|
|
|---|
|
|
|---|
| 5 |
|
5 |
|
| 6 |
// HttpLog.h should generally be included first |
6 |
// HttpLog.h should generally be included first |
| 7 |
#include "HttpLog.h" |
7 |
#include "HttpLog.h" |
| 8 |
|
8 |
|
| 9 |
#include "nsHttpBasicAuth.h" |
9 |
#include "nsHttpBasicAuth.h" |
| 10 |
#include "plbase64.h" |
10 |
#include "plbase64.h" |
| 11 |
#include "plstr.h" |
11 |
#include "plstr.h" |
| 12 |
#include "nsString.h" |
12 |
#include "nsString.h" |
|
|
13 |
#include "mozilla/Tokenizer.h" |
| 13 |
|
14 |
|
| 14 |
namespace mozilla { |
15 |
namespace mozilla { |
| 15 |
namespace net { |
16 |
namespace net { |
| 16 |
|
17 |
|
| 17 |
//----------------------------------------------------------------------------- |
18 |
//----------------------------------------------------------------------------- |
| 18 |
// nsHttpBasicAuth <public> |
19 |
// nsHttpBasicAuth <public> |
| 19 |
//----------------------------------------------------------------------------- |
20 |
//----------------------------------------------------------------------------- |
| 20 |
|
21 |
|
|
Lines 82-103
nsHttpBasicAuth::GenerateCredentials(nsI
|
Link Here
|
|---|
|
|---|
| 82 |
NS_ENSURE_ARG_POINTER(creds); |
83 |
NS_ENSURE_ARG_POINTER(creds); |
| 83 |
|
84 |
|
| 84 |
*aFlags = 0; |
85 |
*aFlags = 0; |
| 85 |
|
86 |
|
| 86 |
// we only know how to deal with Basic auth for http. |
87 |
// we only know how to deal with Basic auth for http. |
| 87 |
bool isBasicAuth = !PL_strncasecmp(challenge, "basic", 5); |
88 |
bool isBasicAuth = !PL_strncasecmp(challenge, "basic", 5); |
| 88 |
NS_ENSURE_TRUE(isBasicAuth, NS_ERROR_UNEXPECTED); |
89 |
NS_ENSURE_TRUE(isBasicAuth, NS_ERROR_UNEXPECTED); |
| 89 |
|
90 |
|
| 90 |
// we work with ASCII around here |
|
|
| 91 |
nsAutoCString userpass; |
91 |
nsAutoCString userpass; |
| 92 |
LossyCopyUTF16toASCII(user, userpass); |
92 |
uint16_t charset; |
| 93 |
userpass.Append(':'); // always send a ':' (see bug 129565) |
93 |
nsresult rv = ParseCharset(challenge, &charset); |
| 94 |
if (password) |
94 |
NS_ENSURE_SUCCESS(rv, rv); |
|
|
95 |
if (charset) { |
| 96 |
if (charset & CHARSET_UTF8) { |
| 97 |
CopyUTF16toUTF8(user, userpass); |
| 98 |
userpass.Append(':'); |
| 99 |
if (password) { |
| 100 |
AppendUTF16toUTF8(password, userpass); |
| 101 |
} |
| 102 |
} else { |
| 103 |
return NS_ERROR_UNEXPECTED; |
| 104 |
} |
| 105 |
} else { |
| 106 |
LossyCopyUTF16toASCII(user, userpass); |
| 107 |
userpass.Append(':'); // always send a ':' (see bug 129565) |
| 108 |
if (password) |
| 95 |
LossyAppendUTF16toASCII(password, userpass); |
109 |
LossyAppendUTF16toASCII(password, userpass); |
|
|
110 |
} |
| 96 |
|
111 |
|
| 97 |
// plbase64.h provides this worst-case output buffer size calculation. |
112 |
// plbase64.h provides this worst-case output buffer size calculation. |
| 98 |
// use calloc, since PL_Base64Encode does not null terminate. |
113 |
// use calloc, since PL_Base64Encode does not null terminate. |
| 99 |
*creds = (char *) calloc(6 + ((userpass.Length() + 2)/3)*4 + 1, 1); |
114 |
*creds = (char *) calloc(6 + ((userpass.Length() + 2)/3)*4 + 1, 1); |
| 100 |
if (!*creds) |
115 |
if (!*creds) |
| 101 |
return NS_ERROR_OUT_OF_MEMORY; |
116 |
return NS_ERROR_OUT_OF_MEMORY; |
| 102 |
|
117 |
|
| 103 |
memcpy(*creds, "Basic ", 6); |
118 |
memcpy(*creds, "Basic ", 6); |
|
Lines 107-116
nsHttpBasicAuth::GenerateCredentials(nsI
|
Link Here
|
|---|
|
|---|
| 107 |
|
122 |
|
| 108 |
NS_IMETHODIMP |
123 |
NS_IMETHODIMP |
| 109 |
nsHttpBasicAuth::GetAuthFlags(uint32_t *flags) |
124 |
nsHttpBasicAuth::GetAuthFlags(uint32_t *flags) |
| 110 |
{ |
125 |
{ |
| 111 |
*flags = REQUEST_BASED | REUSABLE_CREDENTIALS | REUSABLE_CHALLENGE; |
126 |
*flags = REQUEST_BASED | REUSABLE_CREDENTIALS | REUSABLE_CHALLENGE; |
| 112 |
return NS_OK; |
127 |
return NS_OK; |
| 113 |
} |
128 |
} |
| 114 |
|
129 |
|
|
|
130 |
NS_IMETHODIMP |
| 131 |
nsHttpBasicAuth::ParseCharset(const char *challenge, uint16_t * charset) |
| 132 |
{ |
| 133 |
const char *ch = challenge + 5; |
| 134 |
*charset = CHARSET_NOT_SET; |
| 135 |
Tokenizer p(ch); |
| 136 |
Tokenizer::Token t; |
| 137 |
nsAutoCString name; |
| 138 |
nsAutoCString value; |
| 139 |
while (p.Next(t)) { |
| 140 |
p.Rollback(); |
| 141 |
while (p.CheckChar(',') || p.CheckWhite()); |
| 142 |
if (!p.Next(t) || t.Type() == Tokenizer::TOKEN_EOF) { |
| 143 |
break; |
| 144 |
} |
| 145 |
p.Rollback(); |
| 146 |
p.Record(); |
| 147 |
while (p.Next(t) && !t.Equals(Tokenizer::Token::Char('=')) && |
| 148 |
t.Type() != Tokenizer::TOKEN_WS); |
| 149 |
if (p.HasFailed()) { |
| 150 |
return NS_ERROR_INVALID_ARG; |
| 151 |
} |
| 152 |
p.Claim(name); |
| 153 |
p.Rollback(); |
| 154 |
p.SkipWhites(); |
| 155 |
if (!p.CheckChar('=')) { |
| 156 |
return NS_ERROR_INVALID_ARG; |
| 157 |
} |
| 158 |
p.SkipWhites(); |
| 159 |
bool quoted = p.CheckChar('"'); |
| 160 |
if (quoted) { |
| 161 |
if (!p.ReadUntil(Tokenizer::Token::Char('"'), value)) { |
| 162 |
return NS_ERROR_INVALID_ARG; |
| 163 |
} |
| 164 |
} else { |
| 165 |
p.Record(); |
| 166 |
while (p.Next(t) && !t.Equals(Tokenizer::Token::Char(',')) && |
| 167 |
t.Type() != Tokenizer::TOKEN_WS); |
| 168 |
p.Claim(value); |
| 169 |
} |
| 170 |
if (name.LowerCaseEqualsLiteral("charset")) { |
| 171 |
*charset = CHARSET_SPECIFIED; |
| 172 |
if (value.LowerCaseEqualsLiteral("utf-8")) { |
| 173 |
*charset |= CHARSET_UTF8; |
| 174 |
} |
| 175 |
} |
| 176 |
} |
| 177 |
return NS_OK; |
| 178 |
} |
| 179 |
|
| 115 |
} // namespace net |
180 |
} // namespace net |
| 116 |
} // namespace mozilla |
181 |
} // namespace mozilla |