summaryrefslogtreecommitdiff
path: root/dpi/cookies.c
diff options
context:
space:
mode:
Diffstat (limited to 'dpi/cookies.c')
-rw-r--r--dpi/cookies.c50
1 files changed, 29 insertions, 21 deletions
diff --git a/dpi/cookies.c b/dpi/cookies.c
index a5142224..734dc016 100644
--- a/dpi/cookies.c
+++ b/dpi/cookies.c
@@ -13,10 +13,9 @@
*
*/
-/* This is written to follow the HTTP State Working Group's
- * draft-ietf-httpstate-cookie-01.txt.
+/* The current standard for cookies is RFC 6265.
*
- * Info on cookies in the wild:
+ * Info from 2009 on cookies in the wild:
* http://www.ietf.org/mail-archive/web/http-state/current/msg00078.html
* And dates specifically:
* http://www.ietf.org/mail-archive/web/http-state/current/msg00128.html
@@ -413,15 +412,24 @@ static void Cookies_save_and_free()
while ((node = dList_nth_data(domains, 0))) {
for (i = 0; (cookie = dList_nth_data(node->cookies, i)); ++i) {
if (!cookie->session_only && difftime(cookie->expires_at, now) > 0) {
- fprintf(file_stream, "%s\t%s\t%s\t%s\t%ld\t%s\t%s\n",
- cookie->domain,
- cookie->host_only ? "FALSE" : "TRUE",
- cookie->path,
- cookie->secure ? "TRUE" : "FALSE",
- (long)difftime(cookie->expires_at, cookies_epoch_time),
- cookie->name,
- cookie->value);
- saved++;
+ int len;
+ char buf[LINE_MAXLEN];
+
+ len = snprintf(buf, LINE_MAXLEN, "%s\t%s\t%s\t%s\t%ld\t%s\t%s\n",
+ cookie->domain,
+ cookie->host_only ? "FALSE" : "TRUE",
+ cookie->path,
+ cookie->secure ? "TRUE" : "FALSE",
+ (long) difftime(cookie->expires_at,
+ cookies_epoch_time),
+ cookie->name,
+ cookie->value);
+ if (len < LINE_MAXLEN) {
+ fprintf(file_stream, "%s", buf);
+ saved++;
+ } else {
+ MSG("Not saving overly long cookie for %s.\n", cookie->domain);
+ }
}
Cookies_free_cookie(cookie);
}
@@ -481,7 +489,7 @@ static int Cookies_get_month(const char *month_name)
*
* Return a pointer to a struct tm, or NULL on error.
*
- * NOTE that the draft spec wants user agents to be more flexible in what
+ * NOTE that the RFC wants user agents to be more flexible in what
* they accept. For now, let's hack in special cases when they're encountered.
* Why? Because this function is currently understandable, and I don't want to
* abandon that (or at best decrease that -- see section 5.1.1) until there
@@ -1029,11 +1037,11 @@ static uint_t Cookies_internal_dots_required(const char *host)
if (tld_len > 0) {
/* These TLDs were chosen by examining the current publicsuffix list
- * in January 2010 and picking out those where it was simplest for
+ * in September 2011 and picking out those where it was simplest for
* them to describe the situation by beginning with a "*.[tld]" rule.
*/
- const char *const tlds[] = {"ar","au","bd","bn","bt","ck","cy","do",
- "eg","er","et","fj","fk","gt","gu","id",
+ const char *const tlds[] = {"ar","au","bd","bn","bt","ck","cy",
+ "er","et","fj","fk","gt","gu","id",
"il","jm","ke","kh","kw","ml","mm","mt",
"mz","ni","np","nz","om","pg","py","qa",
"sv","tr","uk","uy","ve","ye","yu","za",
@@ -1136,8 +1144,8 @@ static bool_t Cookies_match(CookieData_t *cookie, const char *url_path,
if (cookie->host_only != host_only_val)
return FALSE;
- /* Insecure cookies matches both secure and insecure urls, secure
- cookies matches only secure urls */
+ /* Insecure cookies match both secure and insecure urls, secure
+ cookies match only secure urls */
if (cookie->secure && !is_ssl)
return FALSE;
@@ -1274,10 +1282,10 @@ static char *Cookies_get(char *url_host, char *url_path,
str = cookie_dstring->str;
dStr_free(cookie_dstring, FALSE);
- if (*str)
+ if (*str) {
+ MSG("%s GETTING: %s", url_host, str);
cookies_use_counter++;
-
- MSG("%s GETTING: %s\n", url_host, str);
+ }
return str;
}