go-packages/iris
1
0
Fork 0
mirror of https://github.com/kataras/iris.git synced 2025-02-02 15:30:36 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

update cookie.go to be aligned with quality standars

Browse Source 
Former-commit-id: 54aea6a281106f60000645efc7f77ea04e72d7ac
This commit is contained in:
Gerasimos (Makis) Maropoulos 2018-04-22 13:59:21 +03:00 committed by GitHub
parent bb59ad8cf2
commit d4c20b8e2a
1 changed files with 31 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
sessions/cookie.go
View File

@ -52,7 +52,7 @@ func RemoveCookie(ctx context.Context, config Config) {
cookie.MaxAge = -1 cookie.MaxAge = -1
cookie.Value = "" cookie.Value = ""
cookie.Path = "/" cookie.Path = "/"
cookie.Domain = FormatCookieDomain(ctx, config.DisableSubdomainPersistence) cookie.Domain = formatCookieDomain(ctx, config.DisableSubdomainPersistence)
AddCookie(ctx, cookie, config.AllowReclaim) AddCookie(ctx, cookie, config.AllowReclaim)
@ -92,36 +92,38 @@ func IsValidCookieDomain(domain string) bool {
return true return true
} }
func FormatCookieDomain(ctx context.Context, DisableSubdomainPersistence bool) string { func formatCookieDomain(ctx context.Context, disableSubdomainPersistence bool) string {
if !DisableSubdomainPersistence { if disableSubdomainPersistence {
return ""
}
requestDomain := ctx.Host() requestDomain := ctx.Host()
if portIdx := strings.IndexByte(requestDomain, ':'); portIdx > 0 { if portIdx := strings.IndexByte(requestDomain, ':'); portIdx > 0 {
requestDomain = requestDomain[0:portIdx] requestDomain = requestDomain[0:portIdx]
}
if !IsValidCookieDomain(requestDomain) {
return ""
}
// RFC2109, we allow level 1 subdomains, but no further
// if we have localhost.com , we want the localhost.cos.
// so if we have something like: mysubdomain.localhost.com we want the localhost here
// if we have mysubsubdomain.mysubdomain.localhost.com we want the .mysubdomain.localhost.com here
// slow things here, especially the 'replace' but this is a good and understable( I hope) way to get the be able to set cookies from subdomains & domain with 1-level limit
if dotIdx := strings.LastIndexByte(requestDomain, '.'); dotIdx > 0 {
// is mysubdomain.localhost.com || mysubsubdomain.mysubdomain.localhost.com
s := requestDomain[0:dotIdx] // set mysubdomain.localhost || mysubsubdomain.mysubdomain.localhost
if secondDotIdx := strings.LastIndexByte(s, '.'); secondDotIdx > 0 {
//is mysubdomain.localhost || mysubsubdomain.mysubdomain.localhost
s = s[secondDotIdx+1:] // set to localhost || mysubdomain.localhost
} }
if IsValidCookieDomain(requestDomain) { // replace the s with the requestDomain before the domain's siffux
subdomainSuff := strings.LastIndexByte(requestDomain, '.')
// RFC2109, we allow level 1 subdomains, but no further if subdomainSuff > len(s) { // if it is actual exists as subdomain suffix
// if we have localhost.com , we want the localhost.cos. requestDomain = strings.Replace(requestDomain, requestDomain[0:subdomainSuff], s, 1) // set to localhost.com || mysubdomain.localhost.com
// so if we have something like: mysubdomain.localhost.com we want the localhost here
// if we have mysubsubdomain.mysubdomain.localhost.com we want the .mysubdomain.localhost.com here
// slow things here, especially the 'replace' but this is a good and understable( I hope) way to get the be able to set cookies from subdomains & domain with 1-level limit
if dotIdx := strings.LastIndexByte(requestDomain, '.'); dotIdx > 0 {
// is mysubdomain.localhost.com || mysubsubdomain.mysubdomain.localhost.com
s := requestDomain[0:dotIdx] // set mysubdomain.localhost || mysubsubdomain.mysubdomain.localhost
if secondDotIdx := strings.LastIndexByte(s, '.'); secondDotIdx > 0 {
//is mysubdomain.localhost || mysubsubdomain.mysubdomain.localhost
s = s[secondDotIdx+1:] // set to localhost || mysubdomain.localhost
}
// replace the s with the requestDomain before the domain's siffux
subdomainSuff := strings.LastIndexByte(requestDomain, '.')
if subdomainSuff > len(s) { // if it is actual exists as subdomain suffix
requestDomain = strings.Replace(requestDomain, requestDomain[0:subdomainSuff], s, 1) // set to localhost.com || mysubdomain.localhost.com
}
}
// finally set the .localhost.com (for(1-level) || .mysubdomain.localhost.com (for 2-level subdomain allow)
return "." + requestDomain // . to allow persistence
} }
} }
return "" // finally set the .localhost.com (for(1-level) || .mysubdomain.localhost.com (for 2-level subdomain allow)
return "." + requestDomain // . to allow persistence
} }