|
---|
|
---|
5 |
|
5 |
|
6 |
// HttpLog.h should generally be included first |
6 |
// HttpLog.h should generally be included first |
7 |
#include "HttpLog.h" |
7 |
#include "HttpLog.h" |
8 |
|
8 |
|
9 |
#include "nsHttpBasicAuth.h" |
9 |
#include "nsHttpBasicAuth.h" |
10 |
#include "plbase64.h" |
10 |
#include "plbase64.h" |
11 |
#include "plstr.h" |
11 |
#include "plstr.h" |
12 |
#include "nsString.h" |
12 |
#include "nsString.h" |
|
|
13 |
#include "mozilla/Tokenizer.h" |
13 |
|
14 |
|
14 |
namespace mozilla { |
15 |
namespace mozilla { |
15 |
namespace net { |
16 |
namespace net { |
16 |
|
17 |
|
17 |
//----------------------------------------------------------------------------- |
18 |
//----------------------------------------------------------------------------- |
18 |
// nsHttpBasicAuth <public> |
19 |
// nsHttpBasicAuth <public> |
19 |
//----------------------------------------------------------------------------- |
20 |
//----------------------------------------------------------------------------- |
20 |
|
21 |
|
Lines 82-103
nsHttpBasicAuth::GenerateCredentials(nsI
|
Link Here
|
---|
|
---|
82 |
NS_ENSURE_ARG_POINTER(creds); |
83 |
NS_ENSURE_ARG_POINTER(creds); |
83 |
|
84 |
|
84 |
*aFlags = 0; |
85 |
*aFlags = 0; |
85 |
|
86 |
|
86 |
// we only know how to deal with Basic auth for http. |
87 |
// we only know how to deal with Basic auth for http. |
87 |
bool isBasicAuth = !PL_strncasecmp(challenge, "basic", 5); |
88 |
bool isBasicAuth = !PL_strncasecmp(challenge, "basic", 5); |
88 |
NS_ENSURE_TRUE(isBasicAuth, NS_ERROR_UNEXPECTED); |
89 |
NS_ENSURE_TRUE(isBasicAuth, NS_ERROR_UNEXPECTED); |
89 |
|
90 |
|
90 |
// we work with ASCII around here |
|
|
91 |
nsAutoCString userpass; |
91 |
nsAutoCString userpass; |
92 |
LossyCopyUTF16toASCII(user, userpass); |
92 |
uint16_t charset; |
93 |
userpass.Append(':'); // always send a ':' (see bug 129565) |
93 |
nsresult rv = ParseCharset(challenge, &charset); |
94 |
if (password) |
94 |
NS_ENSURE_SUCCESS(rv, rv); |
|
|
95 |
if (charset) { |
96 |
if (charset & CHARSET_UTF8) { |
97 |
CopyUTF16toUTF8(user, userpass); |
98 |
userpass.Append(':'); |
99 |
if (password) { |
100 |
AppendUTF16toUTF8(password, userpass); |
101 |
} |
102 |
} else { |
103 |
return NS_ERROR_UNEXPECTED; |
104 |
} |
105 |
} else { |
106 |
LossyCopyUTF16toASCII(user, userpass); |
107 |
userpass.Append(':'); // always send a ':' (see bug 129565) |
108 |
if (password) |
95 |
LossyAppendUTF16toASCII(password, userpass); |
109 |
LossyAppendUTF16toASCII(password, userpass); |
|
|
110 |
} |
96 |
|
111 |
|
97 |
// plbase64.h provides this worst-case output buffer size calculation. |
112 |
// plbase64.h provides this worst-case output buffer size calculation. |
98 |
// use calloc, since PL_Base64Encode does not null terminate. |
113 |
// use calloc, since PL_Base64Encode does not null terminate. |
99 |
*creds = (char *) calloc(6 + ((userpass.Length() + 2)/3)*4 + 1, 1); |
114 |
*creds = (char *) calloc(6 + ((userpass.Length() + 2)/3)*4 + 1, 1); |
100 |
if (!*creds) |
115 |
if (!*creds) |
101 |
return NS_ERROR_OUT_OF_MEMORY; |
116 |
return NS_ERROR_OUT_OF_MEMORY; |
102 |
|
117 |
|
103 |
memcpy(*creds, "Basic ", 6); |
118 |
memcpy(*creds, "Basic ", 6); |
Lines 107-116
nsHttpBasicAuth::GenerateCredentials(nsI
|
Link Here
|
---|
|
---|
107 |
|
122 |
|
108 |
NS_IMETHODIMP |
123 |
NS_IMETHODIMP |
109 |
nsHttpBasicAuth::GetAuthFlags(uint32_t *flags) |
124 |
nsHttpBasicAuth::GetAuthFlags(uint32_t *flags) |
110 |
{ |
125 |
{ |
111 |
*flags = REQUEST_BASED | REUSABLE_CREDENTIALS | REUSABLE_CHALLENGE; |
126 |
*flags = REQUEST_BASED | REUSABLE_CREDENTIALS | REUSABLE_CHALLENGE; |
112 |
return NS_OK; |
127 |
return NS_OK; |
113 |
} |
128 |
} |
114 |
|
129 |
|
|
|
130 |
NS_IMETHODIMP |
131 |
nsHttpBasicAuth::ParseCharset(const char *challenge, uint16_t * charset) |
132 |
{ |
133 |
const char *ch = challenge + 5; |
134 |
*charset = CHARSET_NOT_SET; |
135 |
Tokenizer p(ch); |
136 |
Tokenizer::Token t; |
137 |
nsAutoCString name; |
138 |
nsAutoCString value; |
139 |
while (p.Next(t)) { |
140 |
p.Rollback(); |
141 |
while (p.CheckChar(',') || p.CheckWhite()); |
142 |
if (!p.Next(t) || t.Type() == Tokenizer::TOKEN_EOF) { |
143 |
break; |
144 |
} |
145 |
p.Rollback(); |
146 |
p.Record(); |
147 |
while (p.Next(t) && !t.Equals(Tokenizer::Token::Char('=')) && |
148 |
t.Type() != Tokenizer::TOKEN_WS); |
149 |
if (p.HasFailed()) { |
150 |
return NS_ERROR_INVALID_ARG; |
151 |
} |
152 |
p.Claim(name); |
153 |
p.Rollback(); |
154 |
p.SkipWhites(); |
155 |
if (!p.CheckChar('=')) { |
156 |
return NS_ERROR_INVALID_ARG; |
157 |
} |
158 |
p.SkipWhites(); |
159 |
bool quoted = p.CheckChar('"'); |
160 |
if (quoted) { |
161 |
if (!p.ReadUntil(Tokenizer::Token::Char('"'), value)) { |
162 |
return NS_ERROR_INVALID_ARG; |
163 |
} |
164 |
} else { |
165 |
p.Record(); |
166 |
while (p.Next(t) && !t.Equals(Tokenizer::Token::Char(',')) && |
167 |
t.Type() != Tokenizer::TOKEN_WS); |
168 |
p.Claim(value); |
169 |
} |
170 |
if (name.LowerCaseEqualsLiteral("charset")) { |
171 |
*charset = CHARSET_SPECIFIED; |
172 |
if (value.LowerCaseEqualsLiteral("utf-8")) { |
173 |
*charset |= CHARSET_UTF8; |
174 |
} |
175 |
} |
176 |
} |
177 |
return NS_OK; |
178 |
} |
179 |
|
115 |
} // namespace net |
180 |
} // namespace net |
116 |
} // namespace mozilla |
181 |
} // namespace mozilla |