This is an automated email from the ASF dual-hosted git repository.
gancho pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new 965bd1d access_control: changes after 1st integration
965bd1d is described below
commit 965bd1d1e0bff79e057fec88f21e6acabaf1772d
Author: Gancho Tenev <gan...@apache.org>
AuthorDate: Mon Nov 5 11:35:56 2018 -0800
access_control: changes after 1st integration
- allow multiple set-cookie headers in the response
- associate the cookie with path=/ (needed by all known use-cases).
---
plugins/experimental/access_control/headers.cc | 6 +++---
plugins/experimental/access_control/headers.h | 2 +-
plugins/experimental/access_control/plugin.cc | 4 ++--
3 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/plugins/experimental/access_control/headers.cc
b/plugins/experimental/access_control/headers.cc
index 2bb70bb..fda3a74 100644
--- a/plugins/experimental/access_control/headers.cc
+++ b/plugins/experimental/access_control/headers.cc
@@ -133,7 +133,7 @@ getHeader(TSMBuffer bufp, TSMLoc hdrLoc, const char
*header, int headerlen, char
* @return true - OK, false - failed
*/
bool
-setHeader(TSMBuffer bufp, TSMLoc hdrLoc, const char *header, int headerlen,
const char *value, int valuelen)
+setHeader(TSMBuffer bufp, TSMLoc hdrLoc, const char *header, int headerlen,
const char *value, int valuelen, bool duplicateOk)
{
if (!bufp || !hdrLoc || !header || headerlen <= 0 || !value || valuelen <=
0) {
return false;
@@ -142,8 +142,8 @@ setHeader(TSMBuffer bufp, TSMLoc hdrLoc, const char
*header, int headerlen, cons
bool ret = false;
TSMLoc fieldLoc = TSMimeHdrFieldFind(bufp, hdrLoc, header, headerlen);
- if (!fieldLoc) {
- // No existing header, so create one
+ if (!fieldLoc || duplicateOk) {
+ // No existing header or duplicates ok, so create one
if (TS_SUCCESS == TSMimeHdrFieldCreateNamed(bufp, hdrLoc, header,
headerlen, &fieldLoc)) {
if (TS_SUCCESS == TSMimeHdrFieldValueStringSet(bufp, hdrLoc, fieldLoc,
-1, value, valuelen)) {
TSMimeHdrFieldAppend(bufp, hdrLoc, fieldLoc);
diff --git a/plugins/experimental/access_control/headers.h
b/plugins/experimental/access_control/headers.h
index d3ad443..bd45e30 100644
--- a/plugins/experimental/access_control/headers.h
+++ b/plugins/experimental/access_control/headers.h
@@ -28,5 +28,5 @@
int removeHeader(TSMBuffer bufp, TSMLoc hdr_loc, const char *header, int len);
bool headerExist(TSMBuffer bufp, TSMLoc hdr_loc, const char *header, int len);
char *getHeader(TSMBuffer bufp, TSMLoc hdr_loc, const char *header, int
headerlen, char *value, int *valuelen);
-bool setHeader(TSMBuffer bufp, TSMLoc hdr_loc, const char *header, int len,
const char *val, int val_len);
+bool setHeader(TSMBuffer bufp, TSMLoc hdr_loc, const char *header, int len,
const char *val, int val_len, bool duplicateOk = false);
void dumpHeaders(TSMBuffer bufp, TSMLoc hdr_loc);
diff --git a/plugins/experimental/access_control/plugin.cc
b/plugins/experimental/access_control/plugin.cc
index 10d3852..bcc68f9 100644
--- a/plugins/experimental/access_control/plugin.cc
+++ b/plugins/experimental/access_control/plugin.cc
@@ -385,11 +385,11 @@ contHandleAccessControl(const TSCont contp, TSEvent
event, void *edata)
* a secure channel, typically HTTP over Transport
Layer Security (TLS)
* HttpOnly - instructs the UA to omit the cookie when providing
access to cookies via “non-HTTP” APIs such as a web
* browser API that exposes cookies to scripts */
- cookieValue.append("Secure; HttpOnly");
+ cookieValue.append("path=/; Secure; HttpOnly");
AccessControlDebug("%.*s: %s", TS_MIME_LEN_SET_COOKIE,
TS_MIME_FIELD_SET_COOKIE, cookieValue.c_str());
setHeader(clientRespBufp, clientRespHdrLoc,
TS_MIME_FIELD_SET_COOKIE, TS_MIME_LEN_SET_COOKIE, cookieValue.c_str(),
- cookieValue.size());
+ cookieValue.size(), /* duplicateOk = */ true);
delete token;
} else {
