Пример #1
0
 /// <summary>
 /// This method will get the AntiForgery cookie from an HttpResponse.  
 /// </summary>
 /// <param name="resp">The HttpResponseMessage object that contains an AntiForgery cookie token.</param>
 /// <param name="cookieName">The name of the AntiForgery cookie.</param>
 /// <returns></returns>
 public static CookieHeaderValue GetCookie(this HttpResponseMessage resp, string cookieName)
 {
     IEnumerable<string> values;
     if (!resp.Headers.TryGetValues("Set-Cookie", out values))
         throw new KeyNotFoundException("No cookies found in the response.");
     var setCookie = SetCookieHeaderValue
         .ParseList(values.ToList())
         .FirstOrDefault(t => t.Name.Equals(cookieName));
     if (null == setCookie)
         throw new KeyNotFoundException(string.Format("A cookie with the name {0} could not be found in the response", cookieName));
     var cookie = new CookieHeaderValue(setCookie.Name, setCookie.Value);
     return cookie;
 }
Пример #2
0
        public void CookieHeaderValue_TryParse_AcceptsValidValues(CookieHeaderValue cookie, string expectedValue)
        {
            CookieHeaderValue header;
            var result = CookieHeaderValue.TryParse(expectedValue, out header);
            Assert.True(result);

            Assert.Equal(cookie, header);
            Assert.Equal(expectedValue, header.ToString());
        }
Пример #3
0
 public void CookieHeaderValue_ToString(CookieHeaderValue input, string expectedValue)
 {
     Assert.Equal(expectedValue, input.ToString());
 }
Пример #4
0
        public void CookieHeaderValue_Parse_AcceptsValidValues(CookieHeaderValue cookie, string expectedValue)
        {
            var header = CookieHeaderValue.Parse(expectedValue);

            Assert.Equal(cookie, header);
            Assert.Equal(expectedValue, header.ToString());
        }
Пример #5
0
 public void CookieHeaderValue_Ctor2InitializesCorrectly(string name, string value)
 {
     var header = new CookieHeaderValue(name, value);
     Assert.Equal(name, header.Name);
     Assert.Equal(value, header.Value);
 }
Пример #6
0
        public void CookieHeaderValue_Value()
        {
            var cookie = new CookieHeaderValue("name");
            Assert.Equal(string.Empty, cookie.Value);

            cookie.Value = "value1";
            Assert.Equal("value1", cookie.Value);
        }
Пример #7
0
 public void CookieHeaderValue_Ctor1_InitializesCorrectly()
 {
     var header = new CookieHeaderValue("cookie");
     Assert.Equal("cookie", header.Name);
     Assert.Equal(string.Empty, header.Value);
 }
Пример #8
0
 public static bool TryParse(string input, out CookieHeaderValue parsedValue)
 {
     var index = 0;
     return SingleValueParser.TryParseValue(input, ref index, out parsedValue);
 }
Пример #9
0
        // name=value; name="value"
        internal static int GetCookieLength(string input, int startIndex, out CookieHeaderValue parsedValue)
        {
            Contract.Requires(startIndex >= 0);
            var offset = startIndex;

            parsedValue = null;

            if (string.IsNullOrEmpty(input) || (offset >= input.Length))
            {
                return 0;
            }

            var result = new CookieHeaderValue();

            // The caller should have already consumed any leading whitespace, commas, etc..

            // Name=value;

            // Name
            var itemLength = HttpRuleParser.GetTokenLength(input, offset);
            if (itemLength == 0)
            {
                return 0;
            }
            result._name = input.Substring(offset, itemLength);
            offset += itemLength;

            // = (no spaces)
            if (!ReadEqualsSign(input, ref offset))
            {
                return 0;
            }

            string value;
            // value or "quoted value"
            itemLength = GetCookieValueLength(input, offset, out value);
            // The value may be empty
            result._value = input.Substring(offset, itemLength);
            offset += itemLength;

            parsedValue = result;
            return offset - startIndex;
        }
Пример #10
0
        // name=value; expires=Sun, 06 Nov 1994 08:49:37 GMT; max-age=86400; domain=domain1; path=path1; secure; samesite={Strict|Lax}; httponly
        private static int GetSetCookieLength(StringSegment input, int startIndex, out SetCookieHeaderValue parsedValue)
        {
            Contract.Requires(startIndex >= 0);
            var offset = startIndex;

            parsedValue = null;

            if (StringSegment.IsNullOrEmpty(input) || (offset >= input.Length))
            {
                return(0);
            }

            var result = new SetCookieHeaderValue();

            // The caller should have already consumed any leading whitespace, commas, etc..

            // Name=value;

            // Name
            var itemLength = HttpRuleParser.GetTokenLength(input, offset);

            if (itemLength == 0)
            {
                return(0);
            }
            result._name = input.Subsegment(offset, itemLength);
            offset      += itemLength;

            // = (no spaces)
            if (!ReadEqualsSign(input, ref offset))
            {
                return(0);
            }

            // value or "quoted value"
            // The value may be empty
            result._value = CookieHeaderValue.GetCookieValue(input, ref offset);

            // *(';' SP cookie-av)
            while (offset < input.Length)
            {
                if (input[offset] == ',')
                {
                    // Divider between headers
                    break;
                }
                if (input[offset] != ';')
                {
                    // Expecting a ';' between parameters
                    return(0);
                }
                offset++;

                offset += HttpRuleParser.GetWhitespaceLength(input, offset);

                //  cookie-av = expires-av / max-age-av / domain-av / path-av / secure-av / samesite-av / httponly-av / extension-av
                itemLength = HttpRuleParser.GetTokenLength(input, offset);
                if (itemLength == 0)
                {
                    // Trailing ';' or leading into garbage. Let the next parser fail.
                    break;
                }
                var token = input.Subsegment(offset, itemLength);
                offset += itemLength;

                //  expires-av = "Expires=" sane-cookie-date
                if (StringSegment.Equals(token, ExpiresToken, StringComparison.OrdinalIgnoreCase))
                {
                    // = (no spaces)
                    if (!ReadEqualsSign(input, ref offset))
                    {
                        return(0);
                    }
                    var            dateString = ReadToSemicolonOrEnd(input, ref offset);
                    DateTimeOffset expirationDate;
                    if (!HttpRuleParser.TryStringToDate(dateString, out expirationDate))
                    {
                        // Invalid expiration date, abort
                        return(0);
                    }
                    result.Expires = expirationDate;
                }
                // max-age-av = "Max-Age=" non-zero-digit *DIGIT
                else if (StringSegment.Equals(token, MaxAgeToken, StringComparison.OrdinalIgnoreCase))
                {
                    // = (no spaces)
                    if (!ReadEqualsSign(input, ref offset))
                    {
                        return(0);
                    }

                    itemLength = HttpRuleParser.GetNumberLength(input, offset, allowDecimal: false);
                    if (itemLength == 0)
                    {
                        return(0);
                    }
                    var  numberString = input.Subsegment(offset, itemLength);
                    long maxAge;
                    if (!HeaderUtilities.TryParseNonNegativeInt64(numberString, out maxAge))
                    {
                        // Invalid expiration date, abort
                        return(0);
                    }
                    result.MaxAge = TimeSpan.FromSeconds(maxAge);
                    offset       += itemLength;
                }
                // domain-av = "Domain=" domain-value
                // domain-value = <subdomain> ; defined in [RFC1034], Section 3.5, as enhanced by [RFC1123], Section 2.1
                else if (StringSegment.Equals(token, DomainToken, StringComparison.OrdinalIgnoreCase))
                {
                    // = (no spaces)
                    if (!ReadEqualsSign(input, ref offset))
                    {
                        return(0);
                    }
                    // We don't do any detailed validation on the domain.
                    result.Domain = ReadToSemicolonOrEnd(input, ref offset);
                }
                // path-av = "Path=" path-value
                // path-value = <any CHAR except CTLs or ";">
                else if (StringSegment.Equals(token, PathToken, StringComparison.OrdinalIgnoreCase))
                {
                    // = (no spaces)
                    if (!ReadEqualsSign(input, ref offset))
                    {
                        return(0);
                    }
                    // We don't do any detailed validation on the path.
                    result.Path = ReadToSemicolonOrEnd(input, ref offset);
                }
                // secure-av = "Secure"
                else if (StringSegment.Equals(token, SecureToken, StringComparison.OrdinalIgnoreCase))
                {
                    result.Secure = true;
                }
                // samesite-av = "SameSite" / "SameSite=" samesite-value
                // samesite-value = "Strict" / "Lax"
                else if (StringSegment.Equals(token, SameSiteToken, StringComparison.OrdinalIgnoreCase))
                {
                    if (!ReadEqualsSign(input, ref offset))
                    {
                        result.SameSite = SameSiteMode.Strict;
                    }
                    else
                    {
                        var enforcementMode = ReadToSemicolonOrEnd(input, ref offset);

                        if (StringSegment.Equals(enforcementMode, SameSiteLaxToken, StringComparison.OrdinalIgnoreCase))
                        {
                            result.SameSite = SameSiteMode.Lax;
                        }
                        else
                        {
                            result.SameSite = SameSiteMode.Strict;
                        }
                    }
                }
                // httponly-av = "HttpOnly"
                else if (StringSegment.Equals(token, HttpOnlyToken, StringComparison.OrdinalIgnoreCase))
                {
                    result.HttpOnly = true;
                }
                // extension-av = <any CHAR except CTLs or ";">
                else
                {
                    // TODO: skiping it for now to avoid parsing failure? Store it in a list?
                    // = (no spaces)
                    if (!ReadEqualsSign(input, ref offset))
                    {
                        return(0);
                    }
                    ReadToSemicolonOrEnd(input, ref offset);
                }
            }

            parsedValue = result;
            return(offset - startIndex);
        }
Пример #11
0
        public static bool TryParse(StringSegment input, out CookieHeaderValue parsedValue)
        {
            var index = 0;

            return(SingleValueParser.TryParseValue(input, ref index, out parsedValue));
        }