CPPSERV Documentation Download TODO Mailing lists Bug tracker News RSS Feed Browse source
Cookie.cpp

00001 /*
00002  * ====================================================================
00003  *
00004  * The Apache Software License, Version 1.1
00005  *
00006  * Copyright (c) 1999-2001 The Apache Software Foundation.  All rights
00007  * reserved.
00008  *
00009  * Redistribution and use in source and binary forms, with or without
00010  * modification, are permitted provided that the following conditions
00011  * are met:
00012  *
00013  * 1. Redistributions of source code must retain the above copyright
00014  *    notice, this list of conditions and the following disclaimer.
00015  *
00016  * 2. Redistributions in binary form must reproduce the above copyright
00017  *    notice, this list of conditions and the following disclaimer in
00018  *    the documentation and/or other materials provided with the
00019  *    distribution.
00020  *
00021  * 3. The end-user documentation included with the redistribution, if
00022  *    any, must include the following acknowlegement:
00023  *       "This product includes software developed by the
00024  *        Apache Software Foundation (http://www.apache.org/)."
00025  *    Alternately, this acknowlegement may appear in the software itself,
00026  *    if and wherever such third-party acknowlegements normally appear.
00027  *
00028  * 4. The names "The Jakarta Project", "Tomcat", and "Apache Software
00029  *    Foundation" must not be used to endorse or promote products derived
00030  *    from this software without prior written permission. For written
00031  *    permission, please contact apache@apache.org.
00032  *
00033  * 5. Products derived from this software may not be called "Apache"
00034  *    nor may "Apache" appear in their names without prior written
00035  *    permission of the Apache Group.
00036  *
00037  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
00038  * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
00039  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
00040  * DISCLAIMED.  IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
00041  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
00042  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
00043  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
00044  * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
00045  * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
00046  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
00047  * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
00048  * SUCH DAMAGE.
00049  * ====================================================================
00050  *
00051  */
00052 
00053 #include <servlet/Cookie.h>
00054 #include <servlet/IllegalArgumentException.h>
00055 #include <algorithm>
00056 #include <stdexcept>
00057 
00058 using namespace std;
00059 
00060 namespace servlet
00061 {
00062 //--------------------------------------------------------------------
00063 Cookie::Cookie(const std::string& name, const std::string& value)
00064     : maxAge(-1)
00065     , secure(false)
00066     , version(1)
00067 {
00068         string lowerName = name;
00069         std::transform(name.begin(), name.end(), lowerName.begin(), ::tolower);
00070         if (!isValidName(lowerName)
00071                 || lowerName == "comment"       // rfc2019
00072                 || lowerName == "discard"       // 2019++
00073                 || lowerName == "domain"
00074                 || lowerName == "expires"       // (old cookies)
00075                 || lowerName == "max-age"       // rfc2019
00076                 || lowerName == "path"
00077                 || lowerName == "secure"
00078                 || lowerName == "version"
00079                 || lowerName[0] == '$'
00080             )
00081         {
00082             throw servlet::IllegalArgumentException("Cookie name \""+lowerName+"\" is not valid.");
00083         }
00084         this->name = name;
00085         this->value = value;
00086 }
00087 //--------------------------------------------------------------------
00088 /*
00089         Tells weather 'value' is a valid cookie name.
00090         Quoting from RFC 2109 and RFC 2068.
00091 
00092           NAME           =       attr
00093 
00094           attr           =       token
00095 
00096           CTL            = <any US-ASCII control character
00097                            (octets 0 - 31) and DEL (127)>
00098 
00099           token          = 1*<any CHAR except CTLs or tspecials>
00100 
00101           tspecials      = "(" | ")" | "<" | ">" | "@"
00102                          | "," | ";" | ":" | "\" | <">
00103                          | "/" | "[" | "]" | "?" | "="
00104                          | "{" | "}" | SP | HT
00105 
00106           SP             = <US-ASCII SP, space (32)>
00107           HT             = <US-ASCII HT, horizontal-tab (9)>
00108 
00109 */
00110 bool  Cookie::isValidName(const std::string& value) const {
00111     int len = value.length();
00112 
00113     for (int i = 0; i < len; i++) {
00114         char c=value[i];
00115         if(c <= 0x1F || c>= 0x7f)
00116             return false;
00117         switch(c){
00118             case '(':
00119             case ')':
00120             case '<':
00121             case '>':
00122             case '@':
00123             case ',':
00124             case ';':
00125             case ':':
00126             case '\\':
00127             case '"':
00128             case '/':
00129             case '[':
00130             case ']':
00131             case '?':
00132             case '=':
00133             case '{':
00134             case '}':
00135             case ' ': //SP
00136             case '\t'://HT
00137                 return false;
00138         }
00139     }
00140     return true;
00141 }
00142 //--------------------------------------------------------------------
00143 }