- $location = $this->getResponseHeader("Location");
- if ( $location ) {
- return $location;
- }
-
- return $this->url;
- }
-}
-
-
-class Cookie {
- protected $name;
- protected $value;
- protected $expires;
- protected $path;
- protected $domain;
- protected $isSessionKey = true;
- // TO IMPLEMENT protected $secure
- // TO IMPLEMENT? protected $maxAge (add onto expires)
- // TO IMPLEMENT? protected $version
- // TO IMPLEMENT? protected $comment
-
- function __construct( $name, $value, $attr ) {
- $this->name = $name;
- $this->set( $value, $attr );
- }
-
- /**
- * Sets a cookie. Used before a request to set up any individual
- * cookies. Used internally after a request to parse the
- * Set-Cookie headers.
- * @param $name string the name of the cookie
- * @param $value string the value of the cookie
- * @param $attr array possible key/values:
- * expires A date string
- * path The path this cookie is used on
- * domain Domain this cookie is used on
- */
- public function set( $value, $attr ) {
- $this->value = $value;
- if( isset( $attr['expires'] ) ) {
- $this->isSessionKey = false;
- $this->expires = strtotime( $attr['expires'] );
- }
- if( isset( $attr['path'] ) ) {
- $this->path = $attr['path'];
- } else {
- $this->path = "/";
- }
- if( isset( $attr['domain'] ) ) {
- if( self::validateCookieDomain( $attr['domain'] ) ) {
- $this->domain = $attr['domain'];
- }
- } else {
- throw new MWException("You must specify a domain.");
- }
- }
-
- /**
- * Return the true if the cookie is valid is valid. Otherwise,
- * false. The uses a method similar to IE cookie security
- * described here:
- * http://kuza55.blogspot.com/2008/02/understanding-cookie-security.html
- * A better method might be to use a blacklist like
- * http://publicsuffix.org/
- *
- * @param $domain string the domain to validate
- * @param $originDomain string (optional) the domain the cookie originates from
- * @return bool
- */
- public static function validateCookieDomain( $domain, $originDomain = null) {
- // Don't allow a trailing dot
- if( substr( $domain, -1 ) == "." ) return false;
-
- $dc = explode(".", $domain);
-
- // Don't allow cookies for "localhost", "ls" or other dot-less hosts
- if( count($dc) < 2 ) return false;