blob: 648709dd99780d37cae44b417fed9bc3983bdc50 [file] [log] [blame]
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -05001// Copyright 2009 The Go Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style
3// license that can be found in the LICENSE file.
4
5package http
6
7import (
8 "bytes"
9 "fmt"
Brad Fitzpatrick17d803d2013-08-01 12:16:37 -070010 "log"
Volker Dobler4f86a962013-08-12 15:14:34 -070011 "net"
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -050012 "strconv"
13 "strings"
14 "time"
15)
16
Petar Maymounkov3e042eb2011-03-07 12:08:39 -050017// A Cookie represents an HTTP cookie as sent in the Set-Cookie header of an
18// HTTP response or the Cookie header of an HTTP request.
Brad Fitzpatrick9462bce2015-06-29 18:10:43 -070019//
20// See http://tools.ietf.org/html/rfc6265 for details.
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -050021type Cookie struct {
Brad Fitzpatrick9462bce2015-06-29 18:10:43 -070022 Name string
23 Value string
24
25 Path string // optional
26 Domain string // optional
27 Expires time.Time // optional
28 RawExpires string // for reading cookies only
Petar Maymounkov3e042eb2011-03-07 12:08:39 -050029
Robert Griesemer465b9c32012-10-30 13:38:01 -070030 // MaxAge=0 means no 'Max-Age' attribute specified.
Petar Maymounkov3e042eb2011-03-07 12:08:39 -050031 // MaxAge<0 means delete cookie now, equivalently 'Max-Age: 0'
32 // MaxAge>0 means Max-Age attribute present and given in seconds
33 MaxAge int
34 Secure bool
35 HttpOnly bool
36 Raw string
37 Unparsed []string // Raw text of unparsed attribute-value pairs
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -050038}
39
40// readSetCookies parses all "Set-Cookie" values from
Brad Fitzpatrick6e9b1a72011-06-16 13:02:28 -070041// the header h and returns the successfully parsed Cookies.
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -050042func readSetCookies(h Header) []*Cookie {
43 cookies := []*Cookie{}
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -050044 for _, line := range h["Set-Cookie"] {
Rob Pikeebb15662011-06-28 09:43:14 +100045 parts := strings.Split(strings.TrimSpace(line), ";")
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -050046 if len(parts) == 1 && parts[0] == "" {
47 continue
48 }
49 parts[0] = strings.TrimSpace(parts[0])
Brad Fitzpatrickd8e27db2013-08-05 16:27:24 -070050 j := strings.Index(parts[0], "=")
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -050051 if j < 0 {
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -050052 continue
53 }
54 name, value := parts[0][:j], parts[0][j+1:]
Petar Maymounkov3e042eb2011-03-07 12:08:39 -050055 if !isCookieNameValid(name) {
Petar Maymounkov3e042eb2011-03-07 12:08:39 -050056 continue
57 }
Nigel Taoe59ad692014-09-25 10:21:52 +100058 value, success := parseCookieValue(value, true)
Petar Maymounkov3e042eb2011-03-07 12:08:39 -050059 if !success {
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -050060 continue
61 }
62 c := &Cookie{
Petar Maymounkov3e042eb2011-03-07 12:08:39 -050063 Name: name,
64 Value: value,
65 Raw: line,
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -050066 }
67 for i := 1; i < len(parts); i++ {
68 parts[i] = strings.TrimSpace(parts[i])
69 if len(parts[i]) == 0 {
70 continue
71 }
72
73 attr, val := parts[i], ""
Brad Fitzpatrickd8e27db2013-08-05 16:27:24 -070074 if j := strings.Index(attr, "="); j >= 0 {
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -050075 attr, val = attr[:j], attr[j+1:]
Petar Maymounkov3e042eb2011-03-07 12:08:39 -050076 }
Brad Fitzpatrick3933cb22011-05-24 08:31:43 -070077 lowerAttr := strings.ToLower(attr)
Nigel Taoe59ad692014-09-25 10:21:52 +100078 val, success = parseCookieValue(val, false)
Petar Maymounkov3e042eb2011-03-07 12:08:39 -050079 if !success {
80 c.Unparsed = append(c.Unparsed, parts[i])
81 continue
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -050082 }
Brad Fitzpatrick3933cb22011-05-24 08:31:43 -070083 switch lowerAttr {
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -050084 case "secure":
85 c.Secure = true
86 continue
87 case "httponly":
88 c.HttpOnly = true
89 continue
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -050090 case "domain":
91 c.Domain = val
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -050092 continue
93 case "max-age":
94 secs, err := strconv.Atoi(val)
Volker Dobler4dda23a2012-01-15 19:32:16 +110095 if err != nil || secs != 0 && val[0] == '0' {
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -050096 break
97 }
Petar Maymounkov3e042eb2011-03-07 12:08:39 -050098 if secs <= 0 {
99 c.MaxAge = -1
100 } else {
101 c.MaxAge = secs
102 }
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -0500103 continue
104 case "expires":
105 c.RawExpires = val
106 exptime, err := time.Parse(time.RFC1123, val)
107 if err != nil {
Brad Fitzpatrick3933cb22011-05-24 08:31:43 -0700108 exptime, err = time.Parse("Mon, 02-Jan-2006 15:04:05 MST", val)
109 if err != nil {
110 c.Expires = time.Time{}
111 break
112 }
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -0500113 }
Russ Cox03823b82011-11-30 12:01:46 -0500114 c.Expires = exptime.UTC()
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -0500115 continue
116 case "path":
117 c.Path = val
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -0500118 continue
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -0500119 }
120 c.Unparsed = append(c.Unparsed, parts[i])
121 }
122 cookies = append(cookies, c)
123 }
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -0500124 return cookies
125}
126
Brad Fitzpatrick9ea0bd32011-05-17 15:07:44 -0700127// SetCookie adds a Set-Cookie header to the provided ResponseWriter's headers.
Brad Fitzpatrick9462bce2015-06-29 18:10:43 -0700128// The provided cookie must have a valid Name. Invalid cookies may be
129// silently dropped.
Brad Fitzpatrick9ea0bd32011-05-17 15:07:44 -0700130func SetCookie(w ResponseWriter, cookie *Cookie) {
Brad Fitzpatrick9462bce2015-06-29 18:10:43 -0700131 if v := cookie.String(); v != "" {
132 w.Header().Add("Set-Cookie", v)
133 }
Brad Fitzpatrick9ea0bd32011-05-17 15:07:44 -0700134}
135
Brad Fitzpatrick6e9b1a72011-06-16 13:02:28 -0700136// String returns the serialization of the cookie for use in a Cookie
137// header (if only Name and Value are set) or a Set-Cookie response
138// header (if other fields are set).
Brad Fitzpatrick9462bce2015-06-29 18:10:43 -0700139// If c is nil or c.Name is invalid, the empty string is returned.
Brad Fitzpatrick6e9b1a72011-06-16 13:02:28 -0700140func (c *Cookie) String() string {
Brad Fitzpatrick9462bce2015-06-29 18:10:43 -0700141 if c == nil || !isCookieNameValid(c.Name) {
142 return ""
143 }
Brad Fitzpatrick6e9b1a72011-06-16 13:02:28 -0700144 var b bytes.Buffer
Brad Fitzpatrick17d803d2013-08-01 12:16:37 -0700145 fmt.Fprintf(&b, "%s=%s", sanitizeCookieName(c.Name), sanitizeCookieValue(c.Value))
Brad Fitzpatrick9ea0bd32011-05-17 15:07:44 -0700146 if len(c.Path) > 0 {
Brad Fitzpatrick17d803d2013-08-01 12:16:37 -0700147 fmt.Fprintf(&b, "; Path=%s", sanitizeCookiePath(c.Path))
Brad Fitzpatrick9ea0bd32011-05-17 15:07:44 -0700148 }
149 if len(c.Domain) > 0 {
Volker Dobler4f86a962013-08-12 15:14:34 -0700150 if validCookieDomain(c.Domain) {
151 // A c.Domain containing illegal characters is not
152 // sanitized but simply dropped which turns the cookie
Volker Doblerf1d61b92013-08-26 07:41:37 -0500153 // into a host-only cookie. A leading dot is okay
154 // but won't be sent.
155 d := c.Domain
156 if d[0] == '.' {
157 d = d[1:]
158 }
159 fmt.Fprintf(&b, "; Domain=%s", d)
Volker Dobler4f86a962013-08-12 15:14:34 -0700160 } else {
161 log.Printf("net/http: invalid Cookie.Domain %q; dropping domain attribute",
162 c.Domain)
163 }
Brad Fitzpatrick9ea0bd32011-05-17 15:07:44 -0700164 }
Russ Cox03823b82011-11-30 12:01:46 -0500165 if c.Expires.Unix() > 0 {
Brad Fitzpatrickd751be92015-06-04 12:57:53 -0700166 fmt.Fprintf(&b, "; Expires=%s", c.Expires.UTC().Format(TimeFormat))
Brad Fitzpatrick9ea0bd32011-05-17 15:07:44 -0700167 }
168 if c.MaxAge > 0 {
Brad Fitzpatrick6e9b1a72011-06-16 13:02:28 -0700169 fmt.Fprintf(&b, "; Max-Age=%d", c.MaxAge)
Brad Fitzpatrick9ea0bd32011-05-17 15:07:44 -0700170 } else if c.MaxAge < 0 {
Brad Fitzpatrick6e9b1a72011-06-16 13:02:28 -0700171 fmt.Fprintf(&b, "; Max-Age=0")
Brad Fitzpatrick9ea0bd32011-05-17 15:07:44 -0700172 }
173 if c.HttpOnly {
Brad Fitzpatrick6e9b1a72011-06-16 13:02:28 -0700174 fmt.Fprintf(&b, "; HttpOnly")
Brad Fitzpatrick9ea0bd32011-05-17 15:07:44 -0700175 }
176 if c.Secure {
Brad Fitzpatrick6e9b1a72011-06-16 13:02:28 -0700177 fmt.Fprintf(&b, "; Secure")
Brad Fitzpatrick9ea0bd32011-05-17 15:07:44 -0700178 }
Brad Fitzpatrick6e9b1a72011-06-16 13:02:28 -0700179 return b.String()
Brad Fitzpatrick9ea0bd32011-05-17 15:07:44 -0700180}
181
Brad Fitzpatrick6e9b1a72011-06-16 13:02:28 -0700182// readCookies parses all "Cookie" values from the header h and
183// returns the successfully parsed Cookies.
184//
185// if filter isn't empty, only cookies of that name are returned
186func readCookies(h Header, filter string) []*Cookie {
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -0500187 cookies := []*Cookie{}
188 lines, ok := h["Cookie"]
189 if !ok {
190 return cookies
191 }
Brad Fitzpatrickda7b96f2011-06-20 10:33:07 -0700192
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -0500193 for _, line := range lines {
Rob Pikeebb15662011-06-28 09:43:14 +1000194 parts := strings.Split(strings.TrimSpace(line), ";")
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -0500195 if len(parts) == 1 && parts[0] == "" {
196 continue
197 }
198 // Per-line attributes
Petar Maymounkov3e042eb2011-03-07 12:08:39 -0500199 parsedPairs := 0
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -0500200 for i := 0; i < len(parts); i++ {
201 parts[i] = strings.TrimSpace(parts[i])
202 if len(parts[i]) == 0 {
203 continue
204 }
Brad Fitzpatrick6e9b1a72011-06-16 13:02:28 -0700205 name, val := parts[i], ""
Brad Fitzpatrickd8e27db2013-08-05 16:27:24 -0700206 if j := strings.Index(name, "="); j >= 0 {
Brad Fitzpatrick6e9b1a72011-06-16 13:02:28 -0700207 name, val = name[:j], name[j+1:]
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -0500208 }
Brad Fitzpatrick6e9b1a72011-06-16 13:02:28 -0700209 if !isCookieNameValid(name) {
Petar Maymounkov3e042eb2011-03-07 12:08:39 -0500210 continue
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -0500211 }
Brad Fitzpatrick6e9b1a72011-06-16 13:02:28 -0700212 if filter != "" && filter != name {
Brad Fitzpatrickda7b96f2011-06-20 10:33:07 -0700213 continue
Brad Fitzpatrick6e9b1a72011-06-16 13:02:28 -0700214 }
Nigel Taoe59ad692014-09-25 10:21:52 +1000215 val, success := parseCookieValue(val, true)
Petar Maymounkov3e042eb2011-03-07 12:08:39 -0500216 if !success {
217 continue
218 }
Brad Fitzpatrick6e9b1a72011-06-16 13:02:28 -0700219 cookies = append(cookies, &Cookie{Name: name, Value: val})
Petar Maymounkov3e042eb2011-03-07 12:08:39 -0500220 parsedPairs++
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -0500221 }
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -0500222 }
Petar Maymounkov6afe7eb2011-03-06 15:02:06 -0500223 return cookies
224}
225
Volker Dobler4f86a962013-08-12 15:14:34 -0700226// validCookieDomain returns wheter v is a valid cookie domain-value.
227func validCookieDomain(v string) bool {
228 if isCookieDomainName(v) {
229 return true
230 }
231 if net.ParseIP(v) != nil && !strings.Contains(v, ":") {
232 return true
233 }
234 return false
Brad Fitzpatrick17d803d2013-08-01 12:16:37 -0700235}
236
Volker Dobler4f86a962013-08-12 15:14:34 -0700237// isCookieDomainName returns whether s is a valid domain name or a valid
238// domain name with a leading dot '.'. It is almost a direct copy of
239// package net's isDomainName.
240func isCookieDomainName(s string) bool {
241 if len(s) == 0 {
242 return false
243 }
244 if len(s) > 255 {
245 return false
246 }
247
248 if s[0] == '.' {
249 // A cookie a domain attribute may start with a leading dot.
250 s = s[1:]
251 }
252 last := byte('.')
253 ok := false // Ok once we've seen a letter.
254 partlen := 0
255 for i := 0; i < len(s); i++ {
256 c := s[i]
257 switch {
258 default:
259 return false
260 case 'a' <= c && c <= 'z' || 'A' <= c && c <= 'Z':
261 // No '_' allowed here (in contrast to package net).
262 ok = true
263 partlen++
264 case '0' <= c && c <= '9':
265 // fine
266 partlen++
267 case c == '-':
268 // Byte before dash cannot be dot.
269 if last == '.' {
270 return false
271 }
272 partlen++
273 case c == '.':
274 // Byte before dot cannot be dot, dash.
275 if last == '.' || last == '-' {
276 return false
277 }
278 if partlen > 63 || partlen == 0 {
279 return false
280 }
281 partlen = 0
282 }
283 last = c
284 }
285 if last == '-' || partlen > 63 {
286 return false
287 }
288
289 return ok
290}
291
292var cookieNameSanitizer = strings.NewReplacer("\n", "-", "\r", "-")
293
Brad Fitzpatrick17d803d2013-08-01 12:16:37 -0700294func sanitizeCookieName(n string) string {
Brad Fitzpatrickf75ff012011-10-03 13:12:01 -0700295 return cookieNameSanitizer.Replace(n)
Petar Maymounkov8b352932011-04-14 15:05:02 -0700296}
297
Brad Fitzpatrick17d803d2013-08-01 12:16:37 -0700298// http://tools.ietf.org/html/rfc6265#section-4.1.1
299// cookie-value = *cookie-octet / ( DQUOTE *cookie-octet DQUOTE )
300// cookie-octet = %x21 / %x23-2B / %x2D-3A / %x3C-5B / %x5D-7E
301// ; US-ASCII characters excluding CTLs,
302// ; whitespace DQUOTE, comma, semicolon,
303// ; and backslash
Volker Doblered880762014-04-16 23:01:02 -0700304// We loosen this as spaces and commas are common in cookie values
305// but we produce a quoted cookie-value in when value starts or ends
306// with a comma or space.
Brad Fitzpatrick2ae77372015-07-10 17:17:11 -0600307// See https://golang.org/issue/7243 for the discussion.
Brad Fitzpatrick17d803d2013-08-01 12:16:37 -0700308func sanitizeCookieValue(v string) string {
Volker Doblered880762014-04-16 23:01:02 -0700309 v = sanitizeOrWarn("Cookie.Value", validCookieValueByte, v)
310 if len(v) == 0 {
311 return v
312 }
313 if v[0] == ' ' || v[0] == ',' || v[len(v)-1] == ' ' || v[len(v)-1] == ',' {
314 return `"` + v + `"`
315 }
316 return v
Brad Fitzpatrick17d803d2013-08-01 12:16:37 -0700317}
318
319func validCookieValueByte(b byte) bool {
Volker Doblered880762014-04-16 23:01:02 -0700320 return 0x20 <= b && b < 0x7f && b != '"' && b != ';' && b != '\\'
Brad Fitzpatrick17d803d2013-08-01 12:16:37 -0700321}
322
323// path-av = "Path=" path-value
324// path-value = <any CHAR except CTLs or ";">
325func sanitizeCookiePath(v string) string {
326 return sanitizeOrWarn("Cookie.Path", validCookiePathByte, v)
327}
328
329func validCookiePathByte(b byte) bool {
330 return 0x20 <= b && b < 0x7f && b != ';'
331}
332
333func sanitizeOrWarn(fieldName string, valid func(byte) bool, v string) string {
334 ok := true
335 for i := 0; i < len(v); i++ {
336 if valid(v[i]) {
337 continue
338 }
339 log.Printf("net/http: invalid byte %q in %s; dropping invalid bytes", v[i], fieldName)
340 ok = false
341 break
342 }
343 if ok {
344 return v
345 }
346 buf := make([]byte, 0, len(v))
347 for i := 0; i < len(v); i++ {
348 if b := v[i]; valid(b) {
349 buf = append(buf, b)
350 }
351 }
352 return string(buf)
Petar Maymounkov8b352932011-04-14 15:05:02 -0700353}
354
Nigel Taoe59ad692014-09-25 10:21:52 +1000355func parseCookieValue(raw string, allowDoubleQuote bool) (string, bool) {
Volker Doblered880762014-04-16 23:01:02 -0700356 // Strip the quotes, if present.
Nigel Taoe59ad692014-09-25 10:21:52 +1000357 if allowDoubleQuote && len(raw) > 1 && raw[0] == '"' && raw[len(raw)-1] == '"' {
Volker Doblered880762014-04-16 23:01:02 -0700358 raw = raw[1 : len(raw)-1]
359 }
Petar Maymounkov3e042eb2011-03-07 12:08:39 -0500360 for i := 0; i < len(raw); i++ {
Volker Doblered880762014-04-16 23:01:02 -0700361 if !validCookieValueByte(raw[i]) {
Petar Maymounkov3e042eb2011-03-07 12:08:39 -0500362 return "", false
363 }
364 }
365 return raw, true
366}
367
368func isCookieNameValid(raw string) bool {
Brad Fitzpatrick9462bce2015-06-29 18:10:43 -0700369 if raw == "" {
370 return false
371 }
Pascal S. de Kloeb678c192012-04-23 10:26:10 -0700372 return strings.IndexFunc(raw, isNotToken) < 0
Petar Maymounkov3e042eb2011-03-07 12:08:39 -0500373}