Пример #1
0
 /// <exception cref="Apache.Http.Cookie.MalformedCookieException"></exception>
 public override void Validate(Apache.Http.Cookie.Cookie cookie, CookieOrigin origin
                               )
 {
     Args.NotNull(cookie, "Cookie");
     Args.NotNull(origin, "Cookie origin");
     base.Validate(cookie, AdjustEffectiveHost(origin));
 }
Пример #2
0
        public override IList <Header> FormatCookies(IList <Apache.Http.Cookie.Cookie> cookies
                                                     )
        {
            Args.NotEmpty(cookies, "List of cookies");
            CharArrayBuffer buffer = new CharArrayBuffer(20 * cookies.Count);

            buffer.Append(SM.Cookie);
            buffer.Append(": ");
            for (int i = 0; i < cookies.Count; i++)
            {
                Apache.Http.Cookie.Cookie cookie = cookies[i];
                if (i > 0)
                {
                    buffer.Append("; ");
                }
                buffer.Append(cookie.GetName());
                string s = cookie.GetValue();
                if (s != null)
                {
                    buffer.Append("=");
                    buffer.Append(s);
                }
            }
            IList <Header> headers = new AList <Header>(1);

            headers.AddItem(new BufferedHeader(buffer));
            return(headers);
        }
Пример #3
0
 /// <summary>Adds valid Port attribute value, e.g.</summary>
 /// <remarks>Adds valid Port attribute value, e.g. "8000,8001,8002"</remarks>
 protected internal override void FormatCookieAsVer(CharArrayBuffer buffer, Apache.Http.Cookie.Cookie
                                                    cookie, int version)
 {
     base.FormatCookieAsVer(buffer, cookie, version);
     // format port attribute
     if (cookie is ClientCookie)
     {
         // Test if the port attribute as set by the origin server is not blank
         string s = ((ClientCookie)cookie).GetAttribute(ClientCookie.PortAttr);
         if (s != null)
         {
             buffer.Append("; $Port");
             buffer.Append("=\"");
             if (s.Trim().Length > 0)
             {
                 int[] ports = cookie.GetPorts();
                 if (ports != null)
                 {
                     int len = ports.Length;
                     for (int i = 0; i < len; i++)
                     {
                         if (i > 0)
                         {
                             buffer.Append(",");
                         }
                         buffer.Append(Sharpen.Extensions.ToString(ports[i]));
                     }
                 }
             }
             buffer.Append("\"");
         }
     }
 }
Пример #4
0
        /// <exception cref="Apache.Http.Cookie.MalformedCookieException"></exception>
        public override void Validate(Apache.Http.Cookie.Cookie cookie, CookieOrigin origin
                                      )
        {
            base.Validate(cookie, origin);
            // Perform Netscape Cookie draft specific validation
            string host   = origin.GetHost();
            string domain = cookie.GetDomain();

            if (host.Contains("."))
            {
                int domainParts = new StringTokenizer(domain, ".").CountTokens();
                if (IsSpecialDomain(domain))
                {
                    if (domainParts < 2)
                    {
                        throw new CookieRestrictionViolationException("Domain attribute \"" + domain + "\" violates the Netscape cookie specification for "
                                                                      + "special domains");
                    }
                }
                else
                {
                    if (domainParts < 3)
                    {
                        throw new CookieRestrictionViolationException("Domain attribute \"" + domain + "\" violates the Netscape cookie specification"
                                                                      );
                    }
                }
            }
        }
Пример #5
0
        public virtual bool Match(Apache.Http.Cookie.Cookie cookie, CookieOrigin origin)
        {
            Args.NotNull(cookie, "Cookie");
            Args.NotNull(origin, "Cookie origin");
            string targetpath  = origin.GetPath();
            string topmostPath = cookie.GetPath();

            if (topmostPath == null)
            {
                topmostPath = "/";
            }
            if (topmostPath.Length > 1 && topmostPath.EndsWith("/"))
            {
                topmostPath = Sharpen.Runtime.Substring(topmostPath, 0, topmostPath.Length - 1);
            }
            bool match = targetpath.StartsWith(topmostPath);

            // if there is a match and these values are not exactly the same we have
            // to make sure we're not matcing "/foobar" and "/foo"
            if (match && targetpath.Length != topmostPath.Length)
            {
                if (!topmostPath.EndsWith("/"))
                {
                    match = (targetpath[topmostPath.Length] == '/');
                }
            }
            return(match);
        }
Пример #6
0
        private IList <Header> DoFormatOneHeader(IList <Apache.Http.Cookie.Cookie> cookies)
        {
            int version = int.MaxValue;

            // Pick the lowest common denominator
            foreach (Apache.Http.Cookie.Cookie cookie in cookies)
            {
                if (cookie.GetVersion() < version)
                {
                    version = cookie.GetVersion();
                }
            }
            CharArrayBuffer buffer = new CharArrayBuffer(40 * cookies.Count);

            buffer.Append(SM.Cookie);
            buffer.Append(": ");
            buffer.Append("$Version=");
            buffer.Append(Sharpen.Extensions.ToString(version));
            foreach (Apache.Http.Cookie.Cookie cooky in cookies)
            {
                buffer.Append("; ");
                Apache.Http.Cookie.Cookie cookie_1 = cooky;
                FormatCookieAsVer(buffer, cookie_1, version);
            }
            IList <Header> headers = new AList <Header>(1);

            headers.AddItem(new BufferedHeader(buffer));
            return(headers);
        }
 /// <summary>Never matches if the cookie's domain is from the blacklist.</summary>
 /// <remarks>Never matches if the cookie's domain is from the blacklist.</remarks>
 public virtual bool Match(Apache.Http.Cookie.Cookie cookie, CookieOrigin origin)
 {
     if (IsForPublicSuffix(cookie))
     {
         return(false);
     }
     return(wrapped.Match(cookie, origin));
 }
Пример #8
0
 /// <exception cref="Apache.Http.Cookie.MalformedCookieException"></exception>
 public virtual void Validate(Apache.Http.Cookie.Cookie cookie, CookieOrigin origin
                              )
 {
     if (!Match(cookie, origin))
     {
         throw new CookieRestrictionViolationException("Illegal path attribute \"" + cookie
                                                       .GetPath() + "\". Path of origin: \"" + origin.GetPath() + "\"");
     }
 }
 /// <exception cref="Apache.Http.Cookie.MalformedCookieException"></exception>
 public override void Validate(Apache.Http.Cookie.Cookie cookie, CookieOrigin origin
                               )
 {
     Args.NotNull(cookie, "Cookie");
     if (cookie.GetVersion() < 0)
     {
         throw new CookieRestrictionViolationException("Cookie version may not be negative"
                                                       );
     }
 }
Пример #10
0
 /// <exception cref="Apache.Http.Cookie.MalformedCookieException"></exception>
 public override void Validate(Apache.Http.Cookie.Cookie cookie, CookieOrigin origin
                               )
 {
     Args.NotNull(cookie, "Cookie");
     Args.NotNull(origin, "Cookie origin");
     foreach (CookieAttributeHandler handler in GetAttribHandlers())
     {
         handler.Validate(cookie, origin);
     }
 }
Пример #11
0
        public override bool Match(Apache.Http.Cookie.Cookie cookie, CookieOrigin origin)
        {
            Args.NotNull(cookie, "Cookie");
            Args.NotNull(origin, "Cookie origin");
            string host   = origin.GetHost();
            string domain = cookie.GetDomain();

            if (domain == null)
            {
                return(false);
            }
            return(host.EndsWith(domain));
        }
Пример #12
0
 public override bool Match(Apache.Http.Cookie.Cookie cookie, CookieOrigin origin)
 {
     Args.NotNull(cookie, "Cookie");
     Args.NotNull(origin, "Cookie origin");
     foreach (CookieAttributeHandler handler in GetAttribHandlers())
     {
         if (!handler.Match(cookie, origin))
         {
             return(false);
         }
     }
     return(true);
 }
Пример #13
0
        public virtual bool Match(Apache.Http.Cookie.Cookie cookie, CookieOrigin origin)
        {
            Args.NotNull(cookie, "Cookie");
            Args.NotNull(origin, "Cookie origin");
            string host   = origin.GetHost();
            string domain = cookie.GetDomain();

            if (domain == null)
            {
                return(false);
            }
            return(host.Equals(domain) || (domain.StartsWith(".") && host.EndsWith(domain)));
        }
 /// <summary>validate cookie version attribute.</summary>
 /// <remarks>validate cookie version attribute. Version attribute is REQUIRED.</remarks>
 /// <exception cref="Apache.Http.Cookie.MalformedCookieException"></exception>
 public virtual void Validate(Apache.Http.Cookie.Cookie cookie, CookieOrigin origin
                              )
 {
     Args.NotNull(cookie, "Cookie");
     if (cookie is SetCookie2)
     {
         if (cookie is ClientCookie && !((ClientCookie)cookie).ContainsAttribute(ClientCookie
                                                                                 .VersionAttr))
         {
             throw new CookieRestrictionViolationException("Violates RFC 2965. Version attribute is required."
                                                           );
         }
     }
 }
Пример #15
0
        /// <exception cref="Apache.Http.Cookie.MalformedCookieException"></exception>
        public virtual void Validate(Apache.Http.Cookie.Cookie cookie, CookieOrigin origin
                                     )
        {
            Args.NotNull(cookie, "Cookie");
            Args.NotNull(origin, "Cookie origin");
            string host   = origin.GetHost();
            string domain = cookie.GetDomain();

            if (domain == null)
            {
                throw new CookieRestrictionViolationException("Cookie domain may not be null");
            }
            if (!domain.Equals(host))
            {
                int dotIndex = domain.IndexOf('.');
                if (dotIndex == -1)
                {
                    throw new CookieRestrictionViolationException("Domain attribute \"" + domain + "\" does not match the host \""
                                                                  + host + "\"");
                }
                // domain must start with dot
                if (!domain.StartsWith("."))
                {
                    throw new CookieRestrictionViolationException("Domain attribute \"" + domain + "\" violates RFC 2109: domain must start with a dot"
                                                                  );
                }
                // domain must have at least one embedded dot
                dotIndex = domain.IndexOf('.', 1);
                if (dotIndex < 0 || dotIndex == domain.Length - 1)
                {
                    throw new CookieRestrictionViolationException("Domain attribute \"" + domain + "\" violates RFC 2109: domain must contain an embedded dot"
                                                                  );
                }
                host = host.ToLower(Sharpen.Extensions.GetEnglishCulture());
                if (!host.EndsWith(domain))
                {
                    throw new CookieRestrictionViolationException("Illegal domain attribute \"" + domain
                                                                  + "\". Domain of origin: \"" + host + "\"");
                }
                // host minus domain may not contain any dots
                string hostWithoutDomain = Sharpen.Runtime.Substring(host, 0, host.Length - domain
                                                                     .Length);
                if (hostWithoutDomain.IndexOf('.') != -1)
                {
                    throw new CookieRestrictionViolationException("Domain attribute \"" + domain + "\" violates RFC 2109: host minus domain may not contain any dots"
                                                                  );
                }
            }
        }
Пример #16
0
 /// <summary>
 /// Adds an
 /// <see cref="Apache.Http.Cookie.Cookie">HTTP cookie</see>
 /// , replacing any existing equivalent cookies.
 /// If the given cookie has already expired it will not be added, but existing
 /// values will still be removed.
 /// </summary>
 /// <param name="cookie">
 /// the
 /// <see cref="Apache.Http.Cookie.Cookie">cookie</see>
 /// to be added
 /// </param>
 /// <seealso cref="AddCookies(Apache.Http.Cookie.Cookie[])">AddCookies(Apache.Http.Cookie.Cookie[])
 ///     </seealso>
 public virtual void AddCookie(Apache.Http.Cookie.Cookie cookie)
 {
     lock (this)
     {
         if (cookie != null)
         {
             // first remove any old cookie that is equivalent
             cookies.Remove(cookie);
             if (!cookie.IsExpired(new DateTime()))
             {
                 cookies.AddItem(cookie);
             }
         }
     }
 }
Пример #17
0
        /// <exception cref="Apache.Http.Cookie.MalformedCookieException"></exception>
        public override void Validate(Apache.Http.Cookie.Cookie cookie, CookieOrigin origin
                                      )
        {
            Args.NotNull(cookie, "Cookie");
            string name = cookie.GetName();

            if (name.IndexOf(' ') != -1)
            {
                throw new CookieRestrictionViolationException("Cookie name may not contain blanks"
                                                              );
            }
            if (name.StartsWith("$"))
            {
                throw new CookieRestrictionViolationException("Cookie name may not start with $");
            }
            base.Validate(cookie, origin);
        }
Пример #18
0
        /// <summary>Validate cookie port attribute.</summary>
        /// <remarks>
        /// Validate cookie port attribute. If the Port attribute was specified
        /// in header, the request port must be in cookie's port list.
        /// </remarks>
        /// <exception cref="Apache.Http.Cookie.MalformedCookieException"></exception>
        public virtual void Validate(Apache.Http.Cookie.Cookie cookie, CookieOrigin origin
                                     )
        {
            Args.NotNull(cookie, "Cookie");
            Args.NotNull(origin, "Cookie origin");
            int port = origin.GetPort();

            if (cookie is ClientCookie && ((ClientCookie)cookie).ContainsAttribute(ClientCookie
                                                                                   .PortAttr))
            {
                if (!PortMatch(port, cookie.GetPorts()))
                {
                    throw new CookieRestrictionViolationException("Port attribute violates RFC 2965: "
                                                                  + "Request port not found in cookie's port list.");
                }
            }
        }
        /// <exception cref="Apache.Http.Cookie.MalformedCookieException"></exception>
        public virtual void Validate(Apache.Http.Cookie.Cookie cookie, CookieOrigin origin
                                     )
        {
            Args.NotNull(cookie, "Cookie");
            Args.NotNull(origin, "Cookie origin");
            // Validate the cookies domain attribute.  NOTE:  Domains without
            // any dots are allowed to support hosts on private LANs that don't
            // have DNS names.  Since they have no dots, to domain-match the
            // request-host and domain must be identical for the cookie to sent
            // back to the origin-server.
            string host   = origin.GetHost();
            string domain = cookie.GetDomain();

            if (domain == null)
            {
                throw new CookieRestrictionViolationException("Cookie domain may not be null");
            }
            if (host.Contains("."))
            {
                // Not required to have at least two dots.  RFC 2965.
                // A Set-Cookie2 with Domain=ajax.com will be accepted.
                // domain must match host
                if (!host.EndsWith(domain))
                {
                    if (domain.StartsWith("."))
                    {
                        domain = Sharpen.Runtime.Substring(domain, 1, domain.Length);
                    }
                    if (!host.Equals(domain))
                    {
                        throw new CookieRestrictionViolationException("Illegal domain attribute \"" + domain
                                                                      + "\". Domain of origin: \"" + host + "\"");
                    }
                }
            }
            else
            {
                if (!host.Equals(domain))
                {
                    throw new CookieRestrictionViolationException("Illegal domain attribute \"" + domain
                                                                  + "\". Domain of origin: \"" + host + "\"");
                }
            }
        }
Пример #20
0
        /// <summary>Match cookie domain attribute.</summary>
        /// <remarks>Match cookie domain attribute.</remarks>
        public virtual bool Match(Apache.Http.Cookie.Cookie cookie, CookieOrigin origin)
        {
            Args.NotNull(cookie, "Cookie");
            Args.NotNull(origin, "Cookie origin");
            string host         = origin.GetHost().ToLower(Sharpen.Extensions.GetEnglishCulture());
            string cookieDomain = cookie.GetDomain();

            // The effective host name MUST domain-match the Domain
            // attribute of the cookie.
            if (!DomainMatch(host, cookieDomain))
            {
                return(false);
            }
            // effective host name minus domain must not contain any dots
            string effectiveHostWithoutDomain = Sharpen.Runtime.Substring(host, 0, host.Length
                                                                          - cookieDomain.Length);

            return(effectiveHostWithoutDomain.IndexOf('.') == -1);
        }
Пример #21
0
 public virtual bool Match(Apache.Http.Cookie.Cookie cookie, CookieOrigin origin)
 {
     Args.NotNull(cookie, "Cookie");
     Args.NotNull(origin, "Cookie origin");
     if (cookie.GetVersion() > 0)
     {
         if (cookie is SetCookie2)
         {
             return(GetStrict().Match(cookie, origin));
         }
         else
         {
             return(GetObsoleteStrict().Match(cookie, origin));
         }
     }
     else
     {
         return(GetCompat().Match(cookie, origin));
     }
 }
        private bool IsForPublicSuffix(Apache.Http.Cookie.Cookie cookie)
        {
            string domain = cookie.GetDomain();

            if (domain.StartsWith("."))
            {
                domain = Sharpen.Runtime.Substring(domain, 1);
            }
            domain = Punycode.ToUnicode(domain);
            // An exception rule takes priority over any other matching rule.
            if (this.exceptions != null)
            {
                if (this.exceptions.Contains(domain))
                {
                    return(false);
                }
            }
            if (this.suffixes == null)
            {
                return(false);
            }
            do
            {
                if (this.suffixes.Contains(domain))
                {
                    return(true);
                }
                // patterns
                if (domain.StartsWith("*."))
                {
                    domain = Sharpen.Runtime.Substring(domain, 2);
                }
                int nextdot = domain.IndexOf('.');
                if (nextdot == -1)
                {
                    break;
                }
                domain = "*" + Sharpen.Runtime.Substring(domain, nextdot);
            }while (domain.Length > 0);
            return(false);
        }
Пример #23
0
 /// <exception cref="Apache.Http.Cookie.MalformedCookieException"></exception>
 public virtual void Validate(Apache.Http.Cookie.Cookie cookie, CookieOrigin origin
                              )
 {
     Args.NotNull(cookie, "Cookie");
     Args.NotNull(origin, "Cookie origin");
     if (cookie.GetVersion() > 0)
     {
         if (cookie is SetCookie2)
         {
             GetStrict().Validate(cookie, origin);
         }
         else
         {
             GetObsoleteStrict().Validate(cookie, origin);
         }
     }
     else
     {
         GetCompat().Validate(cookie, origin);
     }
 }
        public virtual bool Match(Apache.Http.Cookie.Cookie cookie, CookieOrigin origin)
        {
            Args.NotNull(cookie, "Cookie");
            Args.NotNull(origin, "Cookie origin");
            string host   = origin.GetHost();
            string domain = cookie.GetDomain();

            if (domain == null)
            {
                return(false);
            }
            if (host.Equals(domain))
            {
                return(true);
            }
            if (!domain.StartsWith("."))
            {
                domain = '.' + domain;
            }
            return(host.EndsWith(domain) || host.Equals(Sharpen.Runtime.Substring(domain, 1)));
        }
Пример #25
0
        /// <summary>Match cookie port attribute.</summary>
        /// <remarks>
        /// Match cookie port attribute. If the Port attribute is not specified
        /// in header, the cookie can be sent to any port. Otherwise, the request port
        /// must be in the cookie's port list.
        /// </remarks>
        public virtual bool Match(Apache.Http.Cookie.Cookie cookie, CookieOrigin origin)
        {
            Args.NotNull(cookie, "Cookie");
            Args.NotNull(origin, "Cookie origin");
            int port = origin.GetPort();

            if (cookie is ClientCookie && ((ClientCookie)cookie).ContainsAttribute(ClientCookie
                                                                                   .PortAttr))
            {
                if (cookie.GetPorts() == null)
                {
                    // Invalid cookie state: port not specified
                    return(false);
                }
                if (!PortMatch(port, cookie.GetPorts()))
                {
                    return(false);
                }
            }
            return(true);
        }
Пример #26
0
 /// <summary>
 /// Return a string suitable for sending in a <tt>"Cookie"</tt> header
 /// as defined in RFC 2109 for backward compatibility with cookie version 0
 /// </summary>
 /// <param name="buffer">The char array buffer to use for output</param>
 /// <param name="cookie">
 /// The
 /// <see cref="Apache.Http.Cookie.Cookie">Apache.Http.Cookie.Cookie</see>
 /// to be formatted as string
 /// </param>
 /// <param name="version">The version to use.</param>
 protected internal virtual void FormatCookieAsVer(CharArrayBuffer buffer, Apache.Http.Cookie.Cookie
                                                   cookie, int version)
 {
     FormatParamAsVer(buffer, cookie.GetName(), cookie.GetValue(), version);
     if (cookie.GetPath() != null)
     {
         if (cookie is ClientCookie && ((ClientCookie)cookie).ContainsAttribute(ClientCookie
                                                                                .PathAttr))
         {
             buffer.Append("; ");
             FormatParamAsVer(buffer, "$Path", cookie.GetPath(), version);
         }
     }
     if (cookie.GetDomain() != null)
     {
         if (cookie is ClientCookie && ((ClientCookie)cookie).ContainsAttribute(ClientCookie
                                                                                .DomainAttr))
         {
             buffer.Append("; ");
             FormatParamAsVer(buffer, "$Domain", cookie.GetDomain(), version);
         }
     }
 }
Пример #27
0
		public override IList<Header> FormatCookies(IList<Apache.Http.Cookie.Cookie> cookies
			)
		{
			Args.NotEmpty(cookies, "List of cookies");
			CharArrayBuffer buffer = new CharArrayBuffer(20 * cookies.Count);
			buffer.Append(SM.Cookie);
			buffer.Append(": ");
			for (int i = 0; i < cookies.Count; i++)
			{
				Apache.Http.Cookie.Cookie cookie = cookies[i];
				if (i > 0)
				{
					buffer.Append("; ");
				}
				string cookieName = cookie.GetName();
				string cookieValue = cookie.GetValue();
				if (cookie.GetVersion() > 0 && !IsQuoteEnclosed(cookieValue))
				{
					BasicHeaderValueFormatter.Instance.FormatHeaderElement(buffer, new BasicHeaderElement
						(cookieName, cookieValue), false);
				}
				else
				{
					// Netscape style cookies do not support quoted values
					buffer.Append(cookieName);
					buffer.Append("=");
					if (cookieValue != null)
					{
						buffer.Append(cookieValue);
					}
				}
			}
			IList<Header> headers = new AList<Header>(1);
			headers.AddItem(new BufferedHeader(buffer));
			return headers;
		}
        private static string FormatCooke(Apache.Http.Cookie.Cookie cookie)
        {
            StringBuilder buf = new StringBuilder();

            buf.Append(cookie.GetName());
            buf.Append("=\"");
            string v = cookie.GetValue();

            if (v.Length > 100)
            {
                v = Sharpen.Runtime.Substring(v, 0, 100) + "...";
            }
            buf.Append(v);
            buf.Append("\"");
            buf.Append(", version:");
            buf.Append(Sharpen.Extensions.ToString(cookie.GetVersion()));
            buf.Append(", domain:");
            buf.Append(cookie.GetDomain());
            buf.Append(", path:");
            buf.Append(cookie.GetPath());
            buf.Append(", expiry:");
            buf.Append(cookie.GetExpiryDate());
            return(buf.ToString());
        }
Пример #29
0
			/// <exception cref="Apache.Http.Cookie.MalformedCookieException"></exception>
			public override void Validate(Apache.Http.Cookie.Cookie cookie, CookieOrigin origin
				)
			{
			}
 public virtual bool Match(Apache.Http.Cookie.Cookie cookie, CookieOrigin origin)
 {
     return(true);
 }