From: Chad Horohoe <chadh@wikimedia.org>
Date: Thu, 6 Nov 2014 16:30:32 +0000 (-0800)
Subject: Move Cookie(Jar) to libs/
X-Git-Tag: 1.31.0-rc.0~13372
X-Git-Url: http://git.cyclocoop.org/%22%20.%20generer_url_ecrire%28%22calendrier%22%2C%22type=semaine%22%29%20.%20%22?a=commitdiff_plain;h=519fd863aa7b69642c73578f7196c4b563c466e7;p=lhc%2Fweb%2Fwiklou.git

Move Cookie(Jar) to libs/

This doesn't rely on any other parts of MediaWiki since we can
replace MWException with InvalidArgumentException here.

Change-Id: Id4512b184d24efc6674d486a5d452aa44dc871c6
---

diff --git a/includes/AutoLoader.php b/includes/AutoLoader.php
index 5024b7a437..e89e5006a9 100644
--- a/includes/AutoLoader.php
+++ b/includes/AutoLoader.php
@@ -48,8 +48,6 @@ $wgAutoloadLocalClasses = array(
 	'CollationCkb' => 'includes/Collation.php',
 	'CollationEt' => 'includes/Collation.php',
 	'ConcatenatedGzipHistoryBlob' => 'includes/HistoryBlob.php',
-	'Cookie' => 'includes/Cookie.php',
-	'CookieJar' => 'includes/Cookie.php',
 	'CurlHttpRequest' => 'includes/HttpFunctions.php',
 	'DeprecatedGlobal' => 'includes/DeprecatedGlobal.php',
 	'DerivativeRequest' => 'includes/WebRequest.php',
@@ -676,6 +674,8 @@ $wgAutoloadLocalClasses = array(
 
 	# includes/libs
 	'ArrayUtils' => 'includes/libs/ArrayUtils.php',
+	'Cookie' => 'includes/libs/Cookie.php',
+	'CookieJar' => 'includes/libs/Cookie.php',
 	'CSSMin' => 'includes/libs/CSSMin.php',
 	'GenericArrayObject' => 'includes/libs/GenericArrayObject.php',
 	'HashRing' => 'includes/libs/HashRing.php',
diff --git a/includes/Cookie.php b/includes/Cookie.php
deleted file mode 100644
index cb041904b8..0000000000
--- a/includes/Cookie.php
+++ /dev/null
@@ -1,291 +0,0 @@
-<?php
-/**
- * Cookie for HTTP requests.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, write to the Free Software Foundation, Inc.,
- * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- * http://www.gnu.org/copyleft/gpl.html
- *
- * @file
- * @ingroup HTTP
- */
-
-class Cookie {
-	protected $name;
-	protected $value;
-	protected $expires;
-	protected $path;
-	protected $domain;
-	protected $isSessionKey = true;
-	// TO IMPLEMENT	 protected $secure
-	// TO IMPLEMENT? protected $maxAge (add onto expires)
-	// TO IMPLEMENT? protected $version
-	// TO IMPLEMENT? protected $comment
-
-	function __construct( $name, $value, $attr ) {
-		$this->name = $name;
-		$this->set( $value, $attr );
-	}
-
-	/**
-	 * Sets a cookie.  Used before a request to set up any individual
-	 * cookies. Used internally after a request to parse the
-	 * Set-Cookie headers.
-	 *
-	 * @param string $value The value of the cookie
-	 * @param array $attr Possible key/values:
-	 *        expires A date string
-	 *        path    The path this cookie is used on
-	 *        domain  Domain this cookie is used on
-	 * @throws MWException
-	 */
-	public function set( $value, $attr ) {
-		$this->value = $value;
-
-		if ( isset( $attr['expires'] ) ) {
-			$this->isSessionKey = false;
-			$this->expires = strtotime( $attr['expires'] );
-		}
-
-		if ( isset( $attr['path'] ) ) {
-			$this->path = $attr['path'];
-		} else {
-			$this->path = '/';
-		}
-
-		if ( isset( $attr['domain'] ) ) {
-			if ( self::validateCookieDomain( $attr['domain'] ) ) {
-				$this->domain = $attr['domain'];
-			}
-		} else {
-			throw new MWException( 'You must specify a domain.' );
-		}
-	}
-
-	/**
-	 * Return the true if the cookie is valid is valid.  Otherwise,
-	 * false.  The uses a method similar to IE cookie security
-	 * described here:
-	 * http://kuza55.blogspot.com/2008/02/understanding-cookie-security.html
-	 * A better method might be to use a blacklist like
-	 * http://publicsuffix.org/
-	 *
-	 * @todo fixme fails to detect 3-letter top-level domains
-	 * @todo fixme fails to detect 2-letter top-level domains for single-domain use (probably
-	 * not a big problem in practice, but there are test cases)
-	 *
-	 * @param string $domain The domain to validate
-	 * @param string $originDomain (optional) the domain the cookie originates from
-	 * @return bool
-	 */
-	public static function validateCookieDomain( $domain, $originDomain = null ) {
-		$dc = explode( ".", $domain );
-
-		// Don't allow a trailing dot or addresses without a or just a leading dot
-		if ( substr( $domain, -1 ) == '.' ||
-			count( $dc ) <= 1 ||
-			count( $dc ) == 2 && $dc[0] === ''
-		) {
-			return false;
-		}
-
-		// Only allow full, valid IP addresses
-		if ( preg_match( '/^[0-9.]+$/', $domain ) ) {
-			if ( count( $dc ) != 4 ) {
-				return false;
-			}
-
-			if ( ip2long( $domain ) === false ) {
-				return false;
-			}
-
-			if ( $originDomain == null || $originDomain == $domain ) {
-				return true;
-			}
-
-		}
-
-		// Don't allow cookies for "co.uk" or "gov.uk", etc, but allow "supermarket.uk"
-		if ( strrpos( $domain, "." ) - strlen( $domain ) == -3 ) {
-			if ( ( count( $dc ) == 2 && strlen( $dc[0] ) <= 2 )
-				|| ( count( $dc ) == 3 && strlen( $dc[0] ) == "" && strlen( $dc[1] ) <= 2 ) ) {
-				return false;
-			}
-			if ( ( count( $dc ) == 2 || ( count( $dc ) == 3 && $dc[0] == '' ) )
-				&& preg_match( '/(com|net|org|gov|edu)\...$/', $domain ) ) {
-				return false;
-			}
-		}
-
-		if ( $originDomain != null ) {
-			if ( substr( $domain, 0, 1 ) != '.' && $domain != $originDomain ) {
-				return false;
-			}
-
-			if ( substr( $domain, 0, 1 ) == '.'
-				&& substr_compare(
-					$originDomain,
-					$domain,
-					-strlen( $domain ),
-					strlen( $domain ),
-					true
-				) != 0
-			) {
-				return false;
-			}
-		}
-
-		return true;
-	}
-
-	/**
-	 * Serialize the cookie jar into a format useful for HTTP Request headers.
-	 *
-	 * @param string $path The path that will be used. Required.
-	 * @param string $domain The domain that will be used. Required.
-	 * @return string
-	 */
-	public function serializeToHttpRequest( $path, $domain ) {
-		$ret = '';
-
-		if ( $this->canServeDomain( $domain )
-				&& $this->canServePath( $path )
-				&& $this->isUnExpired() ) {
-			$ret = $this->name . '=' . $this->value;
-		}
-
-		return $ret;
-	}
-
-	/**
-	 * @param string $domain
-	 * @return bool
-	 */
-	protected function canServeDomain( $domain ) {
-		if ( $domain == $this->domain
-			|| ( strlen( $domain ) > strlen( $this->domain )
-				&& substr( $this->domain, 0, 1 ) == '.'
-				&& substr_compare(
-					$domain,
-					$this->domain,
-					-strlen( $this->domain ),
-					strlen( $this->domain ),
-					true
-				) == 0
-			)
-		) {
-			return true;
-		}
-
-		return false;
-	}
-
-	/**
-	 * @param string $path
-	 * @return bool
-	 */
-	protected function canServePath( $path ) {
-		return ( $this->path && substr_compare( $this->path, $path, 0, strlen( $this->path ) ) == 0 );
-	}
-
-	/**
-	 * @return bool
-	 */
-	protected function isUnExpired() {
-		return $this->isSessionKey || $this->expires > time();
-	}
-}
-
-class CookieJar {
-	private $cookie = array();
-
-	/**
-	 * Set a cookie in the cookie jar. Make sure only one cookie per-name exists.
-	 * @see Cookie::set()
-	 * @param string $name
-	 * @param string $value
-	 * @param array $attr
-	 */
-	public function setCookie( $name, $value, $attr ) {
-		/* cookies: case insensitive, so this should work.
-		 * We'll still send the cookies back in the same case we got them, though.
-		 */
-		$index = strtoupper( $name );
-
-		if ( isset( $this->cookie[$index] ) ) {
-			$this->cookie[$index]->set( $value, $attr );
-		} else {
-			$this->cookie[$index] = new Cookie( $name, $value, $attr );
-		}
-	}
-
-	/**
-	 * @see Cookie::serializeToHttpRequest
-	 * @param string $path
-	 * @param string $domain
-	 * @return string
-	 */
-	public function serializeToHttpRequest( $path, $domain ) {
-		$cookies = array();
-
-		foreach ( $this->cookie as $c ) {
-			$serialized = $c->serializeToHttpRequest( $path, $domain );
-
-			if ( $serialized ) {
-				$cookies[] = $serialized;
-			}
-		}
-
-		return implode( '; ', $cookies );
-	}
-
-	/**
-	 * Parse the content of an Set-Cookie HTTP Response header.
-	 *
-	 * @param string $cookie
-	 * @param string $domain Cookie's domain
-	 * @return null
-	 */
-	public function parseCookieResponseHeader( $cookie, $domain ) {
-		$len = strlen( 'Set-Cookie:' );
-
-		if ( substr_compare( 'Set-Cookie:', $cookie, 0, $len, true ) === 0 ) {
-			$cookie = substr( $cookie, $len );
-		}
-
-		$bit = array_map( 'trim', explode( ';', $cookie ) );
-
-		if ( count( $bit ) >= 1 ) {
-			list( $name, $value ) = explode( '=', array_shift( $bit ), 2 );
-			$attr = array();
-
-			foreach ( $bit as $piece ) {
-				$parts = explode( '=', $piece );
-				if ( count( $parts ) > 1 ) {
-					$attr[strtolower( $parts[0] )] = $parts[1];
-				} else {
-					$attr[strtolower( $parts[0] )] = true;
-				}
-			}
-
-			if ( !isset( $attr['domain'] ) ) {
-				$attr['domain'] = $domain;
-			} elseif ( !Cookie::validateCookieDomain( $attr['domain'], $domain ) ) {
-				return null;
-			}
-
-			$this->setCookie( $name, $value, $attr );
-		}
-	}
-}
diff --git a/includes/libs/Cookie.php b/includes/libs/Cookie.php
new file mode 100644
index 0000000000..56dc6eaccc
--- /dev/null
+++ b/includes/libs/Cookie.php
@@ -0,0 +1,291 @@
+<?php
+/**
+ * Cookie for HTTP requests.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ * http://www.gnu.org/copyleft/gpl.html
+ *
+ * @file
+ * @ingroup HTTP
+ */
+
+class Cookie {
+	protected $name;
+	protected $value;
+	protected $expires;
+	protected $path;
+	protected $domain;
+	protected $isSessionKey = true;
+	// TO IMPLEMENT	 protected $secure
+	// TO IMPLEMENT? protected $maxAge (add onto expires)
+	// TO IMPLEMENT? protected $version
+	// TO IMPLEMENT? protected $comment
+
+	function __construct( $name, $value, $attr ) {
+		$this->name = $name;
+		$this->set( $value, $attr );
+	}
+
+	/**
+	 * Sets a cookie.  Used before a request to set up any individual
+	 * cookies. Used internally after a request to parse the
+	 * Set-Cookie headers.
+	 *
+	 * @param string $value The value of the cookie
+	 * @param array $attr Possible key/values:
+	 *        expires A date string
+	 *        path    The path this cookie is used on
+	 *        domain  Domain this cookie is used on
+	 * @throws MWException
+	 */
+	public function set( $value, $attr ) {
+		$this->value = $value;
+
+		if ( isset( $attr['expires'] ) ) {
+			$this->isSessionKey = false;
+			$this->expires = strtotime( $attr['expires'] );
+		}
+
+		if ( isset( $attr['path'] ) ) {
+			$this->path = $attr['path'];
+		} else {
+			$this->path = '/';
+		}
+
+		if ( isset( $attr['domain'] ) ) {
+			if ( self::validateCookieDomain( $attr['domain'] ) ) {
+				$this->domain = $attr['domain'];
+			}
+		} else {
+			throw new InvalidArgumentException( '$attr must contain a domain' );
+		}
+	}
+
+	/**
+	 * Return the true if the cookie is valid is valid.  Otherwise,
+	 * false.  The uses a method similar to IE cookie security
+	 * described here:
+	 * http://kuza55.blogspot.com/2008/02/understanding-cookie-security.html
+	 * A better method might be to use a blacklist like
+	 * http://publicsuffix.org/
+	 *
+	 * @todo fixme fails to detect 3-letter top-level domains
+	 * @todo fixme fails to detect 2-letter top-level domains for single-domain use (probably
+	 * not a big problem in practice, but there are test cases)
+	 *
+	 * @param string $domain The domain to validate
+	 * @param string $originDomain (optional) the domain the cookie originates from
+	 * @return bool
+	 */
+	public static function validateCookieDomain( $domain, $originDomain = null ) {
+		$dc = explode( ".", $domain );
+
+		// Don't allow a trailing dot or addresses without a or just a leading dot
+		if ( substr( $domain, -1 ) == '.' ||
+			count( $dc ) <= 1 ||
+			count( $dc ) == 2 && $dc[0] === ''
+		) {
+			return false;
+		}
+
+		// Only allow full, valid IP addresses
+		if ( preg_match( '/^[0-9.]+$/', $domain ) ) {
+			if ( count( $dc ) != 4 ) {
+				return false;
+			}
+
+			if ( ip2long( $domain ) === false ) {
+				return false;
+			}
+
+			if ( $originDomain == null || $originDomain == $domain ) {
+				return true;
+			}
+
+		}
+
+		// Don't allow cookies for "co.uk" or "gov.uk", etc, but allow "supermarket.uk"
+		if ( strrpos( $domain, "." ) - strlen( $domain ) == -3 ) {
+			if ( ( count( $dc ) == 2 && strlen( $dc[0] ) <= 2 )
+				|| ( count( $dc ) == 3 && strlen( $dc[0] ) == "" && strlen( $dc[1] ) <= 2 ) ) {
+				return false;
+			}
+			if ( ( count( $dc ) == 2 || ( count( $dc ) == 3 && $dc[0] == '' ) )
+				&& preg_match( '/(com|net|org|gov|edu)\...$/', $domain ) ) {
+				return false;
+			}
+		}
+
+		if ( $originDomain != null ) {
+			if ( substr( $domain, 0, 1 ) != '.' && $domain != $originDomain ) {
+				return false;
+			}
+
+			if ( substr( $domain, 0, 1 ) == '.'
+				&& substr_compare(
+					$originDomain,
+					$domain,
+					-strlen( $domain ),
+					strlen( $domain ),
+					true
+				) != 0
+			) {
+				return false;
+			}
+		}
+
+		return true;
+	}
+
+	/**
+	 * Serialize the cookie jar into a format useful for HTTP Request headers.
+	 *
+	 * @param string $path The path that will be used. Required.
+	 * @param string $domain The domain that will be used. Required.
+	 * @return string
+	 */
+	public function serializeToHttpRequest( $path, $domain ) {
+		$ret = '';
+
+		if ( $this->canServeDomain( $domain )
+				&& $this->canServePath( $path )
+				&& $this->isUnExpired() ) {
+			$ret = $this->name . '=' . $this->value;
+		}
+
+		return $ret;
+	}
+
+	/**
+	 * @param string $domain
+	 * @return bool
+	 */
+	protected function canServeDomain( $domain ) {
+		if ( $domain == $this->domain
+			|| ( strlen( $domain ) > strlen( $this->domain )
+				&& substr( $this->domain, 0, 1 ) == '.'
+				&& substr_compare(
+					$domain,
+					$this->domain,
+					-strlen( $this->domain ),
+					strlen( $this->domain ),
+					true
+				) == 0
+			)
+		) {
+			return true;
+		}
+
+		return false;
+	}
+
+	/**
+	 * @param string $path
+	 * @return bool
+	 */
+	protected function canServePath( $path ) {
+		return ( $this->path && substr_compare( $this->path, $path, 0, strlen( $this->path ) ) == 0 );
+	}
+
+	/**
+	 * @return bool
+	 */
+	protected function isUnExpired() {
+		return $this->isSessionKey || $this->expires > time();
+	}
+}
+
+class CookieJar {
+	private $cookie = array();
+
+	/**
+	 * Set a cookie in the cookie jar. Make sure only one cookie per-name exists.
+	 * @see Cookie::set()
+	 * @param string $name
+	 * @param string $value
+	 * @param array $attr
+	 */
+	public function setCookie( $name, $value, $attr ) {
+		/* cookies: case insensitive, so this should work.
+		 * We'll still send the cookies back in the same case we got them, though.
+		 */
+		$index = strtoupper( $name );
+
+		if ( isset( $this->cookie[$index] ) ) {
+			$this->cookie[$index]->set( $value, $attr );
+		} else {
+			$this->cookie[$index] = new Cookie( $name, $value, $attr );
+		}
+	}
+
+	/**
+	 * @see Cookie::serializeToHttpRequest
+	 * @param string $path
+	 * @param string $domain
+	 * @return string
+	 */
+	public function serializeToHttpRequest( $path, $domain ) {
+		$cookies = array();
+
+		foreach ( $this->cookie as $c ) {
+			$serialized = $c->serializeToHttpRequest( $path, $domain );
+
+			if ( $serialized ) {
+				$cookies[] = $serialized;
+			}
+		}
+
+		return implode( '; ', $cookies );
+	}
+
+	/**
+	 * Parse the content of an Set-Cookie HTTP Response header.
+	 *
+	 * @param string $cookie
+	 * @param string $domain Cookie's domain
+	 * @return null
+	 */
+	public function parseCookieResponseHeader( $cookie, $domain ) {
+		$len = strlen( 'Set-Cookie:' );
+
+		if ( substr_compare( 'Set-Cookie:', $cookie, 0, $len, true ) === 0 ) {
+			$cookie = substr( $cookie, $len );
+		}
+
+		$bit = array_map( 'trim', explode( ';', $cookie ) );
+
+		if ( count( $bit ) >= 1 ) {
+			list( $name, $value ) = explode( '=', array_shift( $bit ), 2 );
+			$attr = array();
+
+			foreach ( $bit as $piece ) {
+				$parts = explode( '=', $piece );
+				if ( count( $parts ) > 1 ) {
+					$attr[strtolower( $parts[0] )] = $parts[1];
+				} else {
+					$attr[strtolower( $parts[0] )] = true;
+				}
+			}
+
+			if ( !isset( $attr['domain'] ) ) {
+				$attr['domain'] = $domain;
+			} elseif ( !Cookie::validateCookieDomain( $attr['domain'], $domain ) ) {
+				return null;
+			}
+
+			$this->setCookie( $name, $value, $attr );
+		}
+	}
+}