Главная Обзор Помощь
Вход
n4u
/
cowlib
2
0
Ответвить 0
Файлы Задачи 0 Запросы на слияние 0 Вики
Дерево: 5224e5cf4d
Ветки Метки
cowlib
/
src
/
cow_cookie.erl

cow_cookie.erl 9.5 KB
История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281 
  1. %% Copyright (c) 2013-2015, Loïc Hoguin <essen@ninenines.eu>
    2. 

  2. %%
    3. 

  3. %% Permission to use, copy, modify, and/or distribute this software for any
    4. 

  4. %% purpose with or without fee is hereby granted, provided that the above
    5. 

  5. %% copyright notice and this permission notice appear in all copies.
    6. 

  6. %%
    7. 

  7. %% THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
    8. 

  8. %% WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
    9. 

  9. %% MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
    10. 

  10. %% ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
    11. 

  11. %% WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
    12. 

  12. %% ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
    13. 

  13. %% OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
    14. 

  14. 

  15. -module(cow_cookie).
    16. 

  16. 

  17. -export([parse_cookie/1]).
    18. 

  18. -export([setcookie/3]).
    19. 

  19. 

  20. -type cookie_option() :: {max_age, non_neg_integer()}
    21. 

  21. 	| {domain, binary()} | {path, binary()}
    22. 

  22. 	| {secure, boolean()} | {http_only, boolean()}.
    23. 

  23. -type cookie_opts() :: [cookie_option()].
    24. 

  24. -export_type([cookie_opts/0]).
    25. 

  25. 

  26. %% @doc Parse a cookie header string and return a list of key/values.
    27. 

  27. 

  28. -spec parse_cookie(binary()) -> [{binary(), binary()}].
    29. 

  29. parse_cookie(Cookie) ->
    30. 

  30. 	parse_cookie(Cookie, []).
    31. 

  31. 

  32. parse_cookie(<<>>, Acc) ->
    33. 

  33. 	lists:reverse(Acc);
    34. 

  34. parse_cookie(<< $\s, Rest/binary >>, Acc) ->
    35. 

  35. 	parse_cookie(Rest, Acc);
    36. 

  36. parse_cookie(<< $\t, Rest/binary >>, Acc) ->
    37. 

  37. 	parse_cookie(Rest, Acc);
    38. 

  38. parse_cookie(<< $,, Rest/binary >>, Acc) ->
    39. 

  39. 	parse_cookie(Rest, Acc);
    40. 

  40. parse_cookie(<< $;, Rest/binary >>, Acc) ->
    41. 

  41. 	parse_cookie(Rest, Acc);
    42. 

  42. parse_cookie(<< $$, Rest/binary >>, Acc) ->
    43. 

  43. 	skip_cookie(Rest, Acc);
    44. 

  44. parse_cookie(Cookie, Acc) ->
    45. 

  45. 	parse_cookie_name(Cookie, Acc, <<>>).
    46. 

  46. 

  47. skip_cookie(<<>>, Acc) ->
    48. 

  48. 	lists:reverse(Acc);
    49. 

  49. skip_cookie(<< $,, Rest/binary >>, Acc) ->
    50. 

  50. 	parse_cookie(Rest, Acc);
    51. 

  51. skip_cookie(<< $;, Rest/binary >>, Acc) ->
    52. 

  52. 	parse_cookie(Rest, Acc);
    53. 

  53. skip_cookie(<< _, Rest/binary >>, Acc) ->
    54. 

  54. 	skip_cookie(Rest, Acc).
    55. 

  55. 

  56. parse_cookie_name(<<>>, _, _) ->
    57. 

  57. 	error(badarg);
    58. 

  58. parse_cookie_name(<< $=, _/binary >>, _, <<>>) ->
    59. 

  59. 	error(badarg);
    60. 

  60. parse_cookie_name(<< $=, Rest/binary >>, Acc, Name) ->
    61. 

  61. 	parse_cookie_value(Rest, Acc, Name, <<>>);
    62. 

  62. parse_cookie_name(<< $,, _/binary >>, _, _) ->
    63. 

  63. 	error(badarg);
    64. 

  64. parse_cookie_name(<< $;, _/binary >>, _, _) ->
    65. 

  65. 	error(badarg);
    66. 

  66. parse_cookie_name(<< $\s, _/binary >>, _, _) ->
    67. 

  67. 	error(badarg);
    68. 

  68. parse_cookie_name(<< $\t, _/binary >>, _, _) ->
    69. 

  69. 	error(badarg);
    70. 

  70. parse_cookie_name(<< $\r, _/binary >>, _, _) ->
    71. 

  71. 	error(badarg);
    72. 

  72. parse_cookie_name(<< $\n, _/binary >>, _, _) ->
    73. 

  73. 	error(badarg);
    74. 

  74. parse_cookie_name(<< $\013, _/binary >>, _, _) ->
    75. 

  75. 	error(badarg);
    76. 

  76. parse_cookie_name(<< $\014, _/binary >>, _, _) ->
    77. 

  77. 	error(badarg);
    78. 

  78. parse_cookie_name(<< C, Rest/binary >>, Acc, Name) ->
    79. 

  79. 	parse_cookie_name(Rest, Acc, << Name/binary, C >>).
    80. 

  80. 

  81. parse_cookie_value(<<>>, Acc, Name, Value) ->
    82. 

  82. 	lists:reverse([{Name, parse_cookie_trim(Value)}|Acc]);
    83. 

  83. parse_cookie_value(<< $;, Rest/binary >>, Acc, Name, Value) ->
    84. 

  84. 	parse_cookie(Rest, [{Name, parse_cookie_trim(Value)}|Acc]);
    85. 

  85. parse_cookie_value(<< $\t, _/binary >>, _, _, _) ->
    86. 

  86. 	error(badarg);
    87. 

  87. parse_cookie_value(<< $\r, _/binary >>, _, _, _) ->
    88. 

  88. 	error(badarg);
    89. 

  89. parse_cookie_value(<< $\n, _/binary >>, _, _, _) ->
    90. 

  90. 	error(badarg);
    91. 

  91. parse_cookie_value(<< $\013, _/binary >>, _, _, _) ->
    92. 

  92. 	error(badarg);
    93. 

  93. parse_cookie_value(<< $\014, _/binary >>, _, _, _) ->
    94. 

  94. 	error(badarg);
    95. 

  95. parse_cookie_value(<< C, Rest/binary >>, Acc, Name, Value) ->
    96. 

  96. 	parse_cookie_value(Rest, Acc, Name, << Value/binary, C >>).
    97. 

  97. 

  98. parse_cookie_trim(Value = <<>>) ->
    99. 

  99. 	Value;
    100. 

  100. parse_cookie_trim(Value) ->
    101. 

  101. 	case binary:last(Value) of
    102. 

  102. 		$\s ->
    103. 

  103. 			Size = byte_size(Value) - 1,
    104. 

  104. 			<< Value2:Size/binary, _ >> = Value,
    105. 

  105. 			parse_cookie_trim(Value2);
    106. 

  106. 		_ ->
    107. 

  107. 			Value
    108. 

  108. 	end.
    109. 

  109. 

  110. -ifdef(TEST).
    111. 

  111. parse_cookie_test_() ->
    112. 

  112. 	%% {Value, Result}.
    113. 

  113. 	Tests = [
    114. 

  114. 		{<<"name=value; name2=value2">>, [
    115. 

  115. 			{<<"name">>, <<"value">>},
    116. 

  116. 			{<<"name2">>, <<"value2">>}
    117. 

  117. 		]},
    118. 

  118. 		{<<"$Version=1; Customer=WILE_E_COYOTE; $Path=/acme">>, [
    119. 

  119. 			{<<"Customer">>, <<"WILE_E_COYOTE">>}
    120. 

  120. 		]},
    121. 

  121. 		{<<"$Version=1; Customer=WILE_E_COYOTE; $Path=/acme; "
    122. 

  122. 			"Part_Number=Rocket_Launcher_0001; $Path=/acme; "
    123. 

  123. 			"Shipping=FedEx; $Path=/acme">>, [
    124. 

  124. 			{<<"Customer">>, <<"WILE_E_COYOTE">>},
    125. 

  125. 			{<<"Part_Number">>, <<"Rocket_Launcher_0001">>},
    126. 

  126. 			{<<"Shipping">>, <<"FedEx">>}
    127. 

  127. 		]},
    128. 

  128. 		%% Space in value.
    129. 

  129. 		{<<"foo=Thu Jul 11 2013 15:38:43 GMT+0400 (MSK)">>,
    130. 

  130. 			[{<<"foo">>, <<"Thu Jul 11 2013 15:38:43 GMT+0400 (MSK)">>}]},
    131. 

  131. 		%% Comma in value. Google Analytics sets that kind of cookies.
    132. 

  132. 		{<<"refk=sOUZDzq2w2; sk=B602064E0139D842D620C7569640DBB4C81C45080651"
    133. 

  133. 			"9CC124EF794863E10E80; __utma=64249653.825741573.1380181332.1400"
    134. 

  134. 			"015657.1400019557.703; __utmb=64249653.1.10.1400019557; __utmc="
    135. 

  135. 			"64249653; __utmz=64249653.1400019557.703.13.utmcsr=bluesky.chic"
    136. 

  136. 			"agotribune.com|utmccn=(referral)|utmcmd=referral|utmcct=/origin"
    137. 

  137. 			"als/chi-12-indispensable-digital-tools-bsi,0,0.storygallery">>, [
    138. 

  138. 				{<<"refk">>, <<"sOUZDzq2w2">>},
    139. 

  139. 				{<<"sk">>, <<"B602064E0139D842D620C7569640DBB4C81C45080651"
    140. 

  140. 					"9CC124EF794863E10E80">>},
    141. 

  141. 				{<<"__utma">>, <<"64249653.825741573.1380181332.1400"
    142. 

  142. 					"015657.1400019557.703">>},
    143. 

  143. 				{<<"__utmb">>, <<"64249653.1.10.1400019557">>},
    144. 

  144. 				{<<"__utmc">>, <<"64249653">>},
    145. 

  145. 				{<<"__utmz">>, <<"64249653.1400019557.703.13.utmcsr=bluesky.chic"
    146. 

  146. 					"agotribune.com|utmccn=(referral)|utmcmd=referral|utmcct=/origin"
    147. 

  147. 					"als/chi-12-indispensable-digital-tools-bsi,0,0.storygallery">>}
    148. 

  148. 		]},
    149. 

  149. 		%% Potential edge cases (initially from Mochiweb).
    150. 

  150. 		{<<"foo=\\x">>, [{<<"foo">>, <<"\\x">>}]},
    151. 

  151. 		{<<"foo=;bar=">>, [{<<"foo">>, <<>>}, {<<"bar">>, <<>>}]},
    152. 

  152. 		{<<"foo=\\\";;bar=good ">>,
    153. 

  153. 			[{<<"foo">>, <<"\\\"">>}, {<<"bar">>, <<"good">>}]},
    154. 

  154. 		{<<>>, []}, %% Flash player.
    155. 

  155. 		{<<"foo=bar , baz=wibble ">>, [{<<"foo">>, <<"bar , baz=wibble">>}]}
    156. 

  156. 	],
    157. 

  157. 	[{V, fun() -> R = parse_cookie(V) end} || {V, R} <- Tests].
    158. 

  158. 

  159. parse_cookie_error_test_() ->
    160. 

  160. 	%% Value.
    161. 

  161. 	Tests = [
    162. 

  162. 		<<"=">>,
    163. 

  163. 		<<"  foo ; bar  ">>,
    164. 

  164. 		<<"foo=\\\";;bar ">>,
    165. 

  165. 		<<"foo=\"\\\";bar">>
    166. 

  166. 	],
    167. 

  167. 	[{V, fun() -> {'EXIT', {badarg, _}} = (catch parse_cookie(V)) end} || V <- Tests].
    168. 

  168. -endif.
    169. 

  169. 

  170. %% @doc Convert a cookie name, value and options to its iodata form.
    171. 

  171. %% @end
    172. 

  172. %%
    173. 

  173. %% Initially from Mochiweb:
    174. 

  174. %%   * Copyright 2007 Mochi Media, Inc.
    175. 

  175. %% Initial binary implementation:
    176. 

  176. %%   * Copyright 2011 Thomas Burdick <thomas.burdick@gmail.com>
    177. 

  177. 

  178. -spec setcookie(iodata(), iodata(), cookie_opts()) -> iodata().
    179. 

  179. setcookie(Name, Value, Opts) ->
    180. 

  180. 	nomatch = binary:match(iolist_to_binary(Name), [<<$=>>, <<$,>>, <<$;>>,
    181. 

  181. 			<<$\s>>, <<$\t>>, <<$\r>>, <<$\n>>, <<$\013>>, <<$\014>>]),
    182. 

  182. 	nomatch = binary:match(iolist_to_binary(Value), [<<$,>>, <<$;>>,
    183. 

  183. 			<<$\s>>, <<$\t>>, <<$\r>>, <<$\n>>, <<$\013>>, <<$\014>>]),
    184. 

  184. 	MaxAgeBin = case lists:keyfind(max_age, 1, Opts) of
    185. 

  185. 		false -> <<>>;
    186. 

  186. 		{_, 0} ->
    187. 

  187. 			%% MSIE requires an Expires date in the past to delete a cookie.
    188. 

  188. 			<<"; Expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0">>;
    189. 

  189. 		{_, MaxAge} when is_integer(MaxAge), MaxAge > 0 ->
    190. 

  190. 			UTC = calendar:universal_time(),
    191. 

  191. 			Secs = calendar:datetime_to_gregorian_seconds(UTC),
    192. 

  192. 			Expires = calendar:gregorian_seconds_to_datetime(Secs + MaxAge),
    193. 

  193. 			[<<"; Expires=">>, cow_date:rfc2109(Expires),
    194. 

  194. 				<<"; Max-Age=">>, integer_to_list(MaxAge)]
    195. 

  195. 	end,
    196. 

  196. 	DomainBin = case lists:keyfind(domain, 1, Opts) of
    197. 

  197. 		false -> <<>>;
    198. 

  198. 		{_, Domain} -> [<<"; Domain=">>, Domain]
    199. 

  199. 	end,
    200. 

  200. 	PathBin = case lists:keyfind(path, 1, Opts) of
    201. 

  201. 		false -> <<>>;
    202. 

  202. 		{_, Path} -> [<<"; Path=">>, Path]
    203. 

  203. 	end,
    204. 

  204. 	SecureBin = case lists:keyfind(secure, 1, Opts) of
    205. 

  205. 		false -> <<>>;
    206. 

  206. 		{_, false} -> <<>>;
    207. 

  207. 		{_, true} -> <<"; Secure">>
    208. 

  208. 	end,
    209. 

  209. 	HttpOnlyBin = case lists:keyfind(http_only, 1, Opts) of
    210. 

  210. 		false -> <<>>;
    211. 

  211. 		{_, false} -> <<>>;
    212. 

  212. 		{_, true} -> <<"; HttpOnly">>
    213. 

  213. 	end,
    214. 

  214. 	[Name, <<"=">>, Value, <<"; Version=1">>,
    215. 

  215. 		MaxAgeBin, DomainBin, PathBin, SecureBin, HttpOnlyBin].
    216. 

  216. 

  217. -ifdef(TEST).
    218. 

  218. setcookie_test_() ->
    219. 

  219. 	%% {Name, Value, Opts, Result}
    220. 

  220. 	Tests = [
    221. 

  221. 		{<<"Customer">>, <<"WILE_E_COYOTE">>,
    222. 

  222. 			[{http_only, true}, {domain, <<"acme.com">>}],
    223. 

  223. 			<<"Customer=WILE_E_COYOTE; Version=1; "
    224. 

  224. 				"Domain=acme.com; HttpOnly">>},
    225. 

  225. 		{<<"Customer">>, <<"WILE_E_COYOTE">>,
    226. 

  226. 			[{path, <<"/acme">>}],
    227. 

  227. 			<<"Customer=WILE_E_COYOTE; Version=1; Path=/acme">>},
    228. 

  228. 		{<<"Customer">>, <<"WILE_E_COYOTE">>,
    229. 

  229. 			[{secure, true}],
    230. 

  230. 			<<"Customer=WILE_E_COYOTE; Version=1; Secure">>},
    231. 

  231. 		{<<"Customer">>, <<"WILE_E_COYOTE">>,
    232. 

  232. 			[{secure, false}, {http_only, false}],
    233. 

  233. 			<<"Customer=WILE_E_COYOTE; Version=1">>},
    234. 

  234. 		{<<"Customer">>, <<"WILE_E_COYOTE">>,
    235. 

  235. 			[{path, <<"/acme">>}, {badoption, <<"negatory">>}],
    236. 

  236. 			<<"Customer=WILE_E_COYOTE; Version=1; Path=/acme">>}
    237. 

  237. 	],
    238. 

  238. 	[{R, fun() -> R = iolist_to_binary(setcookie(N, V, O)) end}
    239. 

  239. 		|| {N, V, O, R} <- Tests].
    240. 

  240. 

  241. setcookie_max_age_test() ->
    242. 

  242. 	F = fun(N, V, O) ->
    243. 

  243. 		binary:split(iolist_to_binary(
    244. 

  244. 			setcookie(N, V, O)), <<";">>, [global])
    245. 

  245. 	end,
    246. 

  246. 	[<<"Customer=WILE_E_COYOTE">>,
    247. 

  247. 		<<" Version=1">>,
    248. 

  248. 		<<" Expires=", _/binary>>,
    249. 

  249. 		<<" Max-Age=111">>,
    250. 

  250. 		<<" Secure">>] = F(<<"Customer">>, <<"WILE_E_COYOTE">>,
    251. 

  251. 			[{max_age, 111}, {secure, true}]),
    252. 

  252. 	case catch F(<<"Customer">>, <<"WILE_E_COYOTE">>, [{max_age, -111}]) of
    253. 

  253. 		{'EXIT', {{case_clause, {max_age, -111}}, _}} -> ok
    254. 

  254. 	end,
    255. 

  255. 	[<<"Customer=WILE_E_COYOTE">>,
    256. 

  256. 		<<" Version=1">>,
    257. 

  257. 		<<" Expires=", _/binary>>,
    258. 

  258. 		<<" Max-Age=86417">>] = F(<<"Customer">>, <<"WILE_E_COYOTE">>,
    259. 

  259. 			 [{max_age, 86417}]),
    260. 

  260. 	ok.
    261. 

  261. 

  262. setcookie_failures_test_() ->
    263. 

  263. 	F = fun(N, V) ->
    264. 

  264. 		try setcookie(N, V, []) of
    265. 

  265. 			_ ->
    266. 

  266. 				false
    267. 

  267. 		catch _:_ ->
    268. 

  268. 			true
    269. 

  269. 		end
    270. 

  270. 	end,
    271. 

  271. 	Tests = [
    272. 

  272. 		{<<"Na=me">>, <<"Value">>},
    273. 

  273. 		{<<"Name;">>, <<"Value">>},
    274. 

  274. 		{<<"\r\name">>, <<"Value">>},
    275. 

  275. 		{<<"Name">>, <<"Value;">>},
    276. 

  276. 		{<<"Name">>, <<"\value">>}
    277. 

  277. 	],
    278. 

  278. 	[{iolist_to_binary(io_lib:format("{~p, ~p} failure", [N, V])),
    279. 

  279. 		fun() -> true = F(N, V) end}
    280. 

  280. 		|| {N, V} <- Tests].
    281. 

  281. -endif.
    282.