// Copyright (c) 2012 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. // Portions of this code based on Mozilla: // (netwerk/cookie/src/nsCookieService.cpp) /* ***** BEGIN LICENSE BLOCK ***** * Version: MPL 1.1/GPL 2.0/LGPL 2.1 * * The contents of this file are subject to the Mozilla Public License Version * 1.1 (the "License"); you may not use this file except in compliance with * the License. You may obtain a copy of the License at * http://www.mozilla.org/MPL/ * * Software distributed under the License is distributed on an "AS IS" basis, * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License * for the specific language governing rights and limitations under the * License. * * The Original Code is mozilla.org code. * * The Initial Developer of the Original Code is * Netscape Communications Corporation. * Portions created by the Initial Developer are Copyright (C) 2003 * the Initial Developer. All Rights Reserved. * * Contributor(s): * Daniel Witte (dwitte@stanford.edu) * Michiel van Leeuwen (mvl@exedo.nl) * * Alternatively, the contents of this file may be used under the terms of * either the GNU General Public License Version 2 or later (the "GPL"), or * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), * in which case the provisions of the GPL or the LGPL are applicable instead * of those above. If you wish to allow use of your version of this file only * under the terms of either the GPL or the LGPL, and not to allow others to * use your version of this file under the terms of the MPL, indicate your * decision by deleting the provisions above and replace them with the notice * and other provisions required by the GPL or the LGPL. If you do not delete * the provisions above, a recipient may use your version of this file under * the terms of any one of the MPL, the GPL or the LGPL. * * ***** END LICENSE BLOCK ***** */ #include "net/cookies/parsed_cookie.h" #include "base/logging.h" #include "base/metrics/histogram_macros.h" #include "base/strings/string_util.h" #include "net/http/http_util.h" namespace { const char kPathTokenName[] = "path"; const char kDomainTokenName[] = "domain"; const char kExpiresTokenName[] = "expires"; const char kMaxAgeTokenName[] = "max-age"; const char kSecureTokenName[] = "secure"; const char kHttpOnlyTokenName[] = "httponly"; const char kSameSiteTokenName[] = "samesite"; const char kPriorityTokenName[] = "priority"; const char kTerminator[] = "\n\r\0"; const int kTerminatorLen = sizeof(kTerminator) - 1; const char kWhitespace[] = " \t"; const char kValueSeparator[] = ";"; const char kTokenSeparator[] = ";="; // Returns true if |c| occurs in |chars| // TODO(erikwright): maybe make this take an iterator, could check for end also? inline bool CharIsA(const char c, const char* chars) { return strchr(chars, c) != NULL; } // Seek the iterator to the first occurrence of a character in |chars|. // Returns true if it hit the end, false otherwise. inline bool SeekTo(std::string::const_iterator* it, const std::string::const_iterator& end, const char* chars) { for (; *it != end && !CharIsA(**it, chars); ++(*it)) { } return *it == end; } // Seek the iterator to the first occurrence of a character not in |chars|. // Returns true if it hit the end, false otherwise. inline bool SeekPast(std::string::const_iterator* it, const std::string::const_iterator& end, const char* chars) { for (; *it != end && CharIsA(**it, chars); ++(*it)) { } return *it == end; } inline bool SeekBackPast(std::string::const_iterator* it, const std::string::const_iterator& end, const char* chars) { for (; *it != end && CharIsA(**it, chars); --(*it)) { } return *it == end; } // Validate value, which may be according to RFC 6265 // cookie-value = *cookie-octet / ( DQUOTE *cookie-octet DQUOTE ) // cookie-octet = %x21 / %x23-2B / %x2D-3A / %x3C-5B / %x5D-7E // ; US-ASCII characters excluding CTLs, // ; whitespace DQUOTE, comma, semicolon, // ; and backslash bool IsValidCookieValue(const std::string& value) { // Number of characters to skip in validation at beginning and end of string. size_t skip = 0; if (value.size() >= 2 && *value.begin() == '"' && *(value.end() - 1) == '"') skip = 1; for (std::string::const_iterator i = value.begin() + skip; i != value.end() - skip; ++i) { bool valid_octet = (*i == 0x21 || (*i >= 0x23 && *i <= 0x2B) || (*i >= 0x2D && *i <= 0x3A) || (*i >= 0x3C && *i <= 0x5B) || (*i >= 0x5D && *i <= 0x7E)); if (!valid_octet) return false; } return true; } bool IsControlCharacter(unsigned char c) { return c <= 31; } } // namespace namespace net { ParsedCookie::ParsedCookie(const std::string& cookie_line) : path_index_(0), domain_index_(0), expires_index_(0), maxage_index_(0), secure_index_(0), httponly_index_(0), same_site_index_(0), priority_index_(0) { if (cookie_line.size() > kMaxCookieSize) { VLOG(1) << "Not parsing cookie, too large: " << cookie_line.size(); return; } ParseTokenValuePairs(cookie_line); if (!pairs_.empty()) SetupAttributes(); } ParsedCookie::~ParsedCookie() = default; bool ParsedCookie::IsValid() const { return !pairs_.empty() && IsSameSiteAttributeValid(); } CookieSameSite ParsedCookie::SameSite() const { return (same_site_index_ == 0) ? CookieSameSite::DEFAULT_MODE : StringToCookieSameSite(pairs_[same_site_index_].second); } CookiePriority ParsedCookie::Priority() const { return (priority_index_ == 0) ? COOKIE_PRIORITY_DEFAULT : StringToCookiePriority(pairs_[priority_index_].second); } bool ParsedCookie::SetName(const std::string& name) { if (!name.empty() && !HttpUtil::IsToken(name)) return false; if (pairs_.empty()) pairs_.push_back(std::make_pair("", "")); pairs_[0].first = name; return true; } bool ParsedCookie::SetValue(const std::string& value) { if (!IsValidCookieValue(value)) return false; if (pairs_.empty()) pairs_.push_back(std::make_pair("", "")); pairs_[0].second = value; return true; } bool ParsedCookie::SetPath(const std::string& path) { return SetString(&path_index_, kPathTokenName, path); } bool ParsedCookie::SetDomain(const std::string& domain) { return SetString(&domain_index_, kDomainTokenName, domain); } bool ParsedCookie::SetExpires(const std::string& expires) { return SetString(&expires_index_, kExpiresTokenName, expires); } bool ParsedCookie::SetMaxAge(const std::string& maxage) { return SetString(&maxage_index_, kMaxAgeTokenName, maxage); } bool ParsedCookie::SetIsSecure(bool is_secure) { return SetBool(&secure_index_, kSecureTokenName, is_secure); } bool ParsedCookie::SetIsHttpOnly(bool is_http_only) { return SetBool(&httponly_index_, kHttpOnlyTokenName, is_http_only); } bool ParsedCookie::SetSameSite(const std::string& is_same_site) { return SetString(&same_site_index_, kSameSiteTokenName, is_same_site); } bool ParsedCookie::SetPriority(const std::string& priority) { return SetString(&priority_index_, kPriorityTokenName, priority); } std::string ParsedCookie::ToCookieLine() const { std::string out; for (PairList::const_iterator it = pairs_.begin(); it != pairs_.end(); ++it) { if (!out.empty()) out.append("; "); out.append(it->first); if (it->first != kSecureTokenName && it->first != kHttpOnlyTokenName) { out.append("="); out.append(it->second); } } return out; } // static std::string::const_iterator ParsedCookie::FindFirstTerminator( const std::string& s) { std::string::const_iterator end = s.end(); size_t term_pos = s.find_first_of(std::string(kTerminator, kTerminatorLen)); if (term_pos != std::string::npos) { // We found a character we should treat as an end of string. end = s.begin() + term_pos; } return end; } // static bool ParsedCookie::ParseToken(std::string::const_iterator* it, const std::string::const_iterator& end, std::string::const_iterator* token_start, std::string::const_iterator* token_end) { DCHECK(it && token_start && token_end); std::string::const_iterator token_real_end; // Seek past any whitespace before the "token" (the name). // token_start should point at the first character in the token if (SeekPast(it, end, kWhitespace)) return false; // No token, whitespace or empty. *token_start = *it; // Seek over the token, to the token separator. // token_real_end should point at the token separator, i.e. '='. // If it == end after the seek, we probably have a token-value. SeekTo(it, end, kTokenSeparator); token_real_end = *it; // Ignore any whitespace between the token and the token separator. // token_end should point after the last interesting token character, // pointing at either whitespace, or at '=' (and equal to token_real_end). if (*it != *token_start) { // We could have an empty token name. --(*it); // Go back before the token separator. // Skip over any whitespace to the first non-whitespace character. SeekBackPast(it, *token_start, kWhitespace); // Point after it. ++(*it); } *token_end = *it; // Seek us back to the end of the token. *it = token_real_end; return true; } // static void ParsedCookie::ParseValue(std::string::const_iterator* it, const std::string::const_iterator& end, std::string::const_iterator* value_start, std::string::const_iterator* value_end) { DCHECK(it && value_start && value_end); // Seek past any whitespace that might in-between the token and value. SeekPast(it, end, kWhitespace); // value_start should point at the first character of the value. *value_start = *it; // Just look for ';' to terminate ('=' allowed). // We can hit the end, maybe they didn't terminate. SeekTo(it, end, kValueSeparator); // Will be pointed at the ; seperator or the end. *value_end = *it; // Ignore any unwanted whitespace after the value. if (*value_end != *value_start) { // Could have an empty value --(*value_end); SeekBackPast(value_end, *value_start, kWhitespace); ++(*value_end); } } // static std::string ParsedCookie::ParseTokenString(const std::string& token) { std::string::const_iterator it = token.begin(); std::string::const_iterator end = FindFirstTerminator(token); std::string::const_iterator token_start, token_end; if (ParseToken(&it, end, &token_start, &token_end)) return std::string(token_start, token_end); return std::string(); } // static std::string ParsedCookie::ParseValueString(const std::string& value) { std::string::const_iterator it = value.begin(); std::string::const_iterator end = FindFirstTerminator(value); std::string::const_iterator value_start, value_end; ParseValue(&it, end, &value_start, &value_end); return std::string(value_start, value_end); } // static bool ParsedCookie::IsValidCookieAttributeValue(const std::string& value) { // The greatest common denominator of cookie attribute values is // according to RFC 6265. for (std::string::const_iterator i = value.begin(); i != value.end(); ++i) { if (IsControlCharacter(*i) || *i == ';') return false; } return true; } // Parse all token/value pairs and populate pairs_. void ParsedCookie::ParseTokenValuePairs(const std::string& cookie_line) { pairs_.clear(); // Ok, here we go. We should be expecting to be starting somewhere // before the cookie line, not including any header name... std::string::const_iterator start = cookie_line.begin(); std::string::const_iterator it = start; // TODO(erikwright): Make sure we're stripping \r\n in the network code. // Then we can log any unexpected terminators. std::string::const_iterator end = FindFirstTerminator(cookie_line); // For an empty |cookie_line|, add an empty-key with an empty value, which // has the effect of clearing any prior setting of the empty-key. This is done // to match the behavior of other browsers. See https://crbug.com/601786. if (it == end) { pairs_.push_back(TokenValuePair("", "")); return; } for (int pair_num = 0; it != end; ++pair_num) { TokenValuePair pair; std::string::const_iterator token_start, token_end; if (!ParseToken(&it, end, &token_start, &token_end)) { // Allow first token to be treated as empty-key if unparsable if (pair_num != 0) break; // If parsing failed, start the value parsing at the very beginning. token_start = start; } if (it == end || *it != '=') { // We have a token-value, we didn't have any token name. if (pair_num == 0) { // For the first time around, we want to treat single values // as a value with an empty name. (Mozilla bug 169091). // IE seems to also have this behavior, ex "AAA", and "AAA=10" will // set 2 different cookies, and setting "BBB" will then replace "AAA". pair.first = ""; // Rewind to the beginning of what we thought was the token name, // and let it get parsed as a value. it = token_start; } else { // Any not-first attribute we want to treat a value as a // name with an empty value... This is so something like // "secure;" will get parsed as a Token name, and not a value. pair.first = std::string(token_start, token_end); } } else { // We have a TOKEN=VALUE. pair.first = std::string(token_start, token_end); ++it; // Skip past the '='. } // OK, now try to parse a value. std::string::const_iterator value_start, value_end; ParseValue(&it, end, &value_start, &value_end); // OK, we're finished with a Token/Value. pair.second = std::string(value_start, value_end); // From RFC2109: "Attributes (names) (attr) are case-insensitive." if (pair_num != 0) pair.first = base::ToLowerASCII(pair.first); // Ignore Set-Cookie directives contaning control characters. See // http://crbug.com/238041. if (!IsValidCookieAttributeValue(pair.first) || !IsValidCookieAttributeValue(pair.second)) { pairs_.clear(); break; } pairs_.push_back(pair); // We've processed a token/value pair, we're either at the end of // the string or a ValueSeparator like ';', which we want to skip. if (it != end) ++it; } } void ParsedCookie::SetupAttributes() { // We skip over the first token/value, the user supplied one. for (size_t i = 1; i < pairs_.size(); ++i) { if (pairs_[i].first == kPathTokenName) { path_index_ = i; } else if (pairs_[i].first == kDomainTokenName && pairs_[i].second != "") { domain_index_ = i; } else if (pairs_[i].first == kExpiresTokenName) { expires_index_ = i; } else if (pairs_[i].first == kMaxAgeTokenName) { maxage_index_ = i; } else if (pairs_[i].first == kSecureTokenName) { secure_index_ = i; } else if (pairs_[i].first == kHttpOnlyTokenName) { httponly_index_ = i; } else if (pairs_[i].first == kSameSiteTokenName) { same_site_index_ = i; } else if (pairs_[i].first == kPriorityTokenName) { priority_index_ = i; } else { /* some attribute we don't know or don't care about. */ } } } bool ParsedCookie::SetString(size_t* index, const std::string& key, const std::string& value) { if (value.empty()) { ClearAttributePair(*index); return true; } else { return SetAttributePair(index, key, value); } } bool ParsedCookie::SetBool(size_t* index, const std::string& key, bool value) { if (!value) { ClearAttributePair(*index); return true; } else { return SetAttributePair(index, key, std::string()); } } bool ParsedCookie::SetAttributePair(size_t* index, const std::string& key, const std::string& value) { if (!(HttpUtil::IsToken(key) && IsValidCookieAttributeValue(value))) return false; if (!IsValid()) return false; if (*index) { pairs_[*index].second = value; } else { pairs_.push_back(std::make_pair(key, value)); *index = pairs_.size() - 1; } return true; } void ParsedCookie::ClearAttributePair(size_t index) { // The first pair (name/value of cookie at pairs_[0]) cannot be cleared. // Cookie attributes that don't have a value at the moment, are represented // with an index being equal to 0. if (index == 0) return; size_t* indexes[] = {&path_index_, &domain_index_, &expires_index_, &maxage_index_, &secure_index_, &httponly_index_, &same_site_index_, &priority_index_}; for (size_t i = 0; i < arraysize(indexes); ++i) { if (*indexes[i] == index) *indexes[i] = 0; else if (*indexes[i] > index) --*indexes[i]; } pairs_.erase(pairs_.begin() + index); } bool ParsedCookie::IsSameSiteAttributeValid() const { return same_site_index_ == 0 || SameSite() != CookieSameSite::DEFAULT_MODE; } } // namespace net