httpd/server/util_cookies.c

	util_cookies.c revision 562e9ce367eaaf4d3ea0ed4eaf3dbf0a644cf4aa
842ae4bd224140319ae7feec1872b93dfd491143fielding/* Licensed to the Apache Software Foundation (ASF) under one or more
842ae4bd224140319ae7feec1872b93dfd491143fielding * contributor license agreements.  See the NOTICE file distributed with
842ae4bd224140319ae7feec1872b93dfd491143fielding * this work for additional information regarding copyright ownership.
842ae4bd224140319ae7feec1872b93dfd491143fielding * The ASF licenses this file to You under the Apache License, Version 2.0
842ae4bd224140319ae7feec1872b93dfd491143fielding * (the "License"); you may not use this file except in compliance with
842ae4bd224140319ae7feec1872b93dfd491143fielding * the License.  You may obtain a copy of the License at
b0fb330a8581c8bfab5e523084f9f39264a52b12gstein *
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd *     http://www.apache.org/licenses/LICENSE-2.0
b0fb330a8581c8bfab5e523084f9f39264a52b12gstein *
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd * Unless required by applicable law or agreed to in writing, software
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd * distributed under the License is distributed on an "AS IS" BASIS,
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd * See the License for the specific language governing permissions and
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd * limitations under the License.
b0fb330a8581c8bfab5e523084f9f39264a52b12gstein */
f4c310fd2555c6faca1f980f00b161eadb089023gstein
f4c310fd2555c6faca1f980f00b161eadb089023gstein#include "util_cookies.h"
f4c310fd2555c6faca1f980f00b161eadb089023gstein#include "apr_lib.h"
f4c310fd2555c6faca1f980f00b161eadb089023gstein#include "apr_strings.h"
f4c310fd2555c6faca1f980f00b161eadb089023gstein#include "http_log.h"
cccd31fa4a72fe23cc3249c06db181b274a55a69gstein
1f6e6566a4ce31a0b95d5400c36d0aaff7a6e94agstein#define LOG_PREFIX "ap_cookie: "
8a46775d163c06a8c51d1b0a3f2edfde945cb1d8stoddard
2fc50921b88defeb7127985dfe4b4130175e069ejwoolley/**
f5ec9b038bb9db933072ba2c0a8e7bb2a3cedbdagstein * Write an RFC2109 compliant cookie.
cccd31fa4a72fe23cc3249c06db181b274a55a69gstein *
cccd31fa4a72fe23cc3249c06db181b274a55a69gstein * @param r The request
cccd31fa4a72fe23cc3249c06db181b274a55a69gstein * @param name The name of the cookie.
cccd31fa4a72fe23cc3249c06db181b274a55a69gstein * @param val The value to place in the cookie.
f4c310fd2555c6faca1f980f00b161eadb089023gstein * @param attrs The string containing additional cookie attributes. If NULL, the
f4c310fd2555c6faca1f980f00b161eadb089023gstein *              DEFAULT_ATTRS will be used.
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe * @param maxage If non zero, a Max-Age header will be added to the cookie.
f4c310fd2555c6faca1f980f00b161eadb089023gstein */
f4c310fd2555c6faca1f980f00b161eadb089023gsteinAP_DECLARE(apr_status_t) ap_cookie_write(request_rec * r, const char *name, const char *val,
1a9d922232824a7cc008d4f74e48bd82adf5bdedgstein                                         const char *attrs, long maxage)
f5ec9b038bb9db933072ba2c0a8e7bb2a3cedbdagstein{
f4c310fd2555c6faca1f980f00b161eadb089023gstein
f4c310fd2555c6faca1f980f00b161eadb089023gstein    char *buffer;
f4c310fd2555c6faca1f980f00b161eadb089023gstein    char *rfc2109;
f4c310fd2555c6faca1f980f00b161eadb089023gstein
f4c310fd2555c6faca1f980f00b161eadb089023gstein    /* handle expiry */
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe    buffer = "";
f4c310fd2555c6faca1f980f00b161eadb089023gstein    if (maxage) {
f4c310fd2555c6faca1f980f00b161eadb089023gstein        buffer = apr_pstrcat(r->pool, "Max-Age=", apr_ltoa(r->pool, maxage), ";", NULL);
f4c310fd2555c6faca1f980f00b161eadb089023gstein    }
1ccd992d37d62c8cb2056126f2234f64ec189bfddougm
f4c310fd2555c6faca1f980f00b161eadb089023gstein    /* create RFC2109 compliant cookie */
1ccd992d37d62c8cb2056126f2234f64ec189bfddougm    rfc2109 = apr_pstrcat(r->pool, name, "=", val, ";",
f4c310fd2555c6faca1f980f00b161eadb089023gstein                          buffer,
f4c310fd2555c6faca1f980f00b161eadb089023gstein                          attrs && strlen(attrs) > 0 ?
f4c310fd2555c6faca1f980f00b161eadb089023gstein                          attrs : DEFAULT_ATTRS, NULL);
f4c310fd2555c6faca1f980f00b161eadb089023gstein    ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, LOG_PREFIX
52c1d304b1bd8e05da40a7cded2ecb9f0ba614c5gstein                  "user '%s' set cookie: '%s'", r->user, rfc2109);
52c1d304b1bd8e05da40a7cded2ecb9f0ba614c5gstein    apr_table_addn(r->headers_out, SET_COOKIE, rfc2109);
52c1d304b1bd8e05da40a7cded2ecb9f0ba614c5gstein
52c1d304b1bd8e05da40a7cded2ecb9f0ba614c5gstein    return APR_SUCCESS;
52c1d304b1bd8e05da40a7cded2ecb9f0ba614c5gstein
f4c310fd2555c6faca1f980f00b161eadb089023gstein}
f4c310fd2555c6faca1f980f00b161eadb089023gstein
f4c310fd2555c6faca1f980f00b161eadb089023gstein/**
f4c310fd2555c6faca1f980f00b161eadb089023gstein * Write an RFC2965 compliant cookie.
707ecf9559338ec06b24334bc9abcca670325cc4gstein *
f4c310fd2555c6faca1f980f00b161eadb089023gstein * @param r The request
707ecf9559338ec06b24334bc9abcca670325cc4gstein * @param name2 The name of the cookie.
707ecf9559338ec06b24334bc9abcca670325cc4gstein * @param val The value to place in the cookie.
707ecf9559338ec06b24334bc9abcca670325cc4gstein * @param attrs2 The string containing additional cookie attributes. If NULL, the
707ecf9559338ec06b24334bc9abcca670325cc4gstein *               DEFAULT_ATTRS will be used.
52c1d304b1bd8e05da40a7cded2ecb9f0ba614c5gstein * @param maxage If non zero, a Max-Age header will be added to the cookie.
f4c310fd2555c6faca1f980f00b161eadb089023gstein */
f4c310fd2555c6faca1f980f00b161eadb089023gsteinAP_DECLARE(apr_status_t) ap_cookie_write2(request_rec * r, const char *name2, const char *val,
f4c310fd2555c6faca1f980f00b161eadb089023gstein                                          const char *attrs2, long maxage)
f4c310fd2555c6faca1f980f00b161eadb089023gstein{
707ecf9559338ec06b24334bc9abcca670325cc4gstein
707ecf9559338ec06b24334bc9abcca670325cc4gstein    char *buffer;
707ecf9559338ec06b24334bc9abcca670325cc4gstein    char *rfc2965;
707ecf9559338ec06b24334bc9abcca670325cc4gstein
707ecf9559338ec06b24334bc9abcca670325cc4gstein    /* handle expiry */
707ecf9559338ec06b24334bc9abcca670325cc4gstein    buffer = "";
707ecf9559338ec06b24334bc9abcca670325cc4gstein    if (maxage) {
707ecf9559338ec06b24334bc9abcca670325cc4gstein        buffer = apr_pstrcat(r->pool, "Max-Age=", apr_ltoa(r->pool, maxage), ";", NULL);
707ecf9559338ec06b24334bc9abcca670325cc4gstein    }
707ecf9559338ec06b24334bc9abcca670325cc4gstein
707ecf9559338ec06b24334bc9abcca670325cc4gstein    /* create RFC2965 compliant cookie */
707ecf9559338ec06b24334bc9abcca670325cc4gstein    rfc2965 = apr_pstrcat(r->pool, name2, "=", val, ";",
707ecf9559338ec06b24334bc9abcca670325cc4gstein                          buffer,
707ecf9559338ec06b24334bc9abcca670325cc4gstein                          attrs2 && strlen(attrs2) > 0 ?
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe                          attrs2 : DEFAULT_ATTRS, NULL);
707ecf9559338ec06b24334bc9abcca670325cc4gstein    ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, LOG_PREFIX
707ecf9559338ec06b24334bc9abcca670325cc4gstein                  "user '%s' set cookie2: '%s'", r->user, rfc2965);
707ecf9559338ec06b24334bc9abcca670325cc4gstein    apr_table_addn(r->headers_out, SET_COOKIE2, rfc2965);
707ecf9559338ec06b24334bc9abcca670325cc4gstein
707ecf9559338ec06b24334bc9abcca670325cc4gstein    return APR_SUCCESS;
707ecf9559338ec06b24334bc9abcca670325cc4gstein
707ecf9559338ec06b24334bc9abcca670325cc4gstein}
f4c310fd2555c6faca1f980f00b161eadb089023gstein
f4c310fd2555c6faca1f980f00b161eadb089023gstein/**
f4c310fd2555c6faca1f980f00b161eadb089023gstein * Remove an RFC2109 compliant cookie.
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein *
f4c310fd2555c6faca1f980f00b161eadb089023gstein * @param r The request
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein * @param name The name of the cookie.
f4c310fd2555c6faca1f980f00b161eadb089023gstein */
f4c310fd2555c6faca1f980f00b161eadb089023gsteinAP_DECLARE(apr_status_t) ap_cookie_remove(request_rec * r, const char *name)
f4c310fd2555c6faca1f980f00b161eadb089023gstein{
f4c310fd2555c6faca1f980f00b161eadb089023gstein
f4c310fd2555c6faca1f980f00b161eadb089023gstein    /* create RFC2109 compliant cookie */
f4c310fd2555c6faca1f980f00b161eadb089023gstein    char *rfc2109 = apr_pstrcat(r->pool, name, "=;",
f4c310fd2555c6faca1f980f00b161eadb089023gstein                                CLEAR_ATTRS, NULL);
f4c310fd2555c6faca1f980f00b161eadb089023gstein    ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, LOG_PREFIX
f4c310fd2555c6faca1f980f00b161eadb089023gstein                  "user '%s' removed cookie: '%s'", r->user, rfc2109);
f4c310fd2555c6faca1f980f00b161eadb089023gstein    apr_table_addn(r->headers_out, SET_COOKIE, rfc2109);
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe
f4c310fd2555c6faca1f980f00b161eadb089023gstein    return APR_SUCCESS;
f4c310fd2555c6faca1f980f00b161eadb089023gstein
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe}
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe
f4c310fd2555c6faca1f980f00b161eadb089023gstein/**
f4c310fd2555c6faca1f980f00b161eadb089023gstein * Remove an RFC2965 compliant cookie.
0b1895a2cd5b4a9450709abdb7ae9974908f9382gstein *
0b1895a2cd5b4a9450709abdb7ae9974908f9382gstein * @param r The request
0b1895a2cd5b4a9450709abdb7ae9974908f9382gstein * @param name2 The name of the cookie.
0b1895a2cd5b4a9450709abdb7ae9974908f9382gstein */
c70afa1853413eb72c4909354c2814d89e9b99f7jortonAP_DECLARE(apr_status_t) ap_cookie_remove2(request_rec * r, const char *name2)
c70afa1853413eb72c4909354c2814d89e9b99f7jorton{
c70afa1853413eb72c4909354c2814d89e9b99f7jorton
0b1895a2cd5b4a9450709abdb7ae9974908f9382gstein    /* create RFC2965 compliant cookie */
0b1895a2cd5b4a9450709abdb7ae9974908f9382gstein    char *rfc2965 = apr_pstrcat(r->pool, name2, "=;",
0b1895a2cd5b4a9450709abdb7ae9974908f9382gstein                                CLEAR_ATTRS, NULL);
c70afa1853413eb72c4909354c2814d89e9b99f7jorton    ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, LOG_PREFIX
c70afa1853413eb72c4909354c2814d89e9b99f7jorton                  "user '%s' removed cookie2: '%s'", r->user, rfc2965);
c70afa1853413eb72c4909354c2814d89e9b99f7jorton    apr_table_addn(r->headers_out, SET_COOKIE2, rfc2965);
c70afa1853413eb72c4909354c2814d89e9b99f7jorton
c70afa1853413eb72c4909354c2814d89e9b99f7jorton    return APR_SUCCESS;
c70afa1853413eb72c4909354c2814d89e9b99f7jorton
c70afa1853413eb72c4909354c2814d89e9b99f7jorton}
0b1895a2cd5b4a9450709abdb7ae9974908f9382gstein
0b1895a2cd5b4a9450709abdb7ae9974908f9382gstein/* Iterate through the cookies, isolate our cookie and then remove it.
f4c310fd2555c6faca1f980f00b161eadb089023gstein *
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein * If our cookie appears two or more times, but with different values,
f4c310fd2555c6faca1f980f00b161eadb089023gstein * remove it twice and set the duplicated flag to true. Remove any
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein * $path or other attributes following our cookie if present. If we end
f4c310fd2555c6faca1f980f00b161eadb089023gstein * up with an empty cookie, remove the whole header.
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein */
f4c310fd2555c6faca1f980f00b161eadb089023gsteinstatic int extract_cookie_line(ap_cookie_do * v, const char *key, const char *val)
0b1895a2cd5b4a9450709abdb7ae9974908f9382gstein{
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein    char *last1, *last2;
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein    char *cookie = apr_pstrdup(v->r->pool, val);
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein    const char *name = apr_pstrcat(v->r->pool, v->name ? v->name : "", "=", NULL);
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein    size_t len = strlen(name);
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein    char *new_cookie = "";
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein    const char *comma = ",";
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein    char *next1;
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein    const char *semi = ";";
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein    char *next2;
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein    const char *sep = "";
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein    int cookies = 0;
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein    /* find the cookie called name */
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein    int eat = 0;
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein    next1 = apr_strtok(cookie, comma, &last1);
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein    while (next1) {
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein        next2 = apr_strtok(next1, semi, &last2);
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein        while (next2) {
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein            char *trim = next2;
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein            while (apr_isspace(*trim)) {
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein                trim++;
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein            }
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein            if (!strncmp(trim, name, len)) {
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein                if (v->encoded) {
0b1895a2cd5b4a9450709abdb7ae9974908f9382gstein                    if (strcmp(v->encoded, trim + len)) {
0b1895a2cd5b4a9450709abdb7ae9974908f9382gstein                        v->duplicated = 1;
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein                    }
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein                }
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein                v->encoded = apr_pstrdup(v->r->pool, trim + len);
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein                eat = 1;
956f4b1551215610a57f3b52822dbac6f41a8aa9gstein            }
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein            else {
0b1895a2cd5b4a9450709abdb7ae9974908f9382gstein                if (*trim != '$') {
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe                    cookies++;
f4c310fd2555c6faca1f980f00b161eadb089023gstein                    eat = 0;
f4c310fd2555c6faca1f980f00b161eadb089023gstein                }
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein                if (!eat) {
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein                    new_cookie = apr_pstrcat(v->r->pool, new_cookie, sep, next2, NULL);
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein                }
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein            }
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein            next2 = apr_strtok(NULL, semi, &last2);
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein            sep = semi;
0e8fe062a6ec71b4207d1a125ee6b44b7fd30857gstein        }
f4c310fd2555c6faca1f980f00b161eadb089023gstein
f4c310fd2555c6faca1f980f00b161eadb089023gstein        next1 = apr_strtok(NULL, comma, &last1);
f4c310fd2555c6faca1f980f00b161eadb089023gstein        sep = comma;
1ccd992d37d62c8cb2056126f2234f64ec189bfddougm    }
1ccd992d37d62c8cb2056126f2234f64ec189bfddougm
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe    /* any cookies left over? */
f4c310fd2555c6faca1f980f00b161eadb089023gstein    if (cookies) {
f4c310fd2555c6faca1f980f00b161eadb089023gstein        apr_table_addn(v->new_cookies, key, new_cookie);
e8f95a682820a599fe41b22977010636be5c2717jim    }
9ec6440fdeb81f04905959293b381ebbfa3114c2jorton
9ec6440fdeb81f04905959293b381ebbfa3114c2jorton    return 1;
9ec6440fdeb81f04905959293b381ebbfa3114c2jorton}
9ec6440fdeb81f04905959293b381ebbfa3114c2jorton
f4c310fd2555c6faca1f980f00b161eadb089023gstein/**
f94aab38f6ee899f463f0118ea395291f7c5b4cegstein * Read a cookie called name, placing its value in val.
f94aab38f6ee899f463f0118ea395291f7c5b4cegstein *
707ecf9559338ec06b24334bc9abcca670325cc4gstein * Both the Cookie and Cookie2 headers are scanned for the cookie.
707ecf9559338ec06b24334bc9abcca670325cc4gstein *
707ecf9559338ec06b24334bc9abcca670325cc4gstein * If the cookie is duplicated, this function returns APR_EGENERAL. If found,
707ecf9559338ec06b24334bc9abcca670325cc4gstein * and if remove is non zero, the cookie will be removed from the headers, and
f4c310fd2555c6faca1f980f00b161eadb089023gstein * thus kept private from the backend.
f4c310fd2555c6faca1f980f00b161eadb089023gstein */
f4c310fd2555c6faca1f980f00b161eadb089023gsteinAP_DECLARE(apr_status_t) ap_cookie_read(request_rec * r, const char *name, const char **val,
f4c310fd2555c6faca1f980f00b161eadb089023gstein                                        int remove)
f4c310fd2555c6faca1f980f00b161eadb089023gstein{
1ccd992d37d62c8cb2056126f2234f64ec189bfddougm
f4c310fd2555c6faca1f980f00b161eadb089023gstein    ap_cookie_do v;
f4c310fd2555c6faca1f980f00b161eadb089023gstein    v.r = r;
f4c310fd2555c6faca1f980f00b161eadb089023gstein    v.encoded = NULL;
f4c310fd2555c6faca1f980f00b161eadb089023gstein    v.new_cookies = apr_table_make(r->pool, 10);
f4c310fd2555c6faca1f980f00b161eadb089023gstein    v.duplicated = 0;
f4c310fd2555c6faca1f980f00b161eadb089023gstein    v.name = name;
f4c310fd2555c6faca1f980f00b161eadb089023gstein
f4c310fd2555c6faca1f980f00b161eadb089023gstein    apr_table_do((int (*) (void *, const char *, const char *))
f4c310fd2555c6faca1f980f00b161eadb089023gstein                 extract_cookie_line, (void *) &v, r->headers_in,
cc8241a7ee9815575a267e13eff62b6fddf1fe58gstein                 "Cookie", "Cookie2", NULL);
f4c310fd2555c6faca1f980f00b161eadb089023gstein    if (v.duplicated) {
f4c310fd2555c6faca1f980f00b161eadb089023gstein        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, LOG_PREFIX
f4c310fd2555c6faca1f980f00b161eadb089023gstein         "client submitted cookie '%s' more than once: %s", v.name, r->uri);
f4c310fd2555c6faca1f980f00b161eadb089023gstein        return APR_EGENERAL;
f4c310fd2555c6faca1f980f00b161eadb089023gstein    }
f4c310fd2555c6faca1f980f00b161eadb089023gstein
f4c310fd2555c6faca1f980f00b161eadb089023gstein    /* remove our cookie(s), and replace them */
f4c310fd2555c6faca1f980f00b161eadb089023gstein    if (remove) {
f4c310fd2555c6faca1f980f00b161eadb089023gstein        apr_table_unset(r->headers_in, "Cookie");
f4c310fd2555c6faca1f980f00b161eadb089023gstein        apr_table_unset(r->headers_in, "Cookie2");
f4c310fd2555c6faca1f980f00b161eadb089023gstein        r->headers_in = apr_table_overlay(r->pool, r->headers_in, v.new_cookies);
f4c310fd2555c6faca1f980f00b161eadb089023gstein    }
2f40d5ac42ba2e7a8043eca56b5f5d8dce101f94wrowe
f4c310fd2555c6faca1f980f00b161eadb089023gstein    *val = v.encoded;
49bf4df23d9e5281abcd83005550bda818b17b08wrowe
2f40d5ac42ba2e7a8043eca56b5f5d8dce101f94wrowe    return APR_SUCCESS;
f4c310fd2555c6faca1f980f00b161eadb089023gstein
2f40d5ac42ba2e7a8043eca56b5f5d8dce101f94wrowe}
2f40d5ac42ba2e7a8043eca56b5f5d8dce101f94wrowe
2f40d5ac42ba2e7a8043eca56b5f5d8dce101f94wrowe/**
2f40d5ac42ba2e7a8043eca56b5f5d8dce101f94wrowe * Sanity check a given string that it exists, is not empty,
e8f95a682820a599fe41b22977010636be5c2717jim * and does not contain the special characters '=', ';' and '&'.
2f40d5ac42ba2e7a8043eca56b5f5d8dce101f94wrowe *
2f40d5ac42ba2e7a8043eca56b5f5d8dce101f94wrowe * It is used to sanity check the cookie names.
2f40d5ac42ba2e7a8043eca56b5f5d8dce101f94wrowe */
2f40d5ac42ba2e7a8043eca56b5f5d8dce101f94wroweAP_DECLARE(apr_status_t) ap_cookie_check_string(const char *string)
2f40d5ac42ba2e7a8043eca56b5f5d8dce101f94wrowe{
2f40d5ac42ba2e7a8043eca56b5f5d8dce101f94wrowe    if (!string || !*string || ap_strchr_c(string, '=') || ap_strchr_c(string, '&') ||
2f40d5ac42ba2e7a8043eca56b5f5d8dce101f94wrowe        ap_strchr_c(string, ';')) {
2f40d5ac42ba2e7a8043eca56b5f5d8dce101f94wrowe        return APR_EGENERAL;
e8f95a682820a599fe41b22977010636be5c2717jim    }
2f40d5ac42ba2e7a8043eca56b5f5d8dce101f94wrowe    return APR_SUCCESS;
2f40d5ac42ba2e7a8043eca56b5f5d8dce101f94wrowe}
2f40d5ac42ba2e7a8043eca56b5f5d8dce101f94wrowe