1 /* 2 * Wininet - cookie handling stuff 3 * 4 * Copyright 2002 TransGaming Technologies Inc. 5 * 6 * David Hammerton 7 * 8 * This library is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU Lesser General Public 10 * License as published by the Free Software Foundation; either 11 * version 2.1 of the License, or (at your option) any later version. 12 * 13 * This library is distributed in the hope that it will be useful, 14 * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 16 * Lesser General Public License for more details. 17 * 18 * You should have received a copy of the GNU Lesser General Public 19 * License along with this library; if not, write to the Free Software 20 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA 21 */ 22 23 #include "ws2tcpip.h" 24 25 #include <stdarg.h> 26 #include <stdio.h> 27 #include <stdlib.h> 28 #include <string.h> 29 #include <assert.h> 30 31 #include "windef.h" 32 #include "winbase.h" 33 #include "wininet.h" 34 #include "lmcons.h" 35 #include "winerror.h" 36 37 #include "wine/debug.h" 38 #include "internet.h" 39 40 #define RESPONSE_TIMEOUT 30 /* FROM internet.c */ 41 42 43 WINE_DEFAULT_DEBUG_CHANNEL(wininet); 44 45 /* FIXME 46 * Cookies could use A LOT OF MEMORY. We need some kind of memory management here! 47 */ 48 49 struct _cookie_domain_t; 50 struct _cookie_container_t; 51 52 typedef struct _cookie_t { 53 struct list entry; 54 55 struct _cookie_container_t *container; 56 57 WCHAR *name; 58 WCHAR *data; 59 DWORD flags; 60 FILETIME expiry; 61 FILETIME create; 62 } cookie_t; 63 64 typedef struct _cookie_container_t { 65 struct list entry; 66 67 WCHAR *cookie_url; 68 substr_t path; 69 struct _cookie_domain_t *domain; 70 71 struct list cookie_list; 72 } cookie_container_t; 73 74 typedef struct _cookie_domain_t { 75 struct list entry; 76 77 WCHAR *domain; 78 unsigned subdomain_len; 79 80 struct _cookie_domain_t *parent; 81 struct list subdomain_list; 82 83 /* List of stored paths sorted by length of the path. */ 84 struct list path_list; 85 } cookie_domain_t; 86 87 static CRITICAL_SECTION cookie_cs; 88 static CRITICAL_SECTION_DEBUG cookie_cs_debug = 89 { 90 0, 0, &cookie_cs, 91 { &cookie_cs_debug.ProcessLocksList, &cookie_cs_debug.ProcessLocksList }, 92 0, 0, { (DWORD_PTR)(__FILE__ ": cookie_cs") } 93 }; 94 static CRITICAL_SECTION cookie_cs = { &cookie_cs_debug, -1, 0, 0, 0, 0 }; 95 static struct list domain_list = LIST_INIT(domain_list); 96 97 static cookie_domain_t *get_cookie_domain(substr_t domain, BOOL create) 98 { 99 const WCHAR *ptr = domain.str + domain.len, *ptr_end, *subdomain_ptr; 100 cookie_domain_t *iter, *current_domain, *prev_domain = NULL; 101 struct list *current_list = &domain_list; 102 103 while(1) { 104 for(ptr_end = ptr--; ptr > domain.str && *ptr != '.'; ptr--); 105 subdomain_ptr = *ptr == '.' ? ptr+1 : ptr; 106 107 current_domain = NULL; 108 LIST_FOR_EACH_ENTRY(iter, current_list, cookie_domain_t, entry) { 109 if(ptr_end-subdomain_ptr == iter->subdomain_len 110 && !memcmp(subdomain_ptr, iter->domain, iter->subdomain_len*sizeof(WCHAR))) { 111 current_domain = iter; 112 break; 113 } 114 } 115 116 if(!current_domain) { 117 if(!create) 118 return prev_domain; 119 120 current_domain = heap_alloc(sizeof(*current_domain)); 121 if(!current_domain) 122 return NULL; 123 124 current_domain->domain = heap_strndupW(subdomain_ptr, domain.str + domain.len - subdomain_ptr); 125 if(!current_domain->domain) { 126 heap_free(current_domain); 127 return NULL; 128 } 129 130 current_domain->subdomain_len = ptr_end-subdomain_ptr; 131 132 current_domain->parent = prev_domain; 133 list_init(¤t_domain->path_list); 134 list_init(¤t_domain->subdomain_list); 135 136 list_add_tail(current_list, ¤t_domain->entry); 137 } 138 139 if(ptr == domain.str) 140 return current_domain; 141 142 prev_domain = current_domain; 143 current_list = ¤t_domain->subdomain_list; 144 } 145 } 146 147 static WCHAR *create_cookie_url(substr_t domain, substr_t path, substr_t *ret_path) 148 { 149 WCHAR user[UNLEN], *p, *url; 150 DWORD len, user_len, i; 151 152 static const WCHAR cookie_prefix[] = {'C','o','o','k','i','e',':'}; 153 154 user_len = ARRAY_SIZE(user); 155 if(!GetUserNameW(user, &user_len)) 156 return FALSE; 157 user_len--; 158 159 len = ARRAY_SIZE(cookie_prefix) + user_len + 1 /* @ */ + domain.len + path.len; 160 url = heap_alloc((len+1) * sizeof(WCHAR)); 161 if(!url) 162 return NULL; 163 164 memcpy(url, cookie_prefix, sizeof(cookie_prefix)); 165 p = url + ARRAY_SIZE(cookie_prefix); 166 167 memcpy(p, user, user_len*sizeof(WCHAR)); 168 p += user_len; 169 170 *p++ = '@'; 171 172 memcpy(p, domain.str, domain.len*sizeof(WCHAR)); 173 p += domain.len; 174 175 for(i=0; i < path.len; i++) 176 p[i] = tolowerW(path.str[i]); 177 p[path.len] = 0; 178 179 ret_path->str = p; 180 ret_path->len = path.len; 181 return url; 182 } 183 184 static cookie_container_t *get_cookie_container(substr_t domain, substr_t path, BOOL create) 185 { 186 cookie_domain_t *cookie_domain; 187 cookie_container_t *cookie_container, *iter; 188 189 cookie_domain = get_cookie_domain(domain, create); 190 if(!cookie_domain) 191 return NULL; 192 193 LIST_FOR_EACH_ENTRY(cookie_container, &cookie_domain->path_list, cookie_container_t, entry) { 194 if(cookie_container->path.len < path.len) 195 break; 196 197 if(path.len == cookie_container->path.len && !strncmpiW(cookie_container->path.str, path.str, path.len)) 198 return cookie_container; 199 } 200 201 if(!create) 202 return NULL; 203 204 cookie_container = heap_alloc(sizeof(*cookie_container)); 205 if(!cookie_container) 206 return NULL; 207 208 cookie_container->cookie_url = create_cookie_url(substrz(cookie_domain->domain), path, &cookie_container->path); 209 if(!cookie_container->cookie_url) { 210 heap_free(cookie_container); 211 return NULL; 212 } 213 214 cookie_container->domain = cookie_domain; 215 list_init(&cookie_container->cookie_list); 216 217 LIST_FOR_EACH_ENTRY(iter, &cookie_domain->path_list, cookie_container_t, entry) { 218 if(iter->path.len <= path.len) { 219 list_add_before(&iter->entry, &cookie_container->entry); 220 return cookie_container; 221 } 222 } 223 224 list_add_tail(&cookie_domain->path_list, &cookie_container->entry); 225 return cookie_container; 226 } 227 228 static void delete_cookie(cookie_t *cookie) 229 { 230 list_remove(&cookie->entry); 231 232 heap_free(cookie->name); 233 heap_free(cookie->data); 234 heap_free(cookie); 235 } 236 237 static cookie_t *alloc_cookie(substr_t name, substr_t data, FILETIME expiry, FILETIME create_time, DWORD flags) 238 { 239 cookie_t *new_cookie; 240 241 new_cookie = heap_alloc_zero(sizeof(*new_cookie)); 242 if(!new_cookie) 243 return NULL; 244 245 new_cookie->expiry = expiry; 246 new_cookie->create = create_time; 247 new_cookie->flags = flags; 248 list_init(&new_cookie->entry); 249 250 if(name.str && !(new_cookie->name = heap_strndupW(name.str, name.len))) { 251 delete_cookie(new_cookie); 252 return NULL; 253 } 254 255 if(data.str && !(new_cookie->data = heap_strndupW(data.str, data.len))) { 256 delete_cookie(new_cookie); 257 return NULL; 258 } 259 260 return new_cookie; 261 } 262 263 static cookie_t *find_cookie(cookie_container_t *container, substr_t name) 264 { 265 cookie_t *iter; 266 267 LIST_FOR_EACH_ENTRY(iter, &container->cookie_list, cookie_t, entry) { 268 if(strlenW(iter->name) == name.len && !strncmpiW(iter->name, name.str, name.len)) 269 return iter; 270 } 271 272 return NULL; 273 } 274 275 static void add_cookie(cookie_container_t *container, cookie_t *new_cookie) 276 { 277 TRACE("Adding %s=%s to %s\n", debugstr_w(new_cookie->name), debugstr_w(new_cookie->data), 278 debugstr_w(container->cookie_url)); 279 280 list_add_tail(&container->cookie_list, &new_cookie->entry); 281 new_cookie->container = container; 282 } 283 284 static void replace_cookie(cookie_container_t *container, cookie_t *new_cookie) 285 { 286 cookie_t *old_cookie; 287 288 old_cookie = find_cookie(container, substrz(new_cookie->name)); 289 if(old_cookie) 290 delete_cookie(old_cookie); 291 292 add_cookie(container, new_cookie); 293 } 294 295 static BOOL cookie_match_path(cookie_container_t *container, substr_t path) 296 { 297 return path.len >= container->path.len && !strncmpiW(container->path.str, path.str, container->path.len); 298 } 299 300 static BOOL load_persistent_cookie(substr_t domain, substr_t path) 301 { 302 INTERNET_CACHE_ENTRY_INFOW *info; 303 cookie_container_t *cookie_container; 304 cookie_t *new_cookie; 305 HANDLE cookie; 306 char *str = NULL, *pbeg, *pend; 307 DWORD size, flags; 308 WCHAR *name, *data; 309 FILETIME expiry, create, time; 310 311 cookie_container = get_cookie_container(domain, path, TRUE); 312 if(!cookie_container) 313 return FALSE; 314 315 size = 0; 316 RetrieveUrlCacheEntryStreamW(cookie_container->cookie_url, NULL, &size, FALSE, 0); 317 if(GetLastError() != ERROR_INSUFFICIENT_BUFFER) 318 return TRUE; 319 info = heap_alloc(size); 320 if(!info) 321 return FALSE; 322 cookie = RetrieveUrlCacheEntryStreamW(cookie_container->cookie_url, info, &size, FALSE, 0); 323 size = info->dwSizeLow; 324 heap_free(info); 325 if(!cookie) 326 return FALSE; 327 328 if(!(str = heap_alloc(size+1)) || !ReadUrlCacheEntryStream(cookie, 0, str, &size, 0)) { 329 UnlockUrlCacheEntryStream(cookie, 0); 330 heap_free(str); 331 return FALSE; 332 } 333 str[size] = 0; 334 UnlockUrlCacheEntryStream(cookie, 0); 335 336 GetSystemTimeAsFileTime(&time); 337 for(pbeg=str; pbeg && *pbeg; name=data=NULL) { 338 pend = strchr(pbeg, '\n'); 339 if(!pend) 340 break; 341 *pend = 0; 342 name = heap_strdupAtoW(pbeg); 343 344 pbeg = pend+1; 345 pend = strchr(pbeg, '\n'); 346 if(!pend) 347 break; 348 *pend = 0; 349 data = heap_strdupAtoW(pbeg); 350 351 pbeg = strchr(pend+1, '\n'); 352 if(!pbeg) 353 break; 354 sscanf(pbeg, "%u %u %u %u %u", &flags, &expiry.dwLowDateTime, &expiry.dwHighDateTime, 355 &create.dwLowDateTime, &create.dwHighDateTime); 356 357 /* skip "*\n" */ 358 pbeg = strchr(pbeg, '*'); 359 if(pbeg) { 360 pbeg++; 361 if(*pbeg) 362 pbeg++; 363 } 364 365 if(!name || !data) 366 break; 367 368 if(CompareFileTime(&time, &expiry) <= 0) { 369 new_cookie = alloc_cookie(substr(NULL, 0), substr(NULL, 0), expiry, create, flags); 370 if(!new_cookie) 371 break; 372 373 new_cookie->name = name; 374 new_cookie->data = data; 375 376 replace_cookie(cookie_container, new_cookie); 377 }else { 378 heap_free(name); 379 heap_free(data); 380 } 381 } 382 heap_free(str); 383 heap_free(name); 384 heap_free(data); 385 386 return TRUE; 387 } 388 389 static BOOL save_persistent_cookie(cookie_container_t *container) 390 { 391 static const WCHAR txtW[] = {'t','x','t',0}; 392 393 WCHAR cookie_file[MAX_PATH]; 394 HANDLE cookie_handle; 395 cookie_t *cookie_container = NULL, *cookie_iter; 396 BOOL do_save = FALSE; 397 char buf[64], *dyn_buf; 398 FILETIME time; 399 DWORD bytes_written; 400 size_t len; 401 402 /* check if there's anything to save */ 403 GetSystemTimeAsFileTime(&time); 404 LIST_FOR_EACH_ENTRY_SAFE(cookie_container, cookie_iter, &container->cookie_list, cookie_t, entry) 405 { 406 if((cookie_container->expiry.dwLowDateTime || cookie_container->expiry.dwHighDateTime) 407 && CompareFileTime(&time, &cookie_container->expiry) > 0) { 408 delete_cookie(cookie_container); 409 continue; 410 } 411 412 if(!(cookie_container->flags & INTERNET_COOKIE_IS_SESSION)) { 413 do_save = TRUE; 414 break; 415 } 416 } 417 418 if(!do_save) { 419 DeleteUrlCacheEntryW(container->cookie_url); 420 return TRUE; 421 } 422 423 if(!CreateUrlCacheEntryW(container->cookie_url, 0, txtW, cookie_file, 0)) 424 return FALSE; 425 426 cookie_handle = CreateFileW(cookie_file, GENERIC_WRITE, 0, NULL, OPEN_EXISTING, 0, NULL); 427 if(cookie_handle == INVALID_HANDLE_VALUE) { 428 DeleteFileW(cookie_file); 429 return FALSE; 430 } 431 432 LIST_FOR_EACH_ENTRY(cookie_container, &container->cookie_list, cookie_t, entry) 433 { 434 if(cookie_container->flags & INTERNET_COOKIE_IS_SESSION) 435 continue; 436 437 dyn_buf = heap_strdupWtoA(cookie_container->name); 438 if(!dyn_buf || !WriteFile(cookie_handle, dyn_buf, strlen(dyn_buf), &bytes_written, NULL)) { 439 heap_free(dyn_buf); 440 do_save = FALSE; 441 break; 442 } 443 heap_free(dyn_buf); 444 if(!WriteFile(cookie_handle, "\n", 1, &bytes_written, NULL)) { 445 do_save = FALSE; 446 break; 447 } 448 449 dyn_buf = heap_strdupWtoA(cookie_container->data); 450 if(!dyn_buf || !WriteFile(cookie_handle, dyn_buf, strlen(dyn_buf), &bytes_written, NULL)) { 451 heap_free(dyn_buf); 452 do_save = FALSE; 453 break; 454 } 455 heap_free(dyn_buf); 456 if(!WriteFile(cookie_handle, "\n", 1, &bytes_written, NULL)) { 457 do_save = FALSE; 458 break; 459 } 460 461 dyn_buf = heap_strdupWtoA(container->domain->domain); 462 if(!dyn_buf || !WriteFile(cookie_handle, dyn_buf, strlen(dyn_buf), &bytes_written, NULL)) { 463 heap_free(dyn_buf); 464 do_save = FALSE; 465 break; 466 } 467 heap_free(dyn_buf); 468 469 len = WideCharToMultiByte(CP_ACP, 0, container->path.str, container->path.len, NULL, 0, NULL, NULL); 470 dyn_buf = heap_alloc(len+1); 471 if(dyn_buf) { 472 WideCharToMultiByte(CP_ACP, 0, container->path.str, container->path.len, dyn_buf, len, NULL, NULL); 473 dyn_buf[len] = 0; 474 } 475 if(!dyn_buf || !WriteFile(cookie_handle, dyn_buf, strlen(dyn_buf), &bytes_written, NULL)) { 476 heap_free(dyn_buf); 477 do_save = FALSE; 478 break; 479 } 480 heap_free(dyn_buf); 481 482 sprintf(buf, "\n%u\n%u\n%u\n%u\n%u\n*\n", cookie_container->flags, 483 cookie_container->expiry.dwLowDateTime, cookie_container->expiry.dwHighDateTime, 484 cookie_container->create.dwLowDateTime, cookie_container->create.dwHighDateTime); 485 if(!WriteFile(cookie_handle, buf, strlen(buf), &bytes_written, NULL)) { 486 do_save = FALSE; 487 break; 488 } 489 } 490 491 CloseHandle(cookie_handle); 492 if(!do_save) { 493 ERR("error saving cookie file\n"); 494 DeleteFileW(cookie_file); 495 return FALSE; 496 } 497 498 memset(&time, 0, sizeof(time)); 499 return CommitUrlCacheEntryW(container->cookie_url, cookie_file, time, time, 0, NULL, 0, txtW, 0); 500 } 501 502 static BOOL cookie_parse_url(const WCHAR *url, substr_t *host, substr_t *path) 503 { 504 URL_COMPONENTSW comp = { sizeof(comp) }; 505 static const WCHAR rootW[] = {'/',0}; 506 507 comp.dwHostNameLength = 1; 508 comp.dwUrlPathLength = 1; 509 510 if(!InternetCrackUrlW(url, 0, 0, &comp) || !comp.dwHostNameLength) 511 return FALSE; 512 513 /* discard the webpage off the end of the path */ 514 while(comp.dwUrlPathLength && comp.lpszUrlPath[comp.dwUrlPathLength-1] != '/') 515 comp.dwUrlPathLength--; 516 517 *host = substr(comp.lpszHostName, comp.dwHostNameLength); 518 *path = comp.dwUrlPathLength ? substr(comp.lpszUrlPath, comp.dwUrlPathLength) : substr(rootW, 1); 519 return TRUE; 520 } 521 522 typedef struct { 523 cookie_t **cookies; 524 unsigned cnt; 525 unsigned size; 526 527 unsigned string_len; 528 } cookie_set_t; 529 530 static DWORD get_cookie(substr_t host, substr_t path, DWORD flags, cookie_set_t *res) 531 { 532 static const WCHAR empty_path[] = { '/',0 }; 533 534 const WCHAR *p; 535 cookie_domain_t *domain; 536 cookie_container_t *container; 537 FILETIME tm; 538 539 GetSystemTimeAsFileTime(&tm); 540 541 p = host.str + host.len; 542 while(p > host.str && p[-1] != '.') p--; 543 while(p != host.str) { 544 p--; 545 while(p > host.str && p[-1] != '.') p--; 546 if(p == host.str) break; 547 548 load_persistent_cookie(substr(p, host.str+host.len-p), substr(empty_path, 1)); 549 } 550 551 p = path.str + path.len; 552 do { 553 load_persistent_cookie(host, substr(path.str, p-path.str)); 554 555 p--; 556 while(p > path.str && p[-1] != '/') p--; 557 }while(p != path.str); 558 559 domain = get_cookie_domain(host, FALSE); 560 if(!domain) { 561 TRACE("Unknown host %s\n", debugstr_wn(host.str, host.len)); 562 return ERROR_NO_MORE_ITEMS; 563 } 564 565 for(domain = get_cookie_domain(host, FALSE); domain; domain = domain->parent) { 566 LIST_FOR_EACH_ENTRY(container, &domain->path_list, cookie_container_t, entry) { 567 struct list *cursor, *cursor2; 568 569 if(!cookie_match_path(container, path)) 570 continue; 571 572 LIST_FOR_EACH_SAFE(cursor, cursor2, &container->cookie_list) { 573 cookie_t *cookie_iter = LIST_ENTRY(cursor, cookie_t, entry); 574 575 /* check for expiry */ 576 if((cookie_iter->expiry.dwLowDateTime != 0 || cookie_iter->expiry.dwHighDateTime != 0) 577 && CompareFileTime(&tm, &cookie_iter->expiry) > 0) { 578 TRACE("Found expired cookie. deleting\n"); 579 delete_cookie(cookie_iter); 580 continue; 581 } 582 583 if((cookie_iter->flags & INTERNET_COOKIE_HTTPONLY) && !(flags & INTERNET_COOKIE_HTTPONLY)) 584 continue; 585 586 if(!res->size) { 587 res->cookies = heap_alloc(4*sizeof(*res->cookies)); 588 if(!res->cookies) 589 continue; 590 res->size = 4; 591 }else if(res->cnt == res->size) { 592 cookie_t **new_cookies = heap_realloc(res->cookies, res->size*2*sizeof(*res->cookies)); 593 if(!new_cookies) 594 continue; 595 res->cookies = new_cookies; 596 res->size *= 2; 597 } 598 599 TRACE("%s = %s domain %s path %s\n", debugstr_w(cookie_iter->name), debugstr_w(cookie_iter->data), 600 debugstr_w(domain->domain), debugstr_wn(container->path.str, container->path.len)); 601 602 if(res->cnt) 603 res->string_len += 2; /* '; ' */ 604 res->cookies[res->cnt++] = cookie_iter; 605 606 res->string_len += strlenW(cookie_iter->name); 607 if(*cookie_iter->data) 608 res->string_len += 1 /* = */ + strlenW(cookie_iter->data); 609 } 610 } 611 } 612 613 return ERROR_SUCCESS; 614 } 615 616 static void cookie_set_to_string(const cookie_set_t *cookie_set, WCHAR *str) 617 { 618 WCHAR *ptr = str; 619 unsigned i, len; 620 621 for(i=0; i<cookie_set->cnt; i++) { 622 if(i) { 623 *ptr++ = ';'; 624 *ptr++ = ' '; 625 } 626 627 len = strlenW(cookie_set->cookies[i]->name); 628 memcpy(ptr, cookie_set->cookies[i]->name, len*sizeof(WCHAR)); 629 ptr += len; 630 631 if(*cookie_set->cookies[i]->data) { 632 *ptr++ = '='; 633 len = strlenW(cookie_set->cookies[i]->data); 634 memcpy(ptr, cookie_set->cookies[i]->data, len*sizeof(WCHAR)); 635 ptr += len; 636 } 637 } 638 639 assert(ptr-str == cookie_set->string_len); 640 TRACE("%s\n", debugstr_wn(str, ptr-str)); 641 } 642 643 DWORD get_cookie_header(const WCHAR *host, const WCHAR *path, WCHAR **ret) 644 { 645 cookie_set_t cookie_set = {0}; 646 DWORD res; 647 648 static const WCHAR cookieW[] = {'C','o','o','k','i','e',':',' '}; 649 650 EnterCriticalSection(&cookie_cs); 651 652 res = get_cookie(substrz(host), substrz(path), INTERNET_COOKIE_HTTPONLY, &cookie_set); 653 if(res != ERROR_SUCCESS) { 654 LeaveCriticalSection(&cookie_cs); 655 return res; 656 } 657 658 if(cookie_set.cnt) { 659 WCHAR *header, *ptr; 660 661 ptr = header = heap_alloc(sizeof(cookieW) + (cookie_set.string_len + 3 /* crlf0 */) * sizeof(WCHAR)); 662 if(header) { 663 memcpy(ptr, cookieW, sizeof(cookieW)); 664 ptr += ARRAY_SIZE(cookieW); 665 666 cookie_set_to_string(&cookie_set, ptr); 667 heap_free(cookie_set.cookies); 668 ptr += cookie_set.string_len; 669 670 *ptr++ = '\r'; 671 *ptr++ = '\n'; 672 *ptr++ = 0; 673 674 *ret = header; 675 }else { 676 res = ERROR_NOT_ENOUGH_MEMORY; 677 } 678 }else { 679 *ret = NULL; 680 } 681 682 LeaveCriticalSection(&cookie_cs); 683 return res; 684 } 685 686 static void free_cookie_domain_list(struct list *list) 687 { 688 cookie_container_t *container; 689 cookie_domain_t *domain; 690 691 while(!list_empty(list)) { 692 domain = LIST_ENTRY(list_head(list), cookie_domain_t, entry); 693 694 free_cookie_domain_list(&domain->subdomain_list); 695 696 while(!list_empty(&domain->path_list)) { 697 container = LIST_ENTRY(list_head(&domain->path_list), cookie_container_t, entry); 698 699 while(!list_empty(&container->cookie_list)) 700 delete_cookie(LIST_ENTRY(list_head(&container->cookie_list), cookie_t, entry)); 701 702 heap_free(container->cookie_url); 703 list_remove(&container->entry); 704 heap_free(container); 705 } 706 707 heap_free(domain->domain); 708 list_remove(&domain->entry); 709 heap_free(domain); 710 } 711 } 712 713 /*********************************************************************** 714 * InternetGetCookieExW (WININET.@) 715 * 716 * Retrieve cookie from the specified url 717 * 718 * It should be noted that on windows the lpszCookieName parameter is "not implemented". 719 * So it won't be implemented here. 720 * 721 * RETURNS 722 * TRUE on success 723 * FALSE on failure 724 * 725 */ 726 BOOL WINAPI InternetGetCookieExW(LPCWSTR lpszUrl, LPCWSTR lpszCookieName, 727 LPWSTR lpCookieData, LPDWORD lpdwSize, DWORD flags, void *reserved) 728 { 729 cookie_set_t cookie_set = {0}; 730 substr_t host, path; 731 DWORD res; 732 BOOL ret; 733 734 TRACE("(%s, %s, %p, %p, %x, %p)\n", debugstr_w(lpszUrl),debugstr_w(lpszCookieName), lpCookieData, lpdwSize, flags, reserved); 735 736 if (flags & ~INTERNET_COOKIE_HTTPONLY) 737 FIXME("flags 0x%08x not supported\n", flags); 738 739 if (!lpszUrl) 740 { 741 SetLastError(ERROR_INVALID_PARAMETER); 742 return FALSE; 743 } 744 745 ret = cookie_parse_url(lpszUrl, &host, &path); 746 if (!ret) { 747 SetLastError(ERROR_INVALID_PARAMETER); 748 return FALSE; 749 } 750 751 EnterCriticalSection(&cookie_cs); 752 753 res = get_cookie(host, path, flags, &cookie_set); 754 if(res != ERROR_SUCCESS) { 755 LeaveCriticalSection(&cookie_cs); 756 SetLastError(res); 757 return FALSE; 758 } 759 760 if(cookie_set.cnt) { 761 if(!lpCookieData || cookie_set.string_len+1 > *lpdwSize) { 762 *lpdwSize = (cookie_set.string_len + 1) * sizeof(WCHAR); 763 TRACE("returning %u\n", *lpdwSize); 764 if(lpCookieData) { 765 SetLastError(ERROR_INSUFFICIENT_BUFFER); 766 ret = FALSE; 767 } 768 }else { 769 *lpdwSize = cookie_set.string_len + 1; 770 cookie_set_to_string(&cookie_set, lpCookieData); 771 lpCookieData[cookie_set.string_len] = 0; 772 } 773 }else { 774 TRACE("no cookies found for %s\n", debugstr_wn(host.str, host.len)); 775 SetLastError(ERROR_NO_MORE_ITEMS); 776 ret = FALSE; 777 } 778 779 heap_free(cookie_set.cookies); 780 LeaveCriticalSection(&cookie_cs); 781 return ret; 782 } 783 784 /*********************************************************************** 785 * InternetGetCookieW (WININET.@) 786 * 787 * Retrieve cookie for the specified URL. 788 */ 789 BOOL WINAPI InternetGetCookieW(const WCHAR *url, const WCHAR *name, WCHAR *data, DWORD *size) 790 { 791 TRACE("(%s, %s, %s, %p)\n", debugstr_w(url), debugstr_w(name), debugstr_w(data), size); 792 793 return InternetGetCookieExW(url, name, data, size, 0, NULL); 794 } 795 796 /*********************************************************************** 797 * InternetGetCookieExA (WININET.@) 798 * 799 * Retrieve cookie from the specified url 800 * 801 * RETURNS 802 * TRUE on success 803 * FALSE on failure 804 * 805 */ 806 BOOL WINAPI InternetGetCookieExA(LPCSTR lpszUrl, LPCSTR lpszCookieName, 807 LPSTR lpCookieData, LPDWORD lpdwSize, DWORD flags, void *reserved) 808 { 809 WCHAR *url, *name; 810 DWORD len, size = 0; 811 BOOL r; 812 813 TRACE("(%s %s %p %p(%u) %x %p)\n", debugstr_a(lpszUrl), debugstr_a(lpszCookieName), 814 lpCookieData, lpdwSize, lpdwSize ? *lpdwSize : 0, flags, reserved); 815 816 url = heap_strdupAtoW(lpszUrl); 817 name = heap_strdupAtoW(lpszCookieName); 818 819 r = InternetGetCookieExW( url, name, NULL, &len, flags, reserved ); 820 if( r ) 821 { 822 WCHAR *szCookieData; 823 824 szCookieData = heap_alloc(len * sizeof(WCHAR)); 825 if( !szCookieData ) 826 { 827 r = FALSE; 828 } 829 else 830 { 831 r = InternetGetCookieExW( url, name, szCookieData, &len, flags, reserved ); 832 833 if(r) { 834 size = WideCharToMultiByte( CP_ACP, 0, szCookieData, len, NULL, 0, NULL, NULL); 835 if(lpCookieData) { 836 if(*lpdwSize >= size) { 837 WideCharToMultiByte( CP_ACP, 0, szCookieData, len, lpCookieData, *lpdwSize, NULL, NULL); 838 }else { 839 SetLastError(ERROR_INSUFFICIENT_BUFFER); 840 r = FALSE; 841 } 842 } 843 } 844 845 heap_free( szCookieData ); 846 } 847 } 848 *lpdwSize = size; 849 heap_free( name ); 850 heap_free( url ); 851 return r; 852 } 853 854 /*********************************************************************** 855 * InternetGetCookieA (WININET.@) 856 * 857 * See InternetGetCookieW. 858 */ 859 BOOL WINAPI InternetGetCookieA(const char *url, const char *name, char *data, DWORD *size) 860 { 861 TRACE("(%s, %s, %p, %p)\n", debugstr_a(url), debugstr_a(name), data, size); 862 863 return InternetGetCookieExA(url, name, data, size, 0, NULL); 864 } 865 866 static BOOL is_domain_legal_for_cookie(substr_t domain, substr_t full_domain) 867 { 868 const WCHAR *ptr; 869 870 if(!domain.len || *domain.str == '.' || !full_domain.len || *full_domain.str == '.') { 871 SetLastError(ERROR_INVALID_NAME); 872 return FALSE; 873 } 874 875 if(domain.len > full_domain.len || !memchrW(domain.str, '.', domain.len) || !memchrW(full_domain.str, '.', full_domain.len)) 876 return FALSE; 877 878 ptr = full_domain.str + full_domain.len - domain.len; 879 if (strncmpiW(domain.str, ptr, domain.len) || (full_domain.len > domain.len && ptr[-1] != '.')) { 880 SetLastError(ERROR_INVALID_PARAMETER); 881 return FALSE; 882 } 883 884 return TRUE; 885 } 886 887 /*********************************************************************** 888 * IsDomainLegalCookieDomainW (WININET.@) 889 */ 890 BOOL WINAPI IsDomainLegalCookieDomainW(const WCHAR *domain, const WCHAR *full_domain) 891 { 892 FIXME("(%s, %s) semi-stub\n", debugstr_w(domain), debugstr_w(full_domain)); 893 894 if (!domain || !full_domain) { 895 SetLastError(ERROR_INVALID_PARAMETER); 896 return FALSE; 897 } 898 899 return is_domain_legal_for_cookie(substrz(domain), substrz(full_domain)); 900 } 901 902 static void substr_skip(substr_t *str, size_t len) 903 { 904 assert(str->len >= len); 905 str->str += len; 906 str->len -= len; 907 } 908 909 DWORD set_cookie(substr_t domain, substr_t path, substr_t name, substr_t data, DWORD flags) 910 { 911 cookie_container_t *container; 912 cookie_t *thisCookie; 913 substr_t value; 914 const WCHAR *end_ptr; 915 FILETIME expiry, create; 916 BOOL expired = FALSE, update_persistent = FALSE; 917 DWORD cookie_flags = 0, len; 918 919 TRACE("%s %s %s=%s %x\n", debugstr_wn(domain.str, domain.len), debugstr_wn(path.str, path.len), 920 debugstr_wn(name.str, name.len), debugstr_wn(data.str, data.len), flags); 921 922 memset(&expiry,0,sizeof(expiry)); 923 GetSystemTimeAsFileTime(&create); 924 925 /* lots of information can be parsed out of the cookie value */ 926 927 if(!(end_ptr = memchrW(data.str, ';', data.len))) 928 end_ptr = data.str + data.len; 929 value = substr(data.str, end_ptr-data.str); 930 data.str += value.len; 931 data.len -= value.len; 932 933 for(;;) { 934 static const WCHAR szDomain[] = {'d','o','m','a','i','n','='}; 935 static const WCHAR szPath[] = {'p','a','t','h','='}; 936 static const WCHAR szExpires[] = {'e','x','p','i','r','e','s','='}; 937 static const WCHAR szSecure[] = {'s','e','c','u','r','e'}; 938 static const WCHAR szHttpOnly[] = {'h','t','t','p','o','n','l','y'}; 939 static const WCHAR szVersion[] = {'v','e','r','s','i','o','n','='}; 940 static const WCHAR max_ageW[] = {'m','a','x','-','a','g','e','='}; 941 942 /* Skip ';' */ 943 if(data.len) 944 substr_skip(&data, 1); 945 946 while(data.len && *data.str == ' ') 947 substr_skip(&data, 1); 948 949 if(!data.len) 950 break; 951 952 if(!(end_ptr = memchrW(data.str, ';', data.len))) 953 end_ptr = data.str + data.len; 954 955 if(data.len >= (len = ARRAY_SIZE(szDomain)) && !strncmpiW(data.str, szDomain, len)) { 956 substr_skip(&data, len); 957 958 if(data.len && *data.str == '.') 959 substr_skip(&data, 1); 960 961 if(!is_domain_legal_for_cookie(substr(data.str, end_ptr-data.str), domain)) 962 return COOKIE_STATE_UNKNOWN; 963 964 domain = substr(data.str, end_ptr-data.str); 965 TRACE("Parsing new domain %s\n", debugstr_wn(domain.str, domain.len)); 966 }else if(data.len >= (len = ARRAY_SIZE(szPath)) && !strncmpiW(data.str, szPath, len)) { 967 substr_skip(&data, len); 968 path = substr(data.str, end_ptr - data.str); 969 TRACE("Parsing new path %s\n", debugstr_wn(path.str, path.len)); 970 }else if(data.len >= (len = ARRAY_SIZE(szExpires)) && !strncmpiW(data.str, szExpires, len)) { 971 SYSTEMTIME st; 972 WCHAR buf[128]; 973 974 substr_skip(&data, len); 975 976 if(end_ptr - data.str < ARRAY_SIZE(buf)-1) { 977 memcpy(buf, data.str, data.len*sizeof(WCHAR)); 978 buf[data.len] = 0; 979 980 if (InternetTimeToSystemTimeW(data.str, &st, 0)) { 981 SystemTimeToFileTime(&st, &expiry); 982 983 if (CompareFileTime(&create,&expiry) > 0) { 984 TRACE("Cookie already expired.\n"); 985 expired = TRUE; 986 } 987 } 988 } 989 }else if(data.len >= (len = ARRAY_SIZE(szSecure)) && !strncmpiW(data.str, szSecure, len)) { 990 substr_skip(&data, len); 991 FIXME("secure not handled\n"); 992 }else if(data.len >= (len = ARRAY_SIZE(szHttpOnly)) && !strncmpiW(data.str, szHttpOnly, len)) { 993 substr_skip(&data, len); 994 995 if(!(flags & INTERNET_COOKIE_HTTPONLY)) { 996 WARN("HTTP only cookie added without INTERNET_COOKIE_HTTPONLY flag\n"); 997 SetLastError(ERROR_INVALID_OPERATION); 998 return COOKIE_STATE_REJECT; 999 } 1000 1001 cookie_flags |= INTERNET_COOKIE_HTTPONLY; 1002 }else if(data.len >= (len = ARRAY_SIZE(szVersion)) && !strncmpiW(data.str, szVersion, len)) { 1003 substr_skip(&data, len); 1004 1005 FIXME("version not handled (%s)\n",debugstr_wn(data.str, data.len)); 1006 }else if(data.len >= (len = ARRAY_SIZE(max_ageW)) && !strncmpiW(data.str, max_ageW, len)) { 1007 /* Native doesn't support Max-Age attribute. */ 1008 WARN("Max-Age ignored\n"); 1009 }else if(data.len) { 1010 FIXME("Unknown additional option %s\n", debugstr_wn(data.str, data.len)); 1011 } 1012 1013 substr_skip(&data, end_ptr - data.str); 1014 } 1015 1016 EnterCriticalSection(&cookie_cs); 1017 1018 load_persistent_cookie(domain, path); 1019 1020 container = get_cookie_container(domain, path, !expired); 1021 if(!container) { 1022 LeaveCriticalSection(&cookie_cs); 1023 return COOKIE_STATE_ACCEPT; 1024 } 1025 1026 if(!expiry.dwLowDateTime && !expiry.dwHighDateTime) 1027 cookie_flags |= INTERNET_COOKIE_IS_SESSION; 1028 else 1029 update_persistent = TRUE; 1030 1031 if ((thisCookie = find_cookie(container, name))) { 1032 if ((thisCookie->flags & INTERNET_COOKIE_HTTPONLY) && !(flags & INTERNET_COOKIE_HTTPONLY)) { 1033 WARN("An attempt to override httponly cookie\n"); 1034 SetLastError(ERROR_INVALID_OPERATION); 1035 LeaveCriticalSection(&cookie_cs); 1036 return COOKIE_STATE_REJECT; 1037 } 1038 1039 if (!(thisCookie->flags & INTERNET_COOKIE_IS_SESSION)) 1040 update_persistent = TRUE; 1041 delete_cookie(thisCookie); 1042 } 1043 1044 TRACE("setting cookie %s=%s for domain %s path %s\n", debugstr_wn(name.str, name.len), 1045 debugstr_wn(value.str, value.len), debugstr_w(container->domain->domain), 1046 debugstr_wn(container->path.str, container->path.len)); 1047 1048 if (!expired) { 1049 cookie_t *new_cookie; 1050 1051 new_cookie = alloc_cookie(name, value, expiry, create, cookie_flags); 1052 if(!new_cookie) { 1053 LeaveCriticalSection(&cookie_cs); 1054 return COOKIE_STATE_UNKNOWN; 1055 } 1056 1057 add_cookie(container, new_cookie); 1058 } 1059 1060 if (!update_persistent || save_persistent_cookie(container)) 1061 { 1062 LeaveCriticalSection(&cookie_cs); 1063 return COOKIE_STATE_ACCEPT; 1064 } 1065 LeaveCriticalSection(&cookie_cs); 1066 return COOKIE_STATE_UNKNOWN; 1067 } 1068 1069 /*********************************************************************** 1070 * InternetSetCookieExW (WININET.@) 1071 * 1072 * Sets cookie for the specified url 1073 */ 1074 DWORD WINAPI InternetSetCookieExW(LPCWSTR lpszUrl, LPCWSTR lpszCookieName, 1075 LPCWSTR lpCookieData, DWORD flags, DWORD_PTR reserved) 1076 { 1077 substr_t host, path, name, data; 1078 BOOL ret; 1079 1080 TRACE("(%s, %s, %s, %x, %lx)\n", debugstr_w(lpszUrl), debugstr_w(lpszCookieName), 1081 debugstr_w(lpCookieData), flags, reserved); 1082 1083 if (flags & ~INTERNET_COOKIE_HTTPONLY) 1084 FIXME("flags %x not supported\n", flags); 1085 1086 if (!lpszUrl || !lpCookieData) 1087 { 1088 SetLastError(ERROR_INVALID_PARAMETER); 1089 return COOKIE_STATE_UNKNOWN; 1090 } 1091 1092 ret = cookie_parse_url(lpszUrl, &host, &path); 1093 if (!ret || !host.len) return COOKIE_STATE_UNKNOWN; 1094 1095 if (!lpszCookieName) { 1096 const WCHAR *ptr; 1097 1098 /* some apps (or is it us??) try to add a cookie with no cookie name, but 1099 * the cookie data in the form of name[=data]. 1100 */ 1101 if (!(ptr = strchrW(lpCookieData, '='))) 1102 ptr = lpCookieData + strlenW(lpCookieData); 1103 1104 name = substr(lpCookieData, ptr - lpCookieData); 1105 data = substrz(*ptr == '=' ? ptr+1 : ptr); 1106 }else { 1107 name = substrz(lpszCookieName); 1108 data = substrz(lpCookieData); 1109 } 1110 1111 return set_cookie(host, path, name, data, flags); 1112 } 1113 1114 /*********************************************************************** 1115 * InternetSetCookieW (WININET.@) 1116 * 1117 * Sets a cookie for the specified URL. 1118 */ 1119 BOOL WINAPI InternetSetCookieW(const WCHAR *url, const WCHAR *name, const WCHAR *data) 1120 { 1121 TRACE("(%s, %s, %s)\n", debugstr_w(url), debugstr_w(name), debugstr_w(data)); 1122 1123 return InternetSetCookieExW(url, name, data, 0, 0) == COOKIE_STATE_ACCEPT; 1124 } 1125 1126 /*********************************************************************** 1127 * InternetSetCookieA (WININET.@) 1128 * 1129 * Sets cookie for the specified url 1130 * 1131 * RETURNS 1132 * TRUE on success 1133 * FALSE on failure 1134 * 1135 */ 1136 BOOL WINAPI InternetSetCookieA(LPCSTR lpszUrl, LPCSTR lpszCookieName, 1137 LPCSTR lpCookieData) 1138 { 1139 LPWSTR data, url, name; 1140 BOOL r; 1141 1142 TRACE("(%s,%s,%s)\n", debugstr_a(lpszUrl), 1143 debugstr_a(lpszCookieName), debugstr_a(lpCookieData)); 1144 1145 url = heap_strdupAtoW(lpszUrl); 1146 name = heap_strdupAtoW(lpszCookieName); 1147 data = heap_strdupAtoW(lpCookieData); 1148 1149 r = InternetSetCookieW( url, name, data ); 1150 1151 heap_free( data ); 1152 heap_free( name ); 1153 heap_free( url ); 1154 return r; 1155 } 1156 1157 /*********************************************************************** 1158 * InternetSetCookieExA (WININET.@) 1159 * 1160 * See InternetSetCookieExW. 1161 */ 1162 DWORD WINAPI InternetSetCookieExA( LPCSTR lpszURL, LPCSTR lpszCookieName, LPCSTR lpszCookieData, 1163 DWORD dwFlags, DWORD_PTR dwReserved) 1164 { 1165 WCHAR *data, *url, *name; 1166 DWORD r; 1167 1168 TRACE("(%s, %s, %s, %x, %lx)\n", debugstr_a(lpszURL), debugstr_a(lpszCookieName), 1169 debugstr_a(lpszCookieData), dwFlags, dwReserved); 1170 1171 url = heap_strdupAtoW(lpszURL); 1172 name = heap_strdupAtoW(lpszCookieName); 1173 data = heap_strdupAtoW(lpszCookieData); 1174 1175 r = InternetSetCookieExW(url, name, data, dwFlags, dwReserved); 1176 1177 heap_free( data ); 1178 heap_free( name ); 1179 heap_free( url ); 1180 return r; 1181 } 1182 1183 /*********************************************************************** 1184 * InternetClearAllPerSiteCookieDecisions (WININET.@) 1185 * 1186 * Clears all per-site decisions about cookies. 1187 * 1188 * RETURNS 1189 * TRUE on success 1190 * FALSE on failure 1191 * 1192 */ 1193 BOOL WINAPI InternetClearAllPerSiteCookieDecisions( VOID ) 1194 { 1195 FIXME("stub\n"); 1196 return TRUE; 1197 } 1198 1199 /*********************************************************************** 1200 * InternetEnumPerSiteCookieDecisionA (WININET.@) 1201 * 1202 * See InternetEnumPerSiteCookieDecisionW. 1203 */ 1204 BOOL WINAPI InternetEnumPerSiteCookieDecisionA( LPSTR pszSiteName, ULONG *pcSiteNameSize, 1205 ULONG *pdwDecision, ULONG dwIndex ) 1206 { 1207 FIXME("(%s, %p, %p, 0x%08x) stub\n", 1208 debugstr_a(pszSiteName), pcSiteNameSize, pdwDecision, dwIndex); 1209 return FALSE; 1210 } 1211 1212 /*********************************************************************** 1213 * InternetEnumPerSiteCookieDecisionW (WININET.@) 1214 * 1215 * Enumerates all per-site decisions about cookies. 1216 * 1217 * RETURNS 1218 * TRUE on success 1219 * FALSE on failure 1220 * 1221 */ 1222 BOOL WINAPI InternetEnumPerSiteCookieDecisionW( LPWSTR pszSiteName, ULONG *pcSiteNameSize, 1223 ULONG *pdwDecision, ULONG dwIndex ) 1224 { 1225 FIXME("(%s, %p, %p, 0x%08x) stub\n", 1226 debugstr_w(pszSiteName), pcSiteNameSize, pdwDecision, dwIndex); 1227 return FALSE; 1228 } 1229 1230 /*********************************************************************** 1231 * InternetGetPerSiteCookieDecisionA (WININET.@) 1232 */ 1233 BOOL WINAPI InternetGetPerSiteCookieDecisionA( LPCSTR pwchHostName, ULONG *pResult ) 1234 { 1235 FIXME("(%s, %p) stub\n", debugstr_a(pwchHostName), pResult); 1236 return FALSE; 1237 } 1238 1239 /*********************************************************************** 1240 * InternetGetPerSiteCookieDecisionW (WININET.@) 1241 */ 1242 BOOL WINAPI InternetGetPerSiteCookieDecisionW( LPCWSTR pwchHostName, ULONG *pResult ) 1243 { 1244 FIXME("(%s, %p) stub\n", debugstr_w(pwchHostName), pResult); 1245 return FALSE; 1246 } 1247 1248 /*********************************************************************** 1249 * InternetSetPerSiteCookieDecisionA (WININET.@) 1250 */ 1251 BOOL WINAPI InternetSetPerSiteCookieDecisionA( LPCSTR pchHostName, DWORD dwDecision ) 1252 { 1253 FIXME("(%s, 0x%08x) stub\n", debugstr_a(pchHostName), dwDecision); 1254 return FALSE; 1255 } 1256 1257 /*********************************************************************** 1258 * InternetSetPerSiteCookieDecisionW (WININET.@) 1259 */ 1260 BOOL WINAPI InternetSetPerSiteCookieDecisionW( LPCWSTR pchHostName, DWORD dwDecision ) 1261 { 1262 FIXME("(%s, 0x%08x) stub\n", debugstr_w(pchHostName), dwDecision); 1263 return FALSE; 1264 } 1265 1266 void free_cookie(void) 1267 { 1268 EnterCriticalSection(&cookie_cs); 1269 1270 free_cookie_domain_list(&domain_list); 1271 1272 LeaveCriticalSection(&cookie_cs); 1273 } 1274