xref: /aosp_15_r20/external/curl/lib/cookie.h (revision 6236dae45794135f37c4eb022389c904c8b0090d) 
1*6236dae4SAndroid Build Coastguard Worker #ifndef HEADER_CURL_COOKIE_H
2*6236dae4SAndroid Build Coastguard Worker #define HEADER_CURL_COOKIE_H
3*6236dae4SAndroid Build Coastguard Worker /***************************************************************************
4*6236dae4SAndroid Build Coastguard Worker  *                                  _   _ ____  _
5*6236dae4SAndroid Build Coastguard Worker  *  Project                     ___| | | |  _ \| |
6*6236dae4SAndroid Build Coastguard Worker  *                             / __| | | | |_) | |
7*6236dae4SAndroid Build Coastguard Worker  *                            | (__| |_| |  _ <| |___
8*6236dae4SAndroid Build Coastguard Worker  *                             \___|\___/|_| \_\_____|
9*6236dae4SAndroid Build Coastguard Worker  *
10*6236dae4SAndroid Build Coastguard Worker  * Copyright (C) Daniel Stenberg, <[email protected]>, et al.
11*6236dae4SAndroid Build Coastguard Worker  *
12*6236dae4SAndroid Build Coastguard Worker  * This software is licensed as described in the file COPYING, which
13*6236dae4SAndroid Build Coastguard Worker  * you should have received as part of this distribution. The terms
14*6236dae4SAndroid Build Coastguard Worker  * are also available at https://curl.se/docs/copyright.html.
15*6236dae4SAndroid Build Coastguard Worker  *
16*6236dae4SAndroid Build Coastguard Worker  * You may opt to use, copy, modify, merge, publish, distribute and/or sell
17*6236dae4SAndroid Build Coastguard Worker  * copies of the Software, and permit persons to whom the Software is
18*6236dae4SAndroid Build Coastguard Worker  * furnished to do so, under the terms of the COPYING file.
19*6236dae4SAndroid Build Coastguard Worker  *
20*6236dae4SAndroid Build Coastguard Worker  * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
21*6236dae4SAndroid Build Coastguard Worker  * KIND, either express or implied.
22*6236dae4SAndroid Build Coastguard Worker  *
23*6236dae4SAndroid Build Coastguard Worker  * SPDX-License-Identifier: curl
24*6236dae4SAndroid Build Coastguard Worker  *
25*6236dae4SAndroid Build Coastguard Worker  ***************************************************************************/
26*6236dae4SAndroid Build Coastguard Worker #include "curl_setup.h"
27*6236dae4SAndroid Build Coastguard Worker 
28*6236dae4SAndroid Build Coastguard Worker #include <curl/curl.h>
29*6236dae4SAndroid Build Coastguard Worker 
30*6236dae4SAndroid Build Coastguard Worker #include "llist.h"
31*6236dae4SAndroid Build Coastguard Worker 
32*6236dae4SAndroid Build Coastguard Worker struct Cookie {
33*6236dae4SAndroid Build Coastguard Worker   struct Curl_llist_node node; /* for the main cookie list */
34*6236dae4SAndroid Build Coastguard Worker   struct Curl_llist_node getnode; /* for getlist */
35*6236dae4SAndroid Build Coastguard Worker   char *name;         /* <this> = value */
36*6236dae4SAndroid Build Coastguard Worker   char *value;        /* name = <this> */
37*6236dae4SAndroid Build Coastguard Worker   char *path;         /* path = <this> which is in Set-Cookie: */
38*6236dae4SAndroid Build Coastguard Worker   char *spath;        /* sanitized cookie path */
39*6236dae4SAndroid Build Coastguard Worker   char *domain;       /* domain = <this> */
40*6236dae4SAndroid Build Coastguard Worker   curl_off_t expires; /* expires = <this> */
41*6236dae4SAndroid Build Coastguard Worker   int creationtime;   /* time when the cookie was written */
42*6236dae4SAndroid Build Coastguard Worker   BIT(tailmatch);     /* tail-match the domain name */
43*6236dae4SAndroid Build Coastguard Worker   BIT(secure);        /* the 'secure' keyword was used */
44*6236dae4SAndroid Build Coastguard Worker   BIT(livecookie);    /* updated from a server, not a stored file */
45*6236dae4SAndroid Build Coastguard Worker   BIT(httponly);      /* the httponly directive is present */
46*6236dae4SAndroid Build Coastguard Worker   BIT(prefix_secure); /* secure prefix is set */
47*6236dae4SAndroid Build Coastguard Worker   BIT(prefix_host);   /* host prefix is set */
48*6236dae4SAndroid Build Coastguard Worker };
49*6236dae4SAndroid Build Coastguard Worker 
50*6236dae4SAndroid Build Coastguard Worker /*
51*6236dae4SAndroid Build Coastguard Worker  * Available cookie prefixes, as defined in
52*6236dae4SAndroid Build Coastguard Worker  * draft-ietf-httpbis-rfc6265bis-02
53*6236dae4SAndroid Build Coastguard Worker  */
54*6236dae4SAndroid Build Coastguard Worker #define COOKIE_PREFIX__SECURE (1<<0)
55*6236dae4SAndroid Build Coastguard Worker #define COOKIE_PREFIX__HOST (1<<1)
56*6236dae4SAndroid Build Coastguard Worker 
57*6236dae4SAndroid Build Coastguard Worker #define COOKIE_HASH_SIZE 63
58*6236dae4SAndroid Build Coastguard Worker 
59*6236dae4SAndroid Build Coastguard Worker struct CookieInfo {
60*6236dae4SAndroid Build Coastguard Worker   /* linked lists of cookies we know of */
61*6236dae4SAndroid Build Coastguard Worker   struct Curl_llist cookielist[COOKIE_HASH_SIZE];
62*6236dae4SAndroid Build Coastguard Worker   curl_off_t next_expiration; /* the next time at which expiration happens */
63*6236dae4SAndroid Build Coastguard Worker   int numcookies;  /* number of cookies in the "jar" */
64*6236dae4SAndroid Build Coastguard Worker   int lastct;      /* last creation-time used in the jar */
65*6236dae4SAndroid Build Coastguard Worker   bool running;    /* state info, for cookie adding information */
66*6236dae4SAndroid Build Coastguard Worker   bool newsession; /* new session, discard session cookies on load */
67*6236dae4SAndroid Build Coastguard Worker };
68*6236dae4SAndroid Build Coastguard Worker 
69*6236dae4SAndroid Build Coastguard Worker /* The maximum sizes we accept for cookies. RFC 6265 section 6.1 says
70*6236dae4SAndroid Build Coastguard Worker    "general-use user agents SHOULD provide each of the following minimum
71*6236dae4SAndroid Build Coastguard Worker    capabilities":
72*6236dae4SAndroid Build Coastguard Worker 
73*6236dae4SAndroid Build Coastguard Worker    - At least 4096 bytes per cookie (as measured by the sum of the length of
74*6236dae4SAndroid Build Coastguard Worker      the cookie's name, value, and attributes).
75*6236dae4SAndroid Build Coastguard Worker    In the 6265bis draft document section 5.4 it is phrased even stronger: "If
76*6236dae4SAndroid Build Coastguard Worker    the sum of the lengths of the name string and the value string is more than
77*6236dae4SAndroid Build Coastguard Worker    4096 octets, abort these steps and ignore the set-cookie-string entirely."
78*6236dae4SAndroid Build Coastguard Worker */
79*6236dae4SAndroid Build Coastguard Worker 
80*6236dae4SAndroid Build Coastguard Worker /** Limits for INCOMING cookies **/
81*6236dae4SAndroid Build Coastguard Worker 
82*6236dae4SAndroid Build Coastguard Worker /* The longest we allow a line to be when reading a cookie from an HTTP header
83*6236dae4SAndroid Build Coastguard Worker    or from a cookie jar */
84*6236dae4SAndroid Build Coastguard Worker #define MAX_COOKIE_LINE 5000
85*6236dae4SAndroid Build Coastguard Worker 
86*6236dae4SAndroid Build Coastguard Worker /* Maximum length of an incoming cookie name or content we deal with. Longer
87*6236dae4SAndroid Build Coastguard Worker    cookies are ignored. */
88*6236dae4SAndroid Build Coastguard Worker #define MAX_NAME 4096
89*6236dae4SAndroid Build Coastguard Worker 
90*6236dae4SAndroid Build Coastguard Worker /* Maximum number of Set-Cookie: lines accepted in a single response. If more
91*6236dae4SAndroid Build Coastguard Worker    such header lines are received, they are ignored. This value must be less
92*6236dae4SAndroid Build Coastguard Worker    than 256 since an unsigned char is used to count. */
93*6236dae4SAndroid Build Coastguard Worker #define MAX_SET_COOKIE_AMOUNT 50
94*6236dae4SAndroid Build Coastguard Worker 
95*6236dae4SAndroid Build Coastguard Worker /** Limits for OUTGOING cookies **/
96*6236dae4SAndroid Build Coastguard Worker 
97*6236dae4SAndroid Build Coastguard Worker /* Maximum size for an outgoing cookie line libcurl will use in an http
98*6236dae4SAndroid Build Coastguard Worker    request. This is the default maximum length used in some versions of Apache
99*6236dae4SAndroid Build Coastguard Worker    httpd. */
100*6236dae4SAndroid Build Coastguard Worker #define MAX_COOKIE_HEADER_LEN 8190
101*6236dae4SAndroid Build Coastguard Worker 
102*6236dae4SAndroid Build Coastguard Worker /* Maximum number of cookies libcurl will send in a single request, even if
103*6236dae4SAndroid Build Coastguard Worker    there might be more cookies that match. One reason to cap the number is to
104*6236dae4SAndroid Build Coastguard Worker    keep the maximum HTTP request within the maximum allowed size. */
105*6236dae4SAndroid Build Coastguard Worker #define MAX_COOKIE_SEND_AMOUNT 150
106*6236dae4SAndroid Build Coastguard Worker 
107*6236dae4SAndroid Build Coastguard Worker struct Curl_easy;
108*6236dae4SAndroid Build Coastguard Worker /*
109*6236dae4SAndroid Build Coastguard Worker  * Add a cookie to the internal list of cookies. The domain and path arguments
110*6236dae4SAndroid Build Coastguard Worker  * are only used if the header boolean is TRUE.
111*6236dae4SAndroid Build Coastguard Worker  */
112*6236dae4SAndroid Build Coastguard Worker 
113*6236dae4SAndroid Build Coastguard Worker struct Cookie *Curl_cookie_add(struct Curl_easy *data,
114*6236dae4SAndroid Build Coastguard Worker                                struct CookieInfo *c, bool header,
115*6236dae4SAndroid Build Coastguard Worker                                bool noexpiry, const char *lineptr,
116*6236dae4SAndroid Build Coastguard Worker                                const char *domain, const char *path,
117*6236dae4SAndroid Build Coastguard Worker                                bool secure);
118*6236dae4SAndroid Build Coastguard Worker 
119*6236dae4SAndroid Build Coastguard Worker int Curl_cookie_getlist(struct Curl_easy *data,
120*6236dae4SAndroid Build Coastguard Worker                         struct CookieInfo *c, const char *host,
121*6236dae4SAndroid Build Coastguard Worker                         const char *path, bool secure,
122*6236dae4SAndroid Build Coastguard Worker                         struct Curl_llist *list);
123*6236dae4SAndroid Build Coastguard Worker void Curl_cookie_clearall(struct CookieInfo *cookies);
124*6236dae4SAndroid Build Coastguard Worker void Curl_cookie_clearsess(struct CookieInfo *cookies);
125*6236dae4SAndroid Build Coastguard Worker 
126*6236dae4SAndroid Build Coastguard Worker #if defined(CURL_DISABLE_HTTP) || defined(CURL_DISABLE_COOKIES)
127*6236dae4SAndroid Build Coastguard Worker #define Curl_cookie_list(x) NULL
128*6236dae4SAndroid Build Coastguard Worker #define Curl_cookie_loadfiles(x) Curl_nop_stmt
129*6236dae4SAndroid Build Coastguard Worker #define Curl_cookie_init(x,y,z,w) NULL
130*6236dae4SAndroid Build Coastguard Worker #define Curl_cookie_cleanup(x) Curl_nop_stmt
131*6236dae4SAndroid Build Coastguard Worker #define Curl_flush_cookies(x,y) Curl_nop_stmt
132*6236dae4SAndroid Build Coastguard Worker #else
133*6236dae4SAndroid Build Coastguard Worker void Curl_flush_cookies(struct Curl_easy *data, bool cleanup);
134*6236dae4SAndroid Build Coastguard Worker void Curl_cookie_cleanup(struct CookieInfo *c);
135*6236dae4SAndroid Build Coastguard Worker struct CookieInfo *Curl_cookie_init(struct Curl_easy *data,
136*6236dae4SAndroid Build Coastguard Worker                                     const char *file, struct CookieInfo *inc,
137*6236dae4SAndroid Build Coastguard Worker                                     bool newsession);
138*6236dae4SAndroid Build Coastguard Worker struct curl_slist *Curl_cookie_list(struct Curl_easy *data);
139*6236dae4SAndroid Build Coastguard Worker void Curl_cookie_loadfiles(struct Curl_easy *data);
140*6236dae4SAndroid Build Coastguard Worker #endif
141*6236dae4SAndroid Build Coastguard Worker 
142*6236dae4SAndroid Build Coastguard Worker #endif /* HEADER_CURL_COOKIE_H */
143