2 * Wininet - cookie handling stuff
4 * Copyright 2002 TransGaming Technologies Inc.
8 * This library is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public
10 * License as published by the Free Software Foundation; either
11 * version 2.1 of the License, or (at your option) any later version.
13 * This library is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
18 * You should have received a copy of the GNU Lesser General Public
19 * License along with this library; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
24 #include "wine/port.h"
26 #if defined(__MINGW32__) || defined (_MSC_VER)
43 #include "wine/debug.h"
46 #define RESPONSE_TIMEOUT 30 /* FROM internet.c */
49 WINE_DEFAULT_DEBUG_CHANNEL(wininet);
52 * Cookies are currently memory only.
53 * Cookies are NOT THREAD SAFE
54 * Cookies could use A LOT OF MEMORY. We need some kind of memory management here!
57 typedef struct _cookie_domain cookie_domain;
58 typedef struct _cookie cookie;
64 struct _cookie_domain *parent;
75 LPWSTR lpCookieDomain;
77 struct list cookie_list;
80 static struct list domain_list = LIST_INIT(domain_list);
82 static cookie *COOKIE_addCookie(cookie_domain *domain, LPCWSTR name, LPCWSTR data, FILETIME expiry);
83 static cookie *COOKIE_findCookie(cookie_domain *domain, LPCWSTR lpszCookieName);
84 static void COOKIE_deleteCookie(cookie *deadCookie, BOOL deleteDomain);
85 static cookie_domain *COOKIE_addDomain(LPCWSTR domain, LPCWSTR path);
86 static void COOKIE_deleteDomain(cookie_domain *deadDomain);
89 /* adds a cookie to the domain */
90 static cookie *COOKIE_addCookie(cookie_domain *domain, LPCWSTR name, LPCWSTR data, FILETIME expiry)
92 cookie *newCookie = heap_alloc(sizeof(cookie));
94 list_init(&newCookie->entry);
95 newCookie->lpCookieName = NULL;
96 newCookie->lpCookieData = NULL;
97 newCookie->expiry = expiry;
98 newCookie->lpCookieName = heap_strdupW(name);
99 newCookie->lpCookieData = heap_strdupW(data);
101 TRACE("added cookie %p (data is %s)\n", newCookie, debugstr_w(data) );
103 list_add_tail(&domain->cookie_list, &newCookie->entry);
104 newCookie->parent = domain;
109 /* finds a cookie in the domain matching the cookie name */
110 static cookie *COOKIE_findCookie(cookie_domain *domain, LPCWSTR lpszCookieName)
112 struct list * cursor;
113 TRACE("(%p, %s)\n", domain, debugstr_w(lpszCookieName));
115 LIST_FOR_EACH(cursor, &domain->cookie_list)
117 cookie *searchCookie = LIST_ENTRY(cursor, cookie, entry);
118 BOOL candidate = TRUE;
119 if (candidate && lpszCookieName)
121 if (candidate && !searchCookie->lpCookieName)
123 if (candidate && strcmpW(lpszCookieName, searchCookie->lpCookieName) != 0)
132 /* removes a cookie from the list, if its the last cookie we also remove the domain */
133 static void COOKIE_deleteCookie(cookie *deadCookie, BOOL deleteDomain)
135 heap_free(deadCookie->lpCookieName);
136 heap_free(deadCookie->lpCookieData);
137 list_remove(&deadCookie->entry);
139 /* special case: last cookie, lets remove the domain to save memory */
140 if (list_empty(&deadCookie->parent->cookie_list) && deleteDomain)
141 COOKIE_deleteDomain(deadCookie->parent);
142 heap_free(deadCookie);
145 /* allocates a domain and adds it to the end */
146 static cookie_domain *COOKIE_addDomain(LPCWSTR domain, LPCWSTR path)
148 cookie_domain *newDomain = heap_alloc(sizeof(cookie_domain));
150 list_init(&newDomain->entry);
151 list_init(&newDomain->cookie_list);
152 newDomain->lpCookieDomain = NULL;
153 newDomain->lpCookiePath = NULL;
154 newDomain->lpCookieDomain = heap_strdupW(domain);
155 newDomain->lpCookiePath = heap_strdupW(path);
157 list_add_tail(&domain_list, &newDomain->entry);
159 TRACE("Adding domain: %p\n", newDomain);
163 static BOOL COOKIE_crackUrlSimple(LPCWSTR lpszUrl, LPWSTR hostName, int hostNameLen, LPWSTR path, int pathLen)
165 URL_COMPONENTSW UrlComponents;
167 UrlComponents.lpszExtraInfo = NULL;
168 UrlComponents.lpszPassword = NULL;
169 UrlComponents.lpszScheme = NULL;
170 UrlComponents.lpszUrlPath = path;
171 UrlComponents.lpszUserName = NULL;
172 UrlComponents.lpszHostName = hostName;
173 UrlComponents.dwExtraInfoLength = 0;
174 UrlComponents.dwPasswordLength = 0;
175 UrlComponents.dwSchemeLength = 0;
176 UrlComponents.dwUserNameLength = 0;
177 UrlComponents.dwHostNameLength = hostNameLen;
178 UrlComponents.dwUrlPathLength = pathLen;
180 if (!InternetCrackUrlW(lpszUrl, 0, 0, &UrlComponents)) return FALSE;
182 /* discard the webpage off the end of the path */
183 if (UrlComponents.dwUrlPathLength)
185 if (path[UrlComponents.dwUrlPathLength - 1] != '/')
188 if ((ptr = strrchrW(path, '/'))) *(++ptr) = 0;
196 else if (pathLen >= 2)
204 /* match a domain. domain must match if the domain is not NULL. path must match if the path is not NULL */
205 static BOOL COOKIE_matchDomain(LPCWSTR lpszCookieDomain, LPCWSTR lpszCookiePath,
206 cookie_domain *searchDomain, BOOL allow_partial)
208 TRACE("searching on domain %p\n", searchDomain);
209 if (lpszCookieDomain)
211 if (!searchDomain->lpCookieDomain)
214 TRACE("comparing domain %s with %s\n",
215 debugstr_w(lpszCookieDomain),
216 debugstr_w(searchDomain->lpCookieDomain));
218 if (allow_partial && !strstrW(lpszCookieDomain, searchDomain->lpCookieDomain))
220 else if (!allow_partial && lstrcmpW(lpszCookieDomain, searchDomain->lpCookieDomain) != 0)
226 TRACE("comparing paths: %s with %s\n", debugstr_w(lpszCookiePath), debugstr_w(searchDomain->lpCookiePath));
227 /* paths match at the beginning. so a path of /foo would match
228 * /foobar and /foo/bar
230 if (!searchDomain->lpCookiePath)
234 len = lstrlenW(searchDomain->lpCookiePath);
235 if (strncmpiW(searchDomain->lpCookiePath, lpszCookiePath, len)!=0)
238 else if (strcmpW(lpszCookiePath, searchDomain->lpCookiePath))
245 /* remove a domain from the list and delete it */
246 static void COOKIE_deleteDomain(cookie_domain *deadDomain)
248 struct list * cursor;
249 while ((cursor = list_tail(&deadDomain->cookie_list)))
251 COOKIE_deleteCookie(LIST_ENTRY(cursor, cookie, entry), FALSE);
254 heap_free(deadDomain->lpCookieDomain);
255 heap_free(deadDomain->lpCookiePath);
257 list_remove(&deadDomain->entry);
259 heap_free(deadDomain);
262 BOOL get_cookie(const WCHAR *host, const WCHAR *path, WCHAR *cookie_data, DWORD *size)
264 unsigned cnt = 0, len, domain_count = 0, cookie_count = 0;
265 cookie_domain *domain;
268 GetSystemTimeAsFileTime(&tm);
270 LIST_FOR_EACH_ENTRY(domain, &domain_list, cookie_domain, entry) {
271 struct list *cursor, *cursor2;
273 if(!COOKIE_matchDomain(host, path, domain, TRUE))
277 TRACE("found domain %p\n", domain);
279 LIST_FOR_EACH_SAFE(cursor, cursor2, &domain->cookie_list) {
280 cookie *cookie_iter = LIST_ENTRY(cursor, cookie, entry);
282 /* check for expiry */
283 if((cookie_iter->expiry.dwLowDateTime != 0 || cookie_iter->expiry.dwHighDateTime != 0)
284 && CompareFileTime(&tm, &cookie_iter->expiry) > 0)
286 TRACE("Found expired cookie. deleting\n");
287 COOKIE_deleteCookie(cookie_iter, FALSE);
291 if(!cookie_data) { /* return the size of the buffer required to lpdwSize */
294 cnt += strlenW(cookie_iter->lpCookieName);
295 if ((len = strlenW(cookie_iter->lpCookieData))) {
300 static const WCHAR szsc[] = { ';',' ',0 };
301 static const WCHAR szname[] = { '%','s',0 };
302 static const WCHAR szdata[] = { '=','%','s',0 };
304 if (cookie_count) cnt += snprintfW(cookie_data + cnt, *size - cnt, szsc);
305 cnt += snprintfW(cookie_data + cnt, *size - cnt, szname, cookie_iter->lpCookieName);
307 if (cookie_iter->lpCookieData[0])
308 cnt += snprintfW(cookie_data + cnt, *size - cnt, szdata, cookie_iter->lpCookieData);
310 TRACE("Cookie: %s\n", debugstr_w(cookie_data));
317 TRACE("no cookies found for %s\n", debugstr_w(host));
318 SetLastError(ERROR_NO_MORE_ITEMS);
323 *size = (cnt + 1) * sizeof(WCHAR);
324 TRACE("returning %u\n", *size);
330 TRACE("Returning %u (from %u domains): %s\n", cnt, domain_count, debugstr_w(cookie_data));
334 /***********************************************************************
335 * InternetGetCookieW (WININET.@)
337 * Retrieve cookie from the specified url
339 * It should be noted that on windows the lpszCookieName parameter is "not implemented".
340 * So it won't be implemented here.
347 BOOL WINAPI InternetGetCookieW(LPCWSTR lpszUrl, LPCWSTR lpszCookieName,
348 LPWSTR lpCookieData, LPDWORD lpdwSize)
350 WCHAR host[INTERNET_MAX_HOST_NAME_LENGTH], path[INTERNET_MAX_PATH_LENGTH];
353 TRACE("(%s, %s, %p, %p)\n", debugstr_w(lpszUrl),debugstr_w(lpszCookieName), lpCookieData, lpdwSize);
357 SetLastError(ERROR_INVALID_PARAMETER);
362 ret = COOKIE_crackUrlSimple(lpszUrl, host, sizeof(host)/sizeof(host[0]), path, sizeof(path)/sizeof(path[0]));
363 if (!ret || !host[0]) return FALSE;
365 return get_cookie(host, path, lpCookieData, lpdwSize);
369 /***********************************************************************
370 * InternetGetCookieA (WININET.@)
372 * Retrieve cookie from the specified url
379 BOOL WINAPI InternetGetCookieA(LPCSTR lpszUrl, LPCSTR lpszCookieName,
380 LPSTR lpCookieData, LPDWORD lpdwSize)
383 LPWSTR szCookieData = NULL, url, name;
386 TRACE("(%s,%s,%p)\n", debugstr_a(lpszUrl), debugstr_a(lpszCookieName),
389 url = heap_strdupAtoW(lpszUrl);
390 name = heap_strdupAtoW(lpszCookieName);
392 r = InternetGetCookieW( url, name, NULL, &len );
395 szCookieData = heap_alloc(len * sizeof(WCHAR));
402 r = InternetGetCookieW( url, name, szCookieData, &len );
404 *lpdwSize = WideCharToMultiByte( CP_ACP, 0, szCookieData, len,
405 lpCookieData, *lpdwSize, NULL, NULL );
408 heap_free( szCookieData );
414 BOOL set_cookie(LPCWSTR domain, LPCWSTR path, LPCWSTR cookie_name, LPCWSTR cookie_data)
416 cookie_domain *thisCookieDomain = NULL;
422 BOOL expired = FALSE;
424 value = data = heap_strdupW(cookie_data);
427 ERR("could not allocate the cookie data buffer\n");
431 memset(&expiry,0,sizeof(expiry));
433 /* lots of information can be parsed out of the cookie value */
438 static const WCHAR szDomain[] = {'d','o','m','a','i','n','=',0};
439 static const WCHAR szPath[] = {'p','a','t','h','=',0};
440 static const WCHAR szExpires[] = {'e','x','p','i','r','e','s','=',0};
441 static const WCHAR szSecure[] = {'s','e','c','u','r','e',0};
442 static const WCHAR szHttpOnly[] = {'h','t','t','p','o','n','l','y',0};
444 if (!(ptr = strchrW(ptr,';'))) break;
447 if (value != data) heap_free(value);
448 value = heap_alloc((ptr - data) * sizeof(WCHAR));
452 ERR("could not allocate the cookie value buffer\n");
455 strcpyW(value, data);
457 while (*ptr == ' ') ptr++; /* whitespace */
459 if (strncmpiW(ptr, szDomain, 7) == 0)
461 ptr+=strlenW(szDomain);
463 TRACE("Parsing new domain %s\n",debugstr_w(domain));
465 else if (strncmpiW(ptr, szPath, 5) == 0)
467 ptr+=strlenW(szPath);
469 TRACE("Parsing new path %s\n",debugstr_w(path));
471 else if (strncmpiW(ptr, szExpires, 8) == 0)
475 FIXME("persistent cookies not handled (%s)\n",debugstr_w(ptr));
476 ptr+=strlenW(szExpires);
477 if (InternetTimeToSystemTimeW(ptr, &st, 0))
479 SystemTimeToFileTime(&st, &expiry);
480 GetSystemTimeAsFileTime(&ft);
482 if (CompareFileTime(&ft,&expiry) > 0)
484 TRACE("Cookie already expired.\n");
489 else if (strncmpiW(ptr, szSecure, 6) == 0)
491 FIXME("secure not handled (%s)\n",debugstr_w(ptr));
492 ptr += strlenW(szSecure);
494 else if (strncmpiW(ptr, szHttpOnly, 8) == 0)
496 FIXME("httponly not handled (%s)\n",debugstr_w(ptr));
497 ptr += strlenW(szHttpOnly);
501 FIXME("Unknown additional option %s\n",debugstr_w(ptr));
506 LIST_FOR_EACH(cursor, &domain_list)
508 thisCookieDomain = LIST_ENTRY(cursor, cookie_domain, entry);
509 if (COOKIE_matchDomain(domain, path, thisCookieDomain, FALSE))
511 thisCookieDomain = NULL;
514 if (!thisCookieDomain)
517 thisCookieDomain = COOKIE_addDomain(domain, path);
521 if (value != data) heap_free(value);
526 if ((thisCookie = COOKIE_findCookie(thisCookieDomain, cookie_name)))
527 COOKIE_deleteCookie(thisCookie, FALSE);
529 TRACE("setting cookie %s=%s for domain %s path %s\n", debugstr_w(cookie_name),
530 debugstr_w(value), debugstr_w(thisCookieDomain->lpCookieDomain),debugstr_w(thisCookieDomain->lpCookiePath));
532 if (!expired && !COOKIE_addCookie(thisCookieDomain, cookie_name, value, expiry))
535 if (value != data) heap_free(value);
539 if (value != data) heap_free(value);
543 /***********************************************************************
544 * InternetSetCookieW (WININET.@)
546 * Sets cookie for the specified url
553 BOOL WINAPI InternetSetCookieW(LPCWSTR lpszUrl, LPCWSTR lpszCookieName,
554 LPCWSTR lpCookieData)
557 WCHAR hostName[INTERNET_MAX_HOST_NAME_LENGTH], path[INTERNET_MAX_PATH_LENGTH];
559 TRACE("(%s,%s,%s)\n", debugstr_w(lpszUrl),
560 debugstr_w(lpszCookieName), debugstr_w(lpCookieData));
562 if (!lpszUrl || !lpCookieData)
564 SetLastError(ERROR_INVALID_PARAMETER);
569 ret = COOKIE_crackUrlSimple(lpszUrl, hostName, sizeof(hostName)/sizeof(hostName[0]), path, sizeof(path)/sizeof(path[0]));
570 if (!ret || !hostName[0]) return FALSE;
574 WCHAR *cookie, *data;
576 cookie = heap_strdupW(lpCookieData);
579 SetLastError(ERROR_OUTOFMEMORY);
583 /* some apps (or is it us??) try to add a cookie with no cookie name, but
584 * the cookie data in the form of name[=data].
586 if (!(data = strchrW(cookie, '='))) data = cookie + strlenW(cookie);
589 ret = set_cookie(hostName, path, cookie, data);
594 return set_cookie(hostName, path, lpszCookieName, lpCookieData);
598 /***********************************************************************
599 * InternetSetCookieA (WININET.@)
601 * Sets cookie for the specified url
608 BOOL WINAPI InternetSetCookieA(LPCSTR lpszUrl, LPCSTR lpszCookieName,
611 LPWSTR data, url, name;
614 TRACE("(%s,%s,%s)\n", debugstr_a(lpszUrl),
615 debugstr_a(lpszCookieName), debugstr_a(lpCookieData));
617 url = heap_strdupAtoW(lpszUrl);
618 name = heap_strdupAtoW(lpszCookieName);
619 data = heap_strdupAtoW(lpCookieData);
621 r = InternetSetCookieW( url, name, data );
629 /***********************************************************************
630 * InternetSetCookieExA (WININET.@)
632 * See InternetSetCookieExW.
634 DWORD WINAPI InternetSetCookieExA( LPCSTR lpszURL, LPCSTR lpszCookieName, LPCSTR lpszCookieData,
635 DWORD dwFlags, DWORD_PTR dwReserved)
637 TRACE("(%s, %s, %s, 0x%08x, 0x%08lx)\n",
638 debugstr_a(lpszURL), debugstr_a(lpszCookieName), debugstr_a(lpszCookieData),
639 dwFlags, dwReserved);
641 if (dwFlags) FIXME("flags 0x%08x not supported\n", dwFlags);
642 return InternetSetCookieA(lpszURL, lpszCookieName, lpszCookieData);
645 /***********************************************************************
646 * InternetSetCookieExW (WININET.@)
648 * Sets a cookie for the specified URL.
655 DWORD WINAPI InternetSetCookieExW( LPCWSTR lpszURL, LPCWSTR lpszCookieName, LPCWSTR lpszCookieData,
656 DWORD dwFlags, DWORD_PTR dwReserved)
658 TRACE("(%s, %s, %s, 0x%08x, 0x%08lx)\n",
659 debugstr_w(lpszURL), debugstr_w(lpszCookieName), debugstr_w(lpszCookieData),
660 dwFlags, dwReserved);
662 if (dwFlags) FIXME("flags 0x%08x not supported\n", dwFlags);
663 return InternetSetCookieW(lpszURL, lpszCookieName, lpszCookieData);
666 /***********************************************************************
667 * InternetGetCookieExA (WININET.@)
669 * See InternetGetCookieExW.
671 BOOL WINAPI InternetGetCookieExA( LPCSTR pchURL, LPCSTR pchCookieName, LPSTR pchCookieData,
672 LPDWORD pcchCookieData, DWORD dwFlags, LPVOID lpReserved)
674 TRACE("(%s, %s, %s, %p, 0x%08x, %p)\n",
675 debugstr_a(pchURL), debugstr_a(pchCookieName), debugstr_a(pchCookieData),
676 pcchCookieData, dwFlags, lpReserved);
678 if (dwFlags) FIXME("flags 0x%08x not supported\n", dwFlags);
679 return InternetGetCookieA(pchURL, pchCookieName, pchCookieData, pcchCookieData);
682 /***********************************************************************
683 * InternetGetCookieExW (WININET.@)
685 * Retrieve cookie for the specified URL.
692 BOOL WINAPI InternetGetCookieExW( LPCWSTR pchURL, LPCWSTR pchCookieName, LPWSTR pchCookieData,
693 LPDWORD pcchCookieData, DWORD dwFlags, LPVOID lpReserved)
695 TRACE("(%s, %s, %s, %p, 0x%08x, %p)\n",
696 debugstr_w(pchURL), debugstr_w(pchCookieName), debugstr_w(pchCookieData),
697 pcchCookieData, dwFlags, lpReserved);
699 if (dwFlags) FIXME("flags 0x%08x not supported\n", dwFlags);
700 return InternetGetCookieW(pchURL, pchCookieName, pchCookieData, pcchCookieData);
703 /***********************************************************************
704 * InternetClearAllPerSiteCookieDecisions (WININET.@)
706 * Clears all per-site decisions about cookies.
713 BOOL WINAPI InternetClearAllPerSiteCookieDecisions( VOID )
719 /***********************************************************************
720 * InternetEnumPerSiteCookieDecisionA (WININET.@)
722 * See InternetEnumPerSiteCookieDecisionW.
724 BOOL WINAPI InternetEnumPerSiteCookieDecisionA( LPSTR pszSiteName, ULONG *pcSiteNameSize,
725 ULONG *pdwDecision, ULONG dwIndex )
727 FIXME("(%s, %p, %p, 0x%08x) stub\n",
728 debugstr_a(pszSiteName), pcSiteNameSize, pdwDecision, dwIndex);
732 /***********************************************************************
733 * InternetEnumPerSiteCookieDecisionW (WININET.@)
735 * Enumerates all per-site decisions about cookies.
742 BOOL WINAPI InternetEnumPerSiteCookieDecisionW( LPWSTR pszSiteName, ULONG *pcSiteNameSize,
743 ULONG *pdwDecision, ULONG dwIndex )
745 FIXME("(%s, %p, %p, 0x%08x) stub\n",
746 debugstr_w(pszSiteName), pcSiteNameSize, pdwDecision, dwIndex);
750 /***********************************************************************
751 * InternetGetPerSiteCookieDecisionA (WININET.@)
753 BOOL WINAPI InternetGetPerSiteCookieDecisionA( LPCSTR pwchHostName, ULONG *pResult )
755 FIXME("(%s, %p) stub\n", debugstr_a(pwchHostName), pResult);
759 /***********************************************************************
760 * InternetGetPerSiteCookieDecisionW (WININET.@)
762 BOOL WINAPI InternetGetPerSiteCookieDecisionW( LPCWSTR pwchHostName, ULONG *pResult )
764 FIXME("(%s, %p) stub\n", debugstr_w(pwchHostName), pResult);
768 /***********************************************************************
769 * InternetSetPerSiteCookieDecisionA (WININET.@)
771 BOOL WINAPI InternetSetPerSiteCookieDecisionA( LPCSTR pchHostName, DWORD dwDecision )
773 FIXME("(%s, 0x%08x) stub\n", debugstr_a(pchHostName), dwDecision);
777 /***********************************************************************
778 * InternetSetPerSiteCookieDecisionW (WININET.@)
780 BOOL WINAPI InternetSetPerSiteCookieDecisionW( LPCWSTR pchHostName, DWORD dwDecision )
782 FIXME("(%s, 0x%08x) stub\n", debugstr_w(pchHostName), dwDecision);
786 /***********************************************************************
787 * IsDomainLegalCookieDomainW (WININET.@)
789 BOOL WINAPI IsDomainLegalCookieDomainW( LPCWSTR s1, LPCWSTR s2 )
793 FIXME("(%s, %s)\n", debugstr_w(s1), debugstr_w(s2));
797 SetLastError(ERROR_INVALID_PARAMETER);
800 if (s1[0] == '.' || !s1[0] || s2[0] == '.' || !s2[0])
802 SetLastError(ERROR_INVALID_NAME);
805 if (!(p = strchrW(s2, '.'))) return FALSE;
806 if (strchrW(p + 1, '.') && !strcmpW(p + 1, s1)) return TRUE;
807 else if (!strcmpW(s1, s2)) return TRUE;