new-cookies)
80 (dolist (cur (symbol-value var))
81 (setq new-cookies nil)
82 (dolist (cur-cookie (cdr cur))
83 (or (not (url-cookie-p cur-cookie))
84 (url-cookie-expired-p cur-cookie)
85 (null (url-cookie-expires cur-cookie))
86 (setq new-cookies (cons cur-cookie new-cookies))))
87 (when new-cookies
88 (setcdr cur new-cookies)
89 (setq new (cons cur new))))
90 (set var new)))
91
92 (defun url-cookie-write-file (&optional fname)
93 (when url-cookies-changed-since-last-save
94 (or fname (setq fname (expand-file-name url-cookie-file)))
95 (if (condition-case nil
96 (progn
97 (url-make-private-file fname)
98 nil)
99 (error t))
100 (message "Error accessing cookie file `%s'" fname)
101 (url-cookie-clean-up)
102 (url-cookie-clean-up t)
103 (with-temp-buffer
104 (insert ";; Emacs-W3 HTTP cookies file\n"
105 ";; Automatically generated file!!! DO NOT EDIT!!!\n\n"
106 "(setq url-cookie-storage\n '")
107 (let ((print-length nil) (print-level nil))
108 (pp url-cookie-storage (current-buffer))
109 (insert ")\n(setq url-cookie-secure-storage\n '")
110 (pp url-cookie-secure-storage (current-buffer)))
111 (insert ")\n")
112 (insert "\f\n;; Local Variables:\n"
113 ";; version-control: never\n"
114 ";; no-byte-compile: t\n"
115 ";; End:\n")
116 (set (make-local-variable 'version-control) 'never)
117 (write-file fname))
118 (setq url-cookies-changed-since-last-save nil))))
119
120 (defun url-cookie-store (name value &optional expires domain localpart secure)
121 "Store a cookie."
122 (when (> (length name) 0)
123 (let ((storage (if secure url-cookie-secure-storage url-cookie-storage))
124 tmp found-domain)
125 ;; First, look for a matching domain.
126 (if (setq found-domain (assoc domain storage))
127 ;; Need to either stick the new cookie in existing domain storage
128 ;; or possibly replace an existing cookie if the names match.
129 (unless (dolist (cur (setq storage (cdr found-domain)) tmp)
130 (and (equal localpart (url-cookie-localpart cur))
131 (equal name (url-cookie-name cur))
132 (progn
133 (setf (url-cookie-expires cur) expires)
134 (setf (url-cookie-value cur) value)
135 (setq tmp t))))
136 ;; New cookie.
137 (setcdr found-domain (cons
138 (url-cookie-create :name name
139 :value value
140 :expires expires
141 :domain domain
142 :localpart localpart
143 :secure secure)
144 (cdr found-domain))))
145 ;; Need to add a new top-level domain.
146 (setq tmp (url-cookie-create :name name
147 :value value
148 :expires expires
149 :domain domain
150 :localpart localpart
151 :secure secure))
152 (cond (storage
153 (setcdr storage (cons (list domain tmp) (cdr storage))))
154 (secure
155 (setq url-cookie-secure-storage (list (list domain tmp))))
156 (t
157 (setq url-cookie-storage (list (list domain tmp)))))))))
158
159 (defun url-cookie-expired-p (cookie)
160 "Return non-nil if COOKIE is expired."
161 (let ((exp (url-cookie-expires cookie)))
162 (and (> (length exp) 0)
163 (condition-case ()
164 (> (float-time) (float-time (date-to-time exp)))
165 (error nil)))))
166
167 (defun url-cookie-retrieve (host &optional localpart secure)
168 "Retrieve all cookies for a specified HOST and LOCALPART."
169 (let ((storage (if secure
170 (append url-cookie-secure-storage url-cookie-storage)
171 url-cookie-storage))
172 (case-fold-search t)
173 cookies retval localpart-match)
174 (dolist (cur storage)
175 (setq cookies (cdr cur))
176 (if (and (car cur)
177 (string-match
178 (concat "^.*"
179 (regexp-quote
180 ;; Remove the dot from wildcard domains
181 ;; before matching.
182 (if (eq ?. (aref (car cur) 0))
183 (substring (car cur) 1)
184 (car cur)))
185 "$") host))
186 ;; The domains match - a possible hit!
187 (dolist (cur cookies)
188 (and (if (and (stringp
189 (setq localpart-match (url-cookie-localpart cur)))
190 (stringp localpart))
191 (string-match (concat "^" (regexp-quote localpart-match))
192 localpart)
193 (equal localpart localpart-match))
194 (not (url-cookie-expired-p cur))
195 (setq retval (cons cur retval))))))
196 retval))
197
198 (defun url-cookie-generate-header-lines (host localpart secure)
199 (let ((cookies (url-cookie-retrieve host localpart secure))
200 retval chunk)
201 ;; Have to sort this for sending most specific cookies first.
202 (setq cookies (and cookies
203 (sort cookies
204 (lambda (x y)
205 (> (length (url-cookie-localpart x))
206 (length (url-cookie-localpart y)))))))
207 (dolist (cur cookies)
208 (setq chunk (format "%s=%s" (url-cookie-name cur) (url-cookie-value cur))
209 retval (if (and url-cookie-multiple-line
210 (< 80 (+ (length retval) (length chunk) 4)))
211 (concat retval "\r\nCookie: " chunk)
212 (if retval
213 (concat retval "; " chunk)
214 (concat "Cookie: " chunk)))))
215 (if retval
216 (concat retval "\r\n")
217 "")))
218
219 (defcustom url-cookie-trusted-urls nil
220 "A list of regular expressions matching URLs to always accept cookies from."
221 :type '(repeat regexp)
222 :group 'url-cookie)
223
224 (defcustom url-cookie-untrusted-urls nil
225 "A list of regular expressions matching URLs to never accept cookies from."
226 :type '(repeat regexp)
227 :group 'url-cookie)
228
229 (defun url-cookie-host-can-set-p (host domain)
230 (let ((last nil)
231 (case-fold-search t))
232 (if (string= host domain) ; Apparently netscape lets you do this
233 t
234 ;; Remove the dot from wildcard domains before matching.
235 (when (eq ?. (aref domain 0))
236 (setq domain (substring domain 1)))
237 (and (url-domsuf-cookie-allowed-p domain)
238 ;; Need to check and make sure the host is actually _in_ the
239 ;; domain it wants to set a cookie for though.
240 (string-match (concat (regexp-quote domain)
241 "$") host)))))
242
243 (defun url-cookie-handle-set-cookie (str)
244 (setq url-cookies-changed-since-last-save t)
245 (let* ((args (url-parse-args str t))
246 (case-fold-search t)
247 (secure (and (assoc-string "secure" args t) t))
248 (domain (or (cdr-safe (assoc-string "domain" args t))
249 (url-host url-current-object)))
250 (current-url (url-view-url t))
251 (trusted url-cookie-trusted-urls)
252 (untrusted url-cookie-untrusted-urls)
253 (expires (cdr-safe (assoc-string "expires" args t)))
254 (localpart (or (cdr-safe (assoc-string "path" args t))
255 (file-name-directory
256 (url-filename url-current-object))))
257 (rest nil))
258 (dolist (this args)
259 (or (member (downcase (car this)) '("secure" "domain" "expires" "path"))
260 (setq rest (cons this rest))))
261
262 ;; Sometimes we get dates that the timezone package cannot handle very
263 ;; gracefully - take care of this here, instead of in url-cookie-expired-p
264 ;; to speed things up.
265 (and expires
266 (string-match
267 (concat "^[^,]+, +\\(..\\)-\\(...\\)-\\(..\\) +"
268 "\\(..:..:..\\) +\\[*\\([^]]+\\)\\]*$")
269 expires)
270 (setq expires (concat (match-string 1 expires) " "
271 (match-string 2 expires) " "
272 (match-string 3 expires) " "
273 (match-string 4 expires) " ["
274 (match-string 5 expires) "]")))
275
276 ;; This one is for older Emacs/XEmacs variants that don't
277 ;; understand this format without tenths of a second in it.
278 ;; Wednesday, 30-Dec-2037 16:00:00 GMT
279 ;; - vs -
280 ;; Wednesday, 30-Dec-2037 16:00:00.00 GMT
281 (and expires
282 (string-match
283 "\\([0-9]+\\)-\\([A-Za-z]+\\)-\\([0-9]+\\)[ \t]+\\([0-9]+:[0-9]+:[0-9]+\\)\\(\\.[0-9]+\\)*[ \t]+\\([-+a-zA-Z0-9]+\\)"
284 expires)
285 (setq expires (concat (match-string 1 expires) "-" ; day
286 (match-string 2 expires) "-" ; month
287 (match-string 3 expires) " " ; year
288 (match-string 4 expires) ".00 " ; hour:minutes:seconds
289 (match-string 6 expires)))) ":" ; timezone
290
291 (while (consp trusted)
292 (if (string-match (car trusted) current-url)
293 (setq trusted (- (match-end 0) (match-beginning 0)))
294 (pop trusted)))
295 (while (consp untrusted)
296 (if (string-match (car untrusted) current-url)
297 (setq untrusted (- (match-end 0) (match-beginning 0)))
298 (pop untrusted)))
299 (and trusted untrusted
300 ;; Choose the more specific match.
301 (set (if (> trusted untrusted) 'untrusted 'trusted) nil))
302 (cond
303 (untrusted
304 ;; The site was explicitly marked as untrusted by the user.
305 nil)
306 ((or (eq url-privacy-level 'paranoid)
307 (and (listp url-privacy-level) (memq 'cookies url-privacy-level)))
308 ;; User never wants cookies.
309 nil)
310 ((and url-cookie-confirmation
311 (not trusted)
312 (save-window-excursion
313 (with-output-to-temp-buffer "*Cookie Warning*"
314 (dolist (x rest)
315 (princ (format "%s - %s" (car x) (cdr x)))))
316 (prog1
317 (not (funcall url-confirmation-func
318 (format "Allow %s to set these cookies? "
319 (url-host url-current-object))))
320 (if (get-buffer "*Cookie Warning*")
321 (kill-buffer "*Cookie Warning*")))))
322 ;; User wants to be asked, and declined.
323 nil)
324 ((url-cookie-host-can-set-p (url-host url-current-object) domain)
325 ;; Cookie is accepted by the user, and passes our security checks.
326 (dolist (cur rest)
327 (url-cookie-store (car cur) (cdr cur) expires domain localpart secure)))
328 (t
329 (url-lazy-message "%s tried to set a cookie for domain %s - rejected."
330 (url-host url-current-object) domain)))))
331
332 (defvar url-cookie-timer nil)
333
334 (defcustom url-cookie-save-interval 3600
335 "The number of seconds between automatic saves of cookies.
336 Default is 1 hour. Note that if you change this variable outside of
337 the `customize' interface after `url-do-setup' has been run, you need
338 to run the `url-cookie-setup-save-timer' function manually."
339 :set #'(lambda (var val)
340 (set-default var val)
341 (if (bound-and-true-p url-setup-done)
342 (url-cookie-setup-save-timer)))
343 :type 'integer
344 :group 'url-cookie)
345
346 (defun url-cookie-setup-save-timer ()
347 "Reset the cookie saver timer."
348 (interactive)
349 (ignore-errors (cancel-timer url-cookie-timer))
350 (setq url-cookie-timer nil)
351 (if url-cookie-save-interval
352 (setq url-cookie-timer (run-at-time url-cookie-save-interval
353 url-cookie-save-interval
354 #'url-cookie-write-file))))
355
356 (defun url-cookie-delete-cookies (&optional regexp keep)
357 "Delete all cookies from the cookie store where the domain matches REGEXP.
358 If REGEXP is nil, all cookies are deleted. If KEEP is non-nil,
359 instead delete all cookies that do not match REGEXP."
360 (dolist (variable '(url-cookie-secure-storage url-cookie-storage))
361 (let ((cookies (symbol-value variable)))
362 (dolist (elem cookies)
363 (when (or (and (null keep)
364 (or (null regexp)
365 (string-match regexp (car elem))))
366 (and keep
367 regexp
368 (not (string-match regexp (car elem)))))
369 (setq cookies (delq elem cookies))))
370 (set variable cookies)))
371 (setq url-cookies-changed-since-last-save t)
372 (url-cookie-write-file))
373
374 ;;; Mode for listing and editing cookies.
375
376 (defun url-cookie-list ()
377 "Display a buffer listing the current URL cookies, if there are any.
378 Use \\<url-cookie-mode-map>\\[url-cookie-delete] to remove cookies."
379 (interactive)
380 (when (and (null url-cookie-secure-storage)
381 (null url-cookie-storage))
382 (error "No cookies are defined"))
383
384 (pop-to-buffer "*url cookies*")
385 (let ((inhibit-read-only t)
386 (domains (sort
387 (copy-sequence
388 (append url-cookie-secure-storage
389 url-cookie-storage))
390 (lambda (e1 e2)
391 (string< (car e1) (car e2)))))
392 (domain-length 0)
393 start name format domain)
394 (erase-buffer)
395 (url-cookie-mode)
396 (dolist (elem domains)
397 (setq domain-length (max domain-length (length (car elem)))))
398 (setq format (format "%%-%ds %%-20s %%s" domain-length)
399 header-line-format
400 (concat " " (format format "Domain" "Name" "Value")))
401 (dolist (elem domains)
402 (setq domain (car elem))
403 (dolist (cookie (sort (copy-sequence (cdr elem))
404 (lambda (c1 c2)
405 (string< (url-cookie-name c1)
406 (url-cookie-name c2)))))
407 (setq start (point)
408 name (url-cookie-name cookie))
409 (when (> (length name) 20)
410 (setq name (substring name 0 20)))
411 (insert (format format domain name
412 (url-cookie-value cookie))
413 "\n")
414 (setq domain "")
415 (put-text-property start (1+ start) 'url-cookie cookie)))
416 (goto-char (point-min))))
417
418 (defun url-cookie-delete ()
419 "Delete the cookie on the current line."
420 (interactive)
421 (let ((cookie (get-text-property (line-beginning-position) 'url-cookie))
422 (inhibit-read-only t)
423 variable)
424 (unless cookie
425 (error "No cookie on the current line"))
426 (setq variable (if (url-cookie-secure cookie)
427 'url-cookie-secure-storage
428 'url-cookie-storage))
429 (let* ((list (symbol-value variable))
430 (elem (assoc (url-cookie-domain cookie) list)))
431 (setq elem (delq cookie elem))
432 (when (zerop (length (cdr elem)))
433 (setq list (delq elem list)))
434 (set variable list))
435 (setq url-cookies-changed-since-last-save t)
436 (url-cookie-write-file)
437 (delete-region (line-beginning-position)
438 (progn
439 (forward-line 1)
440 (point)))))
441
442 (defun url-cookie-quit ()
443 "Kill the current buffer."
444 (interactive)
445 (kill-buffer (current-buffer)))
446
447 (defvar url-cookie-mode-map
448 (let ((map (make-sparse-keymap)))
449 (suppress-keymap map)
450 (define-key map "q" 'url-cookie-quit)
451 (define-key map [delete] 'url-cookie-delete)
452 (define-key map [(control k)] 'url-cookie-delete)
453 map))
454
455 (define-derived-mode url-cookie-mode nil "URL Cookie"
456 "Mode for listing cookies.
457
458 \\{url-cookie-mode-map}"
459 (buffer-disable-undo)
460 (setq buffer-read-only t
461 truncate-lines t))
462
463 (provide 'url-cookie)
464
465 ;;; url-cookie.el ends here
Emacs repository mirror