# HG changeset patch # User Adam Chlipala # Date 1259859375 18000 # Node ID 118a5a08a881bb42e3e2f80632ffd76816bc8f2e # Parent b06a2a65e670230a442be43c60368615ad1dcd40# Parent 7e3226c97678ca04e034f6409c3af48a619a2331 Merge diff -r b06a2a65e670 -r 118a5a08a881 CHANGELOG --- a/CHANGELOG Thu Dec 03 11:50:51 2009 -0500 +++ b/CHANGELOG Thu Dec 03 11:56:15 2009 -0500 @@ -1,3 +1,10 @@ +======== +Next +======== + +- Extended cookie interface (breaks backward compatibility for 'setCookie') +- Bug fixes + ======== 20091124 ======== diff -r b06a2a65e670 -r 118a5a08a881 demo/cookie.ur --- a/demo/cookie.ur Thu Dec 03 11:50:51 2009 -0500 +++ b/demo/cookie.ur Thu Dec 03 11:56:15 2009 -0500 @@ -1,15 +1,30 @@ cookie c : {A : string, B : float, C : int} fun set r = - setCookie c {A = r.A, B = readError r.B, C = readError r.C}; + setCookie c {Value = {A = r.A, B = readError r.B, C = readError r.C}, + Expires = None, + Secure = False}; return Cookie set. +fun setExp r = + setCookie c {Value = {A = r.A, B = readError r.B, C = readError r.C}, + Expires = Some (readError "2012-11-6 00:00:00"), + Secure = False}; + return Cookie set robustly. + +fun delete () = + clearCookie c; + return Cookie cleared. + fun main () = ro <- getCookie c; return {case ro of None => No cookie set. - | Some v => Cookie: A = {[v.A]}, B = {[v.B]}, C = {[v.C]}} + | Some v => + Cookie: A = {[v.A]}, B = {[v.B]}, C = {[v.C]}
+
+
}

@@ -17,5 +32,13 @@ B:
C:
+
+ +
+ Version that expires on November 6, 2012:
+ A:
+ B:
+ C:
+
diff -r b06a2a65e670 -r 118a5a08a881 demo/cookieSec.ur --- a/demo/cookieSec.ur Thu Dec 03 11:50:51 2009 -0500 +++ b/demo/cookieSec.ur Thu Dec 03 11:56:15 2009 -0500 @@ -25,7 +25,7 @@ and set r = - setCookie username r.User; + setCookie username {Value = r.User, Expires = None, Secure = False}; main () and imHere () = diff -r b06a2a65e670 -r 118a5a08a881 doc/manual.tex --- a/doc/manual.tex Thu Dec 03 11:50:51 2009 -0500 +++ b/doc/manual.tex Thu Dec 03 11:56:15 2009 -0500 @@ -1288,7 +1288,8 @@ \\ \mt{con} \; \mt{http\_cookie} :: \mt{Type} \to \mt{Type} \\ \mt{val} \; \mt{getCookie} : \mt{t} ::: \mt{Type} \to \mt{http\_cookie} \; \mt{t} \to \mt{transaction} \; (\mt{option} \; \mt{t}) \\ - \mt{val} \; \mt{setCookie} : \mt{t} ::: \mt{Type} \to \mt{http\_cookie} \; \mt{t} \to \mt{t} \to \mt{transaction} \; \mt{unit} + \mt{val} \; \mt{setCookie} : \mt{t} ::: \mt{Type} \to \mt{http\_cookie} \; \mt{t} \to \{\mt{Value} : \mt{t}, \mt{Expires} : \mt{option} \; \mt{time}, \mt{Secure} : \mt{bool}\} \to \mt{transaction} \; \mt{unit} \\ + \mt{val} \; \mt{clearCookie} : \mt{t} ::: \mt{Type} \to \mt{http\_cookie} \; \mt{t} \to \mt{transaction} \; \mt{unit} \end{array}$$ There are also an abstract $\mt{url}$ type and functions for converting to it, based on the policy defined by \texttt{[allow|deny] url} directives in the project file. diff -r b06a2a65e670 -r 118a5a08a881 include/urweb.h --- a/include/urweb.h Thu Dec 03 11:50:51 2009 -0500 +++ b/include/urweb.h Thu Dec 03 11:56:15 2009 -0500 @@ -185,7 +185,8 @@ void uw_write_header(uw_context, uw_Basis_string); uw_Basis_string uw_Basis_get_cookie(uw_context, uw_Basis_string c); -uw_unit uw_Basis_set_cookie(uw_context, uw_Basis_string prefix, uw_Basis_string c, uw_Basis_string v); +uw_unit uw_Basis_set_cookie(uw_context, uw_Basis_string prefix, uw_Basis_string c, uw_Basis_string v, uw_Basis_time *expires, uw_Basis_bool secure); +uw_unit uw_Basis_clear_cookie(uw_context, uw_Basis_string prefix, uw_Basis_string c); uw_Basis_channel uw_Basis_new_channel(uw_context, uw_unit); uw_unit uw_Basis_send(uw_context, uw_Basis_channel, uw_Basis_string); @@ -210,6 +211,7 @@ __attribute__((noreturn)) void uw_return_blob(uw_context, uw_Basis_blob, uw_Basis_string mimeType); uw_Basis_time uw_Basis_now(uw_context); +extern const uw_Basis_time uw_Basis_minTime; void uw_register_transactional(uw_context, void *data, uw_callback commit, uw_callback rollback, uw_callback free); diff -r b06a2a65e670 -r 118a5a08a881 lib/ur/basis.urs --- a/lib/ur/basis.urs Thu Dec 03 11:50:51 2009 -0500 +++ b/lib/ur/basis.urs Thu Dec 03 11:56:15 2009 -0500 @@ -115,6 +115,7 @@ (** * Time *) val now : transaction time +val minTime : time (** HTTP operations *) @@ -123,7 +124,10 @@ con http_cookie :: Type -> Type val getCookie : t ::: Type -> http_cookie t -> transaction (option t) -val setCookie : t ::: Type -> http_cookie t -> t -> transaction unit +val setCookie : t ::: Type -> http_cookie t -> {Value : t, + Expires : option time, + Secure : bool} -> transaction unit +val clearCookie : t ::: Type -> http_cookie t -> transaction unit (** JavaScript-y gadgets *) diff -r b06a2a65e670 -r 118a5a08a881 src/c/fastcgi.c --- a/src/c/fastcgi.c Thu Dec 03 11:50:51 2009 -0500 +++ b/src/c/fastcgi.c Thu Dec 03 11:56:15 2009 -0500 @@ -223,7 +223,7 @@ else if (*len < 4) return -1; else { - int r = (((*buf)[3] & 0x7f) << 24) + ((*buf)[2] << 16) + ((*buf)[1] << 8) + (*buf)[0]; + int r = (((*buf)[0] & 0x7f) << 24) + ((*buf)[1] << 16) + ((*buf)[2] << 8) + (*buf)[3]; *buf += 4; *len -= 4; return r; @@ -236,9 +236,9 @@ if ((nameLength = read_funny_len(buf, &len)) < 0) return -1; if ((valueLength = read_funny_len(buf, &len)) < 0) - return -1; + return -2; if (len < nameLength + valueLength) - return -1; + return -3; if (nameLength+1 > nv->name_len) { nv->name_len = nameLength+1; @@ -374,7 +374,7 @@ goto done; } - write_stderr(out, "PARAM: %s -> %s\n", hs.nvps[used_nvps].name, hs.nvps[used_nvps].value); + //write_stderr(out, "PARAM: %s -> %s\n", hs.nvps[used_nvps].name, hs.nvps[used_nvps].value); ++used_nvps; } diff -r b06a2a65e670 -r 118a5a08a881 src/c/urweb.c --- a/src/c/urweb.c Thu Dec 03 11:50:51 2009 -0500 +++ b/src/c/urweb.c Thu Dec 03 11:56:15 2009 -0500 @@ -672,7 +672,7 @@ } int uw_set_input(uw_context ctx, const char *name, char *value) { - printf("Input name %s\n", name); + //printf("Input name %s\n", name); if (!strcasecmp(name, ".b")) { int n = uw_input_num(value); @@ -2703,6 +2703,8 @@ return b; } +#define THE_PAST "expires=Mon, 01-01-1970 00:00:00 GMT" + uw_Basis_string uw_Basis_get_cookie(uw_context ctx, uw_Basis_string c) { int len = strlen(c); char *p = ctx->outHeaders.start; @@ -2716,19 +2718,32 @@ size_t sz = strcspn(p2+1, ";\r\n"); if (!strncasecmp(p, c, p2 - p)) { - char *ret = uw_malloc(ctx, sz + 1); - memcpy(ret, p2+1, sz); - ret[sz] = 0; - return ret; + if (sz == 0 && strstr(p2+2, THE_PAST)) + return NULL; + else { + char *ret = uw_malloc(ctx, sz + 1); + memcpy(ret, p2+1, sz); + ret[sz] = 0; + return ret; + } } } } if (p = uw_Basis_requestHeader(ctx, "Cookie")) { + char *p2; + while (1) { - if (!strncmp(p, c, len) && p[len] == '=') - return p + 1 + len; - else if (p = strchr(p, ';')) + if (!strncmp(p, c, len) && p[len] == '=') { + if (p2 = strchr(p, ';')) { + size_t n = p2 - (p + len); + char *r = uw_malloc(ctx, n); + memcpy(r, p + 1 + len, n-1); + r[n-1] = 0; + return r; + } else + return p + 1 + len; + } else if (p = strchr(p, ';')) p += 2; else return NULL; @@ -2738,18 +2753,41 @@ return NULL; } -uw_unit uw_Basis_set_cookie(uw_context ctx, uw_Basis_string prefix, uw_Basis_string c, uw_Basis_string v) { +uw_unit uw_Basis_set_cookie(uw_context ctx, uw_Basis_string prefix, uw_Basis_string c, uw_Basis_string v, uw_Basis_time *expires, uw_Basis_bool secure) { uw_write_header(ctx, "Set-Cookie: "); uw_write_header(ctx, c); uw_write_header(ctx, "="); uw_write_header(ctx, v); uw_write_header(ctx, "; path="); uw_write_header(ctx, prefix); + if (expires) { + char formatted[30]; + struct tm tm; + + gmtime_r(expires, &tm); + + strftime(formatted, sizeof formatted, "%a, %d-%b-%Y %T GMT", &tm); + + uw_write_header(ctx, "; expires="); + uw_write_header(ctx, formatted); + } + if (secure) + uw_write_header(ctx, "; secure"); uw_write_header(ctx, "\r\n"); return uw_unit_v; } +uw_unit uw_Basis_clear_cookie(uw_context ctx, uw_Basis_string prefix, uw_Basis_string c) { + uw_write_header(ctx, "Set-Cookie: "); + uw_write_header(ctx, c); + uw_write_header(ctx, "=; path="); + uw_write_header(ctx, prefix); + uw_write_header(ctx, "; " THE_PAST "\r\n"); + + return uw_unit_v; +} + static delta *allocate_delta(uw_context ctx, unsigned client) { unsigned i; delta *d; @@ -3135,6 +3173,8 @@ return r; } +const uw_Basis_time minTime = 0; + uw_Basis_time uw_Basis_now(uw_context ctx) { return time(NULL); } diff -r b06a2a65e670 -r 118a5a08a881 src/demo.sml --- a/src/demo.sml Thu Dec 03 11:50:51 2009 -0500 +++ b/src/demo.sml Thu Dec 03 11:56:15 2009 -0500 @@ -430,7 +430,7 @@ TextIO.closeOut outf; - Compiler.compile (OS.Path.base fname) + Compiler.compiler (OS.Path.base fname) end; TextIO.output (demosOut, "\n\n"); diff -r b06a2a65e670 -r 118a5a08a881 src/monoize.sml --- a/src/monoize.sml Thu Dec 03 11:50:51 2009 -0500 +++ b/src/monoize.sml Thu Dec 03 11:56:15 2009 -0500 @@ -1338,19 +1338,43 @@ val s = (L'.TFfi ("Basis", "string"), loc) val un = (L'.TRecord [], loc) val t = monoType env t - val (e, fm) = urlifyExp env fm ((L'.ERel 1, loc), t) + val rt = (L'.TRecord [("Value", t), + ("Expires", (L'.TOption (L'.TFfi ("Basis", "time"), + loc), loc)), + ("Secure", (L'.TFfi ("Basis", "bool"), loc))], loc) + + fun fd x = (L'.EField ((L'.ERel 1, loc), x), loc) + val (e, fm) = urlifyExp env fm (fd "Value", t) in - ((L'.EAbs ("c", s, (L'.TFun (t, (L'.TFun (un, un), loc)), loc), - (L'.EAbs ("v", t, (L'.TFun (un, un), loc), + ((L'.EAbs ("c", s, (L'.TFun (rt, (L'.TFun (un, un), loc)), loc), + (L'.EAbs ("r", rt, (L'.TFun (un, un), loc), (L'.EAbs ("_", un, un, (L'.EFfiApp ("Basis", "set_cookie", [(L'.EPrim (Prim.String (Settings.getUrlPrefix ())), loc), (L'.ERel 2, loc), - e]), loc)), + e, + fd "Expires", + fd "Secure"]) + , loc)), loc)), loc)), loc), + fm) + end + + | L.ECApp ((L.EFfi ("Basis", "clearCookie"), _), t) => + let + val s = (L'.TFfi ("Basis", "string"), loc) + val un = (L'.TRecord [], loc) + in + ((L'.EAbs ("c", s, (L'.TFun (un, un), loc), + (L'.EAbs ("_", un, un, + (L'.EFfiApp ("Basis", "clear_cookie", + [(L'.EPrim (Prim.String + (Settings.getUrlPrefix ())), + loc), + (L'.ERel 1, loc)]), loc)), loc)), loc), fm) - end + end | L.ECApp ((L.EFfi ("Basis", "channel"), _), t) => ((L'.EAbs ("_", (L'.TRecord [], loc), (L'.TFfi ("Basis", "channel"), loc), diff -r b06a2a65e670 -r 118a5a08a881 src/settings.sml --- a/src/settings.sml Thu Dec 03 11:50:51 2009 -0500 +++ b/src/settings.sml Thu Dec 03 11:56:15 2009 -0500 @@ -80,6 +80,7 @@ val effectfulBase = basis ["dml", "nextval", "set_cookie", + "clear_cookie", "new_client_source", "get_client_source", "set_client_source", diff -r b06a2a65e670 -r 118a5a08a881 tests/vlad3.ur --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/vlad3.ur Thu Dec 03 11:56:15 2009 -0500 @@ -0,0 +1,27 @@ +cookie user : {EMail : string} + +fun main () = + ro <- getCookie user; + case ro of + Some u => welcome u + | _ => login () + +and welcome u = return + Welcome {[u.EMail]}. Logout + + +and logout () = + clearCookie user; + main () + +and login () = return +
E-mail: +
+ +and signin r = + setCookie user {Value = {EMail = r.EMail}, + Expires = None, (* Some (readError "2012-11-6 +00:00:00"), *) + Secure = False + }; + main () diff -r b06a2a65e670 -r 118a5a08a881 tests/vlad3.urp --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/vlad3.urp Thu Dec 03 11:56:15 2009 -0500 @@ -0,0 +1,2 @@ + +vlad3 diff -r b06a2a65e670 -r 118a5a08a881 tests/vlad3.urs --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/vlad3.urs Thu Dec 03 11:56:15 2009 -0500 @@ -0,0 +1,1 @@ +val main : unit -> transaction page