fix documentation glitch (issue #27)
[hunchentoot.git] / cookie.lisp
blob226063d6bf513ba5c43f0da3c944419e954400e0
1 ;;; -*- Mode: LISP; Syntax: COMMON-LISP; Package: HUNCHENTOOT; Base: 10 -*-
3 ;;; Copyright (c) 2004-2010, Dr. Edmund Weitz. All rights reserved.
5 ;;; Redistribution and use in source and binary forms, with or without
6 ;;; modification, are permitted provided that the following conditions
7 ;;; are met:
9 ;;; * Redistributions of source code must retain the above copyright
10 ;;; notice, this list of conditions and the following disclaimer.
12 ;;; * Redistributions in binary form must reproduce the above
13 ;;; copyright notice, this list of conditions and the following
14 ;;; disclaimer in the documentation and/or other materials
15 ;;; provided with the distribution.
17 ;;; THIS SOFTWARE IS PROVIDED BY THE AUTHOR 'AS IS' AND ANY EXPRESSED
18 ;;; OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
19 ;;; WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 ;;; ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
21 ;;; DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 ;;; DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
23 ;;; GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24 ;;; INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
25 ;;; WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
26 ;;; NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
27 ;;; SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 (in-package :hunchentoot)
31 (defclass cookie ()
32 ((name :initarg :name
33 :reader cookie-name
34 :type string
35 :documentation "The name of the cookie - a string.")
36 (value :initarg :value
37 :accessor cookie-value
38 :initform ""
39 :documentation "The value of the cookie. Will be URL-encoded
40 when sent to the browser.")
41 (expires :initarg :expires
42 :initform nil
43 :accessor cookie-expires
44 :documentation "The time \(a universal time) when the
45 cookie expires \(or NIL).")
46 (path :initarg :path
47 :initform nil
48 :accessor cookie-path
49 :documentation "The path this cookie is valid for \(or NIL).")
50 (domain :initarg :domain
51 :initform nil
52 :accessor cookie-domain
53 :documentation "The domain this cookie is valid for \(or NIL).")
54 (secure :initarg :secure
55 :initform nil
56 :accessor cookie-secure
57 :documentation "A generalized boolean denoting whether this
58 cookie is a secure cookie.")
59 (http-only :initarg :http-only
60 :initform nil
61 :accessor cookie-http-only
62 :documentation "A generalized boolean denoting whether
63 this cookie is a `HttpOnly' cookie.
65 This is a Microsoft extension that has been implemented in Firefox as
66 well. See <http://msdn2.microsoft.com/en-us/library/ms533046.aspx>."))
67 (:documentation "Each COOKIE objects describes one outgoing cookie."))
69 (defmethod initialize-instance :around ((cookie cookie) &rest init-args)
70 "Ensure COOKIE has a correct slot-value for NAME."
71 (let ((name (getf init-args :name)))
72 (unless (http-token-p name)
73 (parameter-error "~S is not a legal name for a cookie." name)))
74 (call-next-method))
76 (defun set-cookie* (cookie &optional (reply *reply*))
77 "Adds the COOKIE object COOKIE to the outgoing cookies of the
78 REPLY object REPLY. If a cookie with the same name
79 \(case-sensitive) already exists, it is replaced."
80 (let* ((name (cookie-name cookie))
81 (place (assoc name (cookies-out reply) :test #'string=)))
82 (cond
83 (place
84 (setf (cdr place) cookie))
86 (push (cons name cookie) (cookies-out reply))
87 cookie))))
89 (defun set-cookie (name &key (value "") expires path domain secure http-only (reply *reply*))
90 "Creates a cookie object from the parameters provided and adds
91 it to the outgoing cookies of the REPLY object REPLY. If a cookie
92 with the name NAME \(case-sensitive) already exists, it is
93 replaced."
94 (set-cookie* (make-instance 'cookie
95 :name name
96 :value value
97 :expires expires
98 :path path
99 :domain domain
100 :secure secure
101 :http-only http-only)
102 reply))
104 (defun cookie-date (universal-time)
105 "Converts UNIVERSAL-TIME to cookie date format."
106 (and universal-time
107 (rfc-1123-date universal-time)))
109 (defmethod stringify-cookie ((cookie cookie))
110 "Converts the COOKIE object COOKIE to a string suitable for a
111 'Set-Cookie' header to be sent to the client."
112 (format nil
113 "~A=~A~:[~;~:*; expires=~A~]~:[~;~:*; path=~A~]~:[~;~:*; domain=~A~]~:[~;; secure~]~:[~;; HttpOnly~]"
114 (cookie-name cookie)
115 (cookie-value cookie)
116 (cookie-date (cookie-expires cookie))
117 (cookie-path cookie)
118 (cookie-domain cookie)
119 (cookie-secure cookie)
120 (cookie-http-only cookie)))