aniani/elinks
1
0
Fork 0
mirror of https://github.com/rkd77/elinks.git synced 2024-12-04 14:46:47 -05:00
Code

Added HttpOnly cookies

Browse Source
This commit is contained in:
Witold Filipczyk 2018-08-25 15:28:29 +02:00
parent 6f001ea50f
commit 9eaf03cf2a
4 changed files with 58 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
src/cookies/cookies.c
View File

@ -454,13 +454,14 @@ set_cookie(struct uri *uri, unsigned char *str)
cookie->secure = (parse_header_param(str, "secure", NULL, 0) cookie->secure = (parse_header_param(str, "secure", NULL, 0)
== HEADER_PARAM_FOUND); == HEADER_PARAM_FOUND);
cookie->httponly = (parse_header_param(str, "httponly", NULL, 0)
== HEADER_PARAM_FOUND);
#ifdef DEBUG_COOKIES #ifdef DEBUG_COOKIES
{ {
DBG("Got cookie %s = %s from %s, domain %s, " DBG("Got cookie %s = %s from %s, domain %s, "
"expires at %"TIME_PRINT_FORMAT", secure %d", cookie->name, "expires at %"TIME_PRINT_FORMAT", secure %d, httponly %d", cookie->name,
cookie->value, cookie->server->host, cookie->domain, cookie->value, cookie->server->host, cookie->domain,
(time_print_T) cookie->expires, cookie->secure); (time_print_T) cookie->expires, cookie->secure, cookie->httponly);
} }
#endif #endif
@ -618,8 +619,8 @@ is_path_prefix(unsigned char *d, unsigned char *s)
} }
struct string * static struct string *
send_cookies(struct uri *uri) send_cookies_common(struct uri *uri, unsigned int httponly)
{ {
struct c_domain *cd; struct c_domain *cd;
struct cookie *c, *next; struct cookie *c, *next;
@ -661,6 +662,9 @@ send_cookies(struct uri *uri)
if (c->secure && uri->protocol != PROTOCOL_HTTPS) if (c->secure && uri->protocol != PROTOCOL_HTTPS)
continue; continue;
if (c->httponly && httponly)
continue;
if (header.length) if (header.length)
add_to_string(&header, "; "); add_to_string(&header, "; ");
@ -682,6 +686,18 @@ send_cookies(struct uri *uri)
return &header; return &header;
} }
struct string *
send_cookies(struct uri *uri)
{
return send_cookies_common(uri, 0);
}
struct string *
send_cookies_js(struct uri *uri)
{
return send_cookies_common(uri, 1);
}
static void done_cookies(struct module *module); static void done_cookies(struct module *module);
@ -719,7 +735,7 @@ load_cookies(void) {
while (fgets(in_buffer, 6 * MAX_STR_LEN, fp)) { while (fgets(in_buffer, 6 * MAX_STR_LEN, fp)) {
struct cookie *cookie; struct cookie *cookie;
unsigned char *p, *q = in_buffer; unsigned char *p, *q = in_buffer;
enum { NAME = 0, VALUE, SERVER, PATH, DOMAIN, EXPIRES, SECURE, MEMBERS }; enum { NAME = 0, VALUE, SERVER, PATH, DOMAIN, EXPIRES, SECURE, HTTPONLY, MEMBERS };
int member; int member;
struct { struct {
unsigned char *pos; unsigned char *pos;
@ -740,7 +756,7 @@ load_cookies(void) {
members[member].len = p - q; members[member].len = p - q;
} }
if (member != MEMBERS) continue; /* Invalid line. */ if ((member != HTTPONLY) && (member != MEMBERS)) continue; /* Invalid line. */
/* Skip expired cookies if any. */ /* Skip expired cookies if any. */
expires = str_to_time_t(members[EXPIRES].pos); expires = str_to_time_t(members[EXPIRES].pos);
@ -768,6 +784,7 @@ load_cookies(void) {
cookie->expires = expires; cookie->expires = expires;
cookie->secure = !!atoi(members[SECURE].pos); cookie->secure = !!atoi(members[SECURE].pos);
cookie->httponly = (member == MEMBERS) && !!atoi(members[HTTPONLY].pos);
accept_cookie(cookie); accept_cookie(cookie);
} }
@ -857,12 +874,12 @@ save_cookies(struct terminal *term) {
now = time(NULL); now = time(NULL);
foreach (c, cookies) { foreach (c, cookies) {
if (!c->expires || c->expires <= now) continue; if (!c->expires || c->expires <= now) continue;
if (secure_fprintf(ssi, "%s\t%s\t%s\t%s\t%s\t%"TIME_PRINT_FORMAT"\t%d\n", if (secure_fprintf(ssi, "%s\t%s\t%s\t%s\t%s\t%"TIME_PRINT_FORMAT"\t%d\t%d\n",
c->name, c->value, c->name, c->value,
c->server->host, c->server->host,
empty_string_or_(c->path), empty_string_or_(c->path),
empty_string_or_(c->domain), empty_string_or_(c->domain),
(time_print_T) c->expires, c->secure) < 0) (time_print_T) c->expires, c->secure, c->httponly) < 0)
break; break;
} }

4
src/cookies/cookies.h
View File

@ -40,7 +40,8 @@ struct cookie {
struct cookie_server *server; /* The host the cookie originated from */ struct cookie_server *server; /* The host the cookie originated from */
time_t expires; /* Expiration time. Zero means undefined */ time_t expires; /* Expiration time. Zero means undefined */
int secure; /* Did it have 'secure' attribute */ unsigned int secure:1; /* Did it have 'secure' attribute */
unsigned int httponly:1; /* Did it have 'httponly' attribute */
struct listbox_item *box_item; struct listbox_item *box_item;
}; };
@ -61,6 +62,7 @@ void set_cookies_dirty(void);
* string will be overwritten at the next call time. The string source * string will be overwritten at the next call time. The string source
* itself is dynamically allocated, though. */ * itself is dynamically allocated, though. */
struct string *send_cookies(struct uri *uri); struct string *send_cookies(struct uri *uri);
struct string *send_cookies_js(struct uri *uri);
extern struct module cookies_module; extern struct module cookies_module;

30
src/cookies/dialogs.c
View File

@ -48,6 +48,8 @@ add_cookie_info_to_string(struct string *string, struct cookie *cookie,
add_format_to_string(string, "\n%s: %s", _("Secure", term), add_format_to_string(string, "\n%s: %s", _("Secure", term),
_(cookie->secure ? N_("yes") : N_("no"), term)); _(cookie->secure ? N_("yes") : N_("no"), term));
add_format_to_string(string, "\n%s: %s", _("HttpOnly", term),
_(cookie->httponly ? N_("yes") : N_("no"), term));
} }
static void static void
@ -321,13 +323,33 @@ set_cookie_secure(struct dialog_data *dlg_data, struct widget_data *widget_data)
return EVENT_PROCESSED; return EVENT_PROCESSED;
} }
static widget_handler_status_T
set_cookie_httponly(struct dialog_data *dlg_data, struct widget_data *widget_data)
{
struct cookie *cookie = dlg_data->dlg->udata;
unsigned char *value = widget_data->cdata;
unsigned char *end;
long number;
if (!value || !cookie) return EVENT_NOT_PROCESSED;
errno = 0;
number = strtol(value, (char **) &end, 10);
if (errno || *end) return EVENT_NOT_PROCESSED;
cookie->httponly = (number != 0);
set_cookies_dirty();
return EVENT_PROCESSED;
}
static void static void
build_edit_dialog(struct terminal *term, struct cookie *cookie) build_edit_dialog(struct terminal *term, struct cookie *cookie)
{ {
#define EDIT_WIDGETS_COUNT 8 #define EDIT_WIDGETS_COUNT 9
/* [gettext_accelerator_context(.build_edit_dialog)] */ /* [gettext_accelerator_context(.build_edit_dialog)] */
struct dialog *dlg; struct dialog *dlg;
unsigned char *name, *value, *domain, *expires, *secure; unsigned char *name, *value, *domain, *expires, *secure, *httponly;
unsigned char *dlg_server; unsigned char *dlg_server;
int length = 0; int length = 0;
@ -344,6 +366,7 @@ build_edit_dialog(struct terminal *term, struct cookie *cookie)
domain = value + MAX_STR_LEN; domain = value + MAX_STR_LEN;
expires = domain + MAX_STR_LEN; expires = domain + MAX_STR_LEN;
secure = expires + MAX_STR_LEN; secure = expires + MAX_STR_LEN;
httponly = secure + MAX_STR_LEN;
safe_strncpy(name, cookie->name, MAX_STR_LEN); safe_strncpy(name, cookie->name, MAX_STR_LEN);
safe_strncpy(value, cookie->value, MAX_STR_LEN); safe_strncpy(value, cookie->value, MAX_STR_LEN);
@ -352,6 +375,8 @@ build_edit_dialog(struct terminal *term, struct cookie *cookie)
ulongcat(expires, &length, cookie->expires, MAX_STR_LEN, 0); ulongcat(expires, &length, cookie->expires, MAX_STR_LEN, 0);
length = 0; length = 0;
ulongcat(secure, &length, cookie->secure, MAX_STR_LEN, 0); ulongcat(secure, &length, cookie->secure, MAX_STR_LEN, 0);
length = 0;
ulongcat(httponly, &length, cookie->httponly, MAX_STR_LEN, 0);
dlg_server = cookie->server->host; dlg_server = cookie->server->host;
dlg_server = straconcat(_("Server", term), ": ", dlg_server, "\n", dlg_server = straconcat(_("Server", term), ": ", dlg_server, "\n",
@ -368,6 +393,7 @@ build_edit_dialog(struct terminal *term, struct cookie *cookie)
add_dlg_field_float(dlg, _("Domain", term), 0, 0, set_cookie_domain, MAX_STR_LEN, domain, NULL); add_dlg_field_float(dlg, _("Domain", term), 0, 0, set_cookie_domain, MAX_STR_LEN, domain, NULL);
add_dlg_field_float(dlg, _("Expires", term), 0, 0, set_cookie_expires, MAX_STR_LEN, expires, NULL); add_dlg_field_float(dlg, _("Expires", term), 0, 0, set_cookie_expires, MAX_STR_LEN, expires, NULL);
add_dlg_field_float(dlg, _("Secure", term), 0, 0, set_cookie_secure, MAX_STR_LEN, secure, NULL); add_dlg_field_float(dlg, _("Secure", term), 0, 0, set_cookie_secure, MAX_STR_LEN, secure, NULL);
add_dlg_field_float(dlg, _("HttpOnly", term), 0, 0, set_cookie_httponly, MAX_STR_LEN, httponly, NULL);
add_dlg_button(dlg, _("~OK", term), B_ENTER, ok_dialog, NULL); add_dlg_button(dlg, _("~OK", term), B_ENTER, ok_dialog, NULL);
add_dlg_button(dlg, _("~Cancel", term), B_ESC, cancel_dialog, NULL); add_dlg_button(dlg, _("~Cancel", term), B_ESC, cancel_dialog, NULL);

2
src/ecmascript/spidermonkey/document.c
View File

@ -110,7 +110,7 @@ document_get_property(JSContext *ctx, JSObject *obj, jsid id, jsval *vp)
#ifdef CONFIG_COOKIES #ifdef CONFIG_COOKIES
if (!strcmp(string, "cookie")) { if (!strcmp(string, "cookie")) {
struct string *cookies = send_cookies(vs->uri); struct string *cookies = send_cookies_js(vs->uri);
if (cookies) { if (cookies) {
static unsigned char cookiestr[1024]; static unsigned char cookiestr[1024];