diff options
| author |  Adam Chlipala <adamc@hcoop.net> | 2009-12-03 11:56:15 -0500 |
|---|---|---|
| committer | Adam Chlipala <adamc@hcoop.net> | 2009-12-03 11:56:15 -0500 |
| commit | 4eb3dd414d20ad9140f999b962a1cc674ee22036 (patch) | |
| tree | a3082108bb32ba616436bdcb7a00b7cd48b391b7 | |
| parent | 2304eece8f5f2b9067cd66d860a332f8721c5321 (diff) | |
| parent | 8b892b4ceaaaab751a68edc8fd01ecd2246d3dab (diff) | |
Merge
| -rw-r--r-- | CHANGELOG | 7 | ||||
| -rw-r--r-- | demo/cookie.ur | 27 | ||||
| -rw-r--r-- | demo/cookieSec.ur | 2 | ||||
| -rw-r--r-- | doc/manual.tex | 3 | ||||
| -rw-r--r-- | include/urweb.h | 4 | ||||
| -rw-r--r-- | lib/ur/basis.urs | 6 | ||||
| -rw-r--r-- | src/c/fastcgi.c | 8 | ||||
| -rw-r--r-- | src/c/urweb.c | 58 | ||||
| -rw-r--r-- | src/demo.sml | 2 | ||||
| -rw-r--r-- | src/monoize.sml | 34 | ||||
| -rw-r--r-- | src/settings.sml | 1 | ||||
| -rw-r--r-- | tests/vlad3.ur | 27 | ||||
| -rw-r--r-- | tests/vlad3.urp | 2 | ||||
| -rw-r--r-- | tests/vlad3.urs | 1 |
14 files changed, 157 insertions, 25 deletions
@@ -1,4 +1,11 @@ ======== +Next +======== + +- Extended cookie interface (breaks backward compatibility for 'setCookie') +- Bug fixes + +======== 20091124 ======== diff --git a/demo/cookie.ur b/demo/cookie.ur index ad4e19ec..7e011157 100644 --- a/demo/cookie.ur +++ b/demo/cookie.ur @@ -1,15 +1,30 @@ cookie c : {A : string, B : float, C : int} fun set r = - setCookie c {A = r.A, B = readError r.B, C = readError r.C}; + setCookie c {Value = {A = r.A, B = readError r.B, C = readError r.C}, + Expires = None, + Secure = False}; return <xml>Cookie set.</xml> +fun setExp r = + setCookie c {Value = {A = r.A, B = readError r.B, C = readError r.C}, + Expires = Some (readError "2012-11-6 00:00:00"), + Secure = False}; + return <xml>Cookie set robustly.</xml> + +fun delete () = + clearCookie c; + return <xml>Cookie cleared.</xml> + fun main () = ro <- getCookie c; return <xml><body> {case ro of None => <xml>No cookie set.</xml> - | Some v => <xml>Cookie: A = {[v.A]}, B = {[v.B]}, C = {[v.C]}</xml>} + | Some v => <xml> + Cookie: A = {[v.A]}, B = {[v.B]}, C = {[v.C]}<br/> + <form><submit value="Delete" action={delete}/></form> + </xml>} <br/><br/> <form> @@ -17,5 +32,13 @@ fun main () = B: <textbox{#B}/><br/> C: <textbox{#C}/><br/> <submit action={set}/> + </form><br/> + + <form> + <b>Version that expires on November 6, 2012:</b><br/> + A: <textbox{#A}/><br/> + B: <textbox{#B}/><br/> + C: <textbox{#C}/><br/> + <submit action={setExp}/> </form> </body></xml> diff --git a/demo/cookieSec.ur b/demo/cookieSec.ur index 447d38ad..98615c78 100644 --- a/demo/cookieSec.ur +++ b/demo/cookieSec.ur @@ -25,7 +25,7 @@ fun main () = </body></xml> and set r = - setCookie username r.User; + setCookie username {Value = r.User, Expires = None, Secure = False}; main () and imHere () = diff --git a/doc/manual.tex b/doc/manual.tex index 5a46552d..866b9585 100644 --- a/doc/manual.tex +++ b/doc/manual.tex @@ -1288,7 +1288,8 @@ $$\begin{array}{l} \\ \mt{con} \; \mt{http\_cookie} :: \mt{Type} \to \mt{Type} \\ \mt{val} \; \mt{getCookie} : \mt{t} ::: \mt{Type} \to \mt{http\_cookie} \; \mt{t} \to \mt{transaction} \; (\mt{option} \; \mt{t}) \\ - \mt{val} \; \mt{setCookie} : \mt{t} ::: \mt{Type} \to \mt{http\_cookie} \; \mt{t} \to \mt{t} \to \mt{transaction} \; \mt{unit} + \mt{val} \; \mt{setCookie} : \mt{t} ::: \mt{Type} \to \mt{http\_cookie} \; \mt{t} \to \{\mt{Value} : \mt{t}, \mt{Expires} : \mt{option} \; \mt{time}, \mt{Secure} : \mt{bool}\} \to \mt{transaction} \; \mt{unit} \\ + \mt{val} \; \mt{clearCookie} : \mt{t} ::: \mt{Type} \to \mt{http\_cookie} \; \mt{t} \to \mt{transaction} \; \mt{unit} \end{array}$$ There are also an abstract $\mt{url}$ type and functions for converting to it, based on the policy defined by \texttt{[allow|deny] url} directives in the project file. diff --git a/include/urweb.h b/include/urweb.h index 55068966..9884a3ca 100644 --- a/include/urweb.h +++ b/include/urweb.h @@ -185,7 +185,8 @@ uw_Basis_string uw_Basis_requestHeader(uw_context, uw_Basis_string); void uw_write_header(uw_context, uw_Basis_string); uw_Basis_string uw_Basis_get_cookie(uw_context, uw_Basis_string c); -uw_unit uw_Basis_set_cookie(uw_context, uw_Basis_string prefix, uw_Basis_string c, uw_Basis_string v); +uw_unit uw_Basis_set_cookie(uw_context, uw_Basis_string prefix, uw_Basis_string c, uw_Basis_string v, uw_Basis_time *expires, uw_Basis_bool secure); +uw_unit uw_Basis_clear_cookie(uw_context, uw_Basis_string prefix, uw_Basis_string c); uw_Basis_channel uw_Basis_new_channel(uw_context, uw_unit); uw_unit uw_Basis_send(uw_context, uw_Basis_channel, uw_Basis_string); @@ -210,6 +211,7 @@ uw_Basis_int uw_Basis_blobSize(uw_context, uw_Basis_blob); __attribute__((noreturn)) void uw_return_blob(uw_context, uw_Basis_blob, uw_Basis_string mimeType); uw_Basis_time uw_Basis_now(uw_context); +extern const uw_Basis_time uw_Basis_minTime; void uw_register_transactional(uw_context, void *data, uw_callback commit, uw_callback rollback, uw_callback free); diff --git a/lib/ur/basis.urs b/lib/ur/basis.urs index 47bc3d48..31aa4cdd 100644 --- a/lib/ur/basis.urs +++ b/lib/ur/basis.urs @@ -115,6 +115,7 @@ val current : t ::: Type -> signal t -> transaction t (** * Time *) val now : transaction time +val minTime : time (** HTTP operations *) @@ -123,7 +124,10 @@ val requestHeader : string -> transaction (option string) con http_cookie :: Type -> Type val getCookie : t ::: Type -> http_cookie t -> transaction (option t) -val setCookie : t ::: Type -> http_cookie t -> t -> transaction unit +val setCookie : t ::: Type -> http_cookie t -> {Value : t, + Expires : option time, + Secure : bool} -> transaction unit +val clearCookie : t ::: Type -> http_cookie t -> transaction unit (** JavaScript-y gadgets *) diff --git a/src/c/fastcgi.c b/src/c/fastcgi.c index 7d2ce067..1a8a8316 100644 --- a/src/c/fastcgi.c +++ b/src/c/fastcgi.c @@ -223,7 +223,7 @@ static int read_funny_len(unsigned char **buf, int *len) { else if (*len < 4) return -1; else { - int r = (((*buf)[3] & 0x7f) << 24) + ((*buf)[2] << 16) + ((*buf)[1] << 8) + (*buf)[0]; + int r = (((*buf)[0] & 0x7f) << 24) + ((*buf)[1] << 16) + ((*buf)[2] << 8) + (*buf)[3]; *buf += 4; *len -= 4; return r; @@ -236,9 +236,9 @@ static int read_nvp(unsigned char **buf, int len, nvp *nv) { if ((nameLength = read_funny_len(buf, &len)) < 0) return -1; if ((valueLength = read_funny_len(buf, &len)) < 0) - return -1; + return -2; if (len < nameLength + valueLength) - return -1; + return -3; if (nameLength+1 > nv->name_len) { nv->name_len = nameLength+1; @@ -374,7 +374,7 @@ static void *worker(void *data) { goto done; } - write_stderr(out, "PARAM: %s -> %s\n", hs.nvps[used_nvps].name, hs.nvps[used_nvps].value); + //write_stderr(out, "PARAM: %s -> %s\n", hs.nvps[used_nvps].name, hs.nvps[used_nvps].value); ++used_nvps; } diff --git a/src/c/urweb.c b/src/c/urweb.c index 6e2b9e22..7435d76f 100644 --- a/src/c/urweb.c +++ b/src/c/urweb.c @@ -672,7 +672,7 @@ static input *check_input_space(uw_context ctx, size_t len) { } int uw_set_input(uw_context ctx, const char *name, char *value) { - printf("Input name %s\n", name); + //printf("Input name %s\n", name); if (!strcasecmp(name, ".b")) { int n = uw_input_num(value); @@ -2703,6 +2703,8 @@ uw_Basis_blob uw_Basis_stringToBlob_error(uw_context ctx, uw_Basis_string s, siz return b; } +#define THE_PAST "expires=Mon, 01-01-1970 00:00:00 GMT" + uw_Basis_string uw_Basis_get_cookie(uw_context ctx, uw_Basis_string c) { int len = strlen(c); char *p = ctx->outHeaders.start; @@ -2716,19 +2718,32 @@ uw_Basis_string uw_Basis_get_cookie(uw_context ctx, uw_Basis_string c) { size_t sz = strcspn(p2+1, ";\r\n"); if (!strncasecmp(p, c, p2 - p)) { - char *ret = uw_malloc(ctx, sz + 1); - memcpy(ret, p2+1, sz); - ret[sz] = 0; - return ret; + if (sz == 0 && strstr(p2+2, THE_PAST)) + return NULL; + else { + char *ret = uw_malloc(ctx, sz + 1); + memcpy(ret, p2+1, sz); + ret[sz] = 0; + return ret; + } } } } if (p = uw_Basis_requestHeader(ctx, "Cookie")) { + char *p2; + while (1) { - if (!strncmp(p, c, len) && p[len] == '=') - return p + 1 + len; - else if (p = strchr(p, ';')) + if (!strncmp(p, c, len) && p[len] == '=') { + if (p2 = strchr(p, ';')) { + size_t n = p2 - (p + len); + char *r = uw_malloc(ctx, n); + memcpy(r, p + 1 + len, n-1); + r[n-1] = 0; + return r; + } else + return p + 1 + len; + } else if (p = strchr(p, ';')) p += 2; else return NULL; @@ -2738,18 +2753,41 @@ uw_Basis_string uw_Basis_get_cookie(uw_context ctx, uw_Basis_string c) { return NULL; } -uw_unit uw_Basis_set_cookie(uw_context ctx, uw_Basis_string prefix, uw_Basis_string c, uw_Basis_string v) { +uw_unit uw_Basis_set_cookie(uw_context ctx, uw_Basis_string prefix, uw_Basis_string c, uw_Basis_string v, uw_Basis_time *expires, uw_Basis_bool secure) { uw_write_header(ctx, "Set-Cookie: "); uw_write_header(ctx, c); uw_write_header(ctx, "="); uw_write_header(ctx, v); uw_write_header(ctx, "; path="); uw_write_header(ctx, prefix); + if (expires) { + char formatted[30]; + struct tm tm; + + gmtime_r(expires, &tm); + + strftime(formatted, sizeof formatted, "%a, %d-%b-%Y %T GMT", &tm); + + uw_write_header(ctx, "; expires="); + uw_write_header(ctx, formatted); + } + if (secure) + uw_write_header(ctx, "; secure"); uw_write_header(ctx, "\r\n"); return uw_unit_v; } +uw_unit uw_Basis_clear_cookie(uw_context ctx, uw_Basis_string prefix, uw_Basis_string c) { + uw_write_header(ctx, "Set-Cookie: "); + uw_write_header(ctx, c); + uw_write_header(ctx, "=; path="); + uw_write_header(ctx, prefix); + uw_write_header(ctx, "; " THE_PAST "\r\n"); + + return uw_unit_v; +} + static delta *allocate_delta(uw_context ctx, unsigned client) { unsigned i; delta *d; @@ -3135,6 +3173,8 @@ uw_Basis_string uw_Basis_mstrcat(uw_context ctx, ...) { return r; } +const uw_Basis_time minTime = 0; + uw_Basis_time uw_Basis_now(uw_context ctx) { return time(NULL); } diff --git a/src/demo.sml b/src/demo.sml index 4e2caa99..c5480a93 100644 --- a/src/demo.sml +++ b/src/demo.sml @@ -430,7 +430,7 @@ fun make {prefix, dirname, guided} = TextIO.closeOut outf; - Compiler.compile (OS.Path.base fname) + Compiler.compiler (OS.Path.base fname) end; TextIO.output (demosOut, "\n</body></html>\n"); diff --git a/src/monoize.sml b/src/monoize.sml index 5ac9d46b..25b7d9c3 100644 --- a/src/monoize.sml +++ b/src/monoize.sml @@ -1338,19 +1338,43 @@ fun monoExp (env, st, fm) (all as (e, loc)) = val s = (L'.TFfi ("Basis", "string"), loc) val un = (L'.TRecord [], loc) val t = monoType env t - val (e, fm) = urlifyExp env fm ((L'.ERel 1, loc), t) + val rt = (L'.TRecord [("Value", t), + ("Expires", (L'.TOption (L'.TFfi ("Basis", "time"), + loc), loc)), + ("Secure", (L'.TFfi ("Basis", "bool"), loc))], loc) + + fun fd x = (L'.EField ((L'.ERel 1, loc), x), loc) + val (e, fm) = urlifyExp env fm (fd "Value", t) in - ((L'.EAbs ("c", s, (L'.TFun (t, (L'.TFun (un, un), loc)), loc), - (L'.EAbs ("v", t, (L'.TFun (un, un), loc), + ((L'.EAbs ("c", s, (L'.TFun (rt, (L'.TFun (un, un), loc)), loc), + (L'.EAbs ("r", rt, (L'.TFun (un, un), loc), (L'.EAbs ("_", un, un, (L'.EFfiApp ("Basis", "set_cookie", [(L'.EPrim (Prim.String (Settings.getUrlPrefix ())), loc), (L'.ERel 2, loc), - e]), loc)), + e, + fd "Expires", + fd "Secure"]) + , loc)), loc)), loc)), loc), + fm) + end + + | L.ECApp ((L.EFfi ("Basis", "clearCookie"), _), t) => + let + val s = (L'.TFfi ("Basis", "string"), loc) + val un = (L'.TRecord [], loc) + in + ((L'.EAbs ("c", s, (L'.TFun (un, un), loc), + (L'.EAbs ("_", un, un, + (L'.EFfiApp ("Basis", "clear_cookie", + [(L'.EPrim (Prim.String + (Settings.getUrlPrefix ())), + loc), + (L'.ERel 1, loc)]), loc)), loc)), loc), fm) - end + end | L.ECApp ((L.EFfi ("Basis", "channel"), _), t) => ((L'.EAbs ("_", (L'.TRecord [], loc), (L'.TFfi ("Basis", "channel"), loc), diff --git a/src/settings.sml b/src/settings.sml index 300bbf2c..009e2b0a 100644 --- a/src/settings.sml +++ b/src/settings.sml @@ -80,6 +80,7 @@ fun mayClientToServer x = S.member (!clientToServer, x) val effectfulBase = basis ["dml", "nextval", "set_cookie", + "clear_cookie", "new_client_source", "get_client_source", "set_client_source", diff --git a/tests/vlad3.ur b/tests/vlad3.ur new file mode 100644 index 00000000..3d1e812b --- /dev/null +++ b/tests/vlad3.ur @@ -0,0 +1,27 @@ +cookie user : {EMail : string} + +fun main () = + ro <- getCookie user; + case ro of + Some u => welcome u + | _ => login () + +and welcome u = return <xml><body> + Welcome {[u.EMail]}. <a link={logout ()}>Logout</a> +</body></xml> + +and logout () = + clearCookie user; + main () + +and login () = return <xml><body> + <form>E-mail:<textbox{#EMail}/><submit action={signin}/></form> +</body></xml> + +and signin r = + setCookie user {Value = {EMail = r.EMail}, + Expires = None, (* Some (readError "2012-11-6 +00:00:00"), *) + Secure = False + }; + main () diff --git a/tests/vlad3.urp b/tests/vlad3.urp new file mode 100644 index 00000000..3a0fa1f3 --- /dev/null +++ b/tests/vlad3.urp @@ -0,0 +1,2 @@ + +vlad3 diff --git a/tests/vlad3.urs b/tests/vlad3.urs new file mode 100644 index 00000000..6ac44e0b --- /dev/null +++ b/tests/vlad3.urs @@ -0,0 +1 @@ +val main : unit -> transaction page |