summaryrefslogtreecommitdiffabout
Side-by-side diff
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--include/Makefile.am4
-rw-r--r--include/kingate/cgi_gateway.h5
-rw-r--r--include/kingate/cookies.h300
-rw-r--r--include/kingate/headers.h94
-rw-r--r--include/kingate/util.h13
-rw-r--r--src/Makefile.am4
-rw-r--r--src/cgi_gateway.cc4
-rw-r--r--src/cookies.cc242
-rw-r--r--src/headers.cc40
-rw-r--r--src/util.cc53
10 files changed, 757 insertions, 2 deletions
diff --git a/include/Makefile.am b/include/Makefile.am
index e0b778b..ee5cd51 100644
--- a/include/Makefile.am
+++ b/include/Makefile.am
@@ -5,3 +5,5 @@ nobase_include_HEADERS = \
kingate/exception.h \
kingate/util.h \
- kingate/plaincgi.h
+ kingate/plaincgi.h \
+ kingate/cookies.h \
+ kingate/headers.h
diff --git a/include/kingate/cgi_gateway.h b/include/kingate/cgi_gateway.h
index a5c4056..f20d72b 100644
--- a/include/kingate/cgi_gateway.h
+++ b/include/kingate/cgi_gateway.h
@@ -4,4 +4,5 @@
#include <map>
#include "kingate/cgi_interface.h"
+#include "kingate/cookies.h"
#ifndef __deprecated
@@ -43,4 +44,8 @@ namespace kingate {
params_t post;
/**
+ * Cookies passed.
+ */
+ cookies_t cookies;
+ /**
* Was the stdin content parsed?
*/
diff --git a/include/kingate/cookies.h b/include/kingate/cookies.h
new file mode 100644
index 0000000..83ef0c6
--- a/dev/null
+++ b/include/kingate/cookies.h
@@ -0,0 +1,300 @@
+#ifndef __KINGATE_COOKIES_H
+#define __KINGATE_COOKIES_H
+
+#include <string>
+#include <map>
+#include <ostream>
+
+/**
+ * @file
+ * @brief cookies-related classes.
+ */
+
+namespace kingate {
+ using namespace std;
+
+ /**
+ * Class, holding the cookie with parameters.
+ */
+ class cookie : public map<string,string> {
+ public:
+ /**
+ * Cookie name.
+ */
+ string name;
+ /**
+ * Cookie value.
+ */
+ string value;
+
+ cookie() { }
+ /**
+ * @param n cookie name.
+ * @param v cookie value.
+ */
+ cookie(const string& n,const string& v)
+ : name(n), value(v) { }
+
+ /**
+ * set cookie parameter.
+ * @param p parameter name.
+ * @param v parameter value.
+ * @see _get_string()
+ */
+ void _set_string(const string& p,const string& v);
+
+ /**
+ * @param n cookie name.
+ * @see get_name()
+ */
+ void set_name(const string& n) { name = n; }
+ /**
+ * @param v cookie value.
+ * @see set_value()
+ */
+ void set_value(const string& v) { value = v; }
+ /**
+ * @param c coomment.
+ * @see get_comment()
+ * @see has_comment()
+ * @see unset_comment()
+ */
+ void set_comment(const string& c);
+ /**
+ * @param d domain.
+ * @see get_domain()
+ * @see has_domain()
+ * @see unset_domain()
+ */
+ void set_domain(const string& d);
+ /**
+ * @param ma max-age.
+ * @see get_max_age()
+ * @see has_max_age()
+ * @see unset_max_age()
+ */
+ void set_max_age(const string& ma);
+ /**
+ * @param p path.
+ * @see get_path()
+ * @see has_path()
+ * @see unset_path()
+ */
+ void set_path(const string& p);
+ /**
+ * set cookie security.
+ * @param s true if secure.
+ * @see get_secure()
+ * @see is_secure()
+ */
+ void set_secure(bool s);
+
+ /**
+ * @param e expiration time.
+ * @see get_expires()
+ * @see has_expires()
+ * @see unset_expires()
+ */
+ void set_expires(const string& e);
+
+ /**
+ * get cookie parameter.
+ * @param p parameter name.
+ * @return parameter value.
+ * @see _set_string()
+ */
+ const string& _get_string(const string& p) const;
+
+ /**
+ * @return cookie name.
+ * @see set_name()
+ */
+ const string& get_name() const { return name; }
+ /**
+ * @return cookie value.
+ * @see set_value()
+ */
+ const string& get_value() const { return value; }
+ /**
+ * @return cookie comment.
+ * @see set_comment()
+ * @see has_comment()
+ * @see unset_comment()
+ */
+ const string& get_comment() const;
+ /**
+ * @return cookie domain.
+ * @see set_domain()
+ * @see has_domain()
+ * @see unset_domain()
+ */
+ const string& get_domain() const;
+ /**
+ * @return cookie max-age.
+ * @see set_max_age()
+ * @see has_max_age()
+ * @see unset_max_age()
+ */
+ const string& get_max_age() const;
+ /**
+ * @return cookie path.
+ * @see set_path()
+ * @see has_path()
+ * @see unset_path()
+ */
+ const string& get_path() const;
+ /**
+ * @return cookie security.
+ * @see is_secure()
+ * @see set_secure()
+ */
+ bool get_secure() const;
+ /**
+ * @return cookie security.
+ * @see get_secure()
+ * @see set_secure()
+ */
+ bool is_secure() const { return get_secure(); }
+
+ /**
+ * @return cookie expiration time.
+ * @see set_expires()
+ * @see has_expires()
+ * @see unset_expires()
+ */
+ const string& get_expires() const;
+
+ /**
+ * @return true if cookie has comment.
+ * @see set_comment()
+ * @see get_comment()
+ * @see unset_comment()
+ */
+ bool has_comment() const;
+ /**
+ * @return true if cookie has domain.
+ * @see set_domain()
+ * @see get_domain()
+ * @see unset_domain()
+ */
+ bool has_domain() const;
+ /**
+ * @return true if cookie has max-age.
+ * @see set_max_age()
+ * @see get_max_age()
+ * @see unset_max_age()
+ */
+ bool has_max_age() const;
+ /**
+ * @return true if cookie has path.
+ * @see set_path()
+ * @see get_path()
+ * @see unset_path()
+ */
+ bool has_path() const;
+
+ /**
+ * @return true if cookie has expiration time.
+ * @see set_expires()
+ * @see get_expires()
+ * @see unset_expires()
+ */
+ bool has_expires() const;
+
+ /**
+ * rid cookie of comment.
+ * @see set_comment()
+ * @see get_comment()
+ * @see has_comment()
+ */
+ void unset_comment();
+ /**
+ * rid cookie of domain.
+ * @see set_domain()
+ * @see get_domain()
+ * @see has_domain()
+ */
+ void unset_domain();
+ /**
+ * rid cookie of max-age.
+ * @see set_max_age()
+ * @see get_max_age()
+ * @see has_max_age()
+ */
+ void unset_max_age();
+ /**
+ * rid cookie of path.
+ * @see set_path()
+ * @see get_path()
+ * @see has_path()
+ */
+ void unset_path();
+
+ /**
+ * rid cookie of expiration time.
+ * @see set_expires()
+ * @see get_expires()
+ * @see has_expires()
+ */
+ void unset_expires();
+
+ /**
+ * render the 'Set-Cookie' HTTP header according to RFC2109.
+ * Absolutely useless, only works with lynx.
+ * @return the rendered header content.
+ */
+ string set_cookie_header_rfc2109() const;
+ /**
+ * render the 'Set-Cookie' header according to the early vague
+ * netscape specs and common practice.
+ * @return the rendered header content.
+ */
+ string set_cookie_header() const;
+ };
+
+ /**
+ * Cookies container class.
+ */
+ class cookies_t : public map<string,cookie> {
+ public:
+
+ cookies_t() { }
+ /**
+ * @param s 'Cookie:' HTTP header contents to parse.
+ */
+ cookies_t(const string& s) { parse_cookies(s); }
+
+ /**
+ * @param c cookie to set.
+ */
+ void set_cookie(const cookie& c) { (*this)[c.get_name()]=c; }
+ /**
+ * @param n cookie name to remove.
+ */
+ void unset_cookie(const key_type& n) { erase(n); }
+ /**
+ * @param n cookie name.
+ * @return true if exists.
+ */
+ bool has_cookie(const key_type& n) const;
+ /**
+ * Return the named cookie if one exists.
+ * @param n cookie name.
+ * @return const reference to cookie object.
+ */
+ const cookie& get_cookie(const key_type& n) const;
+ /**
+ * Return the named cookie if one exists.
+ * @param n cookie name.
+ * @return reference to cookie object.
+ */
+ cookie& get_cookie(const key_type& n);
+
+ /**
+ * @param s HTTP 'Cookie' header content.
+ */
+ void parse_cookies(const string& s);
+ };
+}
+
+#endif /* __KINGATE_COOKIES_H */
diff --git a/include/kingate/headers.h b/include/kingate/headers.h
new file mode 100644
index 0000000..fb37fec
--- a/dev/null
+++ b/include/kingate/headers.h
@@ -0,0 +1,94 @@
+#ifndef __KINGATE_HEADERS_H
+#define __KINGATE_HEADERS_H
+
+#include <string>
+#include <map>
+#include <ostream>
+
+/**
+ * @file
+ * @brief the headers -- HTTP headers container class.
+ */
+
+namespace kingate {
+ using namespace std;
+
+ /**
+ * The container class for HTTP headers.
+ */
+ class headers : public multimap<string,string> {
+ public:
+
+ /**
+ * Reference header if one exists.
+ * @param k the header.
+ * @return reference to the content.
+ */
+ const mapped_type& operator[](const key_type& k) const {
+ return get_header(k);
+ }
+ /**
+ * Reference header, creating one if needed.
+ * @param k the header.
+ * @return reference to the content.
+ */
+ mapped_type& operator[](const key_type& k) {
+ return get_header(k);
+ }
+
+ /**
+ * Set HTTP header. Remove all existent occurences of headers with
+ * this name.
+ * @param h header name.
+ * @param c header content.
+ */
+ void set_header(const key_type& h,const mapped_type& c);
+ /**
+ * Add HTTP header.
+ * @param h header name.
+ * @param c header content.
+ */
+ void add_header(const key_type& h,const mapped_type& c);
+ /**
+ * Remove named header.
+ * @param h header name.
+ */
+ void unset_header(const key_type& h);
+ /**
+ * Return const reference to the existing header.
+ * @param h header name.
+ * @return reference to header content.
+ */
+ const mapped_type& get_header(const key_type& h) const;
+ /**
+ * Return reference to the header, creating one if needed.
+ * @param h header name.
+ * @return reference to the content.
+ */
+ mapped_type& get_header(const key_type& h);
+ /**
+ * Return the range of headers with a certain name.
+ * @param h header name.
+ * @return pair of const iterators with the beginning and the end
+ * of range.
+ */
+ pair<const_iterator,const_iterator> get_headers(const key_type& h) const;
+ /**
+ * Return the range of headers with a certain name.
+ * @param h header name.
+ * @return pair of iterators with the beginning and the end
+ * of range.
+ */
+ pair<iterator,iterator> get_headers(const key_type& h);
+ /**
+ * Inquire whether the named header exists.
+ * @param h header name.
+ * @return true if exists.
+ */
+ bool has_header(const key_type& h) const;
+
+ };
+
+}
+
+#endif /* __KINGATE_HEADERS_H */
diff --git a/include/kingate/util.h b/include/kingate/util.h
index 6024ccf..3fd96f6 100644
--- a/include/kingate/util.h
+++ b/include/kingate/util.h
@@ -29,4 +29,17 @@ namespace kingate {
/**
+ * Quote string for use in HTTP header.
+ * @param str the string to quote.
+ * @return the quoted string.
+ */
+ string http_quoted_string(const string& str);
+ /**
+ * Quote string for use in HTTP header if necessary.
+ * @param str the string to quote.
+ * @return the quoted string or token left as is.
+ */
+ string http_quote(const string& str);
+
+ /**
* deprecated alias to url_encode.
* @see url_encode
diff --git a/src/Makefile.am b/src/Makefile.am
index 12bb1f8..2d462c8 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -12,5 +12,7 @@ libkingate_la_SOURCES = \
cgi_gateway.cc \
cgi_interface.cc \
- util.cc
+ util.cc \
+ cookies.cc \
+ headers.cc
libkingate_la_LDFLAGS = -version-info 2:0:0
diff --git a/src/cgi_gateway.cc b/src/cgi_gateway.cc
index 30410f2..ab48f78 100644
--- a/src/cgi_gateway.cc
+++ b/src/cgi_gateway.cc
@@ -28,4 +28,8 @@ namespace kingate {
b_parsed_content = true;
}
+ // Parse cookies
+ try {
+ cookies.parse_cookies(get_meta("HTTP_COOKIE"));
+ }catch(exception_notfound& enf) { }
}
diff --git a/src/cookies.cc b/src/cookies.cc
new file mode 100644
index 0000000..40a0c8b
--- a/dev/null
+++ b/src/cookies.cc
@@ -0,0 +1,242 @@
+#include "kingate/cookies.h"
+#include "kingate/util.h"
+#include "kingate/exception.h"
+
+namespace kingate {
+
+ /*
+ * RFC 2109:
+ * av-pairs = av-pair *(";" av-pair)
+ * av-pair = attr ["=" value] ; optional value
+ * attr = token
+ * value = word
+ * word = token | quoted-string
+ */
+
+ /* RFC 2109:
+ *
+ * The origin server effectively ends a session by sending the client a
+ * Set-Cookie header with Max-Age=0.
+ *
+ * An origin server may include multiple Set-Cookie headers in a response.
+ * Note that an intervening gateway could fold multiple such headers into a
+ * single header.
+ *
+ *
+ * set-cookie = "Set-Cookie:" cookies
+ * cookies = 1#cookie
+ * cookie = NAME "=" VALUE *(";" cookie-av)
+ * NAME = attr
+ * VALUE = value
+ * cookie-av = "Comment" "=" value
+ * | "Domain" "=" value
+ * | "Max-Age" "=" value
+ * | "Path" "=" value
+ * | "Secure"
+ * | "Version" "=" 1*DIGIT
+ *
+ *
+ * The origin server should send the following additional HTTP/1.1
+ * response headers, depending on circumstances:
+ *
+ * * To suppress caching of the Set-Cookie header: Cache-control: no-
+ * cache="set-cookie".
+ *
+ * and one of the following:
+ *
+ * * To suppress caching of a private document in shared caches: Cache-
+ * control: private.
+ *
+ * * To allow caching of a document and require that it be validated
+ * before returning it to the client: Cache-control: must-revalidate.
+ *
+ * * To allow caching of a document, but to require that proxy caches
+ * (not user agent caches) validate it before returning it to the
+ * client: Cache-control: proxy-revalidate.
+ *
+ * * To allow caching of a document and request that it be validated
+ * before returning it to the client (by "pre-expiring" it):
+ * Cache-control: max-age=0. Not all caches will revalidate the
+ * document in every case.
+ *
+ * HTTP/1.1 servers must send Expires: old-date (where old-date is a
+ * date long in the past) on responses containing Set-Cookie response
+ * headers unless they know for certain (by out of band means) that
+ * there are no downsteam HTTP/1.0 proxies. HTTP/1.1 servers may send
+ * other Cache-Control directives that permit caching by HTTP/1.1
+ * proxies in addition to the Expires: old-date directive; the Cache-
+ * Control directive will override the Expires: old-date for HTTP/1.1
+ * proxies.
+ *
+ */
+
+ void cookie::_set_string(const string& p,const string& v) {
+ (*this)[p]=v;
+ }
+
+ void cookie::set_comment(const string& c) {
+ _set_string("comment",c);
+ }
+ void cookie::set_domain(const string& d) {
+ _set_string("domain",d);
+ }
+ void cookie::set_max_age(const string& ma) {
+ _set_string("max-age",ma);
+ }
+ void cookie::set_path(const string& p) {
+ _set_string("path",p);
+ }
+ void cookie::set_secure(bool s) {
+ if(s)
+ _set_string("secure","");
+ else
+ erase("secure");
+ }
+
+ void cookie::set_expires(const string& e) {
+ (*this)["expires"] = e;
+ }
+
+ const string& cookie::_get_string(const string& s) const {
+ const_iterator i = find(s);
+ if(i==end())
+ throw exception_notfound(CODEPOINT,"No parameter set");
+ return i->second;
+ }
+
+ const string& cookie::get_comment() const {
+ return _get_string("comment");
+ }
+ const string& cookie::get_domain() const {
+ return _get_string("domain");
+ }
+ const string& cookie::get_max_age() const {
+ return _get_string("max-age");
+ }
+ const string& cookie::get_path() const {
+ return _get_string("path");
+ }
+ bool cookie::get_secure() const {
+ return find("secure")!=end();
+ }
+
+ const string& cookie::get_expires() const {
+ return _get_string("expires");
+ }
+
+ bool cookie::has_comment() const {
+ return find("comment")!=end();
+ }
+ bool cookie::has_domain() const {
+ return find("domain")!=end();
+ }
+ bool cookie::has_max_age() const {
+ return find("max-age")!=end();
+ }
+ bool cookie::has_path() const {
+ return find("path")!=end();
+ }
+
+ bool cookie::has_expires() const {
+ return find("expires")!=end();
+ }
+
+ void cookie::unset_comment() {
+ erase("comment");
+ }
+ void cookie::unset_domain() {
+ erase("domain");
+ }
+ void cookie::unset_max_age() {
+ erase("max-age");
+ }
+ void cookie::unset_path() {
+ erase("path");
+ }
+
+ void cookie::unset_expires() {
+ erase("expires");
+ }
+
+ string cookie::set_cookie_header_rfc2109() const {
+ string rv = name + "=" + http_quoted_string(value);
+ for(const_iterator i=begin();i!=end();++i) {
+ if(i->first=="secure") {
+ rv += "; secure";
+ }else{
+ rv += "; "+i->first+"="+http_quote(i->second);
+ }
+ }
+ rv += "; Version=1";
+ return rv;
+ }
+
+ string cookie::set_cookie_header() const {
+ string rv = name + "=" + value;
+ for(const_iterator i=begin();i!=end();++i) {
+ if(i->first=="secure") {
+ rv += "; secure";
+ }else{
+ rv += "; "+i->first+"="+i->second;
+ }
+ }
+ return rv;
+ }
+
+ bool cookies_t::has_cookie(const key_type& n) const {
+ return find(n)!=end();
+ }
+
+ const cookie& cookies_t::get_cookie(const key_type& n) const {
+ const_iterator i=find(n);
+ if(i==end())
+ throw exception_notfound(CODEPOINT,"No cookie with such name found");
+ return i->second;
+ }
+
+ cookie& cookies_t::get_cookie(const key_type& n) {
+ iterator i=find(n);
+ if(i==end())
+ throw exception_notfound(CODEPOINT,"No cookie with such name found");
+ return i->second;
+ }
+
+ void cookies_t::parse_cookies(const string& s) {
+ string str = s;
+ while(!str.empty()) {
+ string::size_type sc = str.find(';');
+ string s;
+ if(sc==string::npos) {
+ s = str;
+ str.erase();
+ }else{
+ s = str.substr(0,sc);
+ str.erase(0,sc+1);
+ }
+ string::size_type nsp=s.find_first_not_of(" \t");
+ if((nsp!=string::npos) && nsp)
+ s.erase(0,nsp);
+ string::size_type eq=s.find('=');
+ if(eq==string::npos)
+ continue;
+ string n = s.substr(0,eq);
+ s.erase(0,eq+1);
+ nsp = n.find_last_not_of(" \t");
+ n.erase(nsp+1);
+ nsp = s.find_first_not_of(" \t");
+ string v;
+ if(nsp!=string::npos)
+ v = s.substr(nsp);
+ else
+ v = s;
+ nsp = v.find_last_not_of(" \t");
+ if(nsp==string::npos)
+ v.erase();
+ else
+ v.erase(nsp+1);
+ cookie& c = (*this)[n];
+ c.set_name(n); c.set_value(v);
+ }
+ }
+
+}
diff --git a/src/headers.cc b/src/headers.cc
new file mode 100644
index 0000000..89ac519
--- a/dev/null
+++ b/src/headers.cc
@@ -0,0 +1,40 @@
+#include "kingate/headers.h"
+#include "kingate/exception.h"
+
+namespace kingate {
+
+ void headers::set_header(const key_type& h,const mapped_type& c) {
+ erase(h);
+ insert(value_type(h,c));
+ }
+ void headers::add_header(const key_type& h,const mapped_type& c) {
+ insert(value_type(h,c));
+ }
+ void headers::unset_header(const key_type& h) {
+ erase(h);
+ }
+ const headers::mapped_type& headers::get_header(const key_type& h) const {
+ const_iterator i=find(h);
+ if(i==end())
+ throw exception_notfound(CODEPOINT,"No such header");
+ return i->second;
+ }
+ headers::mapped_type& headers::get_header(const key_type& h) {
+ // XXX: or should it fail if there's no such thing, unlike operator[]?
+ iterator i=find(h);
+ if(i==end())
+ i = insert(value_type(h,""));
+ return i->second;
+ }
+
+ pair<headers::const_iterator,headers::const_iterator> headers::get_headers(const key_type& h) const {
+ return equal_range(h);
+ }
+ pair<headers::iterator,headers::iterator> headers::get_headers(const key_type& h) {
+ return equal_range(h);
+ }
+
+ bool headers::has_header(const key_type& h) const {
+ return find(h)!=end();
+ }
+}
diff --git a/src/util.cc b/src/util.cc
index 3166e62..48e486a 100644
--- a/src/util.cc
+++ b/src/util.cc
@@ -51,3 +51,56 @@ namespace kingate {
return rv;
}
+
+ /*
+ * RFC 2616:
+ *
+ * separators = "(" | ")" | "<" | ">" | "@"
+ * | "," | ";" | ":" | "\" | <">
+ * | "/" | "[" | "]" | "?" | "="
+ * | "{" | "}" | SP | HT
+ */
+
+ /*
+ * RFC 2616:
+ *
+ * token = 1*<any CHAR except CTLs or separators>
+ */
+
+ static const char *quotible_chars =
+ "\001\002\003\004\005\006\007\010"
+ "\011\012\013\014\015\016\017\020"
+ "\021\022\023\024\025\026\027\030"
+ "\031\032\033\034\035\036\037\040"
+ "()<>@,;:\\\"/[]?={}" /* separator chars (except for SP and HT mentioned elsewhere */
+ "\177"
+ ;
+
+ /*
+ * RFC 2616:
+ *
+ * quoted-string = ( <"> *(qdtext | quoted-pair ) <"> )
+ * qdtext = <any TEXT except <">>
+ *
+ * The backslash character ("\") MAY be used as a single-character
+ * quoting mechanism only within quoted-string and comment constructs.
+ *
+ * quoted-pair = "\" CHAR
+ */
+
+ string http_quoted_string(const string& str) {
+ string rv = str;
+ string::size_type sp=0;
+ for(string::size_type q=rv.find('"');(q=rv.find('"',q))!=string::npos;q+=2)
+ rv.insert(q,1,'\\');
+ rv.insert(0,1,'"');
+ rv += '"';
+ return rv;
+ }
+
+ string http_quote(const string& str) {
+ if(str.find_first_of(quotible_chars)==string::npos)
+ return str;
+ return http_quoted_string(str);
+ }
+
}