147 lines
5.8 KiB
C
Raw Normal View History

2015-04-27 22:25:09 +02:00
#ifndef HEADER_CURL_COOKIE_H
#define HEADER_CURL_COOKIE_H
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
2023-07-02 19:51:09 +02:00
* Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
2021-09-14 00:13:48 +02:00
* are also available at https://curl.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
2022-11-16 20:14:03 +01:00
* SPDX-License-Identifier: curl
*
***************************************************************************/
2015-04-27 22:25:09 +02:00
#include "curl_setup.h"
#include <curl/curl.h>
struct Cookie {
struct Cookie *next; /* next in the chain */
char *name; /* <this> = value */
char *value; /* name = <this> */
2015-04-27 22:25:09 +02:00
char *path; /* path = <this> which is in Set-Cookie: */
char *spath; /* sanitized cookie path */
char *domain; /* domain = <this> */
curl_off_t expires; /* expires = <this> */
char *expirestr; /* the plain text version */
/* RFC 2109 keywords. Version=1 means 2109-compliant cookie sending */
char *version; /* Version = <value> */
char *maxage; /* Max-Age = <value> */
2021-09-14 00:13:48 +02:00
bool tailmatch; /* whether we do tail-matching of the domain name */
bool secure; /* whether the 'secure' keyword was used */
bool livecookie; /* updated from a server, not a stored file */
2015-04-27 22:25:09 +02:00
bool httponly; /* true if the httponly directive is present */
2018-10-28 12:09:07 +01:00
int creationtime; /* time when the cookie was written */
2019-11-11 23:01:05 +01:00
unsigned char prefix; /* bitmap fields indicating which prefix are set */
};
2019-11-11 23:01:05 +01:00
/*
* Available cookie prefixes, as defined in
* draft-ietf-httpbis-rfc6265bis-02
*/
#define COOKIE_PREFIX__SECURE (1<<0)
#define COOKIE_PREFIX__HOST (1<<1)
2018-08-09 18:06:22 +02:00
#define COOKIE_HASH_SIZE 256
struct CookieInfo {
/* linked list of cookies we know of */
2018-08-09 18:06:22 +02:00
struct Cookie *cookies[COOKIE_HASH_SIZE];
char *filename; /* file we read from/write to */
long numcookies; /* number of cookies in the "jar" */
2021-09-14 00:13:48 +02:00
bool running; /* state info, for cookie adding information */
bool newsession; /* new session, discard session cookies on load */
2018-10-28 12:09:07 +01:00
int lastct; /* last creation-time used in the jar */
2021-11-20 13:41:27 +01:00
curl_off_t next_expiration; /* the next time at which expiration happens */
};
2023-07-02 19:51:09 +02:00
/* The maximum sizes we accept for cookies. RFC 6265 section 6.1 says
"general-use user agents SHOULD provide each of the following minimum
capabilities":
2023-07-02 19:51:09 +02:00
- At least 4096 bytes per cookie (as measured by the sum of the length of
the cookie's name, value, and attributes).
2018-01-26 17:06:56 +01:00
2023-07-02 19:51:09 +02:00
In the 6265bis draft document section 5.4 it is phrased even stronger: "If
the sum of the lengths of the name string and the value string is more than
4096 octets, abort these steps and ignore the set-cookie-string entirely."
*/
2023-07-02 19:51:09 +02:00
/** Limits for INCOMING cookies **/
/* The longest we allow a line to be when reading a cookie from a HTTP header
or from a cookie jar */
#define MAX_COOKIE_LINE 5000
2022-11-16 20:14:03 +01:00
/* Maximum length of an incoming cookie name or content we deal with. Longer
cookies are ignored. */
2018-01-26 17:06:56 +01:00
#define MAX_NAME 4096
2023-07-02 19:51:09 +02:00
/* Maximum number of Set-Cookie: lines accepted in a single response. If more
such header lines are received, they are ignored. This value must be less
than 256 since an unsigned char is used to count. */
#define MAX_SET_COOKIE_AMOUNT 50
/** Limits for OUTGOING cookies **/
2022-11-16 20:14:03 +01:00
/* Maximum size for an outgoing cookie line libcurl will use in an http
request. This is the default maximum length used in some versions of Apache
httpd. */
#define MAX_COOKIE_HEADER_LEN 8190
/* Maximum number of cookies libcurl will send in a single request, even if
there might be more cookies that match. One reason to cap the number is to
keep the maximum HTTP request within the maximum allowed size. */
#define MAX_COOKIE_SEND_AMOUNT 150
2016-09-11 17:22:32 +02:00
struct Curl_easy;
/*
* Add a cookie to the internal list of cookies. The domain and path arguments
* are only used if the header boolean is TRUE.
*/
2016-09-11 17:22:32 +02:00
struct Cookie *Curl_cookie_add(struct Curl_easy *data,
2021-09-14 00:13:48 +02:00
struct CookieInfo *c, bool header,
bool noexpiry, char *lineptr,
2019-11-11 23:01:05 +01:00
const char *domain, const char *path,
bool secure);
2022-11-16 20:14:03 +01:00
struct Cookie *Curl_cookie_getlist(struct Curl_easy *data,
struct CookieInfo *c, const char *host,
2021-09-14 00:13:48 +02:00
const char *path, bool secure);
2017-04-14 19:02:05 +02:00
void Curl_cookie_freelist(struct Cookie *cookies);
void Curl_cookie_clearall(struct CookieInfo *cookies);
void Curl_cookie_clearsess(struct CookieInfo *cookies);
#if defined(CURL_DISABLE_HTTP) || defined(CURL_DISABLE_COOKIES)
#define Curl_cookie_list(x) NULL
2015-04-27 22:25:09 +02:00
#define Curl_cookie_loadfiles(x) Curl_nop_stmt
#define Curl_cookie_init(x,y,z,w) NULL
#define Curl_cookie_cleanup(x) Curl_nop_stmt
#define Curl_flush_cookies(x,y) Curl_nop_stmt
#else
2020-08-30 11:54:41 +02:00
void Curl_flush_cookies(struct Curl_easy *data, bool cleanup);
2021-09-14 00:13:48 +02:00
void Curl_cookie_cleanup(struct CookieInfo *c);
2016-09-11 17:22:32 +02:00
struct CookieInfo *Curl_cookie_init(struct Curl_easy *data,
2021-09-14 00:13:48 +02:00
const char *file, struct CookieInfo *inc,
bool newsession);
2016-09-11 17:22:32 +02:00
struct curl_slist *Curl_cookie_list(struct Curl_easy *data);
void Curl_cookie_loadfiles(struct Curl_easy *data);
#endif
2015-04-27 22:25:09 +02:00
#endif /* HEADER_CURL_COOKIE_H */