1 /* 2 * Wininet - cookie handling stuff 3 * 4 * Copyright 2002 TransGaming Technologies Inc. 5 * 6 * David Hammerton 7 * 8 * This library is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU Lesser General Public 10 * License as published by the Free Software Foundation; either 11 * version 2.1 of the License, or (at your option) any later version. 12 * 13 * This library is distributed in the hope that it will be useful, 14 * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 16 * Lesser General Public License for more details. 17 * 18 * You should have received a copy of the GNU Lesser General Public 19 * License along with this library; if not, write to the Free Software 20 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA 21 */ 22 23 #include "ws2tcpip.h" 24 25 #include <stdarg.h> 26 #include <stdio.h> 27 #include <stdlib.h> 28 #include <string.h> 29 #include <assert.h> 30 31 #include "windef.h" 32 #include "winbase.h" 33 #include "wininet.h" 34 #include "lmcons.h" 35 #include "winerror.h" 36 37 #include "wine/debug.h" 38 #include "internet.h" 39 40 #define RESPONSE_TIMEOUT 30 /* FROM internet.c */ 41 42 43 WINE_DEFAULT_DEBUG_CHANNEL(wininet); 44 45 /* FIXME 46 * Cookies could use A LOT OF MEMORY. We need some kind of memory management here! 47 */ 48 49 struct _cookie_domain_t; 50 struct _cookie_container_t; 51 52 typedef struct _cookie_t { 53 struct list entry; 54 55 struct _cookie_container_t *container; 56 57 WCHAR *name; 58 WCHAR *data; 59 DWORD flags; 60 FILETIME expiry; 61 FILETIME create; 62 } cookie_t; 63 64 typedef struct _cookie_container_t { 65 struct list entry; 66 67 WCHAR *cookie_url; 68 substr_t path; 69 struct _cookie_domain_t *domain; 70 71 struct list cookie_list; 72 } cookie_container_t; 73 74 typedef struct _cookie_domain_t { 75 struct list entry; 76 77 WCHAR *domain; 78 unsigned subdomain_len; 79 80 struct _cookie_domain_t *parent; 81 struct list subdomain_list; 82 83 /* List of stored paths sorted by length of the path. */ 84 struct list path_list; 85 } cookie_domain_t; 86 87 static CRITICAL_SECTION cookie_cs; 88 static CRITICAL_SECTION_DEBUG cookie_cs_debug = 89 { 90 0, 0, &cookie_cs, 91 { &cookie_cs_debug.ProcessLocksList, &cookie_cs_debug.ProcessLocksList }, 92 0, 0, { (DWORD_PTR)(__FILE__ ": cookie_cs") } 93 }; 94 static CRITICAL_SECTION cookie_cs = { &cookie_cs_debug, -1, 0, 0, 0, 0 }; 95 static struct list domain_list = LIST_INIT(domain_list); 96 97 static cookie_domain_t *get_cookie_domain(substr_t domain, BOOL create) 98 { 99 const WCHAR *ptr = domain.str + domain.len, *ptr_end, *subdomain_ptr; 100 cookie_domain_t *iter, *current_domain, *prev_domain = NULL; 101 struct list *current_list = &domain_list; 102 103 while(1) { 104 for(ptr_end = ptr--; ptr > domain.str && *ptr != '.'; ptr--); 105 subdomain_ptr = *ptr == '.' ? ptr+1 : ptr; 106 107 current_domain = NULL; 108 LIST_FOR_EACH_ENTRY(iter, current_list, cookie_domain_t, entry) { 109 if(ptr_end-subdomain_ptr == iter->subdomain_len 110 && !memcmp(subdomain_ptr, iter->domain, iter->subdomain_len*sizeof(WCHAR))) { 111 current_domain = iter; 112 break; 113 } 114 } 115 116 if(!current_domain) { 117 if(!create) 118 return prev_domain; 119 120 current_domain = heap_alloc(sizeof(*current_domain)); 121 if(!current_domain) 122 return NULL; 123 124 current_domain->domain = heap_strndupW(subdomain_ptr, domain.str + domain.len - subdomain_ptr); 125 if(!current_domain->domain) { 126 heap_free(current_domain); 127 return NULL; 128 } 129 130 current_domain->subdomain_len = ptr_end-subdomain_ptr; 131 132 current_domain->parent = prev_domain; 133 list_init(¤t_domain->path_list); 134 list_init(¤t_domain->subdomain_list); 135 136 list_add_tail(current_list, ¤t_domain->entry); 137 } 138 139 if(ptr == domain.str) 140 return current_domain; 141 142 prev_domain = current_domain; 143 current_list = ¤t_domain->subdomain_list; 144 } 145 } 146 147 static WCHAR *create_cookie_url(substr_t domain, substr_t path, substr_t *ret_path) 148 { 149 WCHAR user[UNLEN], *p, *url; 150 DWORD len, user_len, i; 151 152 static const WCHAR cookie_prefix[] = {'C','o','o','k','i','e',':'}; 153 154 user_len = sizeof(user)/sizeof(WCHAR); 155 if(!GetUserNameW(user, &user_len)) 156 return FALSE; 157 user_len--; 158 159 len = sizeof(cookie_prefix)/sizeof(WCHAR) + user_len + 1 /* @ */ + domain.len + path.len; 160 url = heap_alloc((len+1) * sizeof(WCHAR)); 161 if(!url) 162 return NULL; 163 164 memcpy(url, cookie_prefix, sizeof(cookie_prefix)); 165 p = url + sizeof(cookie_prefix)/sizeof(WCHAR); 166 167 memcpy(p, user, user_len*sizeof(WCHAR)); 168 p += user_len; 169 170 *p++ = '@'; 171 172 memcpy(p, domain.str, domain.len*sizeof(WCHAR)); 173 p += domain.len; 174 175 for(i=0; i < path.len; i++) 176 p[i] = tolowerW(path.str[i]); 177 p[path.len] = 0; 178 179 ret_path->str = p; 180 ret_path->len = path.len; 181 return url; 182 } 183 184 static cookie_container_t *get_cookie_container(substr_t domain, substr_t path, BOOL create) 185 { 186 cookie_domain_t *cookie_domain; 187 cookie_container_t *cookie_container, *iter; 188 189 cookie_domain = get_cookie_domain(domain, create); 190 if(!cookie_domain) 191 return NULL; 192 193 LIST_FOR_EACH_ENTRY(cookie_container, &cookie_domain->path_list, cookie_container_t, entry) { 194 if(cookie_container->path.len < path.len) 195 break; 196 197 if(path.len == cookie_container->path.len && !strncmpiW(cookie_container->path.str, path.str, path.len)) 198 return cookie_container; 199 } 200 201 if(!create) 202 return NULL; 203 204 cookie_container = heap_alloc(sizeof(*cookie_container)); 205 if(!cookie_container) 206 return NULL; 207 208 cookie_container->cookie_url = create_cookie_url(substrz(cookie_domain->domain), path, &cookie_container->path); 209 if(!cookie_container->cookie_url) { 210 heap_free(cookie_container); 211 return NULL; 212 } 213 214 cookie_container->domain = cookie_domain; 215 list_init(&cookie_container->cookie_list); 216 217 LIST_FOR_EACH_ENTRY(iter, &cookie_domain->path_list, cookie_container_t, entry) { 218 if(iter->path.len <= path.len) { 219 list_add_before(&iter->entry, &cookie_container->entry); 220 return cookie_container; 221 } 222 } 223 224 list_add_tail(&cookie_domain->path_list, &cookie_container->entry); 225 return cookie_container; 226 } 227 228 static void delete_cookie(cookie_t *cookie) 229 { 230 list_remove(&cookie->entry); 231 232 heap_free(cookie->name); 233 heap_free(cookie->data); 234 heap_free(cookie); 235 } 236 237 static cookie_t *alloc_cookie(substr_t name, substr_t data, FILETIME expiry, FILETIME create_time, DWORD flags) 238 { 239 cookie_t *new_cookie; 240 241 new_cookie = heap_alloc(sizeof(*new_cookie)); 242 if(!new_cookie) 243 return NULL; 244 245 new_cookie->expiry = expiry; 246 new_cookie->create = create_time; 247 new_cookie->flags = flags; 248 list_init(&new_cookie->entry); 249 250 new_cookie->name = heap_strndupW(name.str, name.len); 251 new_cookie->data = heap_strndupW(data.str, data.len); 252 if(!new_cookie->name || !new_cookie->data) { 253 delete_cookie(new_cookie); 254 return NULL; 255 } 256 257 return new_cookie; 258 } 259 260 static cookie_t *find_cookie(cookie_container_t *container, substr_t name) 261 { 262 cookie_t *iter; 263 264 LIST_FOR_EACH_ENTRY(iter, &container->cookie_list, cookie_t, entry) { 265 if(strlenW(iter->name) == name.len && !strncmpiW(iter->name, name.str, name.len)) 266 return iter; 267 } 268 269 return NULL; 270 } 271 272 static void add_cookie(cookie_container_t *container, cookie_t *new_cookie) 273 { 274 TRACE("Adding %s=%s to %s\n", debugstr_w(new_cookie->name), debugstr_w(new_cookie->data), 275 debugstr_w(container->cookie_url)); 276 277 list_add_tail(&container->cookie_list, &new_cookie->entry); 278 new_cookie->container = container; 279 } 280 281 static void replace_cookie(cookie_container_t *container, cookie_t *new_cookie) 282 { 283 cookie_t *old_cookie; 284 285 old_cookie = find_cookie(container, substrz(new_cookie->name)); 286 if(old_cookie) 287 delete_cookie(old_cookie); 288 289 add_cookie(container, new_cookie); 290 } 291 292 static BOOL cookie_match_path(cookie_container_t *container, substr_t path) 293 { 294 return path.len >= container->path.len && !strncmpiW(container->path.str, path.str, container->path.len); 295 } 296 297 static BOOL load_persistent_cookie(substr_t domain, substr_t path) 298 { 299 INTERNET_CACHE_ENTRY_INFOW *info; 300 cookie_container_t *cookie_container; 301 cookie_t *new_cookie; 302 HANDLE cookie; 303 char *str = NULL, *pbeg, *pend; 304 DWORD size, flags; 305 WCHAR *name, *data; 306 FILETIME expiry, create, time; 307 308 cookie_container = get_cookie_container(domain, path, TRUE); 309 if(!cookie_container) 310 return FALSE; 311 312 size = 0; 313 RetrieveUrlCacheEntryStreamW(cookie_container->cookie_url, NULL, &size, FALSE, 0); 314 if(GetLastError() != ERROR_INSUFFICIENT_BUFFER) 315 return TRUE; 316 info = heap_alloc(size); 317 if(!info) 318 return FALSE; 319 cookie = RetrieveUrlCacheEntryStreamW(cookie_container->cookie_url, info, &size, FALSE, 0); 320 size = info->dwSizeLow; 321 heap_free(info); 322 if(!cookie) 323 return FALSE; 324 325 if(!(str = heap_alloc(size+1)) || !ReadUrlCacheEntryStream(cookie, 0, str, &size, 0)) { 326 UnlockUrlCacheEntryStream(cookie, 0); 327 heap_free(str); 328 return FALSE; 329 } 330 str[size] = 0; 331 UnlockUrlCacheEntryStream(cookie, 0); 332 333 GetSystemTimeAsFileTime(&time); 334 for(pbeg=str; pbeg && *pbeg; name=data=NULL) { 335 pend = strchr(pbeg, '\n'); 336 if(!pend) 337 break; 338 *pend = 0; 339 name = heap_strdupAtoW(pbeg); 340 341 pbeg = pend+1; 342 pend = strchr(pbeg, '\n'); 343 if(!pend) 344 break; 345 *pend = 0; 346 data = heap_strdupAtoW(pbeg); 347 348 pbeg = strchr(pend+1, '\n'); 349 if(!pbeg) 350 break; 351 sscanf(pbeg, "%u %u %u %u %u", &flags, &expiry.dwLowDateTime, &expiry.dwHighDateTime, 352 &create.dwLowDateTime, &create.dwHighDateTime); 353 354 /* skip "*\n" */ 355 pbeg = strchr(pbeg, '*'); 356 if(pbeg) { 357 pbeg++; 358 if(*pbeg) 359 pbeg++; 360 } 361 362 if(!name || !data) 363 break; 364 365 if(CompareFileTime(&time, &expiry) <= 0) { 366 new_cookie = alloc_cookie(substr(NULL, 0), substr(NULL, 0), expiry, create, flags); 367 if(!new_cookie) 368 break; 369 370 new_cookie->name = name; 371 new_cookie->data = data; 372 373 replace_cookie(cookie_container, new_cookie); 374 }else { 375 heap_free(name); 376 heap_free(data); 377 } 378 } 379 heap_free(str); 380 heap_free(name); 381 heap_free(data); 382 383 return TRUE; 384 } 385 386 static BOOL save_persistent_cookie(cookie_container_t *container) 387 { 388 static const WCHAR txtW[] = {'t','x','t',0}; 389 390 WCHAR cookie_file[MAX_PATH]; 391 HANDLE cookie_handle; 392 cookie_t *cookie_container = NULL, *cookie_iter; 393 BOOL do_save = FALSE; 394 char buf[64], *dyn_buf; 395 FILETIME time; 396 DWORD bytes_written; 397 size_t len; 398 399 /* check if there's anything to save */ 400 GetSystemTimeAsFileTime(&time); 401 LIST_FOR_EACH_ENTRY_SAFE(cookie_container, cookie_iter, &container->cookie_list, cookie_t, entry) 402 { 403 if((cookie_container->expiry.dwLowDateTime || cookie_container->expiry.dwHighDateTime) 404 && CompareFileTime(&time, &cookie_container->expiry) > 0) { 405 delete_cookie(cookie_container); 406 continue; 407 } 408 409 if(!(cookie_container->flags & INTERNET_COOKIE_IS_SESSION)) { 410 do_save = TRUE; 411 break; 412 } 413 } 414 415 if(!do_save) { 416 DeleteUrlCacheEntryW(container->cookie_url); 417 return TRUE; 418 } 419 420 if(!CreateUrlCacheEntryW(container->cookie_url, 0, txtW, cookie_file, 0)) 421 return FALSE; 422 423 cookie_handle = CreateFileW(cookie_file, GENERIC_WRITE, 0, NULL, OPEN_EXISTING, 0, NULL); 424 if(cookie_handle == INVALID_HANDLE_VALUE) { 425 DeleteFileW(cookie_file); 426 return FALSE; 427 } 428 429 LIST_FOR_EACH_ENTRY(cookie_container, &container->cookie_list, cookie_t, entry) 430 { 431 if(cookie_container->flags & INTERNET_COOKIE_IS_SESSION) 432 continue; 433 434 dyn_buf = heap_strdupWtoA(cookie_container->name); 435 if(!dyn_buf || !WriteFile(cookie_handle, dyn_buf, strlen(dyn_buf), &bytes_written, NULL)) { 436 heap_free(dyn_buf); 437 do_save = FALSE; 438 break; 439 } 440 heap_free(dyn_buf); 441 if(!WriteFile(cookie_handle, "\n", 1, &bytes_written, NULL)) { 442 do_save = FALSE; 443 break; 444 } 445 446 dyn_buf = heap_strdupWtoA(cookie_container->data); 447 if(!dyn_buf || !WriteFile(cookie_handle, dyn_buf, strlen(dyn_buf), &bytes_written, NULL)) { 448 heap_free(dyn_buf); 449 do_save = FALSE; 450 break; 451 } 452 heap_free(dyn_buf); 453 if(!WriteFile(cookie_handle, "\n", 1, &bytes_written, NULL)) { 454 do_save = FALSE; 455 break; 456 } 457 458 dyn_buf = heap_strdupWtoA(container->domain->domain); 459 if(!dyn_buf || !WriteFile(cookie_handle, dyn_buf, strlen(dyn_buf), &bytes_written, NULL)) { 460 heap_free(dyn_buf); 461 do_save = FALSE; 462 break; 463 } 464 heap_free(dyn_buf); 465 466 len = WideCharToMultiByte(CP_ACP, 0, container->path.str, container->path.len, NULL, 0, NULL, NULL); 467 dyn_buf = heap_alloc(len+1); 468 if(dyn_buf) { 469 WideCharToMultiByte(CP_ACP, 0, container->path.str, container->path.len, dyn_buf, len, NULL, NULL); 470 dyn_buf[len] = 0; 471 } 472 if(!dyn_buf || !WriteFile(cookie_handle, dyn_buf, strlen(dyn_buf), &bytes_written, NULL)) { 473 heap_free(dyn_buf); 474 do_save = FALSE; 475 break; 476 } 477 heap_free(dyn_buf); 478 479 sprintf(buf, "\n%u\n%u\n%u\n%u\n%u\n*\n", cookie_container->flags, 480 cookie_container->expiry.dwLowDateTime, cookie_container->expiry.dwHighDateTime, 481 cookie_container->create.dwLowDateTime, cookie_container->create.dwHighDateTime); 482 if(!WriteFile(cookie_handle, buf, strlen(buf), &bytes_written, NULL)) { 483 do_save = FALSE; 484 break; 485 } 486 } 487 488 CloseHandle(cookie_handle); 489 if(!do_save) { 490 ERR("error saving cookie file\n"); 491 DeleteFileW(cookie_file); 492 return FALSE; 493 } 494 495 memset(&time, 0, sizeof(time)); 496 return CommitUrlCacheEntryW(container->cookie_url, cookie_file, time, time, 0, NULL, 0, txtW, 0); 497 } 498 499 static BOOL cookie_parse_url(const WCHAR *url, substr_t *host, substr_t *path) 500 { 501 URL_COMPONENTSW comp = { sizeof(comp) }; 502 static const WCHAR rootW[] = {'/',0}; 503 504 comp.dwHostNameLength = 1; 505 comp.dwUrlPathLength = 1; 506 507 if(!InternetCrackUrlW(url, 0, 0, &comp) || !comp.dwHostNameLength) 508 return FALSE; 509 510 /* discard the webpage off the end of the path */ 511 while(comp.dwUrlPathLength && comp.lpszUrlPath[comp.dwUrlPathLength-1] != '/') 512 comp.dwUrlPathLength--; 513 514 *host = substr(comp.lpszHostName, comp.dwHostNameLength); 515 *path = comp.dwUrlPathLength ? substr(comp.lpszUrlPath, comp.dwUrlPathLength) : substr(rootW, 1); 516 return TRUE; 517 } 518 519 typedef struct { 520 cookie_t **cookies; 521 unsigned cnt; 522 unsigned size; 523 524 unsigned string_len; 525 } cookie_set_t; 526 527 static DWORD get_cookie(substr_t host, substr_t path, DWORD flags, cookie_set_t *res) 528 { 529 static const WCHAR empty_path[] = { '/',0 }; 530 531 const WCHAR *p; 532 cookie_domain_t *domain; 533 cookie_container_t *container; 534 FILETIME tm; 535 536 GetSystemTimeAsFileTime(&tm); 537 538 p = host.str + host.len; 539 while(p > host.str && p[-1] != '.') p--; 540 while(p != host.str) { 541 p--; 542 while(p > host.str && p[-1] != '.') p--; 543 if(p == host.str) break; 544 545 load_persistent_cookie(substr(p, host.str+host.len-p), substr(empty_path, 1)); 546 } 547 548 p = path.str + path.len; 549 do { 550 load_persistent_cookie(host, substr(path.str, p-path.str)); 551 552 p--; 553 while(p > path.str && p[-1] != '/') p--; 554 }while(p != path.str); 555 556 domain = get_cookie_domain(host, FALSE); 557 if(!domain) { 558 TRACE("Unknown host %s\n", debugstr_wn(host.str, host.len)); 559 return ERROR_NO_MORE_ITEMS; 560 } 561 562 for(domain = get_cookie_domain(host, FALSE); domain; domain = domain->parent) { 563 LIST_FOR_EACH_ENTRY(container, &domain->path_list, cookie_container_t, entry) { 564 struct list *cursor, *cursor2; 565 566 if(!cookie_match_path(container, path)) 567 continue; 568 569 LIST_FOR_EACH_SAFE(cursor, cursor2, &container->cookie_list) { 570 cookie_t *cookie_iter = LIST_ENTRY(cursor, cookie_t, entry); 571 572 /* check for expiry */ 573 if((cookie_iter->expiry.dwLowDateTime != 0 || cookie_iter->expiry.dwHighDateTime != 0) 574 && CompareFileTime(&tm, &cookie_iter->expiry) > 0) { 575 TRACE("Found expired cookie. deleting\n"); 576 delete_cookie(cookie_iter); 577 continue; 578 } 579 580 if((cookie_iter->flags & INTERNET_COOKIE_HTTPONLY) && !(flags & INTERNET_COOKIE_HTTPONLY)) 581 continue; 582 583 if(!res->size) { 584 res->cookies = heap_alloc(4*sizeof(*res->cookies)); 585 if(!res->cookies) 586 continue; 587 res->size = 4; 588 }else if(res->cnt == res->size) { 589 cookie_t **new_cookies = heap_realloc(res->cookies, res->size*2*sizeof(*res->cookies)); 590 if(!new_cookies) 591 continue; 592 res->cookies = new_cookies; 593 res->size *= 2; 594 } 595 596 TRACE("%s = %s domain %s path %s\n", debugstr_w(cookie_iter->name), debugstr_w(cookie_iter->data), 597 debugstr_w(domain->domain), debugstr_wn(container->path.str, container->path.len)); 598 599 if(res->cnt) 600 res->string_len += 2; /* '; ' */ 601 res->cookies[res->cnt++] = cookie_iter; 602 603 res->string_len += strlenW(cookie_iter->name); 604 if(*cookie_iter->data) 605 res->string_len += 1 /* = */ + strlenW(cookie_iter->data); 606 } 607 } 608 } 609 610 return ERROR_SUCCESS; 611 } 612 613 static void cookie_set_to_string(const cookie_set_t *cookie_set, WCHAR *str) 614 { 615 WCHAR *ptr = str; 616 unsigned i, len; 617 618 for(i=0; i<cookie_set->cnt; i++) { 619 if(i) { 620 *ptr++ = ';'; 621 *ptr++ = ' '; 622 } 623 624 len = strlenW(cookie_set->cookies[i]->name); 625 memcpy(ptr, cookie_set->cookies[i]->name, len*sizeof(WCHAR)); 626 ptr += len; 627 628 if(*cookie_set->cookies[i]->data) { 629 *ptr++ = '='; 630 len = strlenW(cookie_set->cookies[i]->data); 631 memcpy(ptr, cookie_set->cookies[i]->data, len*sizeof(WCHAR)); 632 ptr += len; 633 } 634 } 635 636 assert(ptr-str == cookie_set->string_len); 637 TRACE("%s\n", debugstr_wn(str, ptr-str)); 638 } 639 640 DWORD get_cookie_header(const WCHAR *host, const WCHAR *path, WCHAR **ret) 641 { 642 cookie_set_t cookie_set = {0}; 643 DWORD res; 644 645 static const WCHAR cookieW[] = {'C','o','o','k','i','e',':',' '}; 646 647 EnterCriticalSection(&cookie_cs); 648 649 res = get_cookie(substrz(host), substrz(path), INTERNET_COOKIE_HTTPONLY, &cookie_set); 650 if(res != ERROR_SUCCESS) { 651 LeaveCriticalSection(&cookie_cs); 652 return res; 653 } 654 655 if(cookie_set.cnt) { 656 WCHAR *header, *ptr; 657 658 ptr = header = heap_alloc(sizeof(cookieW) + (cookie_set.string_len + 3 /* crlf0 */) * sizeof(WCHAR)); 659 if(header) { 660 memcpy(ptr, cookieW, sizeof(cookieW)); 661 ptr += sizeof(cookieW)/sizeof(*cookieW); 662 663 cookie_set_to_string(&cookie_set, ptr); 664 heap_free(cookie_set.cookies); 665 ptr += cookie_set.string_len; 666 667 *ptr++ = '\r'; 668 *ptr++ = '\n'; 669 *ptr++ = 0; 670 671 *ret = header; 672 }else { 673 res = ERROR_NOT_ENOUGH_MEMORY; 674 } 675 }else { 676 *ret = NULL; 677 } 678 679 LeaveCriticalSection(&cookie_cs); 680 return res; 681 } 682 683 static void free_cookie_domain_list(struct list *list) 684 { 685 cookie_container_t *container; 686 cookie_domain_t *domain; 687 688 while(!list_empty(list)) { 689 domain = LIST_ENTRY(list_head(list), cookie_domain_t, entry); 690 691 free_cookie_domain_list(&domain->subdomain_list); 692 693 while(!list_empty(&domain->path_list)) { 694 container = LIST_ENTRY(list_head(&domain->path_list), cookie_container_t, entry); 695 696 while(!list_empty(&container->cookie_list)) 697 delete_cookie(LIST_ENTRY(list_head(&container->cookie_list), cookie_t, entry)); 698 699 heap_free(container->cookie_url); 700 list_remove(&container->entry); 701 heap_free(container); 702 } 703 704 heap_free(domain->domain); 705 list_remove(&domain->entry); 706 heap_free(domain); 707 } 708 } 709 710 /*********************************************************************** 711 * InternetGetCookieExW (WININET.@) 712 * 713 * Retrieve cookie from the specified url 714 * 715 * It should be noted that on windows the lpszCookieName parameter is "not implemented". 716 * So it won't be implemented here. 717 * 718 * RETURNS 719 * TRUE on success 720 * FALSE on failure 721 * 722 */ 723 BOOL WINAPI InternetGetCookieExW(LPCWSTR lpszUrl, LPCWSTR lpszCookieName, 724 LPWSTR lpCookieData, LPDWORD lpdwSize, DWORD flags, void *reserved) 725 { 726 cookie_set_t cookie_set = {0}; 727 substr_t host, path; 728 DWORD res; 729 BOOL ret; 730 731 TRACE("(%s, %s, %p, %p, %x, %p)\n", debugstr_w(lpszUrl),debugstr_w(lpszCookieName), lpCookieData, lpdwSize, flags, reserved); 732 733 if (flags) 734 FIXME("flags 0x%08x not supported\n", flags); 735 736 if (!lpszUrl) 737 { 738 SetLastError(ERROR_INVALID_PARAMETER); 739 return FALSE; 740 } 741 742 ret = cookie_parse_url(lpszUrl, &host, &path); 743 if (!ret) { 744 SetLastError(ERROR_INVALID_PARAMETER); 745 return FALSE; 746 } 747 748 EnterCriticalSection(&cookie_cs); 749 750 res = get_cookie(host, path, flags, &cookie_set); 751 if(res != ERROR_SUCCESS) { 752 LeaveCriticalSection(&cookie_cs); 753 SetLastError(res); 754 return FALSE; 755 } 756 757 if(cookie_set.cnt) { 758 if(!lpCookieData || cookie_set.string_len+1 > *lpdwSize) { 759 *lpdwSize = (cookie_set.string_len + 1) * sizeof(WCHAR); 760 TRACE("returning %u\n", *lpdwSize); 761 if(lpCookieData) { 762 SetLastError(ERROR_INSUFFICIENT_BUFFER); 763 ret = FALSE; 764 } 765 }else { 766 *lpdwSize = cookie_set.string_len + 1; 767 cookie_set_to_string(&cookie_set, lpCookieData); 768 lpCookieData[cookie_set.string_len] = 0; 769 } 770 }else { 771 TRACE("no cookies found for %s\n", debugstr_wn(host.str, host.len)); 772 SetLastError(ERROR_NO_MORE_ITEMS); 773 ret = FALSE; 774 } 775 776 heap_free(cookie_set.cookies); 777 LeaveCriticalSection(&cookie_cs); 778 return ret; 779 } 780 781 /*********************************************************************** 782 * InternetGetCookieW (WININET.@) 783 * 784 * Retrieve cookie for the specified URL. 785 */ 786 BOOL WINAPI InternetGetCookieW(const WCHAR *url, const WCHAR *name, WCHAR *data, DWORD *size) 787 { 788 TRACE("(%s, %s, %s, %p)\n", debugstr_w(url), debugstr_w(name), debugstr_w(data), size); 789 790 return InternetGetCookieExW(url, name, data, size, 0, NULL); 791 } 792 793 /*********************************************************************** 794 * InternetGetCookieExA (WININET.@) 795 * 796 * Retrieve cookie from the specified url 797 * 798 * RETURNS 799 * TRUE on success 800 * FALSE on failure 801 * 802 */ 803 BOOL WINAPI InternetGetCookieExA(LPCSTR lpszUrl, LPCSTR lpszCookieName, 804 LPSTR lpCookieData, LPDWORD lpdwSize, DWORD flags, void *reserved) 805 { 806 WCHAR *url, *name; 807 DWORD len, size = 0; 808 BOOL r; 809 810 TRACE("(%s %s %p %p(%u) %x %p)\n", debugstr_a(lpszUrl), debugstr_a(lpszCookieName), 811 lpCookieData, lpdwSize, lpdwSize ? *lpdwSize : 0, flags, reserved); 812 813 url = heap_strdupAtoW(lpszUrl); 814 name = heap_strdupAtoW(lpszCookieName); 815 816 r = InternetGetCookieExW( url, name, NULL, &len, flags, reserved ); 817 if( r ) 818 { 819 WCHAR *szCookieData; 820 821 szCookieData = heap_alloc(len * sizeof(WCHAR)); 822 if( !szCookieData ) 823 { 824 r = FALSE; 825 } 826 else 827 { 828 r = InternetGetCookieExW( url, name, szCookieData, &len, flags, reserved ); 829 830 if(r) { 831 size = WideCharToMultiByte( CP_ACP, 0, szCookieData, len, NULL, 0, NULL, NULL); 832 if(lpCookieData) { 833 if(*lpdwSize >= size) { 834 WideCharToMultiByte( CP_ACP, 0, szCookieData, len, lpCookieData, *lpdwSize, NULL, NULL); 835 }else { 836 SetLastError(ERROR_INSUFFICIENT_BUFFER); 837 r = FALSE; 838 } 839 } 840 } 841 842 heap_free( szCookieData ); 843 } 844 } 845 *lpdwSize = size; 846 heap_free( name ); 847 heap_free( url ); 848 return r; 849 } 850 851 /*********************************************************************** 852 * InternetGetCookieA (WININET.@) 853 * 854 * See InternetGetCookieW. 855 */ 856 BOOL WINAPI InternetGetCookieA(const char *url, const char *name, char *data, DWORD *size) 857 { 858 TRACE("(%s, %s, %p, %p)\n", debugstr_a(url), debugstr_a(name), data, size); 859 860 return InternetGetCookieExA(url, name, data, size, 0, NULL); 861 } 862 863 static BOOL is_domain_legal_for_cookie(substr_t domain, substr_t full_domain) 864 { 865 const WCHAR *ptr; 866 867 if(!domain.len || *domain.str == '.' || !full_domain.len || *full_domain.str == '.') { 868 SetLastError(ERROR_INVALID_NAME); 869 return FALSE; 870 } 871 872 if(domain.len > full_domain.len || !memchrW(domain.str, '.', domain.len) || !memchrW(full_domain.str, '.', full_domain.len)) 873 return FALSE; 874 875 ptr = full_domain.str + full_domain.len - domain.len; 876 if (strncmpiW(domain.str, ptr, domain.len) || (full_domain.len > domain.len && ptr[-1] != '.')) { 877 SetLastError(ERROR_INVALID_PARAMETER); 878 return FALSE; 879 } 880 881 return TRUE; 882 } 883 884 /*********************************************************************** 885 * IsDomainLegalCookieDomainW (WININET.@) 886 */ 887 BOOL WINAPI IsDomainLegalCookieDomainW(const WCHAR *domain, const WCHAR *full_domain) 888 { 889 FIXME("(%s, %s) semi-stub\n", debugstr_w(domain), debugstr_w(full_domain)); 890 891 if (!domain || !full_domain) { 892 SetLastError(ERROR_INVALID_PARAMETER); 893 return FALSE; 894 } 895 896 return is_domain_legal_for_cookie(substrz(domain), substrz(full_domain)); 897 } 898 899 static void substr_skip(substr_t *str, size_t len) 900 { 901 assert(str->len >= len); 902 str->str += len; 903 str->len -= len; 904 } 905 906 DWORD set_cookie(substr_t domain, substr_t path, substr_t name, substr_t data, DWORD flags) 907 { 908 cookie_container_t *container; 909 cookie_t *thisCookie; 910 substr_t value; 911 const WCHAR *end_ptr; 912 FILETIME expiry, create; 913 BOOL expired = FALSE, update_persistent = FALSE; 914 DWORD cookie_flags = 0, len; 915 916 TRACE("%s %s %s=%s %x\n", debugstr_wn(domain.str, domain.len), debugstr_wn(path.str, path.len), 917 debugstr_wn(name.str, name.len), debugstr_wn(data.str, data.len), flags); 918 919 memset(&expiry,0,sizeof(expiry)); 920 GetSystemTimeAsFileTime(&create); 921 922 /* lots of information can be parsed out of the cookie value */ 923 924 if(!(end_ptr = memchrW(data.str, ';', data.len))) 925 end_ptr = data.str + data.len; 926 value = substr(data.str, end_ptr-data.str); 927 data.str += value.len; 928 data.len -= value.len; 929 930 for(;;) { 931 static const WCHAR szDomain[] = {'d','o','m','a','i','n','='}; 932 static const WCHAR szPath[] = {'p','a','t','h','='}; 933 static const WCHAR szExpires[] = {'e','x','p','i','r','e','s','='}; 934 static const WCHAR szSecure[] = {'s','e','c','u','r','e'}; 935 static const WCHAR szHttpOnly[] = {'h','t','t','p','o','n','l','y'}; 936 static const WCHAR szVersion[] = {'v','e','r','s','i','o','n','='}; 937 static const WCHAR max_ageW[] = {'m','a','x','-','a','g','e','='}; 938 939 /* Skip ';' */ 940 if(data.len) 941 substr_skip(&data, 1); 942 943 while(data.len && *data.str == ' ') 944 substr_skip(&data, 1); 945 946 if(!data.len) 947 break; 948 949 if(!(end_ptr = memchrW(data.str, ';', data.len))) 950 end_ptr = data.str + data.len; 951 952 if(data.len >= (len = sizeof(szDomain)/sizeof(WCHAR)) && !strncmpiW(data.str, szDomain, len)) { 953 substr_skip(&data, len); 954 955 if(data.len && *data.str == '.') 956 substr_skip(&data, 1); 957 958 if(!is_domain_legal_for_cookie(substr(data.str, end_ptr-data.str), domain)) 959 return COOKIE_STATE_UNKNOWN; 960 961 domain = substr(data.str, end_ptr-data.str); 962 TRACE("Parsing new domain %s\n", debugstr_wn(domain.str, domain.len)); 963 }else if(data.len >= (len = sizeof(szPath)/sizeof(WCHAR)) && !strncmpiW(data.str, szPath, len)) { 964 substr_skip(&data, len); 965 path = substr(data.str, end_ptr - data.str); 966 TRACE("Parsing new path %s\n", debugstr_wn(path.str, path.len)); 967 }else if(data.len >= (len = sizeof(szExpires)/sizeof(WCHAR)) && !strncmpiW(data.str, szExpires, len)) { 968 SYSTEMTIME st; 969 WCHAR buf[128]; 970 971 substr_skip(&data, len); 972 973 if(end_ptr - data.str < sizeof(buf)/sizeof(WCHAR)-1) { 974 memcpy(buf, data.str, data.len*sizeof(WCHAR)); 975 buf[data.len] = 0; 976 977 if (InternetTimeToSystemTimeW(data.str, &st, 0)) { 978 SystemTimeToFileTime(&st, &expiry); 979 980 if (CompareFileTime(&create,&expiry) > 0) { 981 TRACE("Cookie already expired.\n"); 982 expired = TRUE; 983 } 984 } 985 } 986 }else if(data.len >= (len = sizeof(szSecure)/sizeof(WCHAR)) && !strncmpiW(data.str, szSecure, len)) { 987 substr_skip(&data, len); 988 FIXME("secure not handled\n"); 989 }else if(data.len >= (len = sizeof(szHttpOnly)/sizeof(WCHAR)) && !strncmpiW(data.str, szHttpOnly, len)) { 990 substr_skip(&data, len); 991 992 if(!(flags & INTERNET_COOKIE_HTTPONLY)) { 993 WARN("HTTP only cookie added without INTERNET_COOKIE_HTTPONLY flag\n"); 994 SetLastError(ERROR_INVALID_OPERATION); 995 return COOKIE_STATE_REJECT; 996 } 997 998 cookie_flags |= INTERNET_COOKIE_HTTPONLY; 999 }else if(data.len >= (len = sizeof(szVersion)/sizeof(WCHAR)) && !strncmpiW(data.str, szVersion, len)) { 1000 substr_skip(&data, len); 1001 1002 FIXME("version not handled (%s)\n",debugstr_wn(data.str, data.len)); 1003 }else if(data.len >= (len = sizeof(max_ageW)/sizeof(WCHAR)) && !strncmpiW(data.str, max_ageW, len)) { 1004 /* Native doesn't support Max-Age attribute. */ 1005 WARN("Max-Age ignored\n"); 1006 }else if(data.len) { 1007 FIXME("Unknown additional option %s\n", debugstr_wn(data.str, data.len)); 1008 } 1009 1010 substr_skip(&data, end_ptr - data.str); 1011 } 1012 1013 EnterCriticalSection(&cookie_cs); 1014 1015 load_persistent_cookie(domain, path); 1016 1017 container = get_cookie_container(domain, path, !expired); 1018 if(!container) { 1019 LeaveCriticalSection(&cookie_cs); 1020 return COOKIE_STATE_ACCEPT; 1021 } 1022 1023 if(!expiry.dwLowDateTime && !expiry.dwHighDateTime) 1024 cookie_flags |= INTERNET_COOKIE_IS_SESSION; 1025 else 1026 update_persistent = TRUE; 1027 1028 if ((thisCookie = find_cookie(container, name))) { 1029 if ((thisCookie->flags & INTERNET_COOKIE_HTTPONLY) && !(flags & INTERNET_COOKIE_HTTPONLY)) { 1030 WARN("An attempt to override httponly cookie\n"); 1031 SetLastError(ERROR_INVALID_OPERATION); 1032 LeaveCriticalSection(&cookie_cs); 1033 return COOKIE_STATE_REJECT; 1034 } 1035 1036 if (!(thisCookie->flags & INTERNET_COOKIE_IS_SESSION)) 1037 update_persistent = TRUE; 1038 delete_cookie(thisCookie); 1039 } 1040 1041 TRACE("setting cookie %s=%s for domain %s path %s\n", debugstr_wn(name.str, name.len), 1042 debugstr_wn(value.str, value.len), debugstr_w(container->domain->domain), 1043 debugstr_wn(container->path.str, container->path.len)); 1044 1045 if (!expired) { 1046 cookie_t *new_cookie; 1047 1048 new_cookie = alloc_cookie(name, value, expiry, create, cookie_flags); 1049 if(!new_cookie) { 1050 LeaveCriticalSection(&cookie_cs); 1051 return COOKIE_STATE_UNKNOWN; 1052 } 1053 1054 add_cookie(container, new_cookie); 1055 } 1056 1057 if (!update_persistent || save_persistent_cookie(container)) 1058 { 1059 LeaveCriticalSection(&cookie_cs); 1060 return COOKIE_STATE_ACCEPT; 1061 } 1062 LeaveCriticalSection(&cookie_cs); 1063 return COOKIE_STATE_UNKNOWN; 1064 } 1065 1066 /*********************************************************************** 1067 * InternetSetCookieExW (WININET.@) 1068 * 1069 * Sets cookie for the specified url 1070 */ 1071 DWORD WINAPI InternetSetCookieExW(LPCWSTR lpszUrl, LPCWSTR lpszCookieName, 1072 LPCWSTR lpCookieData, DWORD flags, DWORD_PTR reserved) 1073 { 1074 substr_t host, path, name, data; 1075 BOOL ret; 1076 1077 TRACE("(%s, %s, %s, %x, %lx)\n", debugstr_w(lpszUrl), debugstr_w(lpszCookieName), 1078 debugstr_w(lpCookieData), flags, reserved); 1079 1080 if (flags & ~INTERNET_COOKIE_HTTPONLY) 1081 FIXME("flags %x not supported\n", flags); 1082 1083 if (!lpszUrl || !lpCookieData) 1084 { 1085 SetLastError(ERROR_INVALID_PARAMETER); 1086 return COOKIE_STATE_UNKNOWN; 1087 } 1088 1089 ret = cookie_parse_url(lpszUrl, &host, &path); 1090 if (!ret || !host.len) return COOKIE_STATE_UNKNOWN; 1091 1092 if (!lpszCookieName) { 1093 const WCHAR *ptr; 1094 1095 /* some apps (or is it us??) try to add a cookie with no cookie name, but 1096 * the cookie data in the form of name[=data]. 1097 */ 1098 if (!(ptr = strchrW(lpCookieData, '='))) 1099 ptr = lpCookieData + strlenW(lpCookieData); 1100 1101 name = substr(lpCookieData, ptr - lpCookieData); 1102 data = substrz(*ptr == '=' ? ptr+1 : ptr); 1103 }else { 1104 name = substrz(lpszCookieName); 1105 data = substrz(lpCookieData); 1106 } 1107 1108 return set_cookie(host, path, name, data, flags); 1109 } 1110 1111 /*********************************************************************** 1112 * InternetSetCookieW (WININET.@) 1113 * 1114 * Sets a cookie for the specified URL. 1115 */ 1116 BOOL WINAPI InternetSetCookieW(const WCHAR *url, const WCHAR *name, const WCHAR *data) 1117 { 1118 TRACE("(%s, %s, %s)\n", debugstr_w(url), debugstr_w(name), debugstr_w(data)); 1119 1120 return InternetSetCookieExW(url, name, data, 0, 0) == COOKIE_STATE_ACCEPT; 1121 } 1122 1123 /*********************************************************************** 1124 * InternetSetCookieA (WININET.@) 1125 * 1126 * Sets cookie for the specified url 1127 * 1128 * RETURNS 1129 * TRUE on success 1130 * FALSE on failure 1131 * 1132 */ 1133 BOOL WINAPI InternetSetCookieA(LPCSTR lpszUrl, LPCSTR lpszCookieName, 1134 LPCSTR lpCookieData) 1135 { 1136 LPWSTR data, url, name; 1137 BOOL r; 1138 1139 TRACE("(%s,%s,%s)\n", debugstr_a(lpszUrl), 1140 debugstr_a(lpszCookieName), debugstr_a(lpCookieData)); 1141 1142 url = heap_strdupAtoW(lpszUrl); 1143 name = heap_strdupAtoW(lpszCookieName); 1144 data = heap_strdupAtoW(lpCookieData); 1145 1146 r = InternetSetCookieW( url, name, data ); 1147 1148 heap_free( data ); 1149 heap_free( name ); 1150 heap_free( url ); 1151 return r; 1152 } 1153 1154 /*********************************************************************** 1155 * InternetSetCookieExA (WININET.@) 1156 * 1157 * See InternetSetCookieExW. 1158 */ 1159 DWORD WINAPI InternetSetCookieExA( LPCSTR lpszURL, LPCSTR lpszCookieName, LPCSTR lpszCookieData, 1160 DWORD dwFlags, DWORD_PTR dwReserved) 1161 { 1162 WCHAR *data, *url, *name; 1163 DWORD r; 1164 1165 TRACE("(%s, %s, %s, %x, %lx)\n", debugstr_a(lpszURL), debugstr_a(lpszCookieName), 1166 debugstr_a(lpszCookieData), dwFlags, dwReserved); 1167 1168 url = heap_strdupAtoW(lpszURL); 1169 name = heap_strdupAtoW(lpszCookieName); 1170 data = heap_strdupAtoW(lpszCookieData); 1171 1172 r = InternetSetCookieExW(url, name, data, dwFlags, dwReserved); 1173 1174 heap_free( data ); 1175 heap_free( name ); 1176 heap_free( url ); 1177 return r; 1178 } 1179 1180 /*********************************************************************** 1181 * InternetClearAllPerSiteCookieDecisions (WININET.@) 1182 * 1183 * Clears all per-site decisions about cookies. 1184 * 1185 * RETURNS 1186 * TRUE on success 1187 * FALSE on failure 1188 * 1189 */ 1190 BOOL WINAPI InternetClearAllPerSiteCookieDecisions( VOID ) 1191 { 1192 FIXME("stub\n"); 1193 return TRUE; 1194 } 1195 1196 /*********************************************************************** 1197 * InternetEnumPerSiteCookieDecisionA (WININET.@) 1198 * 1199 * See InternetEnumPerSiteCookieDecisionW. 1200 */ 1201 BOOL WINAPI InternetEnumPerSiteCookieDecisionA( LPSTR pszSiteName, ULONG *pcSiteNameSize, 1202 ULONG *pdwDecision, ULONG dwIndex ) 1203 { 1204 FIXME("(%s, %p, %p, 0x%08x) stub\n", 1205 debugstr_a(pszSiteName), pcSiteNameSize, pdwDecision, dwIndex); 1206 return FALSE; 1207 } 1208 1209 /*********************************************************************** 1210 * InternetEnumPerSiteCookieDecisionW (WININET.@) 1211 * 1212 * Enumerates all per-site decisions about cookies. 1213 * 1214 * RETURNS 1215 * TRUE on success 1216 * FALSE on failure 1217 * 1218 */ 1219 BOOL WINAPI InternetEnumPerSiteCookieDecisionW( LPWSTR pszSiteName, ULONG *pcSiteNameSize, 1220 ULONG *pdwDecision, ULONG dwIndex ) 1221 { 1222 FIXME("(%s, %p, %p, 0x%08x) stub\n", 1223 debugstr_w(pszSiteName), pcSiteNameSize, pdwDecision, dwIndex); 1224 return FALSE; 1225 } 1226 1227 /*********************************************************************** 1228 * InternetGetPerSiteCookieDecisionA (WININET.@) 1229 */ 1230 BOOL WINAPI InternetGetPerSiteCookieDecisionA( LPCSTR pwchHostName, ULONG *pResult ) 1231 { 1232 FIXME("(%s, %p) stub\n", debugstr_a(pwchHostName), pResult); 1233 return FALSE; 1234 } 1235 1236 /*********************************************************************** 1237 * InternetGetPerSiteCookieDecisionW (WININET.@) 1238 */ 1239 BOOL WINAPI InternetGetPerSiteCookieDecisionW( LPCWSTR pwchHostName, ULONG *pResult ) 1240 { 1241 FIXME("(%s, %p) stub\n", debugstr_w(pwchHostName), pResult); 1242 return FALSE; 1243 } 1244 1245 /*********************************************************************** 1246 * InternetSetPerSiteCookieDecisionA (WININET.@) 1247 */ 1248 BOOL WINAPI InternetSetPerSiteCookieDecisionA( LPCSTR pchHostName, DWORD dwDecision ) 1249 { 1250 FIXME("(%s, 0x%08x) stub\n", debugstr_a(pchHostName), dwDecision); 1251 return FALSE; 1252 } 1253 1254 /*********************************************************************** 1255 * InternetSetPerSiteCookieDecisionW (WININET.@) 1256 */ 1257 BOOL WINAPI InternetSetPerSiteCookieDecisionW( LPCWSTR pchHostName, DWORD dwDecision ) 1258 { 1259 FIXME("(%s, 0x%08x) stub\n", debugstr_w(pchHostName), dwDecision); 1260 return FALSE; 1261 } 1262 1263 void free_cookie(void) 1264 { 1265 EnterCriticalSection(&cookie_cs); 1266 1267 free_cookie_domain_list(&domain_list); 1268 1269 LeaveCriticalSection(&cookie_cs); 1270 } 1271