llplugincookiestore.cpp - This C++ code implements a cookie…

/indra/llplugin/llplugincookiestore.cpp

https://bitbucket.org/lindenlab/viewer-beta/ · C++ · 664 lines · 553 code · 44 blank · 67 comment · 68 complexity · 2d69056fb42b91afe0f51f100b3f02a2 MD5 · raw file

/** 
 * @file llplugincookiestore.cpp
 * @brief LLPluginCookieStore provides central storage for http cookies used by plugins
 *
 * @cond
 * $LicenseInfo:firstyear=2010&license=viewerlgpl$
 * Second Life Viewer Source Code
 * Copyright (C) 2010, Linden Research, Inc.
 * 
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation;
 * version 2.1 of the License only.
 * 
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 * 
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 * 
 * Linden Research, Inc., 945 Battery Street, San Francisco, CA  94111  USA
 * $/LicenseInfo$
 * @endcond
 */

#include "linden_common.h"
#include "indra_constants.h"

#include "llplugincookiestore.h"
#include <iostream>

// for curl_getdate() (apparently parsing RFC 1123 dates is hard)
#include <curl/curl.h>

LLPluginCookieStore::LLPluginCookieStore():
	mHasChangedCookies(false)
{
}


LLPluginCookieStore::~LLPluginCookieStore()
{
	clearCookies();
}


LLPluginCookieStore::Cookie::Cookie(const std::string &s, std::string::size_type cookie_start, std::string::size_type cookie_end):
	mCookie(s, cookie_start, cookie_end - cookie_start),
	mNameStart(0), mNameEnd(0),
	mValueStart(0), mValueEnd(0),
	mDomainStart(0), mDomainEnd(0),
	mPathStart(0), mPathEnd(0),
	mDead(false), mChanged(true)
{
}

LLPluginCookieStore::Cookie *LLPluginCookieStore::Cookie::createFromString(const std::string &s, std::string::size_type cookie_start, std::string::size_type cookie_end, const std::string &host)
{
	Cookie *result = new Cookie(s, cookie_start, cookie_end);

	if(!result->parse(host))
	{
		delete result;
		result = NULL;
	}
	
	return result;
}

std::string LLPluginCookieStore::Cookie::getKey() const
{
	std::string result;
	if(mDomainEnd > mDomainStart)
	{
		result += mCookie.substr(mDomainStart, mDomainEnd - mDomainStart);
	}
	result += ';';
	if(mPathEnd > mPathStart)
	{
		result += mCookie.substr(mPathStart, mPathEnd - mPathStart);
	}
	result += ';';
	result += mCookie.substr(mNameStart, mNameEnd - mNameStart);
	return result;
}

bool LLPluginCookieStore::Cookie::parse(const std::string &host)
{
	bool first_field = true;

	std::string::size_type cookie_end = mCookie.size();
	std::string::size_type field_start = 0;

	LL_DEBUGS("CookieStoreParse") << "parsing cookie: " << mCookie << LL_ENDL;
	while(field_start < cookie_end)
	{
		// Finding the start of the next field requires honoring special quoting rules
		// see the definition of 'quoted-string' in rfc2616 for details
		std::string::size_type next_field_start = findFieldEnd(field_start);

		// The end of this field should not include the terminating ';' or any trailing whitespace
		std::string::size_type field_end = mCookie.find_last_not_of("; ", next_field_start);
		if(field_end == std::string::npos || field_end < field_start)
		{
			// This field was empty or all whitespace.  Set end = start so it shows as empty.
			field_end = field_start;
		}
		else if (field_end < next_field_start)
		{
			// we actually want the index of the char _after_ what 'last not of' found
			++field_end;
		}
		
		// find the start of the actual name (skip separator and possible whitespace)
		std::string::size_type name_start = mCookie.find_first_not_of("; ", field_start);
		if(name_start == std::string::npos || name_start > next_field_start)
		{
			// Again, nothing but whitespace.
			name_start = field_start;
		}
		
		// the name and value are separated by the first equals sign
		std::string::size_type name_value_sep = mCookie.find_first_of("=", name_start);
		if(name_value_sep == std::string::npos || name_value_sep > field_end)
		{
			// No separator found, so this is a field without an = 
			name_value_sep = field_end;
		}
		
		// the name end is before the name-value separator
		std::string::size_type name_end = mCookie.find_last_not_of("= ", name_value_sep);
		if(name_end == std::string::npos || name_end < name_start)
		{
			// I'm not sure how we'd hit this case... it seems like it would have to be an empty name.
			name_end = name_start;
		}
		else if (name_end < name_value_sep)
		{
			// we actually want the index of the char _after_ what 'last not of' found
			++name_end;
		}
		
		// Value is between the name-value sep and the end of the field.
		std::string::size_type value_start = mCookie.find_first_not_of("= ", name_value_sep);
		if(value_start == std::string::npos || value_start > field_end)
		{
			// All whitespace or empty value
			value_start = field_end;
		}
		std::string::size_type value_end = mCookie.find_last_not_of("; ", field_end);
		if(value_end == std::string::npos || value_end < value_start)
		{
			// All whitespace or empty value
			value_end = value_start;
		}
		else if (value_end < field_end)
		{
			// we actually want the index of the char _after_ what 'last not of' found
			++value_end;
		}

		LL_DEBUGS("CookieStoreParse") 
			<< "    field name: \"" << mCookie.substr(name_start, name_end - name_start) 
			<< "\", value: \"" << mCookie.substr(value_start, value_end - value_start) << "\""
			<< LL_ENDL;
				
		// See whether this field is one we know
		if(first_field)
		{
			// The first field is the name=value pair
			mNameStart = name_start;
			mNameEnd = name_end;
			mValueStart = value_start;
			mValueEnd = value_end;
			first_field = false;
		}
		else
		{
			// Subsequent fields must come from the set in rfc2109
			if(matchName(name_start, name_end, "expires"))
			{
				std::string date_string(mCookie, value_start, value_end - value_start); 
				// If the cookie contains an "expires" field, it MUST contain a parsable date.
				
				// HACK: LLDate apparently can't PARSE an rfc1123-format date, even though it can GENERATE one.
				//  The curl function curl_getdate can do this, but I'm hesitant to unilaterally introduce a curl dependency in LLDate.
#if 1
				time_t date = curl_getdate(date_string.c_str(), NULL );
				mDate.secondsSinceEpoch((F64)date);
				LL_DEBUGS("CookieStoreParse") << "        expire date parsed to: " << mDate.asRFC1123() << LL_ENDL;
#else
				// This doesn't work (rfc1123-format dates cause it to fail)
				if(!mDate.fromString(date_string))
				{
					// Date failed to parse.
					LL_WARNS("CookieStoreParse") << "failed to parse cookie's expire date: " << date << LL_ENDL;
					return false;
				}
#endif
			}
			else if(matchName(name_start, name_end, "domain"))
			{
				mDomainStart = value_start;
				mDomainEnd = value_end;
			}
			else if(matchName(name_start, name_end, "path"))
			{
				mPathStart = value_start;
				mPathEnd = value_end;
			}
			else if(matchName(name_start, name_end, "max-age"))
			{
				// TODO: how should we handle this?
			}
			else if(matchName(name_start, name_end, "secure"))
			{
				// We don't care about the value of this field (yet)
			}
			else if(matchName(name_start, name_end, "version"))
			{
				// We don't care about the value of this field (yet)
			}
			else if(matchName(name_start, name_end, "comment"))
			{
				// We don't care about the value of this field (yet)
			}
			else if(matchName(name_start, name_end, "httponly"))
			{
				// We don't care about the value of this field (yet)
			}
			else
			{
				// An unknown field is a parse failure
				LL_WARNS("CookieStoreParse") << "unexpected field name: " << mCookie.substr(name_start, name_end - name_start) << LL_ENDL;
				return false;
			}
			
		}

		
		// move on to the next field, skipping this field's separator and any leading whitespace
		field_start = mCookie.find_first_not_of("; ", next_field_start);
	}
		
	// The cookie MUST have a name
	if(mNameEnd <= mNameStart)
		return false;
	
	// If the cookie doesn't have a domain, add the current host as the domain.
	if(mDomainEnd <= mDomainStart)
	{
		if(host.empty())
		{
			// no domain and no current host -- this is a parse failure.
			return false;
		}
		
		// Figure out whether this cookie ended with a ";" or not...
		std::string::size_type last_char = mCookie.find_last_not_of(" ");
		if((last_char != std::string::npos) && (mCookie[last_char] != ';'))
		{
			mCookie += ";";
		}
		
		mCookie += " domain=";
		mDomainStart = mCookie.size();
		mCookie += host;
		mDomainEnd = mCookie.size();
		
		LL_DEBUGS("CookieStoreParse") << "added domain (" << mDomainStart << " to " << mDomainEnd << "), new cookie is: " << mCookie << LL_ENDL;
	}

	// If the cookie doesn't have a path, add "/".
	if(mPathEnd <= mPathStart)
	{
		// Figure out whether this cookie ended with a ";" or not...
		std::string::size_type last_char = mCookie.find_last_not_of(" ");
		if((last_char != std::string::npos) && (mCookie[last_char] != ';'))
		{
			mCookie += ";";
		}
		
		mCookie += " path=";
		mPathStart = mCookie.size();
		mCookie += "/";
		mPathEnd = mCookie.size();
		
		LL_DEBUGS("CookieStoreParse") << "added path (" << mPathStart << " to " << mPathEnd << "), new cookie is: " << mCookie << LL_ENDL;
	}
	
	
	return true;
}

std::string::size_type LLPluginCookieStore::Cookie::findFieldEnd(std::string::size_type start, std::string::size_type end)
{
	std::string::size_type result = start;
	
	if(end == std::string::npos)
		end = mCookie.size();
	
	bool in_quotes = false;
	for(; (result < end); result++)
	{
		switch(mCookie[result])
		{
			case '\\':
				if(in_quotes)
					result++; // The next character is backslash-quoted.  Skip over it.
			break;
			case '"':
				in_quotes = !in_quotes;
			break;
			case ';':
				if(!in_quotes)
					return result;
			break;
		}		
	}
	
	// If we got here, no ';' was found.
	return end;
}

bool LLPluginCookieStore::Cookie::matchName(std::string::size_type start, std::string::size_type end, const char *name)
{
	// NOTE: this assumes 'name' is already in lowercase.  The code which uses it should be able to arrange this...
	
	while((start < end) && (*name != '\0'))
	{
		if(tolower(mCookie[start]) != *name)
			return false;
			
		start++;
		name++;
	}
	
	// iff both strings hit the end at the same time, they're equal.
	return ((start == end) && (*name == '\0'));
}

std::string LLPluginCookieStore::getAllCookies()
{
	std::stringstream result;
	writeAllCookies(result);
	return result.str();
}

void LLPluginCookieStore::writeAllCookies(std::ostream& s)
{
	cookie_map_t::iterator iter;
	for(iter = mCookies.begin(); iter != mCookies.end(); iter++)
	{
		// Don't return expired cookies
		if(!iter->second->isDead())
		{
			s << (iter->second->getCookie()) << "\n";
		}
	}

}

std::string LLPluginCookieStore::getPersistentCookies()
{
	std::stringstream result;
	writePersistentCookies(result);
	return result.str();
}

void LLPluginCookieStore::writePersistentCookies(std::ostream& s)
{
	cookie_map_t::iterator iter;
	for(iter = mCookies.begin(); iter != mCookies.end(); iter++)
	{
		// Don't return expired cookies or session cookies
		if(!iter->second->isDead() && !iter->second->isSessionCookie())
		{
			s << iter->second->getCookie() << "\n";
		}
	}
}

std::string LLPluginCookieStore::getChangedCookies(bool clear_changed)
{
	std::stringstream result;
	writeChangedCookies(result, clear_changed);
	
	return result.str();
}

void LLPluginCookieStore::writeChangedCookies(std::ostream& s, bool clear_changed)
{
	if(mHasChangedCookies)
	{
		lldebugs << "returning changed cookies: " << llendl;
		cookie_map_t::iterator iter;
		for(iter = mCookies.begin(); iter != mCookies.end(); )
		{
			cookie_map_t::iterator next = iter;
			next++;
			
			// Only return cookies marked as "changed"
			if(iter->second->isChanged())
			{
				s << iter->second->getCookie() << "\n";

				lldebugs << "    " << iter->second->getCookie() << llendl;

				// If requested, clear the changed mark
				if(clear_changed)
				{
					if(iter->second->isDead())
					{
						// If this cookie was previously marked dead, it needs to be removed entirely.	
						delete iter->second;
						mCookies.erase(iter);
					}
					else
					{
						// Not dead, just mark as not changed.
						iter->second->setChanged(false);
					}
				}
			}
			
			iter = next;
		}
	}
	
	if(clear_changed)
		mHasChangedCookies = false;
}

void LLPluginCookieStore::setAllCookies(const std::string &cookies, bool mark_changed)
{
	clearCookies();
	setCookies(cookies, mark_changed);
}

void LLPluginCookieStore::readAllCookies(std::istream& s, bool mark_changed)
{
	clearCookies();
	readCookies(s, mark_changed);
}
	
void LLPluginCookieStore::setCookies(const std::string &cookies, bool mark_changed)
{
	std::string::size_type start = 0;

	while(start != std::string::npos)
	{
		std::string::size_type end = cookies.find_first_of("\r\n", start);
		if(end > start)
		{
			// The line is non-empty.  Try to create a cookie from it.
			setOneCookie(cookies, start, end, mark_changed);
		}
		start = cookies.find_first_not_of("\r\n ", end);
	}
}

void LLPluginCookieStore::setCookiesFromHost(const std::string &cookies, const std::string &host, bool mark_changed)
{
	std::string::size_type start = 0;

	while(start != std::string::npos)
	{
		std::string::size_type end = cookies.find_first_of("\r\n", start);
		if(end > start)
		{
			// The line is non-empty.  Try to create a cookie from it.
			setOneCookie(cookies, start, end, mark_changed, host);
		}
		start = cookies.find_first_not_of("\r\n ", end);
	}
}
			
void LLPluginCookieStore::readCookies(std::istream& s, bool mark_changed)
{
	std::string line;
	while(s.good() && !s.eof())
	{
		std::getline(s, line);
		if(!line.empty())
		{
			// Try to create a cookie from this line.
			setOneCookie(line, 0, std::string::npos, mark_changed);
		}
	}
}

std::string LLPluginCookieStore::quoteString(const std::string &s)
{
	std::stringstream result;
	
	result << '"';
	
	for(std::string::size_type i = 0; i < s.size(); ++i)
	{
		char c = s[i];
		switch(c)
		{
			// All these separators need to be quoted in HTTP headers, according to section 2.2 of rfc 2616:
			case '(': case ')': case '<': case '>': case '@':
			case ',': case ';': case ':': case '\\': case '"':
			case '/': case '[': case ']': case '?': case '=':
			case '{': case '}':	case ' ': case '\t':
				result << '\\';
			break;
		}
		
		result << c;
	}
	
	result << '"';
	
	return result.str();
}

std::string LLPluginCookieStore::unquoteString(const std::string &s)
{
	std::stringstream result;
	
	bool in_quotes = false;
	
	for(std::string::size_type i = 0; i < s.size(); ++i)
	{
		char c = s[i];
		switch(c)
		{
			case '\\':
				if(in_quotes)
				{
					// The next character is backslash-quoted.  Pass it through untouched.
					++i; 
					if(i < s.size())
					{
						result << s[i];
					}
					continue;
				}
			break;
			case '"':
				in_quotes = !in_quotes;
				continue;
			break;
		}
		
		result << c;
	}
	
	return result.str();
}

// The flow for deleting a cookie is non-obvious enough that I should call it out here...
// Deleting a cookie is done by setting a cookie with the same name, path, and domain, but with an expire timestamp in the past.
// (This is exactly how a web server tells a browser to delete a cookie.)
// When deleting with mark_changed set to true, this replaces the existing cookie in the list with an entry that's marked both dead and changed.
// Some time later when writeChangedCookies() is called with clear_changed set to true, the dead cookie is deleted from the list after being returned, so that the
// delete operation (in the form of the expired cookie) is passed along.
void LLPluginCookieStore::setOneCookie(const std::string &s, std::string::size_type cookie_start, std::string::size_type cookie_end, bool mark_changed, const std::string &host)
{
	Cookie *cookie = Cookie::createFromString(s, cookie_start, cookie_end, host);
	if(cookie)
	{
		LL_DEBUGS("CookieStoreUpdate") << "setting cookie: " << cookie->getCookie() << LL_ENDL;
		
		// Create a key for this cookie
		std::string key = cookie->getKey();
		
		// Check to see whether this cookie should have expired
		if(!cookie->isSessionCookie() && (cookie->getDate() < LLDate::now()))
		{
			// This cookie has expired.
			if(mark_changed)
			{
				// If we're marking cookies as changed, we should keep it anyway since we'll need to send it out with deltas.
				cookie->setDead(true);
				LL_DEBUGS("CookieStoreUpdate") << "    marking dead" << LL_ENDL;
			}
			else
			{
				// If we're not marking cookies as changed, we don't need to keep this cookie at all.
				// If the cookie was already in the list, delete it.
				removeCookie(key);

				delete cookie;
				cookie = NULL;

				LL_DEBUGS("CookieStoreUpdate") << "    removing" << LL_ENDL;
			}
		}
		
		if(cookie)
		{
			// If it already exists in the map, replace it.
			cookie_map_t::iterator iter = mCookies.find(key);
			if(iter != mCookies.end())
			{
				if(iter->second->getCookie() == cookie->getCookie())
				{
					// The new cookie is identical to the old -- don't mark as changed.
					// Just leave the old one in the map.
					delete cookie;
					cookie = NULL;

					LL_DEBUGS("CookieStoreUpdate") << "    unchanged" << LL_ENDL;
				}
				else
				{
					// A matching cookie was already in the map.  Replace it.
					delete iter->second;
					iter->second = cookie;
					
					cookie->setChanged(mark_changed);
					if(mark_changed)
						mHasChangedCookies = true;

					LL_DEBUGS("CookieStoreUpdate") << "    replacing" << LL_ENDL;
				}
			}
			else
			{
				// The cookie wasn't in the map.  Insert it.
				mCookies.insert(std::make_pair(key, cookie));
				
				cookie->setChanged(mark_changed);
				if(mark_changed)
					mHasChangedCookies = true;

				LL_DEBUGS("CookieStoreUpdate") << "    adding" << LL_ENDL;
			}
		}
	}
	else
	{
		LL_WARNS("CookieStoreUpdate") << "failed to parse cookie: " << s.substr(cookie_start, cookie_end - cookie_start) << LL_ENDL;
	}

}

void LLPluginCookieStore::clearCookies()
{
	while(!mCookies.empty())
	{
		cookie_map_t::iterator iter = mCookies.begin();
		delete iter->second;
		mCookies.erase(iter);
	}
}

void LLPluginCookieStore::removeCookie(const std::string &key)
{
	cookie_map_t::iterator iter = mCookies.find(key);
	if(iter != mCookies.end())
	{
		delete iter->second;
		mCookies.erase(iter);
	}
}
Summary ✨

This C++ code implements a cookie store for managing HTTP cookies. It provides methods to create, update, and delete cookies, as well as track changes and expiration dates. The code uses a map data structure to store cookies, allowing for efficient lookup and insertion of new cookies. It also handles cases where cookies need to be deleted or replaced due to expiration or updates.
Alerts (2)

Complexity hotspot; line 263 (total complexity: 4)
263
Complexity hotspot; line 281 (total complexity: 4)
281