parse cookie headers fo all requests

Including redirections

Author: krichprollsch

src/browser/storage/cookie.zig

@@ -203,62 +203,6 @@ pub const Cookie = struct {
         self.arena.deinit();
     }
 
-    // Parse curl's cookie file format
-    // https://curl.se/docs/http-cookies.html
-    pub fn parseCurl(allocator: Allocator, str: []const u8) !Cookie {
-        var c: Cookie = .{
-            .arena = ArenaAllocator.init(allocator),
-            .name = undefined,
-            .value = undefined,
-            .path = undefined,
-            .same_site = undefined,
-            .secure = undefined,
-            .http_only = undefined,
-            .domain = undefined,
-            .expires = undefined,
-        };
-        errdefer c.deinit();
-
-        var aa = c.arena.allocator();
-
-        var it = std.mem.splitScalar(u8, str, '\t');
-        var index: u8 = 0;
-        while (it.next()) |v| {
-            defer index += 1;
-
-            switch (index) {
-                0 => {
-                    // domain name, can start with #HttpOnly_
-                    if (std.mem.indexOf(u8, v, "#HttpOnly_")) |pos| {
-                        c.http_only = true;
-                        c.domain = try aa.dupe(u8, v[pos + "#HttpOnly_".len ..]);
-                    } else {
-                        c.http_only = false;
-                        c.domain = try aa.dupe(u8, v);
-                    }
-                },
-                1 => c.same_site = .lax, // TODO
-                2 => c.path = try aa.dupe(u8, v),
-                3 => c.secure = std.mem.eql(u8, "TRUE", v),
-                4 => {
-                    if (std.mem.eql(u8, "0", v)) {
-                        c.expires = null;
-                    } else {
-                        const i = try std.fmt.parseInt(i64, v, 10);
-                        c.expires = @floatFromInt(i);
-                    }
-                },
-                5 => c.name = try aa.dupe(u8, v),
-                6 => c.value = try aa.dupe(u8, v),
-                else => return error.TooMuchCookieFields,
-            }
-        }
-
-        if (index != 7) return error.MissingCookieFields;
-
-        return c;
-    }
-
     // There's https://datatracker.ietf.org/doc/html/rfc6265 but browsers are
     // far less strict. I only found 2 cases where browsers will reject a cookie:
     //   - a byte 0...32 and 127..255 anywhere in the cookie (the HTTP header
@@ -979,25 +923,6 @@ test "Cookie: parse domain" {
     try expectError(error.InvalidDomain, "http://lightpanda.io/", "b;domain=other.example.com");
 }
 
-test "Cookie: parse curl" {
-    try expectCookieCurl(.{
-        .name = "cookie_key",
-        .value = "cookie_value",
-        .path = "/cookies/",
-        .domain = "httpbin.io",
-        .http_only = true,
-    }, "#HttpOnly_httpbin.io\tFALSE\t/cookies/\tFALSE\t0\tcookie_key\tcookie_value");
-
-    try expectCookieCurl(.{
-        .name = "cookie_key",
-        .value = "cookie_value",
-        .path = "/cookies/",
-        .domain = "httpbin.io",
-        .expires = 10,
-        .secure = true,
-    }, "httpbin.io\tTRUE\t/cookies/\tTRUE\t10\tcookie_key\tcookie_value");
-}
-
 const ExpectedCookie = struct {
     name: []const u8,
     value: []const u8,
@@ -1025,21 +950,6 @@ fn expectCookie(expected: ExpectedCookie, url: []const u8, set_cookie: []const u
     try testing.expectDelta(expected.expires, cookie.expires, 2.0);
 }
 
-fn expectCookieCurl(expected: ExpectedCookie, set_cookie: []const u8) !void {
-    var cookie = try Cookie.parseCurl(testing.allocator, set_cookie);
-    defer cookie.deinit();
-
-    try testing.expectEqual(expected.name, cookie.name);
-    try testing.expectEqual(expected.value, cookie.value);
-    try testing.expectEqual(expected.secure, cookie.secure);
-    try testing.expectEqual(expected.http_only, cookie.http_only);
-    try testing.expectEqual(expected.same_site, cookie.same_site);
-    try testing.expectEqual(expected.path, cookie.path);
-    try testing.expectEqual(expected.domain, cookie.domain);
-
-    try testing.expectDelta(expected.expires, cookie.expires, 2.0);
-}
-
 fn expectAttribute(expected: anytype, url: ?[]const u8, set_cookie: []const u8) !void {
     const uri = if (url) |u| try Uri.parse(u) else test_uri;
     var cookie = try Cookie.parse(testing.allocator, &uri, set_cookie);

src/http/Client.zig

@@ -556,6 +556,18 @@ pub const Transfer = struct {
 
         const header = buffer[0 .. buf_len - 2];
 
+        {
+            const SET_COOKIE_LEN = "set-cookie:".len;
+            if (header.len > SET_COOKIE_LEN) {
+                if (std.ascii.eqlIgnoreCase(header[0..SET_COOKIE_LEN], "set-cookie:")) {
+                    const value = std.mem.trimLeft(u8, header[SET_COOKIE_LEN..], " ");
+                    transfer.req.cookie_jar.populateFromResponse(&transfer.uri, value) catch |err| {
+                        log.err(.http, "set cookie", .{ .err = err, .req = transfer });
+                    };
+                }
+            }
+        }
+
         if (transfer.response_header == null) {
             if (buf_len < 13 or std.mem.startsWith(u8, header, "HTTP/") == false) {
                 if (transfer._redirecting) {
@@ -610,22 +622,6 @@ pub const Transfer = struct {
         }
 
         if (buf_len == 2) {
-            // Read all cookies.
-            var cookies: ?*c.curl_slist = undefined;
-            errorCheck(c.curl_easy_getinfo(easy, c.CURLINFO_COOKIELIST, &cookies)) catch |err| {
-                log.err(.http, "failed to get cookies", .{ .err = err });
-                return 0;
-            };
-            defer c.curl_slist_free_all(cookies);
-
-            // populate cookies in the jar
-            while (cookies) |_cookie| {
-                transfer.req.cookie_jar.populateFromCurl(std.mem.span(_cookie.data[0..])) catch |err| {
-                    log.err(.http, "set cookie", .{ .err = err, .req = transfer });
-                };
-                cookies = _cookie.next;
-            }
-
             transfer.req.header_done_callback(transfer) catch |err| {
                 log.err(.http, "header_done_callback", .{ .err = err, .req = transfer });
                 // returning < buf_len terminates the request

src/http/Http.zig

@@ -107,7 +107,6 @@ pub const Connection = struct {
         // redirect behavior
         try errorCheck(c.curl_easy_setopt(easy, c.CURLOPT_MAXREDIRS, @as(c_long, @intCast(opts.max_redirects))));
         try errorCheck(c.curl_easy_setopt(easy, c.CURLOPT_FOLLOWLOCATION, @as(c_long, 2)));
-        try errorCheck(c.curl_easy_setopt(easy, c.CURLOPT_COOKIEFILE, "")); // enable curl's cookie engine
         try errorCheck(c.curl_easy_setopt(easy, c.CURLOPT_REDIR_PROTOCOLS_STR, "HTTP,HTTPS")); // remove FTP and FTPS from the default
 
         // proxy