Hi,
as requested on IRC, here is a patch to support different cookie
policies:
- Accept all cookies (default)
- Accept no third party cookies
- Accept no cookies
This patch introduces the command
:set cookies=(all|no third party|none)
Since we already had out own cookie handler previously, it was a bit
more convoluted getting this properly working. Also, one function which
would be useful is only supported in libsoup 2.4 and later which would
be a significant increase of requirements to build the browser. I tried
coding all around this, but I will not merge it without extensive
testing. Please, folks, try it out with all three settings and
different websites and let me know how it goes – for such a central
function of a browser, I'm not confident enough this is working as
intended yet.
Hannes
diff --git a/config.h b/config.h
index 6a5fa5b..009431d 100644
--- a/config.h
+++ b/config.h
@@ -77,6 +77,7 @@ static URIHandler uri_handlers[] = {
#define ENABLE_COOKIE_SUPPORT
#define COOKIES_STORAGE_FILENAME "%s/vimprobable/cookies", client.config.config_base
#define COOKIES_STORAGE_READONLY FALSE /* if TRUE new cookies will be lost if you quit */
+SoupCookieJarAcceptPolicy CookiePolicy = SOUP_COOKIE_JAR_ACCEPT_ALWAYS; /* by default, accept all cookies */
/* downloads directory */
#define DOWNLOADS_PATH "%s", getenv("HOME")
@@ -214,6 +215,7 @@ static Setting browsersettings[] = {
{ "sslcolor", sslcolor, "", FALSE, FALSE, TRUE, TRUE },
{ "acceptlanguage", acceptlanguage, "", FALSE, FALSE, FALSE, FALSE },
{ "defaultsearch", defaultsearch, "", FALSE, FALSE, FALSE, FALSE },
+ { "cookies", NULL, "", FALSE, FALSE, FALSE, FALSE },
{ "qmark", NULL, "", FALSE, FALSE, FALSE, FALSE },
{ "proxy", NULL, "", FALSE, TRUE, FALSE, FALSE },
{ "windowsize", NULL, "", FALSE, FALSE, FALSE, FALSE },
diff --git a/main.c b/main.c
index 40c6e8d..4320321 100644
--- a/main.c
+++ b/main.c
@@ -2181,6 +2181,25 @@ process_set_line(char *line) {
gtk_widget_set_visible(client.gui.inputbox, boolval);
} else if (strlen(my_pair.what) == 11 && strncmp("escapeinput", my_pair.what, 11) == 0) {
escape_input_on_load = boolval;
+ } else if (strlen(my_pair.what) == 7 && strncmp("cookies", my_pair.what, 7) == 0) {
+ /* cookie policy */
+ if (strncmp(my_pair.value, "on", 2) == 0 || strncmp(my_pair.value, "true", 4) == 0 ||
+ strncmp(my_pair.value, "ON", 2) == 0 || strncmp(my_pair.value, "TRUE", 4) == 0 ||
+ strncmp(my_pair.value, "all", 3) == 0 || strncmp(my_pair.value, "ALL", 3) == 0) {
+ CookiePolicy = SOUP_COOKIE_JAR_ACCEPT_ALWAYS;
+ } else if (strncmp(my_pair.value, "off", 3) == 0 || strncmp(my_pair.value, "false", 5) == 0 ||
+ strncmp(my_pair.value, "OFF", 3) == 0 || strncmp(my_pair.value, "FALSE", 5) == 0 ||
+ strncmp(my_pair.value, "never", 5) == 0 || strncmp(my_pair.value, "NEVER", 5) == 5 ||
+ strncmp(my_pair.value, "none", 4) == 0 || strncmp(my_pair.value, "NONE", 4) == 0) {
+ CookiePolicy = SOUP_COOKIE_JAR_ACCEPT_NEVER;
+ } else if (strncmp(my_pair.value, "origin", 6) == 0 || strncmp(my_pair.value, "ORIGIN", 6) == 0 ||
+ strncmp(my_pair.value, "no_third", 8) == 0 || strncmp(my_pair.value, "NO_THIRD", 8) == 0 ||
+ strncmp(my_pair.value, "no third", 8) == 0 || strncmp(my_pair.value, "NO THIRD", 8) == 0) {
+ CookiePolicy = SOUP_COOKIE_JAR_ACCEPT_NO_THIRD_PARTY;
+ } else {
+ return FALSE;
+ }
+ soup_cookie_jar_set_accept_policy(client.net.session_cookie_jar, CookiePolicy);
}
/* SSL certificate checking */
@@ -2749,6 +2768,7 @@ setup_cookies()
g_object_unref(net->session_cookie_jar);
net->session_cookie_jar = soup_cookie_jar_new();
+ soup_cookie_jar_set_accept_policy(net->session_cookie_jar, CookiePolicy);
net->cookie_store = g_strdup_printf(COOKIES_STORAGE_FILENAME);
@@ -2772,6 +2792,7 @@ new_generic_request(SoupSession *session, SoupMessage *soup_msg, gpointer unused
soup_msg_h = soup_msg->request_headers;
soup_message_headers_remove(soup_msg_h, "Cookie");
uri = soup_message_get_uri(soup_msg);
+ soup_message_set_first_party(soup_msg, uri);
if ((cookie_str = get_cookies(uri))) {
soup_message_headers_append(soup_msg_h, "Cookie", cookie_str);
g_free(cookie_str);
@@ -2796,23 +2817,34 @@ handle_cookie_request(SoupMessage *soup_msg, gpointer unused)
{
GSList *resp_cookie = NULL, *cookie_list;
SoupCookie *cookie;
-
- cookie_list = soup_cookies_from_response(soup_msg);
- for(resp_cookie = cookie_list; resp_cookie; resp_cookie = g_slist_next(resp_cookie))
- {
- SoupDate *soup_date;
- cookie = soup_cookie_copy((SoupCookie *)resp_cookie->data);
-
- if (client.config.cookie_timeout && cookie->expires == NULL) {
- soup_date = soup_date_new_from_time_t(time(NULL) + client.config.cookie_timeout * 10);
- soup_cookie_set_expires(cookie, soup_date);
- soup_date_free(soup_date);
+ SoupURI *uri = soup_message_get_uri(soup_msg);
+
+ if (CookiePolicy != SOUP_COOKIE_JAR_ACCEPT_NEVER) {
+ cookie_list = soup_cookies_from_response(soup_msg);
+ for(resp_cookie = cookie_list; resp_cookie; resp_cookie = g_slist_next(resp_cookie))
+ {
+ SoupDate *soup_date;
+ cookie = soup_cookie_copy((SoupCookie *)resp_cookie->data);
+
+ if (client.config.cookie_timeout && cookie->expires == NULL) {
+ soup_date = soup_date_new_from_time_t(time(NULL) + client.config.cookie_timeout * 10);
+ soup_cookie_set_expires(cookie, soup_date);
+ soup_date_free(soup_date);
+ }
+ if (CookiePolicy != SOUP_COOKIE_JAR_ACCEPT_ALWAYS) {
+ /* no third party cookies: for libsoup 2.4 and later, the following should work */
+ /*soup_cookie_jar_add_cookie_with_first_party(client.net.file_cookie_jar, uri, cookie);*/
+ if (strcmp(soup_uri_get_host(uri), soup_cookie_get_domain(cookie)) == 0) {
+ soup_cookie_jar_add_cookie(client.net.file_cookie_jar, cookie);
+ }
+ } else {
+ soup_cookie_jar_add_cookie(client.net.file_cookie_jar, cookie);
+ }
}
- soup_cookie_jar_add_cookie(client.net.file_cookie_jar, cookie);
+
+ soup_cookies_free(cookie_list);
}
- soup_cookies_free(cookie_list);
-
return;
}
@@ -2824,10 +2856,12 @@ update_cookie_jar(SoupCookieJar *jar, SoupCookie *old, SoupCookie *new)
return;
}
- SoupCookie *copy;
- copy = soup_cookie_copy(new);
+ if (CookiePolicy != SOUP_COOKIE_JAR_ACCEPT_NEVER) {
+ SoupCookie *copy;
+ copy = soup_cookie_copy(new);
- soup_cookie_jar_add_cookie(client.net.session_cookie_jar, copy);
+ soup_cookie_jar_add_cookie(client.net.session_cookie_jar, copy);
+ }
return;
}
------------------------------------------------------------------------------
Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
Discover the easy way to master current and previous Microsoft technologies
and advance your career. Get an incredible 1,500+ hours of step-by-step
tutorial videos with LearnDevNow. Subscribe today and save!
http://pubads.g.doubleclick.net/gampad/clk?id=58041391&iu=/4140/ostg.clktrk
_______________________________________________
Vimprobable-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/vimprobable-users
