summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJocelyn Turcotte <jocelyn.turcotte@nokia.com>2011-06-07 18:14:13 (GMT)
committerJocelyn Turcotte <jocelyn.turcotte@nokia.com>2011-06-09 14:05:14 (GMT)
commit7b287a3861b2b71a31dfea53b5c93a0cb7d99fcc (patch)
tree758bf330f8974cdc3a3f31e2c424c57f44e43147
parentab00a395bb00ccd130a01d49bf18c2bc597a1fe6 (diff)
downloadQt-7b287a3861b2b71a31dfea53b5c93a0cb7d99fcc.zip
Qt-7b287a3861b2b71a31dfea53b5c93a0cb7d99fcc.tar.gz
Qt-7b287a3861b2b71a31dfea53b5c93a0cb7d99fcc.tar.bz2
Limit the cookies count per domain to 50.
This makes it more difficult for a single server to fill the client's cookie jar. All major browsers currently have a similar limit. This patch also modifies the "find already existing cookie" loop to use indexes instead of iterators to match the newly added loop. Reviewed-by: Peter Hartmann
-rw-r--r--src/network/access/qnetworkcookiejar.cpp27
-rw-r--r--tests/auto/qnetworkcookiejar/tst_qnetworkcookiejar.cpp41
2 files changed, 61 insertions, 7 deletions
diff --git a/src/network/access/qnetworkcookiejar.cpp b/src/network/access/qnetworkcookiejar.cpp
index 291bdec..e49a8e1 100644
--- a/src/network/access/qnetworkcookiejar.cpp
+++ b/src/network/access/qnetworkcookiejar.cpp
@@ -220,20 +220,33 @@ bool QNetworkCookieJar::setCookiesFromUrl(const QList<QNetworkCookie> &cookieLis
continue; // not accepted
}
- QList<QNetworkCookie>::Iterator it = d->allCookies.begin(),
- end = d->allCookies.end();
- for ( ; it != end; ++it)
+ for (int i = 0; i < d->allCookies.size(); ++i) {
// does this cookie already exist?
- if (cookie.name() == it->name() &&
- cookie.domain() == it->domain() &&
- cookie.path() == it->path()) {
+ const QNetworkCookie &current = d->allCookies.at(i);
+ if (cookie.name() == current.name() &&
+ cookie.domain() == current.domain() &&
+ cookie.path() == current.path()) {
// found a match
- d->allCookies.erase(it);
+ d->allCookies.removeAt(i);
break;
}
+ }
// did not find a match
if (!isDeletion) {
+ int countForDomain = 0;
+ for (int i = d->allCookies.size() - 1; i >= 0; --i) {
+ // Start from the end and delete the oldest cookies to keep a maximum count of 50.
+ const QNetworkCookie &current = d->allCookies.at(i);
+ if (isParentDomain(cookie.domain(), current.domain())
+ || isParentDomain(current.domain(), cookie.domain())) {
+ if (countForDomain >= 49)
+ d->allCookies.removeAt(i);
+ else
+ ++countForDomain;
+ }
+ }
+
d->allCookies += cookie;
++added;
}
diff --git a/tests/auto/qnetworkcookiejar/tst_qnetworkcookiejar.cpp b/tests/auto/qnetworkcookiejar/tst_qnetworkcookiejar.cpp
index d59a510..ef843f3 100644
--- a/tests/auto/qnetworkcookiejar/tst_qnetworkcookiejar.cpp
+++ b/tests/auto/qnetworkcookiejar/tst_qnetworkcookiejar.cpp
@@ -52,6 +52,7 @@ private slots:
void getterSetter();
void setCookiesFromUrl_data();
void setCookiesFromUrl();
+ void setCookiesFromUrl_50CookiesLimitPerDomain();
void cookiesForUrl_data();
void cookiesForUrl();
void effectiveTLDs_data();
@@ -251,6 +252,46 @@ void tst_QNetworkCookieJar::setCookiesFromUrl()
QVERIFY2(result.isEmpty(), QTest::toString(result));
}
+static bool findCookieName(const QList<QNetworkCookie> &cookieList, const QString &name)
+{
+ foreach(QNetworkCookie cookie, cookieList)
+ if (cookie.name() == name)
+ return true;
+ return false;
+}
+
+void tst_QNetworkCookieJar::setCookiesFromUrl_50CookiesLimitPerDomain()
+{
+ QNetworkCookie cookie;
+ cookie.setValue("value");
+ MyCookieJar jar;
+ QUrl url("http://a.b.c.com");
+
+ for (int i = 0; i < 20; ++i) {
+ // Add a list of 3 domain-matched cookies on each iteration for a total of 60 cookies.
+ QList<QNetworkCookie> cookieList;
+ cookie.setName(QString("CookieNo%1").arg(i*3+1).toAscii());
+ cookie.setDomain("a.b.c.com");
+ cookieList += cookie;
+ cookie.setName(QString("CookieNo%1").arg(i*3+2).toAscii());
+ cookie.setDomain(".b.c.com");
+ cookieList += cookie;
+ cookie.setName(QString("CookieNo%1").arg(i*3+3).toAscii());
+ cookie.setDomain(".c.com");
+ cookieList += cookie;
+ jar.setCookiesFromUrl(cookieList, url);
+
+ int expectedNumCookies = std::min((i+1)*3, 50);
+ QCOMPARE(jar.allCookies().size(), expectedNumCookies);
+ }
+
+ // Verify that the oldest cookies were the ones overwritten.
+ QVERIFY(!findCookieName(jar.allCookies(), "CookieNo1"));
+ QVERIFY(!findCookieName(jar.allCookies(), "CookieNo10"));
+ QVERIFY(findCookieName(jar.allCookies(), "CookieNo11"));
+ QVERIFY(findCookieName(jar.allCookies(), "CookieNo60"));
+}
+
void tst_QNetworkCookieJar::cookiesForUrl_data()
{
QTest::addColumn<QList<QNetworkCookie> >("allCookies");