Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-28 23:31:56 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix bugs with trust labels

Browse Source
This commit is contained in:
morse%netscape.com 1998-10-06 20:56:26 +00:00
parent 549c043fc7
commit 618b648fb9
6 changed files with 188 additions and 104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
include/net.h
View File

@ -26,6 +26,11 @@
executed.
*/
#if defined(CookieManagement)
#define TRUST_LABELS 1
#endif
/* make sure we only include this once */
#ifndef _NET_PROTO_H_
#define _NET_PROTO_H_
@ -489,6 +494,9 @@ struct URL_Struct_ {
char *privacy_policy_url;
char *etag; /* HTTP/1.1 Etag */
char *origin_url; /* original referrer of javascript: URL */
#ifdef TRUST_LABELS
XP_List *TrustList; /* the list of trust labels that came in the header */
#endif
};
#ifndef NU_CACHE /* Not on my branch you don't */

92
lib/libpics/picsapi.c
View File

@ -709,7 +709,7 @@ cleanup:
* services and the labels for each service to see if there are any trust
* labels.
* 3. If trust label are found they are added to the TrustList which is part
* of the URL struct.
* of the URL_Struct struct.
*
* The two main functions for the trust label processing are:
* ProcessSingleLabel - this is where the parsing engine presents ONE label with
@ -744,6 +744,7 @@ cleanup:
#include "jscookie.h"
#include "mkaccess.h" /* use #include "trust.h" when it is broken out of mkaccess.h */
#include "prlong.h"
#include "mkgeturl.h"
#ifdef _DEBUG
@ -771,10 +772,6 @@ extern int NET_SameDomain(char * currentHost, char * inlineHost);
extern char * lowercase_string(char *string);
extern char * illegal_to_underscore(char *string);
/* THIS IS THE MASTER LIST OF TRUST LABELS.
The labels stay on this list until they are matched to an incoming cookie. */
XP_List *TrustList = NULL;
#ifdef _DEBUG
/************** FOR DEBUGGINGG ***********************************/
@ -782,7 +779,7 @@ XP_List *TrustList = NULL;
LabelTargetCallback_t targetCallback;
StateRet_t trustCallback(CSLabel_t * pCSMR, CSParse_t * pCSParse, CSLLTC_t target, PRBool closed, void * pVoid)
{
#ifdef NOPE
#ifdef NOPE /* for debuggin */
static int Total = 0;
char space[256];
int change = closed ? -target : target;
@ -855,7 +852,7 @@ StateRet_t trustErrorHandler(CSLabel_t * pCSLabel, CSParse_t * pCSParse,
* draft-ietf-http-trust-state-mgt-02.txt
*
*---------------------------------------------------------------------------------------------------- */
PUBLIC void PICS_ExtractTrustLabel( URL_Struct *URL_s, char *value )
PUBLIC void PICS_ExtractTrustLabel(URL_Struct *URL_s, char *value )
{
CSParse_t * pCSParse = 0;
CSDoMore_t status;
@ -867,8 +864,7 @@ PUBLIC void PICS_ExtractTrustLabel( URL_Struct *URL_s, char *value )
#endif
/* validate input args */
if ( !URL_s || !URL_s->address ||
!value || *value == '\0' ) return;
if ( !URL_s || !value || *value == '\0' ) return;
/* parse the PICS label and extract the trust label information from it */
/* ignoring the other rating information. */
@ -897,7 +893,7 @@ PUBLIC void PICS_ExtractTrustLabel( URL_Struct *URL_s, char *value )
/* make sure the PICS version is correct */
if ( PICS_VERSION <= FVal_value(&CSLabel_getCSLLData(pCSLabel)->version) ) {
/* iterate thru each of the service IDs in this label calling ProcessService for each*/
CSLabel_iterateServices( pCSLabel, ProcessService, NULL, 0, (void *)(URL_s->address));
CSLabel_iterateServices( pCSLabel, ProcessService, NULL, 0, (void *)(URL_s));
/* IF there are valid trust labels in this PICS label they are added to */
/* the trust list at TrustList */
}
@ -916,7 +912,7 @@ PUBLIC void PICS_ExtractTrustLabel( URL_Struct *URL_s, char *value )
*
*
*----------------------------------------------------------------------------------------------------*/
CSError_t ProcessService(CSLabel_t * pCSLabel, State_Parms_t * pParms, const char * identifier, void * szURL)
CSError_t ProcessService(CSLabel_t * pCSLabel, State_Parms_t * pParms, const char * identifier, void * URL_s)
{
CSError_t ret = CSError_OK;
if ( IsValidTrustService( CSLabel_getServiceName( pCSLabel ) ) ) {
@ -926,7 +922,7 @@ CSError_t ProcessService(CSLabel_t * pCSLabel, State_Parms_t * pParms, const cha
So iterate thru the labels which if they have the purpose, Recipients and identifiable ratings
will be trust labels */
ret = CSLabel_iterateLabels(pCSLabel, ProcessLabel, pParms, 0, szURL);
ret = CSLabel_iterateLabels(pCSLabel, ProcessLabel, pParms, 0, URL_s);
} else {
/* if this is not a trust label but a regular PICS label it will usually
fail the rating service. So this is an expected occurance. */
@ -940,14 +936,13 @@ CSError_t ProcessService(CSLabel_t * pCSLabel, State_Parms_t * pParms, const cha
*
*
*----------------------------------------------------------------------------------------------------*/
CSError_t ProcessLabel(CSLabel_t * pCSLabel, State_Parms_t * pParms, const char * identifier, void * szURL)
CSError_t ProcessLabel(CSLabel_t * pCSLabel, State_Parms_t * pParms, const char * identifier, void * URL_s)
{
return CSLabel_iterateSingleLabels(pCSLabel, ProcessSingleLabel, pParms, 0, szURL);
return CSLabel_iterateSingleLabels(pCSLabel, ProcessSingleLabel, pParms, 0, URL_s);
}
void TL_SetTrustAuthority( TrustLabel *ALabel, char *TrustAuthority );
void TL_SetByField( TrustLabel *ALabel, char *szBy );
void TL_SetURLField( TrustLabel *ALabel, char *szURL );
void TL_ProcessForAttrib( TrustLabel *ALabel, char *szFor);
/*----------------------------------------------------------------------------------------------------
@ -957,14 +952,16 @@ void TL_ProcessForAttrib( TrustLabel *ALabel, char *szFor);
*
* Input:
* pCSLabel - current parsed label instance
* szURL - the URL associated with this trust label
* URL_s - the URL_Struct associated with this trust label from the HTTP header
* NOTES:
* 1. If the same rating is seen twice in one single label, the first VALID instance is used.
*
* History:
* 9/10/98 Paul Chek - switch recipient back to supporting a single value.
* NOTE: this is now controlled by RECIPIENT_RANGE
* 8/22/98 Paul Chek - switch recipient to support a range of values
*---------------------------------------------------------------------------------------------------- */
CSError_t ProcessSingleLabel(CSLabel_t * pCSLabel, State_Parms_t * pParms, const char * identifier, void * szURL)
CSError_t ProcessSingleLabel(CSLabel_t * pCSLabel, State_Parms_t * pParms, const char * identifier, void * URL_s)
{
/* tracks the ratings I have seen */
#define HAVE_PURPOSE 0x1
@ -995,10 +992,11 @@ CSError_t ProcessSingleLabel(CSLabel_t * pCSLabel, State_Parms_t * pParms, const
ExtensionData_t *AData;
char *AName;
PRBool bForgedLabel;
URL_Struct *TheURL_s;
/* march thru the ratings looking for purpose, Recipients and identification. When found save their values. */
int count = 0;
if (!pCSLabel || !szURL ) {
if (!pCSLabel || !URL_s ) {
/* oops got a bad one */
ret = CSError_BAD_PARAM;
} else {
@ -1051,6 +1049,12 @@ CSError_t ProcessSingleLabel(CSLabel_t * pCSLabel, State_Parms_t * pParms, const
/* is it the Recipients rating? */
} else if ( (AllRatings & HAVE_RECIPIENTS) &&
!XP_STRCASECMP(SVal_value(&Rating->identifier), RecipientsRating.szName)) {
#ifndef RECIPIENT_RANGE
/* yes - is the range valid?*/
if ( IsValidValue( &Rating->value, RecipientsRating.Min, RecipientsRating.Max, &RecpRange ) ) {
AllRatings &= (~HAVE_RECIPIENTS );
}
#else
/* Was a single value given?? */
if ( IsValidValue( &Rating->value, RecipientsRating.Min, RecipientsRating.Max, &TempValue ) ) {
RecpRange = RecpRange | ( 1 << TempValue );
@ -1076,6 +1080,7 @@ CSError_t ProcessSingleLabel(CSLabel_t * pCSLabel, State_Parms_t * pParms, const
}
}
}
#endif
/* is it the identifiable rating */
} else if ( (AllRatings & HAVE_ID) &&
!XP_STRCASECMP(SVal_value(&Rating->identifier), IDRating.szName)) {
@ -1100,7 +1105,6 @@ CSError_t ProcessSingleLabel(CSLabel_t * pCSLabel, State_Parms_t * pParms, const
TheLabel->ExpDate = ExpDate;
TL_SetTrustAuthority( TheLabel, CSLabel_getServiceName( pCSLabel ) );
TL_SetByField( TheLabel, SVal_value(&LabelOptions->by) );
TL_SetURLField( TheLabel, szURL );
bForgedLabel = FALSE;
/* if this is a generic label then set the isGeneric flag */
@ -1143,14 +1147,17 @@ CSError_t ProcessSingleLabel(CSLabel_t * pCSLabel, State_Parms_t * pParms, const
/* seperate the path and domain out of the "for" label attribute */
TL_ProcessForAttrib( TheLabel, SVal_value(&LabelOptions->fur) );
/* add the trust label to the list of trust labels in this header */
if ( !TrustList ) {
/* add the trust label to the list of trust labels in this header.
* The list of trust labels is maintained in the URL_Struct that
* was passed in. */
TheURL_s = (URL_Struct *)URL_s;
if ( TheURL_s->TrustList == NULL ) {
/* create the list */
TrustList = XP_ListNew();
TheURL_s->TrustList = XP_ListNew();
}
if ( TrustList ) {
if ( TheURL_s->TrustList ) {
/* NOTE: this is the only place where trust label are added to the TrustList */
XP_ListAddObjectToEnd( TrustList, TheLabel );
XP_ListAddObjectToEnd( TheURL_s->TrustList, TheLabel );
HTTrace( " Valid trust label\n" );
} else {
HTTrace( "ERROR in ProcessSingleLabel: unable to allocate the trust list\n" );
@ -1276,7 +1283,6 @@ PRBool IsValidTrustService( char *ServiceName )
{
char *PrefName;
char *escaped_service;
PRBool bool_pref;
if ( ServiceName && *ServiceName ) {
/* Build the preference string - first escape the service name */
@ -1387,12 +1393,11 @@ PRBool IsPrefix( char *path1, char *path2 )
* FALSE if none found
* TheLabel - ptr to the matching trust label
*----------------------------------------------------------------------------------------------------*/
PUBLIC PRBool MatchCookieToLabel( char *CurURL, JSCFCookieData *CookieData, TrustLabel **TheLabel )
PUBLIC PRBool MatchCookieToLabel( char *TargetURL, JSCFCookieData *CookieData, TrustLabel **TheLabel )
{
PRBool Status = FALSE;
if ( CurURL && CookieData &&
!XP_ListIsEmpty( TrustList ) && TheLabel ) {
Status = MatchCookieToLabel2( CurURL, CookieData->name_from_header,
if ( TargetURL && CookieData && TheLabel ) {
Status = MatchCookieToLabel2( TargetURL, CookieData->name_from_header,
CookieData->path_from_header, CookieData->host_from_header,
TheLabel );
}
@ -1404,7 +1409,6 @@ PUBLIC PRBool MatchCookieToLabel( char *CurURL, JSCFCookieData *CookieData, Trus
* This implements part of section 3.3.1 of the trust label spec dealing
* with figuring out if a cookie and a trust label are "compatiable".
*
* TrustList - the list of trust labels to search
* CookieName - the name of the cookie
* CookiePath - the path for the cookie
* CookieHost - the host for the cookie
@ -1418,7 +1422,7 @@ PUBLIC PRBool MatchCookieToLabel( char *CurURL, JSCFCookieData *CookieData, Trus
* History:
* Paul Chek - initial creation
****************************************************************/
PUBLIC PRBool MatchCookieToLabel2( char *CurURL, char *CookieName,
PUBLIC PRBool MatchCookieToLabel2(char *TargetURL, char *CookieName,
char *CookiePath, char *CookieHost,
TrustLabel **TheLabel )
{
@ -1432,14 +1436,14 @@ PUBLIC PRBool MatchCookieToLabel2( char *CurURL, char *CookieName,
XP_List *TempTrustList;
/* make sure I have the data I need */
if ( CurURL && CookieName && CookiePath && CookieHost &&
!XP_ListIsEmpty( TrustList ) && TheLabel ) {
if ( TargetURL && XP_STRLEN( TargetURL ) &&
CookieName && CookiePath && CookieHost &&
TheLabel ) {
/* look thru the list of trust labels for one to match this cookie */
/* First see if there is a named trust label that matches the cookie */
TempTrustList = TrustList;
TempTrustList = NET_GetTrustList( TargetURL );
if ( TempTrustList ) {
while( (ALabel = (TrustLabel *)XP_ListNextObject( TempTrustList )) ) {
/* is this label for this URL? */
if ( XP_STRCASECMP( CurURL, ALabel->szURL ) == 0 ) {
/* is this label for a specific cookie(s)?? */
bNameMatch = FALSE;
if ( ALabel->nameList != NULL ) {
@ -1509,8 +1513,8 @@ PUBLIC PRBool MatchCookieToLabel2( char *CurURL, char *CookieName,
}
} /* end of if ( ALabel->isGeneric */
} /* end of if ( NET_SameDomain */
} /* end of if ( XP_STRNCASECMP( CurURL, */
} /* end of while( (ALabel */
} /* end of if ( tmpEntry && tmpEntry */
}
/* Was there a match?? */
@ -1596,8 +1600,6 @@ TrustLabel *TL_Construct()
ALabel->path = NULL;
ALabel->nameList = NULL;
ALabel->szBy = NULL;
ALabel->szURL = NULL;
time(&ALabel->TimeStamp); /* second since 1970 */
}
return ALabel;
@ -1616,7 +1618,6 @@ PUBLIC void TL_Destruct( TrustLabel *ALabel )
if ( ALabel->path ) XP_FREE( ALabel->path );
if ( ALabel->szTrustAuthority ) XP_FREE( ALabel->szTrustAuthority );
if ( ALabel->szBy ) XP_FREE( ALabel->szBy );
if ( ALabel->szURL ) XP_FREE( ALabel->szURL );
if ( ALabel->nameList ) {
while( (AName = (char *)XP_ListRemoveEndObject( ALabel->nameList )) ){
XP_FREE( AName );
@ -1688,17 +1689,6 @@ void TL_SetByField( TrustLabel *ALabel, char *szBy )
}
}
/*----------------------------------------------------------------------------------------------------
* Purpose: set the URL field in the label
*
* ----------------------------------------------------------------------------------------------------*/
void TL_SetURLField( TrustLabel *ALabel, char *szURL )
{
if ( ALabel && szURL ) {
NET_SACopy( &ALabel->szURL, szURL );
}
}
#endif /* end of #ifdef TRUST_LABELS */

110
network/main/mkgeturl.c
View File

@ -22,6 +22,10 @@
* Designed and originally implemented by Lou Montulli '94
* Additions/Changes by Judson Valeski, Gagan Saksena 1997.
*/
#if defined(CookieManagement)
#define TRUST_LABELS 1
#endif
#include "rosetta.h"
#include "xp_error.h"
#include "mkutils.h"
@ -163,6 +167,10 @@ void net_CallExitRoutineProxy(Net_GetUrlExitFunc* exit_routine,
#include "timing.h"
#ifdef TRUST_LABELS
#include "mkaccess.h" /* change to trust.h for phase 2 */
#endif
/* for XP_GetString() */
#include "xpgetstr.h"
extern int MK_CONNECTION_REFUSED;
@ -319,6 +327,11 @@ PRIVATE char * MKglobal_config_url = 0;
PRIVATE XP_List * net_EntryList=0;
#ifdef TRUST_LABELS
/* This list contains all the URL_Struct s that are created */
PRIVATE XP_List * net_URL_sList=0;
#endif
MODULE_PRIVATE CacheUseEnum NET_CacheUseMethod=CU_CHECK_PER_SESSION;
#ifdef XP_WIN16
@ -794,6 +807,9 @@ NET_InitNetLib(int socket_buffer_size, int max_number_of_connections)
net_waiting_for_connection_url_list = XP_ListNew();
net_EntryList = XP_ListNew();
#ifdef TRUST_LABELS
net_URL_sList = XP_ListNew();
#endif
NET_TotalNumberOfProcessingURLs=0; /* reset */
@ -1751,6 +1767,20 @@ NET_ShutdownNetLib(void)
XP_ListDestroy(net_EntryList);
net_EntryList = 0;
#ifdef TRUST_LABELS
/* if there are any URL_s on their list delete them, then delete the list */
if ( net_URL_sList ) {
URL_Struct *tmpURLs;
XP_List *list_ptr = net_URL_sList;
while((tmpURLs = (URL_Struct *) XP_ListNextObject(list_ptr)) != NULL) {
list_ptr = list_ptr->next; /* get the next object before the current object gets deleted */
NET_FreeURLStruct( tmpURLs ); /* this will remove it from the list */
}
XP_ListDestroy( net_URL_sList );
net_URL_sList = 0;
}
#endif
/* free any memory in the protocol modules
*/
net_cleanup_reg_protocol_impls();
@ -4279,6 +4309,17 @@ NET_CreateURLStruct (CONST char *url, NET_ReloadMethod force_reload)
URL_s = NULL;
}
#ifdef TRUST_LABELS
/* add the newly minted URL_s struct to the list of the same so
* that when cookie to trust label matching occurs I can find the
* associated trust list */
if ( URL_s && net_URL_sList ) {
LIBNET_LOCK();
XP_ListAddObjectToEnd( net_URL_sList, URL_s );
LIBNET_UNLOCK();
}
#endif
return(URL_s);
}
@ -4392,6 +4433,15 @@ NET_FreeURLStruct (URL_Struct * URL_s)
if(URL_s->ref_count > 0)
return;
#ifdef TRUST_LABELS
/* remove URL_s struct from the list of the same */
if ( URL_s && net_URL_sList ) {
LIBNET_LOCK();
XP_ListRemoveObject( net_URL_sList, URL_s );
LIBNET_UNLOCK();
}
#endif
FREEIF(URL_s->address);
FREEIF(URL_s->username);
FREEIF(URL_s->password);
@ -4455,8 +4505,23 @@ NET_FreeURLStruct (URL_Struct * URL_s)
PR_FREEIF(URL_s->page_services_url);
PR_FREEIF(URL_s->privacy_policy_url);
PR_Free(URL_s);
#ifdef TRUST_LABELS
/* delete the entries and the trust list, if the list was created then there
* are entries on it. */
if ( URL_s->TrustList != NULL ) {
/* delete each trust list entry then delete the list */
TrustLabel *ALabel;
XP_List *tempList = URL_s->TrustList;
while ( (ALabel = XP_ListRemoveEndObject( tempList )) != NULL ) {
TL_Destruct( ALabel );
}
XP_ListDestroy( URL_s->TrustList );
URL_s->TrustList = NULL;
}
#endif
PR_Free(URL_s);
}
/* free the contents of AllHeader structure that is part of URL_Struct
@ -5189,6 +5254,49 @@ NET_InitMailtoProtocol(void)
#endif /* MOZ_MAIL_NEWS */
#ifdef TRUST_LABELS
/* given a URL search the list of URL_s structures for one that has
* a non-empty trust list.
* Return a pointer to the non empty trust last */
XP_List * NET_GetTrustList( char *TargetURL )
{
XP_List *RetList = NULL;
XP_List * list_ptr;
URL_Struct * tmpURLs;
char *FromURLs = NULL;
char *FromTarget = NULL;
if ( TargetURL && PL_strlen( TargetURL ) ) {
LIBNET_LOCK();
list_ptr = net_URL_sList;
while((tmpURLs = (URL_Struct *) XP_ListNextObject(list_ptr)) != NULL) {
/* first check if this URL_Struct has a trust list. If it does then do
* the name parsing on both URLs. Check for an empty list because due to
* thread switching the list could have been created but no entries added
* to it. */
if ( tmpURLs->TrustList != NULL && !XP_ListIsEmpty( tmpURLs->TrustList ) ) {
/* This entry has a trustList, see if the URS match. To be safe strip both
* URLs down to host/domain/file. If there is a match
* return the pointer to the trust list */
char *FromURLs = NET_ParseURL (tmpURLs->address, GET_PATH_PART);
char *FromTarget = NET_ParseURL (TargetURL, GET_PATH_PART);
if( PL_strcmp( FromURLs, FromTarget) == 0 ) {
/* we have a match */
RetList = tmpURLs->TrustList;
break;
}
}
}
FREEIF( FromURLs );
FREEIF( FromTarget );
LIBNET_UNLOCK();
}
return RetList;
}
#endif
#ifdef PROFILE
#pragma profile off
#endif

40
network/protocol/http/mkaccess.c
View File

@ -128,7 +128,6 @@ extern int MK_ACCESS_TL_RPH1;
extern int MK_ACCESS_TL_RPH2;
extern int MK_ACCESS_TL_RPH3;
extern XP_List *TrustList;
#endif
@ -2633,11 +2632,9 @@ net_IntSetCookieString(MWContext * context,
* At this point the cookie was added to
* the cookie list. So see if there is a trust label that
* matches the cookie and if so add the trust label to the
* cookie permission list. Existing trust label entries are
* replaced with this latest entry.
* cookie permission list. Existing trust label entries in
* the permission list replaced with this latest entry.
*/
if ( !XP_ListIsEmpty( TrustList ) ) {
/* there are trust labels - attempt to match them to this cookie */
if ( MatchCookieToLabel2(
cur_url, prev_cookie->name,
prev_cookie->path, prev_cookie->host, &trustlabel ) ) {
@ -2651,7 +2648,6 @@ net_IntSetCookieString(MWContext * context,
net_SaveCookiePermissions(NULL);
}
}
}
#endif
#if defined(CookieManagement)
net_IntSetCookieStringInUse = FALSE;
@ -3982,6 +3978,9 @@ struct _CookieViewerDialog {
*
* If a matching label is not found return a string with a single space.
* The caller must free the string.
*
* History:
* 9/9/98 Paul Chek - switch recipient from a range to a single value
*/
char *GetTrustLabelString(char *CookieName)
{
@ -4000,7 +3999,7 @@ char *GetTrustLabelString(char *CookieName)
* int PurposeIds[] = {MK_ACCESS_TL_PPH0, MK_ACCESS_TL_PPH1,
* MK_ACCESS_TL_PPH2, MK_ACCESS_TL_PPH3,
* MK_ACCESS_TL_PPH4, MK_ACCESS_TL_PPH5};
* int RecpIds[] = { 0, MK_ACCESS_TL_RPH1,
* int RecpIds[] = { MK_ACCESS_TL_RPH0, MK_ACCESS_TL_RPH1,
* MK_ACCESS_TL_RPH2, MK_ACCESS_TL_RPH3};
*/
@ -4027,7 +4026,7 @@ char *GetTrustLabelString(char *CookieName)
PurposeIds[4] = MK_ACCESS_TL_PPH4;
PurposeIds[5] = MK_ACCESS_TL_PPH5;
RecpIds[0] = 0;
RecpIds[0] = MK_ACCESS_TL_RPH0;
RecpIds[1] = MK_ACCESS_TL_RPH1;
RecpIds[2] = MK_ACCESS_TL_RPH2;
RecpIds[3] = MK_ACCESS_TL_RPH3;
@ -4144,7 +4143,26 @@ char *GetTrustLabelString(char *CookieName)
szTempStrs[j] = NULL;
}
/* second build the recipient phrase list */
/* second, build the recipient phrase list. The recipients value as
* ossolated between allowing a range of values (0:2) and a single
* value, thats the reason for the ifdef'd code. */
#ifndef RECIPIENT_RANGE
szTempStrs[0] = PL_strdup( XP_GetString( RecpIds[ TEntry->recipient] ) );
PR_snprintf(szTemp, BUFLEN,
XP_GetString( MK_ACCESS_TL_RECP1 ),
szTempStrs[0]
);
PR_FREEIF(szTempStrs[0]);
szRecipient = PL_strdup( szTemp );
#else
/* is just a single bit set and is that bit 0 ?*/
/* if RECIPIENT_RANGE is defined you will need to
* include these lines in allxpstr.h
* ResDef(MK_ACCESS_TL_RECP2, (TRUST_LABEL_BASE + 17),
* "It is %1$s and %2$s." )
* ResDef(MK_ACCESS_TL_RECP3, (TRUST_LABEL_BASE + 18),
* "It is %1$s, %2$s and %3$s." )
*/
if ( TEntry->recipient == 1 ) {
szTempStrs[0] = PL_strdup( XP_GetString( MK_ACCESS_TL_RPH0 ) );
PR_snprintf(szTemp, BUFLEN,
@ -4203,6 +4221,7 @@ char *GetTrustLabelString(char *CookieName)
PR_FREEIF(szTempStrs[j]);
szTempStrs[j] = NULL;
}
#endif
/* construct the by string */
if (TEntry->by) {
@ -4550,7 +4569,7 @@ void CopyTrustEntry( char *CookieName, TrustEntry *TEntry, TrustLabel *trustlabe
PRIVATE
void DeleteCookieFromPermissions( char *CookieHost, char *CookieName )
{
XP_List *Tptr, *TmpList;
XP_List *TmpList;
TrustEntry *TEntry;
net_CookiePermissionStruct * cookie_permission;
@ -4563,7 +4582,6 @@ void DeleteCookieFromPermissions( char *CookieHost, char *CookieName )
/* yes - see if there is a trust label entry for the cookie */
if ( FindTrustEntry( CookieName, cookie_permission->TrustList, &TEntry ) ) {
/* yes there is - delete it */
Tptr = Tptr->prev; /* before removing the current entry get the ptr to the next one */
XP_ListRemoveObject( cookie_permission->TrustList, TEntry);
/* free the strings in the entry */
PR_FREEIF(TEntry->CookieName);

5
network/protocol/http/mkaccess.h
View File

@ -92,8 +92,6 @@ typedef struct {
char *szTrustAuthority; /* the trust authority rating service */
XP_List *nameList; /* the list of names of the specific cookies that this label is for */
char *szBy; /* the by field from the PICS label */
char *szURL; /* the url that this trust label is for */
time_t TimeStamp; /* when the entry was created, used for cleaning up stall entries */
} TrustLabel;
TrustLabel *TL_Construct();
@ -102,12 +100,11 @@ void TL_ProcessForAttrib( TrustLabel *ALabel, char *szFor);
void TL_SetSignatory( TrustLabel *ALabel, char *Signatory );
void TL_SetTrustAuthority( TrustLabel *ALabel, char *TrustAuthority );
void TL_SetByField( TrustLabel *ALabel, char *ByField );
void TL_SetURLField( TrustLabel *ALabel, char *URLField );
/* utility function that use TrustLabel */
void PICS_ExtractTrustLabel( URL_Struct *URL_s, char *value );
PRBool IsTrustLabelsEnabled(void);
PUBLIC PRBool MatchCookieToLabel2( char *CurURL, char *CookieName,
PUBLIC PRBool MatchCookieToLabel2( char *TargetURL, char *CookieName,
char *CookiePath, char *CookieHost,
TrustLabel **TheLabel );

37
network/protocol/http/mkhttp.c
View File

@ -3733,15 +3733,10 @@ NET_InitHTTPProtocol(void)
}
#ifdef TRUST_LABELS
extern XP_List *TrustList;
PUBLIC
void ProcessCookiesAndTrustLabels( ActiveEntry *ce )
{
#define TEN_MINUTES (time_t)(10*60) /* 10 minutes in seconds */
unsigned int i;
TrustLabel *ALabel;
XP_List *TempTrustList;
if ( IsTrustLabelsEnabled() && ce && ce->URL_s) {
/*
* if the trust label parsing is enabled then look at each cookie
@ -3754,38 +3749,6 @@ void ProcessCookiesAndTrustLabels( ActiveEntry *ce )
NET_SetCookieStringFromHttp(CE_FORMAT_OUT, ce->URL_s, CE_WINDOW_ID, ce->URL_s->address, ce->URL_s->all_headers.value[i]);
}
}
/* delete the list of trust labels */
if ( !XP_ListIsEmpty( TrustList ) ) {
/* delete each trust label for the current URL
* NOTE: this is the one place where entries are removed from the TrustList
*/
time_t now; time(&now); /* current time in seconds */
TempTrustList = TrustList;
/* march thru the list backwards by ordinal number so I dont miss anybody */
for( i=XP_ListCount( TempTrustList ); i>=1; i-- ) {
ALabel = (TrustLabel *)XP_ListGetObjectNum( TempTrustList, i );
/* is this label for this URL? OR is this label stale??
* It is possible to add trust labels to the list and if the
* corresponding cookie is never seen - say the user aborted the download - that the
* label will hang out for the life of the session. Also someone could attack the
* browser by sending trust labels with no cookies and this list would get quite large.
* So if an entry was set more than 10 minutes ago delete it. 10 minutes seems long
* enough because the life of an entry is measured in fractions of a second.
*/
if ( PL_strcasecmp( ce->URL_s->address, ALabel->szURL ) == 0 ||
(now - ALabel->TimeStamp) > TEN_MINUTES ) {
if ( XP_ListRemoveObject( TrustList, ALabel ) ){
TL_Destruct( ALabel );
}
}
}
/* if the trust list is empty free it */
if ( XP_ListIsEmpty( TrustList ) ) {
XP_ListDestroy( TrustList );
TrustList = NULL;
}
}
}
}
#endif