diff --git src/wp-includes/Requests/Cookie.php b/Cookie.php
index 00fbbc7..c01eb59 100755
old
|
new
|
class Requests_Cookie { |
64 | 64 | * @param string $value |
65 | 65 | * @param array|Requests_Utility_CaseInsensitiveDictionary $attributes Associative array of attribute data |
66 | 66 | */ |
67 | | public function __construct($name, $value, $attributes = array(), $flags = array(), $reference_time = null) { |
68 | | $this->name = $name; |
69 | | $this->value = $value; |
| 67 | public function __construct( $name, $value, $attributes = array(), $flags = array(), $reference_time = null ) { |
| 68 | $this->name = $name; |
| 69 | $this->value = $value; |
70 | 70 | $this->attributes = $attributes; |
71 | | $default_flags = array( |
72 | | 'creation' => time(), |
| 71 | $default_flags = array( |
| 72 | 'creation' => time(), |
73 | 73 | 'last-access' => time(), |
74 | | 'persistent' => false, |
75 | | 'host-only' => true, |
| 74 | 'persistent' => false, |
| 75 | 'host-only' => true, |
76 | 76 | ); |
77 | | $this->flags = array_merge($default_flags, $flags); |
| 77 | $this->flags = array_merge( $default_flags, $flags ); |
78 | 78 | |
79 | 79 | $this->reference_time = time(); |
80 | | if ($reference_time !== null) { |
| 80 | if ( null !== $reference_time ) { |
81 | 81 | $this->reference_time = $reference_time; |
82 | 82 | } |
83 | 83 | |
… |
… |
class Requests_Cookie { |
97 | 97 | // If a cookie has both the Max-Age and the Expires attribute, the Max- |
98 | 98 | // Age attribute has precedence and controls the expiration date of the |
99 | 99 | // cookie. |
100 | | if (isset($this->attributes['max-age'])) { |
| 100 | if ( isset( $this->attributes['max-age'] ) ) { |
101 | 101 | $max_age = $this->attributes['max-age']; |
102 | 102 | return $max_age < $this->reference_time; |
103 | 103 | } |
104 | 104 | |
105 | | if (isset($this->attributes['expires'])) { |
| 105 | if ( isset( $this->attributes['expires'] ) ) { |
106 | 106 | $expires = $this->attributes['expires']; |
107 | 107 | return $expires < $this->reference_time; |
108 | 108 | } |
… |
… |
class Requests_Cookie { |
116 | 116 | * @param Requests_IRI $uri URI to check |
117 | 117 | * @return boolean Whether the cookie is valid for the given URI |
118 | 118 | */ |
119 | | public function uri_matches(Requests_IRI $uri) { |
120 | | if (!$this->domain_matches($uri->host)) { |
| 119 | public function uri_matches( Requests_IRI $uri ) { |
| 120 | if ( ! $this->domain_matches( $uri->host ) ) { |
121 | 121 | return false; |
122 | 122 | } |
123 | 123 | |
124 | | if (!$this->path_matches($uri->path)) { |
| 124 | if ( ! $this->path_matches( $uri->path ) ) { |
125 | 125 | return false; |
126 | 126 | } |
127 | 127 | |
128 | | return empty($this->attributes['secure']) || $uri->scheme === 'https'; |
| 128 | return empty( $this->attributes['secure'] ) || 'https' === $uri->scheme; |
129 | 129 | } |
130 | 130 | |
131 | 131 | /** |
… |
… |
class Requests_Cookie { |
134 | 134 | * @param string $string Domain to check |
135 | 135 | * @return boolean Whether the cookie is valid for the given domain |
136 | 136 | */ |
137 | | public function domain_matches($string) { |
138 | | if (!isset($this->attributes['domain'])) { |
| 137 | public function domain_matches( $string ) { |
| 138 | if ( ! isset( $this->attributes['domain'] ) ) { |
139 | 139 | // Cookies created manually; cookies created by Requests will set |
140 | 140 | // the domain to the requested domain |
141 | 141 | return true; |
142 | 142 | } |
143 | 143 | |
144 | 144 | $domain_string = $this->attributes['domain']; |
145 | | if ($domain_string === $string) { |
| 145 | if ( $domain_string === $string ) { |
146 | 146 | // The domain string and the string are identical. |
147 | 147 | return true; |
148 | 148 | } |
149 | 149 | |
150 | 150 | // If the cookie is marked as host-only and we don't have an exact |
151 | 151 | // match, reject the cookie |
152 | | if ($this->flags['host-only'] === true) { |
| 152 | if ( true === $this->flags['host-only'] ) { |
153 | 153 | return false; |
154 | 154 | } |
155 | 155 | |
156 | | if (strlen($string) <= strlen($domain_string)) { |
| 156 | if ( strlen( $string ) <= strlen( $domain_string ) ) { |
157 | 157 | // For obvious reasons, the string cannot be a suffix if the domain |
158 | 158 | // is shorter than the domain string |
159 | 159 | return false; |
160 | 160 | } |
161 | 161 | |
162 | | if (substr($string, -1 * strlen($domain_string)) !== $domain_string) { |
| 162 | if ( substr( $string, -1 * strlen( $domain_string ) ) !== $domain_string ) { |
163 | 163 | // The domain string should be a suffix of the string. |
164 | 164 | return false; |
165 | 165 | } |
166 | 166 | |
167 | | $prefix = substr($string, 0, strlen($string) - strlen($domain_string)); |
168 | | if (substr($prefix, -1) !== '.') { |
| 167 | $prefix = substr( $string, 0, strlen( $string ) - strlen( $domain_string ) ); |
| 168 | if ( substr( $prefix, -1 ) !== '.' ) { |
169 | 169 | // The last character of the string that is not included in the |
170 | 170 | // domain string should be a %x2E (".") character. |
171 | 171 | return false; |
172 | 172 | } |
173 | 173 | |
174 | 174 | // The string should be a host name (i.e., not an IP address). |
175 | | return !preg_match('#^(.+\.)\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$#', $string); |
| 175 | return ! preg_match( '#^(.+\.)\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$#', $string ); |
176 | 176 | } |
177 | 177 | |
178 | 178 | /** |
… |
… |
class Requests_Cookie { |
183 | 183 | * @param string $request_path Path to check |
184 | 184 | * @return boolean Whether the cookie is valid for the given path |
185 | 185 | */ |
186 | | public function path_matches($request_path) { |
187 | | if (empty($request_path)) { |
| 186 | public function path_matches( $request_path ) { |
| 187 | if ( empty( $request_path ) ) { |
188 | 188 | // Normalize empty path to root |
189 | 189 | $request_path = '/'; |
190 | 190 | } |
191 | 191 | |
192 | | if (!isset($this->attributes['path'])) { |
| 192 | if ( ! isset( $this->attributes['path'] ) ) { |
193 | 193 | // Cookies created manually; cookies created by Requests will set |
194 | 194 | // the path to the requested path |
195 | 195 | return true; |
… |
… |
class Requests_Cookie { |
197 | 197 | |
198 | 198 | $cookie_path = $this->attributes['path']; |
199 | 199 | |
200 | | if ($cookie_path === $request_path) { |
| 200 | if ( $cookie_path === $request_path ) { |
201 | 201 | // The cookie-path and the request-path are identical. |
202 | 202 | return true; |
203 | 203 | } |
204 | 204 | |
205 | | if (strlen($request_path) > strlen($cookie_path) && substr($request_path, 0, strlen($cookie_path)) === $cookie_path) { |
206 | | if (substr($cookie_path, -1) === '/') { |
| 205 | if ( strlen( $request_path ) > strlen( $cookie_path ) && substr( $request_path, 0, strlen( $cookie_path ) ) === $cookie_path ) { |
| 206 | if ( substr( $cookie_path, -1 ) === '/' ) { |
207 | 207 | // The cookie-path is a prefix of the request-path, and the last |
208 | 208 | // character of the cookie-path is %x2F ("/"). |
209 | 209 | return true; |
210 | 210 | } |
211 | 211 | |
212 | | if (substr($request_path, strlen($cookie_path), 1) === '/') { |
| 212 | if ( substr( $request_path, strlen( $cookie_path ), 1 ) === '/' ) { |
213 | 213 | // The cookie-path is a prefix of the request-path, and the |
214 | 214 | // first character of the request-path that is not included in |
215 | 215 | // the cookie-path is a %x2F ("/") character. |
… |
… |
class Requests_Cookie { |
226 | 226 | * @return boolean Whether the cookie was successfully normalized |
227 | 227 | */ |
228 | 228 | public function normalize() { |
229 | | foreach ($this->attributes as $key => $value) { |
| 229 | foreach ( $this->attributes as $key => $value ) { |
230 | 230 | $orig_value = $value; |
231 | | $value = $this->normalize_attribute($key, $value); |
232 | | if ($value === null) { |
233 | | unset($this->attributes[$key]); |
| 231 | $value = $this->normalize_attribute( $key, $value ); |
| 232 | if ( null === $value ) { |
| 233 | unset( $this->attributes[ $key ] ); |
234 | 234 | continue; |
235 | 235 | } |
236 | 236 | |
237 | | if ($value !== $orig_value) { |
238 | | $this->attributes[$key] = $value; |
| 237 | if ( $value !== $orig_value ) { |
| 238 | $this->attributes[ $key ] = $value; |
239 | 239 | } |
240 | 240 | } |
241 | 241 | |
… |
… |
class Requests_Cookie { |
251 | 251 | * @param string|boolean $value Attribute value (string value, or true if empty/flag) |
252 | 252 | * @return mixed Value if available, or null if the attribute value is invalid (and should be skipped) |
253 | 253 | */ |
254 | | protected function normalize_attribute($name, $value) { |
255 | | switch (strtolower($name)) { |
| 254 | protected function normalize_attribute( $name, $value ) { |
| 255 | switch ( strtolower( $name ) ) { |
256 | 256 | case 'expires': |
257 | 257 | // Expiration parsing, as per RFC 6265 section 5.2.1 |
258 | | if (is_int($value)) { |
| 258 | if ( is_int( $value ) ) { |
259 | 259 | return $value; |
260 | 260 | } |
261 | 261 | |
262 | | $expiry_time = strtotime($value); |
263 | | if ($expiry_time === false) { |
| 262 | $expiry_time = strtotime( $value ); |
| 263 | if ( false === $expiry_time ) { |
264 | 264 | return null; |
265 | 265 | } |
266 | 266 | |
… |
… |
class Requests_Cookie { |
268 | 268 | |
269 | 269 | case 'max-age': |
270 | 270 | // Expiration parsing, as per RFC 6265 section 5.2.2 |
271 | | if (is_int($value)) { |
| 271 | if ( is_int( $value ) ) { |
272 | 272 | return $value; |
273 | 273 | } |
274 | 274 | |
275 | 275 | // Check that we have a valid age |
276 | | if (!preg_match('/^-?\d+$/', $value)) { |
| 276 | if ( ! preg_match( '/^-?\d+$/', $value ) ) { |
277 | 277 | return null; |
278 | 278 | } |
279 | 279 | |
280 | 280 | $delta_seconds = (int) $value; |
281 | | if ($delta_seconds <= 0) { |
| 281 | if ( $delta_seconds <= 0 ) { |
282 | 282 | $expiry_time = 0; |
283 | | } |
284 | | else { |
| 283 | } else { |
285 | 284 | $expiry_time = $this->reference_time + $delta_seconds; |
286 | 285 | } |
287 | 286 | |
… |
… |
class Requests_Cookie { |
289 | 288 | |
290 | 289 | case 'domain': |
291 | 290 | // Domain normalization, as per RFC 6265 section 5.2.3 |
292 | | if ($value[0] === '.') { |
293 | | $value = substr($value, 1); |
| 291 | if ( '.' === $value[0] ) { |
| 292 | $value = substr( $value, 1 ); |
294 | 293 | } |
295 | 294 | |
296 | 295 | return $value; |
… |
… |
class Requests_Cookie { |
308 | 307 | * @return string Cookie formatted for Cookie header |
309 | 308 | */ |
310 | 309 | public function format_for_header() { |
311 | | return sprintf('%s=%s', $this->name, $this->value); |
| 310 | /* translators: %s: Formatted cookie. */ |
| 311 | return sprintf( '%s=%s', $this->name, $this->value ); |
312 | 312 | } |
313 | 313 | |
314 | 314 | /** |
… |
… |
class Requests_Cookie { |
332 | 332 | */ |
333 | 333 | public function format_for_set_cookie() { |
334 | 334 | $header_value = $this->format_for_header(); |
335 | | if (!empty($this->attributes)) { |
| 335 | if ( ! empty( $this->attributes ) ) { |
336 | 336 | $parts = array(); |
337 | | foreach ($this->attributes as $key => $value) { |
| 337 | foreach ( $this->attributes as $key => $value ) { |
338 | 338 | // Ignore non-associative attributes |
339 | | if (is_numeric($key)) { |
| 339 | if ( is_numeric( $key ) ) { |
340 | 340 | $parts[] = $value; |
341 | | } |
342 | | else { |
343 | | $parts[] = sprintf('%s=%s', $key, $value); |
| 341 | } else { |
| 342 | /* translators: %s: Formatted cookie. */ |
| 343 | $parts[] = sprintf( '%s=%s', $key, $value ); |
344 | 344 | } |
345 | 345 | } |
346 | 346 | |
347 | | $header_value .= '; ' . implode('; ', $parts); |
| 347 | $header_value .= '; ' . implode( '; ', $parts ); |
348 | 348 | } |
349 | 349 | return $header_value; |
350 | 350 | } |
… |
… |
class Requests_Cookie { |
379 | 379 | * @param string Cookie header value (from a Set-Cookie header) |
380 | 380 | * @return Requests_Cookie Parsed cookie object |
381 | 381 | */ |
382 | | public static function parse($string, $name = '', $reference_time = null) { |
383 | | $parts = explode(';', $string); |
384 | | $kvparts = array_shift($parts); |
| 382 | public static function parse( $string, $name = '', $reference_time = null ) { |
| 383 | $parts = explode( ';', $string ); |
| 384 | $kvparts = array_shift( $parts ); |
385 | 385 | |
386 | | if (!empty($name)) { |
| 386 | if ( ! empty( $name ) ) { |
387 | 387 | $value = $string; |
388 | | } |
389 | | elseif (strpos($kvparts, '=') === false) { |
| 388 | } elseif ( false === strpos( $kvparts, '=' ) ) { |
390 | 389 | // Some sites might only have a value without the equals separator. |
391 | 390 | // Deviate from RFC 6265 and pretend it was actually a blank name |
392 | 391 | // (`=foo`) |
393 | 392 | // |
394 | 393 | // https://bugzilla.mozilla.org/show_bug.cgi?id=169091 |
395 | | $name = ''; |
| 394 | $name = ''; |
396 | 395 | $value = $kvparts; |
| 396 | } else { |
| 397 | list( $name, $value ) = explode( '=', $kvparts, 2 ); |
397 | 398 | } |
398 | | else { |
399 | | list($name, $value) = explode('=', $kvparts, 2); |
400 | | } |
401 | | $name = trim($name); |
402 | | $value = trim($value); |
| 399 | $name = trim( $name ); |
| 400 | $value = trim( $value ); |
403 | 401 | |
404 | 402 | // Attribute key are handled case-insensitively |
405 | 403 | $attributes = new Requests_Utility_CaseInsensitiveDictionary(); |
406 | 404 | |
407 | | if (!empty($parts)) { |
408 | | foreach ($parts as $part) { |
409 | | if (strpos($part, '=') === false) { |
410 | | $part_key = $part; |
| 405 | if ( ! empty( $parts ) ) { |
| 406 | foreach ( $parts as $part ) { |
| 407 | if ( false === strpos( $part, '=' ) ) { |
| 408 | $part_key = $part; |
411 | 409 | $part_value = true; |
412 | | } |
413 | | else { |
414 | | list($part_key, $part_value) = explode('=', $part, 2); |
415 | | $part_value = trim($part_value); |
| 410 | } else { |
| 411 | list ( $part_key, $part_value ) = explode( '=', $part, 2 ); |
| 412 | $part_value = trim( $part_value ); |
416 | 413 | } |
417 | 414 | |
418 | | $part_key = trim($part_key); |
419 | | $attributes[$part_key] = $part_value; |
| 415 | $part_key = trim( $part_key ); |
| 416 | $attributes[ $part_key ] = $part_value; |
420 | 417 | } |
421 | 418 | } |
422 | 419 | |
423 | | return new Requests_Cookie($name, $value, $attributes, array(), $reference_time); |
| 420 | return new Requests_Cookie( $name, $value, $attributes, array(), $reference_time ); |
424 | 421 | } |
425 | 422 | |
426 | 423 | /** |
… |
… |
class Requests_Cookie { |
431 | 428 | * @param int|null $time Reference time for expiration calculation |
432 | 429 | * @return array |
433 | 430 | */ |
434 | | public static function parse_from_headers(Requests_Response_Headers $headers, Requests_IRI $origin = null, $time = null) { |
435 | | $cookie_headers = $headers->getValues('Set-Cookie'); |
436 | | if (empty($cookie_headers)) { |
| 431 | public static function parse_from_headers( Requests_Response_Headers $headers, Requests_IRI $origin = null, $time = null ) { |
| 432 | $cookie_headers = $headers->getValues( 'Set-Cookie' ); |
| 433 | if ( empty( $cookie_headers ) ) { |
437 | 434 | return array(); |
438 | 435 | } |
439 | 436 | |
440 | 437 | $cookies = array(); |
441 | | foreach ($cookie_headers as $header) { |
442 | | $parsed = self::parse($header, '', $time); |
| 438 | foreach ( $cookie_headers as $header ) { |
| 439 | $parsed = self::parse( $header, '', $time ); |
443 | 440 | |
444 | 441 | // Default domain/path attributes |
445 | | if (empty($parsed->attributes['domain']) && !empty($origin)) { |
| 442 | if ( empty( $parsed->attributes['domain'] ) && ! empty( $origin ) ) { |
446 | 443 | $parsed->attributes['domain'] = $origin->host; |
447 | | $parsed->flags['host-only'] = true; |
448 | | } |
449 | | else { |
| 444 | $parsed->flags['host-only'] = true; |
| 445 | } else { |
450 | 446 | $parsed->flags['host-only'] = false; |
451 | 447 | } |
452 | 448 | |
453 | | $path_is_valid = (!empty($parsed->attributes['path']) && $parsed->attributes['path'][0] === '/'); |
454 | | if (!$path_is_valid && !empty($origin)) { |
| 449 | $path_is_valid = ( ! empty( $parsed->attributes['path'] ) && $parsed->attributes['path'][0] === '/' ); |
| 450 | if ( ! $path_is_valid && ! empty( $origin ) ) { |
455 | 451 | $path = $origin->path; |
456 | 452 | |
457 | 453 | // Default path normalization as per RFC 6265 section 5.1.4 |
458 | | if (substr($path, 0, 1) !== '/') { |
| 454 | if ( '/' !== substr( $path, 0, 1 ) ) { |
459 | 455 | // If the uri-path is empty or if the first character of |
460 | 456 | // the uri-path is not a %x2F ("/") character, output |
461 | 457 | // %x2F ("/") and skip the remaining steps. |
462 | 458 | $path = '/'; |
463 | | } |
464 | | elseif (substr_count($path, '/') === 1) { |
| 459 | } elseif ( 1 === substr_count( $path, '/' ) ) { |
465 | 460 | // If the uri-path contains no more than one %x2F ("/") |
466 | 461 | // character, output %x2F ("/") and skip the remaining |
467 | 462 | // step. |
468 | 463 | $path = '/'; |
469 | | } |
470 | | else { |
| 464 | } else { |
471 | 465 | // Output the characters of the uri-path from the first |
472 | 466 | // character up to, but not including, the right-most |
473 | 467 | // %x2F ("/"). |
474 | | $path = substr($path, 0, strrpos($path, '/')); |
| 468 | $path = substr( $path, 0, strrpos( $path, '/' ) ); |
475 | 469 | } |
476 | 470 | $parsed->attributes['path'] = $path; |
477 | 471 | } |
478 | 472 | |
479 | 473 | // Reject invalid cookie domains |
480 | | if (!empty($origin) && !$parsed->domain_matches($origin->host)) { |
| 474 | if ( ! empty( $origin ) && ! $parsed->domain_matches( $origin->host ) ) { |
481 | 475 | continue; |
482 | 476 | } |
483 | 477 | |
484 | | $cookies[$parsed->name] = $parsed; |
| 478 | $cookies[ $parsed->name ] = $parsed; |
485 | 479 | } |
486 | 480 | |
487 | 481 | return $cookies; |
… |
… |
class Requests_Cookie { |
494 | 488 | * @deprecated Use {@see Requests_Cookie::parse_from_headers} |
495 | 489 | * @return string |
496 | 490 | */ |
497 | | public static function parseFromHeaders(Requests_Response_Headers $headers) { |
498 | | return self::parse_from_headers($headers); |
| 491 | public static function parseFromHeaders( Requests_Response_Headers $headers ) { |
| 492 | return self::parse_from_headers( $headers ); |
499 | 493 | } |
500 | 494 | } |