fixes bug 22994 "Mail reader allows spammers to set/get cookies to track web usage"

r=dwitte sr=dveditz a=sspitzer
This commit is contained in:
darin%netscape.com 2003-05-05 21:27:02 +00:00
Родитель 11ccca864c
Коммит a7a9655ce4
11 изменённых файлов: 206 добавлений и 220 удалений

Просмотреть файл

@ -5232,15 +5232,12 @@ HTMLContentSink::ProcessHeaderData(nsIAtom* aHeader, const nsAString& aValue,
}
}
nsCOMPtr<nsIHttpChannel> httpChannel;
nsCOMPtr<nsIChannel> channel;
if (mParser) {
nsCOMPtr<nsIChannel> channel;
if (NS_SUCCEEDED(mParser->GetChannel(getter_AddRefs(channel)))) {
httpChannel = do_QueryInterface(channel);
}
mParser->GetChannel(getter_AddRefs(channel));
}
rv = cookieServ->SetCookieString(codebaseURI, prompt, cookie, httpChannel);
rv = cookieServ->SetCookieString(codebaseURI, prompt, cookie, channel);
nsCRT::free(cookie);
if (NS_FAILED(rv)) {

Просмотреть файл

@ -756,6 +756,7 @@ nsHTMLDocument::StartAutodetection(nsIDocShell *aDocShell, nsAString& aCharset,
void
nsHTMLDocument::RetrieveRelevantHeaders(nsIChannel *aChannel)
{
mChannel = aChannel;
mHttpChannel = do_QueryInterface(aChannel);
nsDocument::RetrieveRelevantHeaders(aChannel);
@ -2286,7 +2287,7 @@ nsHTMLDocument::GetCookie(nsAString& aCookie)
NS_ENSURE_SUCCESS(rv, rv);
nsXPIDLCString cookie;
rv = service->GetCookieString(codebaseURI, getter_Copies(cookie));
rv = service->GetCookieString(codebaseURI, mChannel, getter_Copies(cookie));
if (NS_SUCCEEDED(rv) && cookie)
CopyASCIItoUCS2(nsDependentCString(cookie), aCookie);
}
@ -2342,8 +2343,7 @@ nsHTMLDocument::SetCookie(const nsAString& aCookie)
rv = NS_ERROR_OUT_OF_MEMORY;
char* cookie = ToNewCString(aCookie);
if (cookie) {
rv = service->SetCookieString(codebaseURI, prompt, cookie,
mHttpChannel);
rv = service->SetCookieString(codebaseURI, prompt, cookie, mChannel);
nsCRT::free(cookie);
}
}

Просмотреть файл

@ -267,6 +267,7 @@ protected:
nsString mBaseTarget;
nsString mReferrer;
nsCOMPtr<nsIChannel> mChannel;
nsCOMPtr<nsIHttpChannel> mHttpChannel;
nsCompatibility mCompatMode;

Просмотреть файл

@ -1138,15 +1138,12 @@ nsXMLContentSink::ProcessHeaderData(nsIAtom* aHeader,const nsAString& aValue,nsI
}
}
nsCOMPtr<nsIHttpChannel> httpChannel;
nsCOMPtr<nsIChannel> channel;
if (mParser) {
nsCOMPtr<nsIChannel> channel;
if (NS_SUCCEEDED(mParser->GetChannel(getter_AddRefs(channel)))) {
httpChannel = do_QueryInterface(channel);
}
mParser->GetChannel(getter_AddRefs(channel));
}
rv = cookieServ->SetCookieString(codebaseURI, prompt, NS_ConvertUCS2toUTF8(aValue).get(), httpChannel);
rv = cookieServ->SetCookieString(codebaseURI, prompt, NS_ConvertUCS2toUTF8(aValue).get(), channel);
if (NS_FAILED(rv)) return rv;
} // END set-cookie

Просмотреть файл

@ -187,7 +187,7 @@ nsCookieHTTPNotify::OnModifyRequest(nsIHttpChannel *aHttpChannel)
// Get the cookies
char * cookie;
rv = mCookieService->GetCookieStringFromHttp(pURL, pFirstURL, &cookie);
rv = mCookieService->GetCookieStringFromHttp(pURL, pFirstURL, aHttpChannel, &cookie);
if (NS_FAILED(rv)) return rv;
const char *headerVal = "";

Просмотреть файл

@ -243,46 +243,54 @@ nsCookieService::OnSecurityChange(nsIWebProgress *aWebProgress,
}
NS_IMETHODIMP
nsCookieService::GetCookieString(nsIURI *aHostURI, char ** aCookie) {
*aCookie = COOKIE_GetCookie(aHostURI, nsnull);
return NS_OK;
}
NS_IMETHODIMP
nsCookieService::GetCookieStringFromHttp(nsIURI *aHostURI, nsIURI *aFirstURI, char ** aCookie) {
*aCookie = COOKIE_GetCookie(aHostURI, aFirstURI);
return NS_OK;
}
NS_IMETHODIMP
nsCookieService::SetCookieString(nsIURI *aHostURI, nsIPrompt *aPrompt, const char *aCookieHeader, nsIHttpChannel *aHttpChannel)
nsCookieService::GetCookieString(nsIURI *aHostURI, nsIChannel *aChannel, char ** aCookie)
{
// try to determine first party URI
nsCOMPtr<nsIURI> firstURI;
if (aHttpChannel) {
nsCOMPtr<nsIHttpChannelInternal> httpInternal = do_QueryInterface(aHttpChannel);
if (!httpInternal ||
NS_FAILED(httpInternal->GetDocumentURI(getter_AddRefs(firstURI)))) {
COOKIE_LOGFAILURE(SET_COOKIE, aHostURI, aCookieHeader, "unable to determine first URI");
return NS_OK;
}
if (aChannel) {
nsCOMPtr<nsIHttpChannelInternal> httpInternal = do_QueryInterface(aChannel);
if (httpInternal)
httpInternal->GetDocumentURI(getter_AddRefs(firstURI));
}
COOKIE_SetCookie(aHostURI, firstURI, aPrompt, aCookieHeader, nsnull, aHttpChannel);
LazyWrite(PR_TRUE);
*aCookie = COOKIE_GetCookie(aHostURI, firstURI, aChannel);
return NS_OK;
}
NS_IMETHODIMP
nsCookieService::SetCookieStringFromHttp(nsIURI *aHostURI, nsIURI *aFirstURI, nsIPrompt *aPrompt, const char *aCookieHeader, const char *aServerTime, nsIHttpChannel* aHttpChannel)
nsCookieService::GetCookieStringFromHttp(nsIURI *aHostURI, nsIURI *aFirstURI, nsIChannel *aChannel, char ** aCookie)
{
COOKIE_SetCookie(aHostURI, aFirstURI, aPrompt, aCookieHeader, aServerTime, aHttpChannel);
*aCookie = COOKIE_GetCookie(aHostURI, aFirstURI, aChannel);
return NS_OK;
}
NS_IMETHODIMP
nsCookieService::SetCookieString(nsIURI *aHostURI, nsIPrompt *aPrompt, const char *aCookieHeader, nsIChannel *aChannel)
{
// try to determine first party URI
nsCOMPtr<nsIURI> firstURI;
if (aChannel) {
nsCOMPtr<nsIHttpChannelInternal> httpInternal = do_QueryInterface(aChannel);
if (httpInternal)
httpInternal->GetDocumentURI(getter_AddRefs(firstURI));
}
COOKIE_SetCookie(aHostURI, firstURI, aPrompt, aCookieHeader, nsnull, aChannel);
LazyWrite(PR_TRUE);
return NS_OK;
}
NS_IMETHODIMP
nsCookieService::GetCookieIconIsVisible(PRBool *aIsVisible) {
nsCookieService::SetCookieStringFromHttp(nsIURI *aHostURI, nsIURI *aFirstURI, nsIPrompt *aPrompt, const char *aCookieHeader, const char *aServerTime, nsIChannel* aChannel)
{
COOKIE_SetCookie(aHostURI, aFirstURI, aPrompt, aCookieHeader, aServerTime, aChannel);
LazyWrite(PR_TRUE);
return NS_OK;
}
NS_IMETHODIMP
nsCookieService::GetCookieIconIsVisible(PRBool *aIsVisible)
{
*aIsVisible = gCookieIconVisible;
return NS_OK;
}

Просмотреть файл

@ -64,6 +64,9 @@
// until this point, we have an evil hack:
#include "nsIHttpChannelInternal.h"
#include "nsIDocShell.h"
#include "nsIDocShellTreeItem.h"
/******************************************************************************
* gCookiePrefObserver
* This is instanced as a global variable in nsCookieService.cpp.
@ -1243,10 +1246,10 @@ cookie_ParseAttributes(nsDependentCString &aCookieHeader,
*****************************************************************************/
PRIVATE nsCookieStatus
cookie_CheckPrefs(nsIURI *aHostURI,
nsIURI *aFirstURI,
nsIHttpChannel *aHttpChannel,
const char *aCookieHeader)
cookie_CheckPrefs(nsIURI *aHostURI,
nsIURI *aFirstURI,
nsIChannel *aChannel,
const char *aCookieHeader)
{
// pref tree:
// 0) get the scheme strings from the two URI's
@ -1288,11 +1291,51 @@ cookie_CheckPrefs(nsIURI *aHostURI,
// in all cases.
// XXX removed the aFirstURI check, to make cookies from javascript work
// bug 198870
if (gCookiePrefObserver->mCookiesDisabledForMailNews &&
((aFirstURI && cookie_IsFromMailNews(firstURIScheme)) ||
cookie_IsFromMailNews(currentURIScheme))) {
COOKIE_LOGFAILURE(aCookieHeader ? SET_COOKIE : GET_COOKIE, aHostURI, aCookieHeader ? "" : aCookieHeader, "cookies disabled for mailnews");
return nsICookie::STATUS_REJECTED;
if (gCookiePrefObserver->mCookiesDisabledForMailNews) {
//
// try to examine the "app type" of the docshell owning this request. if
// we find a docshell in the heirarchy of type APP_TYPE_MAIL, then assume
// this URI is being loaded from within mailnews.
//
// XXX this is a pretty ugly hack at the moment since cookies really
// shouldn't have to talk to the docshell directly. ultimately, we want
// to talk to some more generic interface, which the docshell would also
// implement. but, the basic mechanism here of leveraging the channel's
// (or loadgroup's) notification callbacks attribute seems ideal as it
// avoids the problem of having to modify all places in the code which
// kick off network requests.
//
PRUint32 appType = nsIDocShell::APP_TYPE_UNKNOWN;
if (aChannel) {
nsCOMPtr<nsIInterfaceRequestor> req;
aChannel->GetNotificationCallbacks(getter_AddRefs(req));
if (!req) {
// check the load group's notification callbacks...
nsCOMPtr<nsILoadGroup> group;
aChannel->GetLoadGroup(getter_AddRefs(group));
if (group)
group->GetNotificationCallbacks(getter_AddRefs(req));
}
if (req) {
nsCOMPtr<nsIDocShellTreeItem> item, parent = do_GetInterface(req);
if (parent) {
do {
item = parent;
nsCOMPtr<nsIDocShell> docshell = do_QueryInterface(item);
if (docshell)
docshell->GetAppType(&appType);
} while (appType != nsIDocShell::APP_TYPE_MAIL &&
NS_SUCCEEDED(item->GetParent(getter_AddRefs(parent))) &&
parent);
}
}
}
if ((appType == nsIDocShell::APP_TYPE_MAIL) ||
(aFirstURI && cookie_IsFromMailNews(firstURIScheme)) ||
cookie_IsFromMailNews(currentURIScheme)) {
COOKIE_LOGFAILURE(aCookieHeader ? SET_COOKIE : GET_COOKIE, aHostURI, aCookieHeader ? "" : aCookieHeader, "cookies disabled for mailnews");
return nsICookie::STATUS_REJECTED;
}
}
// check default prefs - go thru enumerated permissions
@ -1324,7 +1367,8 @@ cookie_CheckPrefs(nsIURI *aHostURI,
// to do this, at the moment, we need an httpChannel, but we can live without
// the two URI's (as long as no foreign checks are required).
// if the channel is null, we can fall back on "no p3p policy" prefs.
nsCookieStatus p3pStatus = cookie_P3PDecision(aHostURI, aFirstURI, aHttpChannel);
nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(aChannel);
nsCookieStatus p3pStatus = cookie_P3PDecision(aHostURI, aFirstURI, httpChannel);
if (p3pStatus == nsICookie::STATUS_REJECTED) {
COOKIE_LOGFAILURE(aCookieHeader ? SET_COOKIE : GET_COOKIE, aHostURI, aCookieHeader ? "" : aCookieHeader, "P3P test failed");
}
@ -1339,8 +1383,9 @@ cookie_CheckPrefs(nsIURI *aHostURI,
PRIVATE inline PRBool ispathdelimiter(char c) { return c == '/' || c == '?' || c == '#' || c == ';'; }
PUBLIC char *
COOKIE_GetCookie(nsIURI *aHostURI,
nsIURI *aFirstURI)
COOKIE_GetCookie(nsIURI *aHostURI,
nsIURI *aFirstURI,
nsIChannel *aChannel)
{
if (!aHostURI) {
COOKIE_LOGFAILURE(GET_COOKIE, nsnull, "", "host URI is null");
@ -1348,7 +1393,7 @@ COOKIE_GetCookie(nsIURI *aHostURI,
}
// check default prefs
nsCookieStatus cookieStatus = cookie_CheckPrefs(aHostURI, aFirstURI, nsnull, nsnull);
nsCookieStatus cookieStatus = cookie_CheckPrefs(aHostURI, aFirstURI, aChannel, nsnull);
// for GetCookie(), we don't update the UI icon if cookie was rejected.
if (cookieStatus == nsICookie::STATUS_REJECTED) {
return nsnull;
@ -1823,12 +1868,12 @@ cookie_SetCookieInternal(nsIURI *aHostURI,
// performs functions common to all cookies (checking user prefs and processing
// the time string from the server), and processes each cookie in the header.
PUBLIC void
COOKIE_SetCookie(nsIURI *aHostURI,
nsIURI *aFirstURI,
nsIPrompt *aPrompt,
const char *aCookieHeader,
const char *aServerTime,
nsIHttpChannel *aHttpChannel)
COOKIE_SetCookie(nsIURI *aHostURI,
nsIURI *aFirstURI,
nsIPrompt *aPrompt,
const char *aCookieHeader,
const char *aServerTime,
nsIChannel *aChannel)
{
if (!aHostURI) {
COOKIE_LOGFAILURE(SET_COOKIE, nsnull, aCookieHeader, "host URI is null");
@ -1836,7 +1881,7 @@ COOKIE_SetCookie(nsIURI *aHostURI,
}
// check default prefs
nsCookieStatus cookieStatus = cookie_CheckPrefs(aHostURI, aFirstURI, aHttpChannel, aCookieHeader);
nsCookieStatus cookieStatus = cookie_CheckPrefs(aHostURI, aFirstURI, aChannel, aCookieHeader);
// update UI icon, and return, if cookie was rejected.
// should we be doing this just for p3p?
if (cookieStatus == nsICookie::STATUS_REJECTED) {
@ -1846,8 +1891,9 @@ COOKIE_SetCookie(nsIURI *aHostURI,
}
return;
}
nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(aChannel);
// get the site's p3p policy now (common to all cookies)
nsCookiePolicy cookiePolicy = cookie_GetPolicy(P3P_SitePolicy(aHostURI, aHttpChannel));
nsCookiePolicy cookiePolicy = cookie_GetPolicy(P3P_SitePolicy(aHostURI, httpChannel));
// parse server local time. this is not just done here for efficiency
// reasons - if there's an error parsing it, and we need to default it

Просмотреть файл

@ -1,115 +0,0 @@
/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* ***** BEGIN LICENSE BLOCK *****
* Version: NPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Netscape Public License
* Version 1.1 (the "License"); you may not use this file except in
* compliance with the License. You may obtain a copy of the License at
* http://www.mozilla.org/NPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is mozilla.org code.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1998
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
*
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the NPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the NPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
#ifndef COOKIES_H
#define COOKIES_H
#include "nsCookie.h"
#include "nsString.h"
#include "nsInt64.h"
#include "prtime.h"
#include "nsVoidArray.h"
#include "nsIURI.h"
#include "nsIHttpChannel.h"
#include "nsIDOMWindowInternal.h"
// XXX these casts and constructs are horrible, but our nsInt64/nsTime
// classes are lacking so we need them for now. see bug 198694.
#define USEC_PER_SEC (nsInt64(PRInt32(1000000)))
#define NOW_IN_SECONDS (nsInt64(PR_Now()) / USEC_PER_SEC)
// main cookie storage struct
typedef struct _cookie_CookieStruct {
nsCString path;
nsCString host;
nsCString name;
nsCString cookie;
PRInt64 expires;
PRInt64 lastAccessed;
PRPackedBool isSession;
PRPackedBool isSecure;
PRPackedBool isDomain;
nsCookieStatus status;
nsCookiePolicy policy;
} cookie_CookieStruct;
// define logging macros for convenience
#define SET_COOKIE PR_TRUE
#define GET_COOKIE PR_FALSE
// logging handlers
#ifdef MOZ_LOGGING
// in order to do logging, the following environment variables need to be set:
//
// set NSPR_LOG_MODULES=cookie:3 -- shows rejected cookies
// set NSPR_LOG_MODULES=cookie:4 -- shows accepted and rejected cookies
// set NSPR_LOG_FILE=c:\cookie.log
//
// this next define has to appear before the include of prlog.h
#define FORCE_PR_LOG /* Allow logging in the release build */
#include "prlog.h"
#endif
#ifdef PR_LOGGING
#define COOKIE_LOGFAILURE(a, b, c, d) cookie_LogFailure(a, b, c, d)
#define COOKIE_LOGSUCCESS(a, b, c, d) cookie_LogSuccess(a, b, c, d)
extern void cookie_LogFailure(PRBool aSetCookie, nsIURI *aHostURI, const char *aCookieString, const char *aReason);
extern void cookie_LogSuccess(PRBool aSetCookie, nsIURI *aHostURI, const char *aCookieString, cookie_CookieStruct *aCookie);
extern void cookie_LogFailure(PRBool aSetCookie, nsIURI *aHostURI, const nsAFlatCString &aCookieString, const char *aReason);
extern void cookie_LogSuccess(PRBool aSetCookie, nsIURI *aHostURI, const nsAFlatCString &aCookieString, cookie_CookieStruct *aCookie);
#else
#define COOKIE_LOGFAILURE(a, b, c, d) /* nothing */
#define COOKIE_LOGSUCCESS(a, b, c, d) /* nothing */
#endif
// function prototypes
extern nsresult COOKIE_Read();
extern nsresult COOKIE_Write();
extern void COOKIE_RemoveExpiredCookies(nsInt64 aCurrentTime, PRInt32 &aOldestPosition);
extern char * COOKIE_GetCookie(nsIURI *aHostURI, nsIURI *aFirstURI);
extern void COOKIE_SetCookie(nsIURI *aHostURI, nsIURI *aFirstURI, nsIPrompt *aPrompt, const char *aCookieHeader, const char *aServerTime, nsIHttpChannel *aHttpChannel);
extern void COOKIE_RemoveAll();
extern void COOKIE_Remove(const nsACString &host, const nsACString &name, const nsACString &path, PRBool blocked);
extern nsresult COOKIE_Add(cookie_CookieStruct *aCookie, nsInt64 aCurrentTime, nsIURI *aHostURI, const char *aCookieHeader);
extern already_AddRefed<nsICookie> COOKIE_ChangeFormat(cookie_CookieStruct *aCookie);
// constants & variables
extern nsVoidArray *sCookieList;
#endif /* COOKIES_H */

Просмотреть файл

@ -90,7 +90,7 @@ GetACookie(nsICookieService *aCookieService, const char *aSpec1, const char *aSp
NS_NewURI(getter_AddRefs(uri2), aSpec2);
printf(" \"%s\": GOT ", aSpec1);
nsresult rv = aCookieService->GetCookieStringFromHttp(uri1, uri2, aCookie);
nsresult rv = aCookieService->GetCookieStringFromHttp(uri1, uri2, nsnull, aCookie);
if (NS_FAILED(rv)) printf("XXX GetCookieString() failed!\n");
if (!*aCookie) {
printf("nothing\n");

Просмотреть файл

@ -6022,7 +6022,7 @@ NS_IMETHODIMP nsPluginHostImpl::GetCookie(const char* inCookieURL, void* inOutCo
return rv;
}
rv = cookieService->GetCookieString(uriIn, getter_Copies(cookieString));
rv = cookieService->GetCookieString(uriIn, nsnull, getter_Copies(cookieString));
if (NS_FAILED(rv) || (!cookieString) ||
(inOutCookieSize <= (cookieStringLen = PL_strlen(cookieString.get())))) {
@ -6073,7 +6073,7 @@ NS_IMETHODIMP nsPluginHostImpl::SetCookie(const char* inCookieURL, const void* i
char * cookie = (char *)inCookieBuffer;
char c = cookie[inCookieSize];
cookie[inCookieSize] = '\0';
rv = cookieService->SetCookieString(uriIn, prompt, cookie,0);
rv = cookieService->SetCookieString(uriIn, prompt, cookie, nsnull);
cookie[inCookieSize] = c;
return rv;

Просмотреть файл

@ -21,7 +21,6 @@
*
* Contributor(s):
*
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
@ -36,69 +35,122 @@
*
* ***** END LICENSE BLOCK ***** */
/*
This file contains an interface to the Cookie Service.
*/
#include "nsISupports.idl"
#include "nsIURI.idl"
#include "nsIPrompt.idl"
interface nsIHttpChannel;
interface nsIURI;
interface nsIPrompt;
interface nsIChannel;
/**
* nsICookieService
*
* Provides methods for setting and getting cookies in the context of a
* page load. See nsICookieManager for methods to manipulate the cookie
* database directly. This separation of interface is mainly historical.
*/
[scriptable, uuid(011C3190-1434-11d6-A618-0010A401EB10)]
interface nsICookieService : nsISupports
{
/*
* Get the complete cookie string associated with the URL
* Get the complete cookie string associated with the URI.
*
* @param aURL The URL for which to get the cookie string
* @param aCookie The string object which will hold the result
* @return Returns NS_OK if successful, or NS_FALSE if an error occurred.
* @param aURI
* the URI of the document for which cookies are being queried.
* @param aChannel
* the channel used to load the document. this parameter may be null,
* but it is strongly recommended that a non-null value be provided to
* ensure that the cookie privacy preferences are honored.
*
* @return the resulting cookie string
*/
string getCookieString(in nsIURI aURL);
string getCookieString(in nsIURI aURI, in nsIChannel aChannel);
/*
* Get the complete cookie string associated with the URL
* Get the complete cookie string associated with the URI.
*
* @param aURL The URL for which to get the cookie string
* @param aFirstURL The URL which the user typed in or clicked on
* @param aCookie The string object which will hold the result
* @return Returns NS_OK if successful, or NS_FALSE if an error occurred.
* XXX this function is redundant and will most likely be removed in a future
* revision of this interface. GetCookieString will query the documentURI
* property off of nsIHttpChannelInternal if supported, so GetCookieString
* can be used in place of this method.
*
* @param aURI
* the URI of the document for which cookies are being queried.
* @param aFirstURI
* the URI that the user originally typed in or clicked on to initiate
* the load of the document referenced by aURI.
* @param aChannel
* the channel used to load the document. this parameter may be null,
* but it is strongly recommended that a non-null value be provided to
* ensure that the cookie privacy preferences are honored.
*
* @return the resulting cookie string
*/
string getCookieStringFromHttp(in nsIURI aURL, in nsIURI aFirstURL);
string getCookieStringFromHttp(in nsIURI aURI, in nsIURI aFirstURI, in nsIChannel aChannel);
/*
* Set the cookie string associated with the URL
* Set the cookie string associated with the URI.
*
* @param aURL The URL for which to set the cookie string
* @param aCookie The string to set
* @return Returns NS_OK if successful, or NS_FALSE if an error occurred.
* @param aURI
* the URI of the document for which cookies are being set.
* @param aPrompt
* the prompt to use for all user-level cookie notifications.
* @param aCookie
* the cookie string to set.
* @param aChannel
* the channel used to load the document. this parameter may be null,
* but it is strongly recommended that a non-null value be provided to
* ensure that the cookie privacy preferences are honored.
*
* XXX should be able to allow null aPrompt, since nsIPrompt can be queryied
* from aChannel.
*/
void setCookieString(in nsIURI aURL, in nsIPrompt aPrompt, in string aCookie, in nsIHttpChannel aHttpChannel);
void setCookieString(in nsIURI aURI, in nsIPrompt aPrompt, in string aCookie, in nsIChannel aChannel);
/*
* Set the cookie string and expires associated with the URL
* Set the cookie string and expires associated with the URI.
*
* @param aURL The URL for which to set the cookie string
* @param aFirstURL The URL which the user typed in or clicked on
* @param aPrompter The nsIPrompt implementation to use. If null, a default
* will be used.
* @param aCookie The char * string to set
* @param aExpires The expiry information of the cookie
* @return Returns NS_OK if successful, or NS_FALSE if an error occurred.
* XXX this function is redundant and will most likely be removed in a future
* revision of this interface. SetCookieString will query the documentURI
* property off of nsIHttpChannelInternal if supported, and SetCookieString
* could also query the Date header from the channel if aChannel supports
* nsIHttpChannel.
*
* @param aURI
* the URI of the document for which cookies are being set.
* @param aFirstURI
* the URI that the user originally typed in or clicked on to initiate
* the load of the document referenced by aURI.
* @param aPrompt
* the prompt to use for all user-level cookie notifications.
* @param aCookie
* the cookie string to set.
* @param aServerTime
* the expiry information of the cookie (the Date header from the HTTP
* response).
* @param aChannel
* the channel used to load the document. this parameter may be null,
* but it is strongly recommended that a non-null value be provided to
* ensure that the cookie privacy preferences are honored.
*/
void setCookieStringFromHttp(in nsIURI aURL, in nsIURI aFirstURL, in nsIPrompt aPrompter, in string aCookie, in string aExpires, in nsIHttpChannel aHttpChannel);
void setCookieStringFromHttp(in nsIURI aURI, in nsIURI aFirstURI, in nsIPrompt aPrompt, in string aCookie, in string aServerTime, in nsIChannel aChannel);
/**
* This attribute really doesn't belong on this interface. CVS blame will
* tell you why it is here. It remains until we can find a better home for
* it. Read the source if you want to know what it does :-(
*/
readonly attribute boolean cookieIconIsVisible;
};
%{ C++
// {011C3190-1434-11d6-A618-0010A401EB10}
// nsCookieService CID and ContractID:
#define NS_COOKIESERVICE_CID \
{ 0xc375fa80, 0x150f, 0x11d6, { 0xa6, 0x18, 0x0, 0x10, 0xa4, 0x1, 0xeb, 0x10 } }
#define NS_COOKIESERVICE_CONTRACTID "@mozilla.org/cookieService;1"
{ /* 011C3190-1434-11d6-A618-0010A401EB10 */ \
0xc375fa80, \
0x150f, \
0x11d6, \
{0xa6, 0x18, 0x0, 0x10, 0xa4, 0x1, 0xeb, 0x10} \
}
#define NS_COOKIESERVICE_CONTRACTID \
"@mozilla.org/cookieService;1"
%}