mirror of
https://git.savannah.gnu.org/git/emacs.git
synced 2024-11-25 07:28:20 +00:00
511 lines
18 KiB
EmacsLisp
511 lines
18 KiB
EmacsLisp
;;; url-cookie.el --- URL cookie support -*- lexical-binding:t -*-
|
|
|
|
;; Copyright (C) 1996-1999, 2004-2024 Free Software Foundation, Inc.
|
|
|
|
;; Keywords: comm, data, processes, hypermedia
|
|
|
|
;; This file is part of GNU Emacs.
|
|
;;
|
|
;; GNU Emacs is free software: you can redistribute it and/or modify
|
|
;; it under the terms of the GNU General Public License as published by
|
|
;; the Free Software Foundation, either version 3 of the License, or
|
|
;; (at your option) any later version.
|
|
|
|
;; GNU Emacs is distributed in the hope that it will be useful,
|
|
;; but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
;; GNU General Public License for more details.
|
|
|
|
;; You should have received a copy of the GNU General Public License
|
|
;; along with GNU Emacs. If not, see <https://www.gnu.org/licenses/>.
|
|
|
|
;;; Commentary:
|
|
|
|
;;; Code:
|
|
|
|
(require 'url-util)
|
|
(require 'url-parse)
|
|
(require 'url-domsuf)
|
|
(require 'generate-lisp-file)
|
|
|
|
(eval-when-compile (require 'cl-lib))
|
|
|
|
(defgroup url-cookie nil
|
|
"URL cookies."
|
|
:prefix "url-"
|
|
:prefix "url-cookie-"
|
|
:group 'url)
|
|
|
|
;; A cookie is stored internally as a vector of 7 slots
|
|
;; [ url-cookie NAME VALUE EXPIRES LOCALPART DOMAIN SECURE ]
|
|
|
|
(cl-defstruct (url-cookie
|
|
(:constructor url-cookie-create)
|
|
(:copier nil)
|
|
(:type vector)
|
|
:named)
|
|
name value expires localpart domain secure)
|
|
|
|
(defvar url-cookie-storage nil "Where cookies are stored.")
|
|
(defvar url-cookie-secure-storage nil "Where secure cookies are stored.")
|
|
(defcustom url-cookie-file nil
|
|
"File where cookies are stored on disk."
|
|
:type '(choice (const :tag "Default" :value nil) file)
|
|
:group 'url-file
|
|
:group 'url-cookie)
|
|
|
|
(defcustom url-cookie-confirmation nil
|
|
"If non-nil, confirmation by the user is required to accept HTTP cookies."
|
|
:type 'boolean
|
|
:group 'url-cookie)
|
|
|
|
(defcustom url-cookie-multiple-line nil
|
|
"If nil, HTTP requests put all cookies for the server on one line.
|
|
Some web servers, such as https://www.hotmail.com/, only accept cookies
|
|
when they are on one line. This is broken behavior, but just try
|
|
telling Microsoft that."
|
|
:type 'boolean
|
|
:group 'url-cookie)
|
|
|
|
(defvar url-cookies-changed-since-last-save nil
|
|
"Whether the cookies list has changed since the last save operation.")
|
|
|
|
(defun url-cookie-parse-file (&optional fname)
|
|
"Load FNAME, default `url-cookie-file'."
|
|
;; It's completely normal for the cookies file not to exist yet.
|
|
(load (or fname url-cookie-file) t t))
|
|
|
|
(defun url-cookie-parse-file-netscape (filename &optional long-session)
|
|
"Load cookies from FILENAME in Netscape/Mozilla format.
|
|
When LONG-SESSION is non-nil, session cookies (expiring at t=0
|
|
i.e. 1970-1-1) are loaded as expiring one year from now instead."
|
|
(interactive "fLoad Netscape/Mozilla cookie file: ")
|
|
(let ((n 0))
|
|
(with-temp-buffer
|
|
(insert-file-contents-literally filename)
|
|
(goto-char (point-min))
|
|
(when (not (looking-at-p "# Netscape HTTP Cookie File\n"))
|
|
(error (format "File %s doesn't look like a netscape cookie file" filename)))
|
|
(while (not (eobp))
|
|
(when (not (looking-at-p (rx bol (* space) "#")))
|
|
(let* ((line (buffer-substring (point) (save-excursion (end-of-line) (point))))
|
|
(fields (split-string line "\t")))
|
|
(cond
|
|
;;((>= 1 (length line) 0)
|
|
;; (message "skipping empty line"))
|
|
((= (length fields) 7)
|
|
(let ((dom (nth 0 fields))
|
|
;; (match (nth 1 fields))
|
|
(path (nth 2 fields))
|
|
(secure (string= (nth 3 fields) "TRUE"))
|
|
;; session cookies (expire time = 0) are supposed
|
|
;; to be removed when the browser is closed, but
|
|
;; the main point of loading external cookie is to
|
|
;; reuse a browser session, so to prevent the
|
|
;; cookie from being detected as expired straight
|
|
;; away, make it expire a year from now
|
|
(expires (format-time-string
|
|
"%d %b %Y %T [GMT]"
|
|
(let ((s (string-to-number (nth 4 fields))))
|
|
(if (and (zerop s) long-session)
|
|
(time-add nil (* 365 24 60 60))
|
|
s))))
|
|
(key (nth 5 fields))
|
|
(val (nth 6 fields)))
|
|
(cl-incf n)
|
|
;;(message "adding <%s>=<%s> exp=<%s> dom=<%s> path=<%s> sec=%S" key val expires dom path secure)
|
|
(url-cookie-store key val expires dom path secure)
|
|
))
|
|
(t
|
|
(message "ignoring malformed cookie line <%s>" line)))))
|
|
(forward-line))
|
|
(when (< 0 n)
|
|
(setq url-cookies-changed-since-last-save t))
|
|
(message "added %d cookies from file %s" n filename))))
|
|
|
|
(defun url-cookie-clean-up (&optional secure)
|
|
(let ((var (if secure 'url-cookie-secure-storage 'url-cookie-storage))
|
|
new new-cookies)
|
|
(dolist (cur (symbol-value var))
|
|
(setq new-cookies nil)
|
|
(dolist (cur-cookie (cdr cur))
|
|
(or (not (url-cookie-p cur-cookie))
|
|
(url-cookie-expired-p cur-cookie)
|
|
(null (url-cookie-expires cur-cookie))
|
|
(setq new-cookies (cons cur-cookie new-cookies))))
|
|
(when new-cookies
|
|
(setcdr cur new-cookies)
|
|
(setq new (cons cur new))))
|
|
(set var new)))
|
|
|
|
(defun url-cookie-write-file (&optional fname)
|
|
(when (and url-cookies-changed-since-last-save
|
|
url-cookie-file)
|
|
(or fname (setq fname (expand-file-name url-cookie-file)))
|
|
(if (condition-case nil
|
|
(progn
|
|
(url-make-private-file fname)
|
|
nil)
|
|
(error t))
|
|
(message "Error accessing cookie file `%s'" fname)
|
|
(url-cookie-clean-up)
|
|
(url-cookie-clean-up t)
|
|
(with-temp-buffer
|
|
(insert ";; Emacs-W3 HTTP cookies file\n"
|
|
";; Automatically generated file!!! DO NOT EDIT!!!\n\n"
|
|
"(setq url-cookie-storage\n '")
|
|
(let ((print-length nil) (print-level nil))
|
|
(pp url-cookie-storage (current-buffer))
|
|
(insert ")\n(setq url-cookie-secure-storage\n '")
|
|
(pp url-cookie-secure-storage (current-buffer)))
|
|
(insert ")\n")
|
|
(generate-lisp-file-trailer fname :inhibit-provide t :autoloads t)
|
|
(setq-local version-control 'never)
|
|
(write-file fname))
|
|
(setq url-cookies-changed-since-last-save nil))))
|
|
|
|
(defun url-cookie-store (name value &optional expires domain localpart secure)
|
|
"Store a cookie."
|
|
(when (> (length name) 0)
|
|
(let ((storage (if secure url-cookie-secure-storage url-cookie-storage))
|
|
tmp found-domain)
|
|
;; First, look for a matching domain.
|
|
(if (setq found-domain (assoc domain storage))
|
|
;; Need to either stick the new cookie in existing domain storage
|
|
;; or possibly replace an existing cookie if the names match.
|
|
(unless (dolist (cur (setq storage (cdr found-domain)) tmp)
|
|
(and (equal localpart (url-cookie-localpart cur))
|
|
(equal name (url-cookie-name cur))
|
|
(progn
|
|
(setf (url-cookie-expires cur) expires)
|
|
(setf (url-cookie-value cur) value)
|
|
(setq tmp t))))
|
|
;; New cookie.
|
|
(setcdr found-domain (cons
|
|
(url-cookie-create :name name
|
|
:value value
|
|
:expires expires
|
|
:domain domain
|
|
:localpart localpart
|
|
:secure secure)
|
|
(cdr found-domain))))
|
|
;; Need to add a new top-level domain.
|
|
(setq tmp (url-cookie-create :name name
|
|
:value value
|
|
:expires expires
|
|
:domain domain
|
|
:localpart localpart
|
|
:secure secure))
|
|
(cond (storage
|
|
(setcdr storage (cons (list domain tmp) (cdr storage))))
|
|
(secure
|
|
(setq url-cookie-secure-storage (list (list domain tmp))))
|
|
(t
|
|
(setq url-cookie-storage (list (list domain tmp)))))))))
|
|
|
|
(defun url-cookie-expired-p (cookie)
|
|
"Return non-nil if COOKIE is expired."
|
|
(let ((exp (url-cookie-expires cookie)))
|
|
(and (> (length exp) 0)
|
|
(condition-case ()
|
|
(time-less-p (date-to-time exp) nil)
|
|
(error nil)))))
|
|
|
|
(defun url-cookie-retrieve (host &optional localpart secure)
|
|
"Retrieve all cookies for a specified HOST and LOCALPART."
|
|
(let ((storage (if secure
|
|
(append url-cookie-secure-storage url-cookie-storage)
|
|
url-cookie-storage))
|
|
(case-fold-search t)
|
|
cookies retval localpart-match)
|
|
(dolist (cur storage)
|
|
(setq cookies (cdr cur))
|
|
(if (and (car cur)
|
|
(string-match
|
|
(concat "^.*"
|
|
(regexp-quote
|
|
;; Remove the dot from wildcard domains
|
|
;; before matching.
|
|
(if (eq ?. (aref (car cur) 0))
|
|
(substring (car cur) 1)
|
|
(car cur)))
|
|
"$") host))
|
|
;; The domains match - a possible hit!
|
|
(dolist (cur cookies)
|
|
(and (if (and (stringp
|
|
(setq localpart-match (url-cookie-localpart cur)))
|
|
(stringp localpart))
|
|
(string-match (concat "^" (regexp-quote localpart-match))
|
|
localpart)
|
|
(equal localpart localpart-match))
|
|
(not (url-cookie-expired-p cur))
|
|
(setq retval (cons cur retval))))))
|
|
retval))
|
|
|
|
(defun url-cookie-generate-header-lines (host localpart secure)
|
|
(let ((cookies (url-cookie-retrieve host localpart secure))
|
|
retval chunk)
|
|
;; Have to sort this for sending most specific cookies first.
|
|
(setq cookies (and cookies
|
|
(sort cookies
|
|
(lambda (x y)
|
|
(> (length (url-cookie-localpart x))
|
|
(length (url-cookie-localpart y)))))))
|
|
(dolist (cur cookies)
|
|
(setq chunk (format "%s=%s" (url-cookie-name cur) (url-cookie-value cur))
|
|
retval (if (and url-cookie-multiple-line
|
|
(< 80 (+ (length retval) (length chunk) 4)))
|
|
(concat retval "\r\nCookie: " chunk)
|
|
(if retval
|
|
(concat retval "; " chunk)
|
|
(concat "Cookie: " chunk)))))
|
|
(if retval
|
|
(concat retval "\r\n")
|
|
"")))
|
|
|
|
(defcustom url-cookie-trusted-urls nil
|
|
"A list of regular expressions matching URLs to always accept cookies from."
|
|
:type '(repeat regexp)
|
|
:group 'url-cookie)
|
|
|
|
(defcustom url-cookie-untrusted-urls nil
|
|
"A list of regular expressions matching URLs to never accept cookies from."
|
|
:type '(repeat regexp)
|
|
:group 'url-cookie)
|
|
|
|
(defun url-cookie-host-can-set-p (host domain)
|
|
(cond
|
|
((string= host domain) ; Apparently netscape lets you do this
|
|
t)
|
|
((zerop (length domain))
|
|
nil)
|
|
(t
|
|
;; Remove the dot from wildcard domains before matching.
|
|
(when (eq ?. (aref domain 0))
|
|
(setq domain (substring domain 1)))
|
|
(and (url-domsuf-cookie-allowed-p domain)
|
|
(string-suffix-p domain host 'ignore-case)))))
|
|
|
|
(defun url-cookie-handle-set-cookie (str)
|
|
(setq url-cookies-changed-since-last-save t)
|
|
(let* ((args (nreverse (url-parse-args str t)))
|
|
(case-fold-search t)
|
|
(secure (and (assoc-string "secure" args t) t))
|
|
(domain (or (cdr-safe (assoc-string "domain" args t))
|
|
(url-host url-current-object)))
|
|
(current-url (url-view-url t))
|
|
(trusted url-cookie-trusted-urls)
|
|
(untrusted url-cookie-untrusted-urls)
|
|
(max-age (cdr-safe (assoc-string "max-age" args t)))
|
|
(localpart (or (cdr-safe (assoc-string "path" args t))
|
|
(file-name-directory
|
|
(url-filename url-current-object))))
|
|
(expires nil))
|
|
(if (and max-age (string-match "\\`-?[0-9]+\\'" max-age))
|
|
(setq expires (ignore-errors
|
|
(format-time-string "%a %b %d %H:%M:%S %Y GMT"
|
|
(time-add nil (read max-age))
|
|
t)))
|
|
(setq expires (cdr-safe (assoc-string "expires" args t))))
|
|
(while (consp trusted)
|
|
(if (string-match (car trusted) current-url)
|
|
(setq trusted (- (match-end 0) (match-beginning 0)))
|
|
(pop trusted)))
|
|
(while (consp untrusted)
|
|
(if (string-match (car untrusted) current-url)
|
|
(setq untrusted (- (match-end 0) (match-beginning 0)))
|
|
(pop untrusted)))
|
|
(and trusted untrusted
|
|
;; Choose the more specific match.
|
|
(if (> trusted untrusted) (setq untrusted nil) (setq trusted nil)))
|
|
(cond
|
|
(untrusted
|
|
;; The site was explicitly marked as untrusted by the user.
|
|
nil)
|
|
((or (eq url-privacy-level 'paranoid)
|
|
(and (listp url-privacy-level) (memq 'cookies url-privacy-level)))
|
|
;; User never wants cookies.
|
|
nil)
|
|
((and url-cookie-confirmation
|
|
(not trusted)
|
|
(save-window-excursion
|
|
(with-output-to-temp-buffer "*Cookie Warning*"
|
|
(princ (format "%s=\"%s\"\n" (caar args) (cdar args)))
|
|
(dolist (x (cdr args))
|
|
(princ (format " %s=\"%s\"\n" (car x) (cdr x)))))
|
|
(prog1
|
|
(not (funcall url-confirmation-func
|
|
(format "Allow %s to set these cookies? "
|
|
(url-host url-current-object))))
|
|
(if (get-buffer "*Cookie Warning*")
|
|
(kill-buffer "*Cookie Warning*")))))
|
|
;; User wants to be asked, and declined.
|
|
nil)
|
|
((url-cookie-host-can-set-p (url-host url-current-object) domain)
|
|
;; Cookie is accepted by the user, and passes our security checks.
|
|
(url-cookie-store (caar args) (cdar args)
|
|
expires domain localpart secure))
|
|
(t
|
|
(url-lazy-message "%s tried to set a cookie for domain %s - rejected."
|
|
(url-host url-current-object) domain)))))
|
|
|
|
(defvar url-cookie-timer nil)
|
|
|
|
(defcustom url-cookie-save-interval 3600
|
|
"The number of seconds between automatic saves of cookies.
|
|
Default is 1 hour. Note that if you change this variable outside of
|
|
the `customize' interface after `url-do-setup' has been run, you need
|
|
to run the `url-cookie-setup-save-timer' function manually."
|
|
:set (lambda (var val)
|
|
(set-default var val)
|
|
(if (bound-and-true-p url-setup-done)
|
|
(url-cookie-setup-save-timer)))
|
|
:type 'natnum
|
|
:group 'url-cookie)
|
|
|
|
(defun url-cookie-setup-save-timer ()
|
|
"Reset the cookie saver timer."
|
|
(interactive)
|
|
(ignore-errors (cancel-timer url-cookie-timer))
|
|
(setq url-cookie-timer nil)
|
|
(if url-cookie-save-interval
|
|
(setq url-cookie-timer (run-at-time url-cookie-save-interval
|
|
url-cookie-save-interval
|
|
#'url-cookie-write-file))))
|
|
|
|
(defun url-cookie-delete-cookies (&optional regexp keep)
|
|
"Delete all cookies from the cookie store where the domain matches REGEXP.
|
|
If REGEXP is nil, all cookies are deleted. If KEEP is non-nil,
|
|
instead delete all cookies that do not match REGEXP."
|
|
(dolist (variable '(url-cookie-secure-storage url-cookie-storage))
|
|
(let ((cookies (symbol-value variable)))
|
|
(dolist (elem cookies)
|
|
(when (or (and (null keep)
|
|
(or (null regexp)
|
|
(string-match regexp (car elem))))
|
|
(and keep
|
|
regexp
|
|
(not (string-match regexp (car elem)))))
|
|
(setq cookies (delq elem cookies))))
|
|
(set variable cookies)))
|
|
(setq url-cookies-changed-since-last-save t)
|
|
(url-cookie-write-file))
|
|
|
|
;;; Mode for listing and editing cookies.
|
|
|
|
(defvar url-cookie--deleted-cookies nil)
|
|
|
|
(defun url-cookie-list ()
|
|
"Display a buffer listing the current URL cookies, if there are any.
|
|
Use \\<url-cookie-mode-map>\\[url-cookie-delete] to remove cookies."
|
|
(interactive)
|
|
(unless (or url-cookie-secure-storage
|
|
url-cookie-storage)
|
|
(error "No cookies are defined"))
|
|
|
|
(pop-to-buffer "*url cookies*")
|
|
(url-cookie-mode)
|
|
(url-cookie--generate-buffer)
|
|
(goto-char (point-min)))
|
|
|
|
(defun url-cookie--generate-buffer ()
|
|
(let ((inhibit-read-only t)
|
|
(domains (sort
|
|
(copy-sequence
|
|
(append url-cookie-secure-storage
|
|
url-cookie-storage))
|
|
(lambda (e1 e2)
|
|
(string< (car e1) (car e2)))))
|
|
(domain-length 0)
|
|
start name format domain)
|
|
(erase-buffer)
|
|
(dolist (elem domains)
|
|
(setq domain-length (max domain-length (length (car elem)))))
|
|
(setq format (format "%%-%ds %%-20s %%s" domain-length)
|
|
header-line-format
|
|
(concat " " (format format "Domain" "Name" "Value")))
|
|
(dolist (elem domains)
|
|
(setq domain (car elem))
|
|
(dolist (cookie (sort (copy-sequence (cdr elem))
|
|
(lambda (c1 c2)
|
|
(string< (url-cookie-name c1)
|
|
(url-cookie-name c2)))))
|
|
(setq start (point)
|
|
name (url-cookie-name cookie))
|
|
(when (> (length name) 20)
|
|
(setq name (substring name 0 20)))
|
|
(insert (format format domain name
|
|
(url-cookie-value cookie))
|
|
"\n")
|
|
(setq domain "")
|
|
(put-text-property start (1+ start) 'url-cookie cookie)))))
|
|
|
|
(defun url-cookie-delete ()
|
|
"Delete the cookie on the current line."
|
|
(interactive)
|
|
(let ((cookie (get-text-property (line-beginning-position) 'url-cookie))
|
|
(inhibit-read-only t)
|
|
variable)
|
|
(unless cookie
|
|
(error "No cookie on the current line"))
|
|
(setq variable (if (url-cookie-secure cookie)
|
|
'url-cookie-secure-storage
|
|
'url-cookie-storage))
|
|
(let* ((list (symbol-value variable))
|
|
(elem (assoc (url-cookie-domain cookie) list)))
|
|
(setq elem (delq cookie elem))
|
|
(when (zerop (length (cdr elem)))
|
|
(setq list (delq elem list)))
|
|
(set variable list))
|
|
(setq url-cookies-changed-since-last-save t)
|
|
(url-cookie-write-file)
|
|
(delete-region (line-beginning-position)
|
|
(progn
|
|
(forward-line 1)
|
|
(point)))
|
|
(let ((point (point)))
|
|
(erase-buffer)
|
|
(url-cookie--generate-buffer)
|
|
(goto-char point))
|
|
(push cookie url-cookie--deleted-cookies)))
|
|
|
|
(defun url-cookie-undo ()
|
|
"Undo deletion of a cookie."
|
|
(interactive)
|
|
(unless url-cookie--deleted-cookies
|
|
(error "No cookie deletions to undo"))
|
|
(let* ((cookie (pop url-cookie--deleted-cookies))
|
|
(variable (if (url-cookie-secure cookie)
|
|
'url-cookie-secure-storage
|
|
'url-cookie-storage))
|
|
(list (symbol-value variable))
|
|
(elem (assoc (url-cookie-domain cookie) list)))
|
|
(if elem
|
|
(nconc elem (list cookie))
|
|
(setq elem (list (url-cookie-domain cookie) cookie))
|
|
(set variable (cons elem list)))
|
|
(setq url-cookies-changed-since-last-save t)
|
|
(url-cookie-write-file)
|
|
(let ((point (point))
|
|
(inhibit-read-only t))
|
|
(erase-buffer)
|
|
(url-cookie--generate-buffer)
|
|
(goto-char point))))
|
|
|
|
(defvar-keymap url-cookie-mode-map
|
|
"<delete>" #'url-cookie-delete
|
|
"C-k" #'url-cookie-delete
|
|
"C-_" #'url-cookie-undo)
|
|
|
|
(define-derived-mode url-cookie-mode special-mode "URL Cookie"
|
|
"Mode for listing cookies.
|
|
|
|
\\{url-cookie-mode-map}"
|
|
(buffer-disable-undo)
|
|
(setq buffer-read-only t
|
|
truncate-lines t))
|
|
|
|
(provide 'url-cookie)
|
|
|
|
;;; url-cookie.el ends here
|