'Re: handling of expired cookies'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kfm-devel
Subject:    Re: handling of expired cookies
From:       "Dawit A." <adawit () kde ! org>
Date:       2003-01-09 5:55:39
[Download RAW message or body]

On Wednesday 08 January 2003 22:46, Dirk Mueller wrote:
> On Don, 09 Jan 2003, Frank Dekervel wrote:
> > it seems to work correctly (after a while, 2.php says 'foo is not set'
> > again)
> > kde 3.1RC6
>
> Hmm. doesn't work for me. current 3.1 branch. I've reloaded after 5
> minutes, it says "is set".

This is indeed a bug or rather an oversight in the way the cookiejar deletes 
expired cookies.  Expired cookies are deleted everytime the cookiejar is 
flushed to disk.  However, this only happens whenever the cookiejar changes 
state. That is a cookie is added or removed.  Unfortunately no equivalent 
check is made for a lookup (findCookies) call.  Hence, an expired cookie can  
be sent along so long as no add or delete calls were performed right before 
the lookup.

Can you please try the attached patches ?

Regards,
Dawit A.

["kcookiejar.diff" (text/x-diff)]

Index: kcookiejar.cpp
===================================================================
RCS file: /home/kde/kdelibs/kioslave/http/kcookiejar/kcookiejar.cpp,v
retrieving revision 1.91
diff -u -p -b -B -w -r1.91 kcookiejar.cpp
--- kcookiejar.cpp	22 Dec 2002 20:27:04 -0000	1.91
+++ kcookiejar.cpp	9 Jan 2003 05:46:05 -0000
@@ -289,6 +289,17 @@ QString KCookieJar::findCookies(const QS
 
           if( cookie->isSecure() && !secureRequest )
              continue;
+             
+          // Do not send expired cookies.
+          if ( cookie->isExpired (time(0)) )
+          {
+             // Note there is no need to actually delete the cookie here
+             // since the cookieserver will invoke ::saveCookieJar because
+             // of the state change below. This will then do the job of 
+             // deleting the cookie for us.
+             m_cookiesChanged = true;
+             continue;
+          }
 
           if (windowId && (cookie->windowIds().find(windowId) == cookie->windowIds().end()))
           {

["kcookieserver.diff" (text/x-diff)]

Index: kcookieserver.cpp
===================================================================
RCS file: /home/kde/kdelibs/kioslave/http/kcookiejar/kcookieserver.cpp,v
retrieving revision 1.47
diff -u -p -b -B -w -r1.47 kcookieserver.cpp
--- kcookieserver.cpp	29 Jul 2002 22:52:53 -0000	1.47
+++ kcookieserver.cpp	9 Jan 2003 05:49:24 -0000
@@ -356,7 +356,8 @@ bool KCookieServer::cookieMatches( KHttp
        ((hasDomain && c->domain() == domain) ||
         fqdn == c->host()) &&
        (c->path()   == path)   &&
-       (c->name()   == name);
+       (c->name()   == name) &&
+       (!c->isExpired(time(0)));
     }
     return false;
 }
@@ -383,7 +384,13 @@ KCookieServer::findCookies(QString url, 
       mRequestList->append( request );
       return QString::null; // Talk to you later :-)
    }
-   return mCookieJar->findCookies(url, false, windowId);
+   
+   QString cookies = mCookieJar->findCookies(url, false, windowId);
+   
+   if (mCookieJar->changed() && !mTimer)
+      saveCookieJar();
+   
+   return cookies;
 }
 
 // DCOP function


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic