/* Licensed to the Apache Software Foundation (ASF) under one or more * contributor license agreements. See the NOTICE file distributed with * this work for additional information regarding copyright ownership. * The ASF licenses this file to You under the Apache License, Version 2.0 * (the "License"); you may not use this file except in compliance with * the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License.
*/
/* we know core's module_index is 0 */ #undef APLOG_MODULE_INDEX #define APLOG_MODULE_INDEX AP_CORE_MODULE_INDEX
/** * Write an RFC2109 compliant cookie. * * @param r The request * @param name The name of the cookie. * @param val The value to place in the cookie. * @param attrs The string containing additional cookie attributes. If NULL, the * DEFAULT_ATTRS will be used. * @param maxage If non zero, a Max-Age header will be added to the cookie.
*/
AP_DECLARE(apr_status_t) ap_cookie_write(request_rec * r, constchar *name, constchar *val, constchar *attrs, long maxage, ...)
{
/* write the cookie to the header table(s) provided */
va_start(vp, maxage); while ((t = va_arg(vp, apr_table_t *))) {
apr_table_addn(t, SET_COOKIE, rfc2109);
}
va_end(vp);
return APR_SUCCESS;
}
/** * Write an RFC2965 compliant cookie. * * @param r The request * @param name2 The name of the cookie. * @param val The value to place in the cookie. * @param attrs2 The string containing additional cookie attributes. If NULL, the * DEFAULT_ATTRS will be used. * @param maxage If non zero, a Max-Age header will be added to the cookie.
*/
AP_DECLARE(apr_status_t) ap_cookie_write2(request_rec * r, constchar *name2, constchar*val, constchar *attrs2, long maxage, ...)
{
/* write the cookie to the header table(s) provided */
va_start(vp, maxage); while ((t = va_arg(vp, apr_table_t *))) {
apr_table_addn(t, SET_COOKIE2, rfc2965);
}
va_end(vp);
return APR_SUCCESS;
}
/** * Remove an RFC2109 compliant cookie. * * @param r The request * @param name The name of the cookie.
*/
AP_DECLARE(apr_status_t) ap_cookie_remove(request_rec * r, constchar *name, constchar *attrs, ...)
{
apr_table_t *t;
va_list vp;
/* write the cookie to the header table(s) provided */
va_start(vp, attrs2); while ((t = va_arg(vp, apr_table_t *))) {
apr_table_addn(t, SET_COOKIE2, rfc2965);
}
va_end(vp);
return APR_SUCCESS;
}
/* Iterate through the cookies, isolate our cookie and then remove it. * * If our cookie appears two or more times, but with different values, * remove it twice and set the duplicated flag to true. Remove any * $path or other attributes following our cookie if present. If we end * up with an empty cookie, remove the whole header.
*/ staticint extract_cookie_line(void *varg, constchar *key, constchar *val)
{
ap_cookie_do *v = varg; char *last1, *last2; char *cookie = apr_pstrdup(v->r->pool, val); constchar *name = apr_pstrcat(v->r->pool, v->name ? v->name : "", "=", NULL);
apr_size_t len = strlen(name); constchar *new_cookie = ""; constchar *comma = ","; char *next1; constchar *semi = ";"; char *next2; constchar *sep = ""; int cookies = 0;
/* find the cookie called name */ int eat = 0;
next1 = apr_strtok(cookie, comma, &last1); while (next1) {
next2 = apr_strtok(next1, semi, &last2); while (next2) { char *trim = next2; while (apr_isspace(*trim)) {
trim++;
} if (!strncmp(trim, name, len)) { if (v->encoded) { if (strcmp(v->encoded, trim + len)) {
v->duplicated = 1;
}
}
v->encoded = apr_pstrdup(v->r->pool, trim + len);
eat = 1;
} else { if (*trim != '$') {
cookies++;
eat = 0;
} if (!eat) {
new_cookie = apr_pstrcat(v->r->pool, new_cookie, sep, next2, NULL);
}
}
next2 = apr_strtok(NULL, semi, &last2);
sep = semi;
}
/* any cookies left over? */ if (cookies) {
apr_table_addn(v->new_cookies, key, new_cookie);
}
return 1;
}
/** * Read a cookie called name, placing its value in val. * * Both the Cookie and Cookie2 headers are scanned for the cookie. * * If the cookie is duplicated, this function returns APR_EGENERAL. If found, * and if remove is non zero, the cookie will be removed from the headers, and * thus kept private from the backend.
*/
AP_DECLARE(apr_status_t) ap_cookie_read(request_rec * r, constchar *name, constchar **val, int remove)
{
apr_table_do(extract_cookie_line, &v, r->headers_in, "Cookie", "Cookie2", NULL); if (v.duplicated) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00011) LOG_PREFIX "client submitted cookie '%s' more than once: %s", v.name, r->uri); return APR_EGENERAL;
}
/* remove our cookie(s), and replace them */ if (remove) {
apr_table_unset(r->headers_in, "Cookie");
apr_table_unset(r->headers_in, "Cookie2");
r->headers_in = apr_table_overlay(r->pool, r->headers_in, v.new_cookies);
}
*val = v.encoded;
return APR_SUCCESS;
}
/** * Sanity check a given string that it exists, is not empty, * and does not contain the special characters '=', ';' and '&'. * * It is used to sanity check the cookie names.
*/
AP_DECLARE(apr_status_t) ap_cookie_check_string(constchar *string)
{ if (!string || !*string || ap_strchr_c(string, '=') || ap_strchr_c(string, '&') ||
ap_strchr_c(string, ';')) { return APR_EGENERAL;
} return APR_SUCCESS;
}
¤ Dauer der Verarbeitung: 0.0 Sekunden
(vorverarbeitet)
¤
Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.
Bemerkung:
Die farbliche Syntaxdarstellung ist noch experimentell.
