Browse Source

[WebUI] Make cookie parsing robust

Previously cookie name such as "<any string>SID" will be mistakenly
accepted as "SID" session ID, this commit fixes it.

Use QString::isEmpty()
adaptive-webui-19844
Chocobo1 8 years ago
parent
commit
f35a5c8085
  1. 36
      src/webui/abstractwebapplication.cpp
  2. 2
      src/webui/abstractwebapplication.h

36
src/webui/abstractwebapplication.cpp

@ -40,6 +40,7 @@
#include "base/preferences.h" #include "base/preferences.h"
#include "base/utils/fs.h" #include "base/utils/fs.h"
#include "base/utils/random.h" #include "base/utils/random.h"
#include "base/utils/string.h"
#include "websessiondata.h" #include "websessiondata.h"
// UnbanTimer // UnbanTimer
@ -147,24 +148,13 @@ void AbstractWebApplication::removeInactiveSessions()
bool AbstractWebApplication::sessionInitialize() bool AbstractWebApplication::sessionInitialize()
{ {
static const QString SID_START = QLatin1String(C_SID) + QLatin1String("=");
if (session_ == 0) if (session_ == 0)
{ {
QString cookie = request_.headers.value("cookie"); const QString sessionId = parseCookie(request_).value(C_SID);
//qDebug() << Q_FUNC_INFO << "cookie: " << cookie;
QString sessionId;
int pos = cookie.indexOf(SID_START);
if (pos >= 0) {
pos += SID_START.length();
int end = cookie.indexOf(QRegExp("[,;]"), pos);
sessionId = cookie.mid(pos, end >= 0 ? end - pos : end);
}
// TODO: Additional session check // TODO: Additional session check
if (!sessionId.isNull()) { if (!sessionId.isEmpty()) {
if (sessions_.contains(sessionId)) { if (sessions_.contains(sessionId)) {
session_ = sessions_[sessionId]; session_ = sessions_[sessionId];
session_->updateTimestamp(); session_->updateTimestamp();
@ -386,3 +376,23 @@ const QStringMap AbstractWebApplication::CONTENT_TYPE_BY_EXT = {
{ "png", Http::CONTENT_TYPE_PNG }, { "png", Http::CONTENT_TYPE_PNG },
{ "js", Http::CONTENT_TYPE_JS } { "js", Http::CONTENT_TYPE_JS }
}; };
QStringMap AbstractWebApplication::parseCookie(const Http::Request &request) const
{
// [rfc6265] 4.2.1. Syntax
QStringMap ret;
const QString cookieStr = request.headers.value(QLatin1String("cookie"));
const QVector<QStringRef> cookies = cookieStr.splitRef(';', QString::SkipEmptyParts);
for (const auto &cookie : cookies) {
const int idx = cookie.indexOf('=');
if (idx < 0)
continue;
const QString name = cookie.left(idx).trimmed().toString();
const QString value = Utils::String::unquote(cookie.mid(idx + 1).trimmed())
.toString();
ret.insert(name, value);
}
return ret;
}

2
src/webui/abstractwebapplication.h

@ -100,6 +100,8 @@ private:
QString generateSid(); QString generateSid();
bool sessionInitialize(); bool sessionInitialize();
QStringMap parseCookie(const Http::Request &request) const;
static void translateDocument(QString &data); static void translateDocument(QString &data);
static const QStringMap CONTENT_TYPE_BY_EXT; static const QStringMap CONTENT_TYPE_BY_EXT;

Loading…
Cancel
Save