diff options
author | Jocelyn Turcotte <jocelyn.turcotte@nokia.com> | 2011-06-07 18:14:13 (GMT) |
---|---|---|
committer | Jocelyn Turcotte <jocelyn.turcotte@nokia.com> | 2011-06-09 14:05:14 (GMT) |
commit | 7b287a3861b2b71a31dfea53b5c93a0cb7d99fcc (patch) | |
tree | 758bf330f8974cdc3a3f31e2c424c57f44e43147 | |
parent | ab00a395bb00ccd130a01d49bf18c2bc597a1fe6 (diff) | |
download | Qt-7b287a3861b2b71a31dfea53b5c93a0cb7d99fcc.zip Qt-7b287a3861b2b71a31dfea53b5c93a0cb7d99fcc.tar.gz Qt-7b287a3861b2b71a31dfea53b5c93a0cb7d99fcc.tar.bz2 |
Limit the cookies count per domain to 50.
This makes it more difficult for a single server to fill the client's cookie
jar. All major browsers currently have a similar limit.
This patch also modifies the "find already existing cookie" loop to use indexes
instead of iterators to match the newly added loop.
Reviewed-by: Peter Hartmann
-rw-r--r-- | src/network/access/qnetworkcookiejar.cpp | 27 | ||||
-rw-r--r-- | tests/auto/qnetworkcookiejar/tst_qnetworkcookiejar.cpp | 41 |
2 files changed, 61 insertions, 7 deletions
diff --git a/src/network/access/qnetworkcookiejar.cpp b/src/network/access/qnetworkcookiejar.cpp index 291bdec..e49a8e1 100644 --- a/src/network/access/qnetworkcookiejar.cpp +++ b/src/network/access/qnetworkcookiejar.cpp @@ -220,20 +220,33 @@ bool QNetworkCookieJar::setCookiesFromUrl(const QList<QNetworkCookie> &cookieLis continue; // not accepted } - QList<QNetworkCookie>::Iterator it = d->allCookies.begin(), - end = d->allCookies.end(); - for ( ; it != end; ++it) + for (int i = 0; i < d->allCookies.size(); ++i) { // does this cookie already exist? - if (cookie.name() == it->name() && - cookie.domain() == it->domain() && - cookie.path() == it->path()) { + const QNetworkCookie ¤t = d->allCookies.at(i); + if (cookie.name() == current.name() && + cookie.domain() == current.domain() && + cookie.path() == current.path()) { // found a match - d->allCookies.erase(it); + d->allCookies.removeAt(i); break; } + } // did not find a match if (!isDeletion) { + int countForDomain = 0; + for (int i = d->allCookies.size() - 1; i >= 0; --i) { + // Start from the end and delete the oldest cookies to keep a maximum count of 50. + const QNetworkCookie ¤t = d->allCookies.at(i); + if (isParentDomain(cookie.domain(), current.domain()) + || isParentDomain(current.domain(), cookie.domain())) { + if (countForDomain >= 49) + d->allCookies.removeAt(i); + else + ++countForDomain; + } + } + d->allCookies += cookie; ++added; } diff --git a/tests/auto/qnetworkcookiejar/tst_qnetworkcookiejar.cpp b/tests/auto/qnetworkcookiejar/tst_qnetworkcookiejar.cpp index d59a510..ef843f3 100644 --- a/tests/auto/qnetworkcookiejar/tst_qnetworkcookiejar.cpp +++ b/tests/auto/qnetworkcookiejar/tst_qnetworkcookiejar.cpp @@ -52,6 +52,7 @@ private slots: void getterSetter(); void setCookiesFromUrl_data(); void setCookiesFromUrl(); + void setCookiesFromUrl_50CookiesLimitPerDomain(); void cookiesForUrl_data(); void cookiesForUrl(); void effectiveTLDs_data(); @@ -251,6 +252,46 @@ void tst_QNetworkCookieJar::setCookiesFromUrl() QVERIFY2(result.isEmpty(), QTest::toString(result)); } +static bool findCookieName(const QList<QNetworkCookie> &cookieList, const QString &name) +{ + foreach(QNetworkCookie cookie, cookieList) + if (cookie.name() == name) + return true; + return false; +} + +void tst_QNetworkCookieJar::setCookiesFromUrl_50CookiesLimitPerDomain() +{ + QNetworkCookie cookie; + cookie.setValue("value"); + MyCookieJar jar; + QUrl url("http://a.b.c.com"); + + for (int i = 0; i < 20; ++i) { + // Add a list of 3 domain-matched cookies on each iteration for a total of 60 cookies. + QList<QNetworkCookie> cookieList; + cookie.setName(QString("CookieNo%1").arg(i*3+1).toAscii()); + cookie.setDomain("a.b.c.com"); + cookieList += cookie; + cookie.setName(QString("CookieNo%1").arg(i*3+2).toAscii()); + cookie.setDomain(".b.c.com"); + cookieList += cookie; + cookie.setName(QString("CookieNo%1").arg(i*3+3).toAscii()); + cookie.setDomain(".c.com"); + cookieList += cookie; + jar.setCookiesFromUrl(cookieList, url); + + int expectedNumCookies = std::min((i+1)*3, 50); + QCOMPARE(jar.allCookies().size(), expectedNumCookies); + } + + // Verify that the oldest cookies were the ones overwritten. + QVERIFY(!findCookieName(jar.allCookies(), "CookieNo1")); + QVERIFY(!findCookieName(jar.allCookies(), "CookieNo10")); + QVERIFY(findCookieName(jar.allCookies(), "CookieNo11")); + QVERIFY(findCookieName(jar.allCookies(), "CookieNo60")); +} + void tst_QNetworkCookieJar::cookiesForUrl_data() { QTest::addColumn<QList<QNetworkCookie> >("allCookies"); |