line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
|
|
|
|
|
|
##---------------------------------------------------------------------------- |
2
|
|
|
|
|
|
|
## Cookies API for Server & Client - ~/lib/Cookie.pm |
3
|
|
|
|
|
|
|
## Version v0.3.0 |
4
|
|
|
|
|
|
|
## Copyright(c) 2023 DEGUEST Pte. Ltd. |
5
|
|
|
|
|
|
|
## Author: Jacques Deguest <jack@deguest.jp> |
6
|
|
|
|
|
|
|
## Created 2019/10/08 |
7
|
|
|
|
|
|
|
## Modified 2023/05/30 |
8
|
|
|
|
|
|
|
## You can use, copy, modify and redistribute this package and associated |
9
|
|
|
|
|
|
|
## files under the same terms as Perl itself. |
10
|
|
|
|
|
|
|
##---------------------------------------------------------------------------- |
11
|
|
|
|
|
|
|
package Cookie; |
12
|
|
|
|
|
|
|
BEGIN |
13
|
0
|
|
|
|
|
0
|
{ |
14
|
3
|
|
|
3
|
|
13033274
|
use strict; |
|
3
|
|
|
|
|
22
|
|
|
3
|
|
|
|
|
93
|
|
15
|
3
|
|
|
3
|
|
14
|
use warnings; |
|
3
|
|
|
|
|
5
|
|
|
3
|
|
|
|
|
76
|
|
16
|
3
|
|
|
3
|
|
14
|
use warnings::register; |
|
3
|
|
|
|
|
3
|
|
|
3
|
|
|
|
|
468
|
|
17
|
3
|
|
|
3
|
|
479
|
use parent qw( Module::Generic ); |
|
3
|
|
|
|
|
291
|
|
|
3
|
|
|
|
|
16
|
|
18
|
3
|
|
|
3
|
|
23840299
|
use vars qw( $VERSION $SUBS $COOKIE_DEBUG ); |
|
3
|
|
|
|
|
9
|
|
|
3
|
|
|
|
|
185
|
|
19
|
3
|
|
|
3
|
|
1779
|
use DateTime; |
|
3
|
|
|
|
|
1038553
|
|
|
3
|
|
|
|
|
138
|
|
20
|
3
|
|
|
3
|
|
1420
|
use DateTime::Format::Strptime; |
|
3
|
|
|
|
|
422952
|
|
|
3
|
|
|
|
|
20
|
|
21
|
3
|
|
|
3
|
|
2431
|
use Module::Generic::DateTime; |
|
3
|
|
|
|
|
10078835
|
|
|
3
|
|
|
|
|
58
|
|
22
|
3
|
|
|
3
|
|
1293
|
use Nice::Try; |
|
3
|
|
|
|
|
7
|
|
|
3
|
|
|
|
|
24
|
|
23
|
3
|
|
|
3
|
|
4864136
|
use URI::Escape (); |
|
3
|
|
|
|
|
1960
|
|
|
3
|
|
|
|
|
279
|
|
24
|
|
|
|
|
|
|
use overload ( |
25
|
|
|
|
|
|
|
'""' => \&as_string, |
26
|
59
|
|
|
59
|
|
3099
|
bool => sub{ return( $_[0] ) }, |
27
|
|
|
|
|
|
|
# '""' => sub{ $_[0]->as_string }, |
28
|
3
|
|
|
|
|
51
|
'eq' => \&same_as, |
29
|
|
|
|
|
|
|
'==' => \&same_as, |
30
|
|
|
|
|
|
|
fallback => 1, |
31
|
3
|
|
|
3
|
|
37
|
); |
|
3
|
|
|
|
|
9
|
|
32
|
3
|
|
|
3
|
|
11
|
our $VERSION = 'v0.3.0'; |
33
|
3
|
|
|
|
|
5
|
our $SUBS; |
34
|
3
|
|
|
|
|
77
|
our $COOKIE_DEBUG = 0; |
35
|
3
|
|
|
3
|
|
545
|
use constant CRYPTX_VERSION => '0.074'; |
|
3
|
|
|
|
|
8
|
|
|
3
|
|
|
|
|
256
|
|
36
|
|
|
|
|
|
|
}; |
37
|
|
|
|
|
|
|
|
38
|
3
|
|
|
3
|
|
18
|
use strict; |
|
3
|
|
|
|
|
5
|
|
|
3
|
|
|
|
|
77
|
|
39
|
3
|
|
|
3
|
|
14
|
use warnings; |
|
3
|
|
|
|
|
7
|
|
|
3
|
|
|
|
|
161
|
|
40
|
|
|
|
|
|
|
|
41
|
|
|
|
|
|
|
sub init |
42
|
|
|
|
|
|
|
{ |
43
|
46
|
|
|
46
|
1
|
71982
|
my $self = shift( @_ ); |
44
|
3
|
|
|
3
|
|
21
|
no overloading; |
|
3
|
|
|
|
|
8
|
|
|
3
|
|
|
|
|
3961
|
|
45
|
46
|
|
|
|
|
155
|
$self->{name} = undef; |
46
|
46
|
|
|
|
|
174
|
$self->{value} = undef; |
47
|
46
|
|
|
|
|
148
|
$self->{comment} = undef; |
48
|
46
|
|
|
|
|
141
|
$self->{commentURL} = undef; |
49
|
46
|
|
|
|
|
150
|
$self->{discard} = 0; |
50
|
46
|
|
|
|
|
123
|
$self->{domain} = undef; |
51
|
46
|
|
|
|
|
141
|
$self->{expires} = undef; |
52
|
46
|
|
|
|
|
179
|
$self->{http_only} = 0; |
53
|
|
|
|
|
|
|
# In the case of cookie sent from the server and no domain was set |
54
|
|
|
|
|
|
|
# This domain, which we need anyway, was provided implicitly or explicitly |
55
|
46
|
|
|
|
|
153
|
$self->{implicit} = 0; |
56
|
46
|
|
|
|
|
87
|
$self->{max_age} = undef; |
57
|
46
|
|
|
|
|
114
|
$self->{path} = undef; |
58
|
46
|
|
|
|
|
135
|
$self->{port} = undef; |
59
|
46
|
|
|
|
|
150
|
$self->{same_site} = undef; |
60
|
46
|
|
|
|
|
95
|
$self->{secure} = 0; |
61
|
46
|
|
|
|
|
269
|
$self->{accessed} = time(); |
62
|
46
|
|
|
|
|
426
|
$self->{created} = time(); |
63
|
|
|
|
|
|
|
# Ref: <https://stackoverflow.com/questions/41467012/what-is-the-difference-between-signed-and-encrypted-cookies-in-rails> |
64
|
|
|
|
|
|
|
# Integrity protection with Message Authentication Code (MAC) |
65
|
|
|
|
|
|
|
# e.g. Crypt::Mac::HMAC::hmac("SHA256","plop","Oh boy, this is cool") |
66
|
46
|
|
|
|
|
369
|
$self->{sign} = 0; |
67
|
|
|
|
|
|
|
# Crypt::Cipher::AES |
68
|
|
|
|
|
|
|
# Crypt::Cipher |
69
|
|
|
|
|
|
|
# one of 'AES', 'Anubis', 'Blowfish', 'CAST5', 'Camellia', 'DES', 'DES_EDE', |
70
|
|
|
|
|
|
|
# 'KASUMI', 'Khazad', 'MULTI2', 'Noekeon', 'RC2', 'RC5', 'RC6', |
71
|
|
|
|
|
|
|
# 'SAFERP', 'SAFER_K128', 'SAFER_K64', 'SAFER_SK128', 'SAFER_SK64', |
72
|
|
|
|
|
|
|
# 'SEED', 'Skipjack', 'Twofish', 'XTEA', 'IDEA', 'Serpent' |
73
|
|
|
|
|
|
|
# simply any <NAME> for which there exists Crypt::Cipher::<NAME> |
74
|
|
|
|
|
|
|
# Encryption algorithm |
75
|
|
|
|
|
|
|
# Ref: <https://stackoverflow.com/questions/4147451/aes-vs-blowfish-for-file-encryption> |
76
|
46
|
|
|
|
|
190
|
$self->{algo} = 'AES'; |
77
|
46
|
|
|
|
|
114
|
$self->{encrypt} = 0; |
78
|
46
|
|
|
|
|
135
|
$self->{initialisation_vector} = undef; |
79
|
46
|
|
|
|
|
154
|
$self->{key} = undef; |
80
|
|
|
|
|
|
|
# Should this API be strict about the cookie names? |
81
|
|
|
|
|
|
|
# When true, this will reject cookie names with invalid characters. |
82
|
46
|
|
|
|
|
140
|
$self->{strict} = 0; |
83
|
|
|
|
|
|
|
# Needs to be an empty string or it would be overriden by Module::Generic who would put here the package version instead |
84
|
46
|
|
|
|
|
147
|
$self->{version} = ''; |
85
|
46
|
|
|
|
|
135
|
$self->{_init_strict_use_sub} = 1; |
86
|
46
|
100
|
|
|
|
228
|
$self->SUPER::init( @_ ) || return( $self->pass_error ); |
87
|
45
|
|
|
|
|
29795
|
$self->{fields} = [qw( name value comment commentURL discard domain expires http_only implicit max_age path port same_site secure version )]; |
88
|
45
|
|
|
|
|
160
|
return( $self ); |
89
|
|
|
|
|
|
|
} |
90
|
|
|
|
|
|
|
|
91
|
19
|
|
|
19
|
1
|
718
|
sub accessed_on { return( shift->_set_get_datetime( 'accessed', @_ ) ); } |
92
|
|
|
|
|
|
|
|
93
|
|
|
|
|
|
|
sub algo |
94
|
|
|
|
|
|
|
{ |
95
|
0
|
|
|
0
|
1
|
0
|
my $self = shift( @_ ); |
96
|
0
|
0
|
|
|
|
0
|
if( @_ ) |
97
|
|
|
|
|
|
|
{ |
98
|
0
|
|
|
|
|
0
|
my $algo = shift( @_ ); |
99
|
0
|
0
|
0
|
|
|
0
|
if( defined( $algo ) && CORE::length( $algo ) ) |
100
|
|
|
|
|
|
|
{ |
101
|
0
|
0
|
0
|
|
|
0
|
try |
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
102
|
0
|
|
|
0
|
|
0
|
{ |
103
|
0
|
0
|
|
|
|
0
|
$self->_load_class( 'Crypt::Mode::CBC', { version => CRYPTX_VERSION } ) || return( $self->pass_error ); |
104
|
|
|
|
|
|
|
# Crypt::Mode::CBC dies when it is unhappy, but we catch a null return |
105
|
|
|
|
|
|
|
# value anyway just in case |
106
|
0
|
|
0
|
|
|
0
|
my $o = Crypt::Mode::CBC->new( $algo ) || |
107
|
|
|
|
|
|
|
return( $self->error( "Unsupported algorithm \"$algo\"" ) ); |
108
|
0
|
|
|
|
|
0
|
$self->_set_get_scalar_as_object( 'algo', $algo ); |
109
|
0
|
|
|
|
|
0
|
$self->reset(1); |
110
|
|
|
|
|
|
|
} |
111
|
0
|
0
|
0
|
|
|
0
|
catch( $e ) |
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
112
|
0
|
|
|
0
|
|
0
|
{ |
113
|
0
|
|
|
|
|
0
|
return( $self->error( "Unsupported algorithm \"$algo\": $e" ) ); |
114
|
3
|
0
|
0
|
3
|
|
25
|
} |
|
3
|
0
|
0
|
|
|
8
|
|
|
3
|
0
|
0
|
|
|
5050
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
115
|
|
|
|
|
|
|
} |
116
|
|
|
|
|
|
|
else |
117
|
|
|
|
|
|
|
{ |
118
|
0
|
|
|
|
|
0
|
$self->{algo} = undef; |
119
|
|
|
|
|
|
|
} |
120
|
|
|
|
|
|
|
} |
121
|
0
|
|
|
|
|
0
|
return( $self->_set_get_scalar_as_object( 'algo' ) ); |
122
|
|
|
|
|
|
|
} |
123
|
|
|
|
|
|
|
|
124
|
|
|
|
|
|
|
sub apply |
125
|
|
|
|
|
|
|
{ |
126
|
15
|
|
|
15
|
1
|
43
|
my $self = shift( @_ ); |
127
|
15
|
|
|
|
|
56
|
my $hash = $self->_get_args_as_hash( @_ ); |
128
|
15
|
50
|
|
|
|
1977
|
return( $self ) if( !scalar( keys( %$hash ) ) ); |
129
|
15
|
50
|
66
|
|
|
285
|
if( !defined( $SUBS ) || |
|
|
|
66
|
|
|
|
|
130
|
|
|
|
|
|
|
ref( $SUBS ) ne 'ARRAY' || |
131
|
|
|
|
|
|
|
!scalar( @$SUBS ) ) |
132
|
|
|
|
|
|
|
{ |
133
|
1
|
|
|
|
|
58
|
$SUBS = [grep( /^(?!apply|as_hash|as_string|can|fields|import|init|reset)(?:[a-z][a-z\_]+)$/, keys( %Cookie:: ) )]; |
134
|
|
|
|
|
|
|
} |
135
|
|
|
|
|
|
|
|
136
|
15
|
|
|
|
|
68
|
foreach( @$SUBS ) |
137
|
|
|
|
|
|
|
{ |
138
|
|
|
|
|
|
|
# Value could be undef |
139
|
|
|
|
|
|
|
# Passing an empty string to Module::Generic::Number will trigger an error (undef) |
140
|
|
|
|
|
|
|
# So if the value is empty, we simply set it directly. |
141
|
600
|
100
|
100
|
|
|
695681
|
if( $_ eq 'version' && !CORE::length( $hash->{ $_ } ) ) |
142
|
|
|
|
|
|
|
{ |
143
|
12
|
|
|
|
|
28
|
$self->{ $_ } = $hash->{ $_ }; |
144
|
12
|
|
|
|
|
48
|
next; |
145
|
|
|
|
|
|
|
} |
146
|
|
|
|
|
|
|
|
147
|
588
|
100
|
|
|
|
1222
|
if( CORE::exists( $hash->{ $_ } ) ) |
148
|
|
|
|
|
|
|
{ |
149
|
107
|
100
|
|
|
|
258
|
if( !defined( $hash->{ $_ } ) ) |
150
|
|
|
|
|
|
|
{ |
151
|
30
|
|
|
|
|
75
|
$self->{ $_ } = undef; |
152
|
|
|
|
|
|
|
} |
153
|
|
|
|
|
|
|
else |
154
|
|
|
|
|
|
|
{ |
155
|
77
|
|
|
|
|
457
|
$self->$_( $hash->{ $_ } ); |
156
|
|
|
|
|
|
|
} |
157
|
|
|
|
|
|
|
} |
158
|
|
|
|
|
|
|
} |
159
|
15
|
|
|
|
|
104
|
return( $self ); |
160
|
|
|
|
|
|
|
} |
161
|
|
|
|
|
|
|
|
162
|
|
|
|
|
|
|
sub as_hash |
163
|
|
|
|
|
|
|
{ |
164
|
6
|
|
|
6
|
1
|
45
|
my $self = shift( @_ ); |
165
|
6
|
|
|
|
|
24
|
my $ref = {}; |
166
|
6
|
|
|
|
|
44
|
foreach my $m ( qw( name value comment commentURL domain expires http_only implicit max_age path port same_site secure version created_on accessed_on ) ) |
167
|
|
|
|
|
|
|
{ |
168
|
96
|
|
|
|
|
105312
|
$ref->{ $m } = $self->$m; |
169
|
|
|
|
|
|
|
} |
170
|
6
|
|
|
|
|
24243
|
return( $ref ); |
171
|
|
|
|
|
|
|
} |
172
|
|
|
|
|
|
|
|
173
|
|
|
|
|
|
|
# sub as_string { return( shift->APR::Request::Cookie::as_string ); } |
174
|
|
|
|
|
|
|
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie |
175
|
|
|
|
|
|
|
sub as_string |
176
|
|
|
|
|
|
|
{ |
177
|
38
|
|
|
38
|
1
|
10947
|
my $self = shift( @_ ); |
178
|
|
|
|
|
|
|
# If is_request is true, we only send the name and value |
179
|
38
|
|
|
|
|
206
|
my $opts = $self->_get_args_as_hash( @_ ); |
180
|
38
|
|
100
|
|
|
1792
|
$opts->{is_request} //= 0; |
181
|
38
|
0
|
33
|
|
|
176
|
return( $self->{_cache_value} ) if( $self->{_cache_value} && !CORE::length( $self->{_reset} ) && !$opts->{is_request} ); |
|
|
|
33
|
|
|
|
|
182
|
38
|
|
|
|
|
155
|
my $name = $self->name; |
183
|
38
|
50
|
33
|
|
|
35013
|
return( $self->error( "No cookie is name in this cookie object." ) ) if( !defined( $name ) || !length( $name ) ); |
184
|
38
|
50
|
|
|
|
436
|
if( $name =~ m/[^a-zA-Z\-\.\_\~]/ ) |
185
|
|
|
|
|
|
|
{ |
186
|
0
|
|
|
|
|
0
|
$name = URI::Escape::uri_escape( $name ); |
187
|
|
|
|
|
|
|
} |
188
|
38
|
|
|
|
|
472
|
my $value = $self->value; |
189
|
|
|
|
|
|
|
|
190
|
38
|
50
|
33
|
|
|
34767
|
if( $self->sign || $self->encrypt ) |
191
|
|
|
|
|
|
|
{ |
192
|
0
|
|
0
|
|
|
0
|
my $key = $self->key || |
193
|
|
|
|
|
|
|
return( $self->error( "Signature or encryption has been enabled, but no key was provided." ) ); |
194
|
0
|
0
|
0
|
|
|
0
|
try |
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
195
|
0
|
|
|
0
|
|
0
|
{ |
196
|
0
|
0
|
|
|
|
0
|
if( $self->sign->is_true ) |
|
|
0
|
|
|
|
|
|
197
|
|
|
|
|
|
|
{ |
198
|
0
|
0
|
|
|
|
0
|
$self->_load_class( 'Crypt::Mac::HMAC', { version => CRYPTX_VERSION } ) || return( $self->pass_error ); |
199
|
0
|
|
|
|
|
0
|
my $signature = Crypt::Mac::HMAC::hmac_b64( "SHA256", "$key", "$value" ); |
200
|
0
|
|
|
|
|
0
|
$value = "$value.$signature"; |
201
|
|
|
|
|
|
|
} |
202
|
|
|
|
|
|
|
elsif( $self->encrypt ) |
203
|
|
|
|
|
|
|
{ |
204
|
0
|
0
|
|
|
|
0
|
$self->_load_class( 'Crypt::Misc', { version => CRYPTX_VERSION } ) || return( $self->pass_error ); |
205
|
0
|
|
|
|
|
0
|
my $algo = $self->algo; |
206
|
0
|
|
0
|
|
|
0
|
my $p = $self->_encrypt_objects( $key => $algo ) || return( $self->pass_error ); |
207
|
0
|
|
|
|
|
0
|
my $crypt = $p->{crypt}; |
208
|
|
|
|
|
|
|
# $value = Crypt::Misc::encode_b64( $crypt->encrypt( "$value", $p->{key}, $p->{iv} ) ); |
209
|
0
|
|
|
|
|
0
|
my $encrypted = $crypt->encrypt( "$value", $p->{key}, $p->{iv} ); |
210
|
0
|
|
|
|
|
0
|
$value = Crypt::Misc::encode_b64( $encrypted ); |
211
|
|
|
|
|
|
|
} |
212
|
|
|
|
|
|
|
} |
213
|
0
|
0
|
0
|
|
|
0
|
catch( $e ) |
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
214
|
0
|
|
|
0
|
|
0
|
{ |
215
|
0
|
0
|
|
|
|
0
|
return( $self->error( "An error occurred while trying to ", ( $self->sign ? 'sign' : 'encrypt' ), " cookie value: $e" ) ); |
216
|
3
|
0
|
0
|
3
|
|
62
|
} |
|
3
|
0
|
0
|
|
|
8
|
|
|
3
|
0
|
0
|
|
|
5126
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
217
|
|
|
|
|
|
|
} |
218
|
|
|
|
|
|
|
|
219
|
|
|
|
|
|
|
# Not necessary to encode, but customary and practical |
220
|
38
|
50
|
|
|
|
29395
|
if( CORE::length( $value ) ) |
221
|
|
|
|
|
|
|
{ |
222
|
38
|
|
|
|
|
303
|
my $wrapped_in_double_quotes = 0; |
223
|
38
|
50
|
|
|
|
109
|
if( $value =~ /^\"([^\"]+)\"$/ ) |
224
|
|
|
|
|
|
|
{ |
225
|
0
|
|
|
|
|
0
|
$value = $1; |
226
|
0
|
|
|
|
|
0
|
$wrapped_in_double_quotes = 1; |
227
|
|
|
|
|
|
|
} |
228
|
38
|
|
|
|
|
411
|
$value = URI::Escape::uri_escape( $value ); |
229
|
38
|
50
|
|
|
|
1064
|
$value = sprintf( '"%s"', $value ) if( $wrapped_in_double_quotes ); |
230
|
|
|
|
|
|
|
} |
231
|
38
|
|
|
|
|
130
|
my @parts = ( "${name}=${value}" ); |
232
|
38
|
100
|
|
|
|
525
|
return( $parts[0] ) if( $opts->{is_request} ); |
233
|
28
|
50
|
|
|
|
116
|
push( @parts, sprintf( 'Domain=%s', $self->domain ) ) if( $self->domain ); |
234
|
28
|
50
|
|
|
|
21821
|
push( @parts, sprintf( 'Port=%d', $self->port ) ) if( $self->port ); |
235
|
28
|
100
|
|
|
|
21174
|
push( @parts, sprintf( 'Path=%s', $self->path ) ) if( $self->path ); |
236
|
|
|
|
|
|
|
# Could be empty. If not specified, it would be a session cookie |
237
|
28
|
100
|
100
|
|
|
20055
|
if( ( my $t = $self->expires ) && !$self->max_age->length ) |
238
|
|
|
|
|
|
|
{ |
239
|
14
|
|
|
|
|
9161
|
( my $dt_str = "$t" ) =~ s/\bUTC\b/GMT/; |
240
|
14
|
|
|
|
|
3871
|
push( @parts, sprintf( 'Expires=%s', $dt_str ) ); |
241
|
|
|
|
|
|
|
} |
242
|
|
|
|
|
|
|
# Number of seconds until the cookie expires |
243
|
|
|
|
|
|
|
# A zero or negative number will expire the cookie immediately. |
244
|
|
|
|
|
|
|
# If both Expires and Max-Age are set, Max-Age has precedence. |
245
|
28
|
100
|
|
|
|
515930
|
push( @parts, sprintf( 'Max-Age=%d', $self->max_age ) ) if( CORE::length( $self->max_age ) ); |
246
|
28
|
100
|
100
|
|
|
23484
|
if( $self->same_site->defined && $self->same_site =~ /^(?:lax|strict|none)/i ) |
247
|
|
|
|
|
|
|
{ |
248
|
3
|
|
|
|
|
2786
|
push( @parts, sprintf( 'SameSite=%s', ucfirst( lc( $self->same_site ) ) ) ); |
249
|
|
|
|
|
|
|
} |
250
|
28
|
100
|
|
|
|
18559
|
push( @parts, 'Secure' ) if( $self->secure ); |
251
|
28
|
100
|
|
|
|
21575
|
push( @parts, 'HttpOnly' ) if( $self->http_only ); |
252
|
28
|
|
|
|
|
21342
|
my $c = join( '; ', @parts ); |
253
|
28
|
|
|
|
|
81
|
$self->{_cache_value} = $c; |
254
|
28
|
|
|
|
|
57
|
CORE::delete( $self->{_reset} ); |
255
|
28
|
|
|
|
|
190
|
return( $c ); |
256
|
|
|
|
|
|
|
} |
257
|
|
|
|
|
|
|
|
258
|
|
|
|
|
|
|
# A Version 2 cookie, which has been deprecated by protocol |
259
|
|
|
|
|
|
|
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie2 |
260
|
12
|
|
|
12
|
1
|
65
|
sub comment { return( shift->_set_get_scalar_as_object( 'comment', @_ ) ); } |
261
|
|
|
|
|
|
|
|
262
|
|
|
|
|
|
|
# A Version 2 cookie, which has been deprecated by protocol |
263
|
|
|
|
|
|
|
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie2 |
264
|
12
|
|
|
12
|
1
|
111
|
sub commentURL { return( shift->_set_get_uri( 'commentURL', @_ ) ); } |
265
|
|
|
|
|
|
|
|
266
|
18
|
|
|
18
|
1
|
138921
|
sub created_on { return( shift->_set_get_datetime( 'created', @_ ) ); } |
267
|
|
|
|
|
|
|
|
268
|
|
|
|
|
|
|
sub decrypt |
269
|
|
|
|
|
|
|
{ |
270
|
0
|
|
|
0
|
1
|
0
|
my $self = shift( @_ ); |
271
|
0
|
|
|
|
|
0
|
my $opts = $self->_get_args_as_hash( @_ ); |
272
|
0
|
|
|
|
|
0
|
my $value = $self->value; |
273
|
0
|
0
|
|
|
|
0
|
return( $value ) if( !$value->length ); |
274
|
0
|
|
0
|
|
|
0
|
$opts->{key} //= ''; |
275
|
0
|
|
0
|
|
|
0
|
$opts->{algo} //= ''; |
276
|
0
|
|
0
|
|
|
0
|
$opts->{iv} //= ''; |
277
|
0
|
|
0
|
|
|
0
|
my $key = $opts->{key} || $self->key; |
278
|
0
|
|
0
|
|
|
0
|
my $algo = $opts->{algo} || $self->algo; |
279
|
0
|
0
|
0
|
|
|
0
|
return( $self->error( "Cookie encryption was enabled, but no key was set to decrypt it." ) ) if( !defined( $key ) || !CORE::length( "$key" ) ); |
280
|
0
|
0
|
0
|
|
|
0
|
return( $self->error( "Cookie encryption was enabled, but no algorithm was set to decrypt it." ) ) if( !defined( $algo ) || !CORE::length( "$algo" ) ); |
281
|
0
|
0
|
0
|
|
|
0
|
try |
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
282
|
0
|
|
|
0
|
|
0
|
{ |
283
|
0
|
0
|
|
|
|
0
|
$self->_load_class( 'Crypt::Misc', { version => CRYPTX_VERSION } ) || return( $self->pass_error ); |
284
|
|
|
|
|
|
|
# If IV is not provided, _encrypt_objects will generate one and save it for next time |
285
|
0
|
|
0
|
|
|
0
|
my $p = $self->_encrypt_objects( $key => $algo, $opts->{iv} ) || return( $self->pass_error ); |
286
|
0
|
|
|
|
|
0
|
my $crypt = $p->{crypt}; |
287
|
0
|
|
|
|
|
0
|
my $bin = Crypt::Misc::decode_b64( "$value" ); |
288
|
0
|
|
|
|
|
0
|
return( $crypt->decrypt( "$bin", $p->{key}, $p->{iv} ) ); |
289
|
|
|
|
|
|
|
} |
290
|
0
|
0
|
0
|
|
|
0
|
catch( $e ) |
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
291
|
0
|
|
|
0
|
|
0
|
{ |
292
|
0
|
|
|
|
|
0
|
return( $self->error( "An error occurred while trying to decrypt cookie value: $e" ) ); |
293
|
3
|
0
|
0
|
3
|
|
25
|
} |
|
3
|
0
|
0
|
|
|
37
|
|
|
3
|
0
|
0
|
|
|
3612
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
294
|
|
|
|
|
|
|
} |
295
|
|
|
|
|
|
|
|
296
|
9
|
|
|
9
|
1
|
51
|
sub discard { return( shift->_set_get_boolean( 'discard', @_ ) ); } |
297
|
|
|
|
|
|
|
|
298
|
121
|
|
|
121
|
1
|
16471
|
sub domain { return( shift->reset(@_)->_set_get_scalar_as_object( 'domain', @_ ) ); } |
299
|
|
|
|
|
|
|
|
300
|
|
|
|
|
|
|
# To expire a cookie, the domain and path must match that was previously set |
301
|
|
|
|
|
|
|
# <https://datatracker.ietf.org/doc/html/rfc6265#section-3.1> |
302
|
|
|
|
|
|
|
sub elapse |
303
|
|
|
|
|
|
|
{ |
304
|
1
|
|
|
1
|
1
|
694
|
my $self = shift( @_ ); |
305
|
1
|
|
|
|
|
21
|
$self->expires(0); |
306
|
1
|
|
|
|
|
1128
|
return( $self ); |
307
|
|
|
|
|
|
|
} |
308
|
|
|
|
|
|
|
|
309
|
38
|
|
|
38
|
1
|
29973
|
sub encrypt { return( shift->reset(@_)->_set_get_boolean( 'encrypt', @_ ) ); } |
310
|
|
|
|
|
|
|
|
311
|
|
|
|
|
|
|
# sub expires { return( shift->APR::Request::Cookie::expires( @_ ) ); } |
312
|
|
|
|
|
|
|
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Date |
313
|
|
|
|
|
|
|
# Example: Fri, 13 Dec 2019 02:27:28 GMT |
314
|
|
|
|
|
|
|
sub expires |
315
|
|
|
|
|
|
|
{ |
316
|
82
|
|
|
82
|
1
|
32662
|
my $self = shift( @_ ); |
317
|
82
|
100
|
|
|
|
286
|
if( @_ ) |
318
|
|
|
|
|
|
|
{ |
319
|
21
|
|
|
|
|
85
|
$self->reset(1); |
320
|
21
|
|
|
|
|
55
|
my $exp = shift( @_ ); |
321
|
21
|
|
|
|
|
38
|
my $tz; |
322
|
|
|
|
|
|
|
# DateTime::TimeZone::Local will die ungracefully if the local timezone is not set with the error: |
323
|
|
|
|
|
|
|
# "Cannot determine local time zone" |
324
|
21
|
50
|
33
|
|
|
80
|
try |
|
21
|
|
|
|
|
39
|
|
|
21
|
|
|
|
|
59
|
|
|
21
|
|
|
|
|
104
|
|
|
0
|
|
|
|
|
0
|
|
|
21
|
|
|
|
|
51
|
|
|
21
|
|
|
|
|
95
|
|
|
21
|
|
|
|
|
63
|
|
325
|
21
|
|
|
21
|
|
38
|
{ |
326
|
21
|
|
|
|
|
136
|
$tz = DateTime::TimeZone->new( name => 'local' ); |
327
|
|
|
|
|
|
|
} |
328
|
21
|
50
|
100
|
|
|
179
|
catch( $e ) |
|
21
|
0
|
33
|
|
|
23362
|
|
|
14
|
0
|
|
|
|
44
|
|
|
21
|
0
|
|
|
|
50
|
|
|
21
|
0
|
|
|
|
33
|
|
|
21
|
0
|
|
|
|
30
|
|
|
21
|
0
|
|
|
|
35
|
|
|
21
|
0
|
|
|
|
117
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
100
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
21
|
|
|
|
|
77
|
|
|
0
|
|
|
|
|
0
|
|
|
14
|
|
|
|
|
20
|
|
|
7
|
|
|
|
|
22
|
|
|
7
|
|
|
|
|
58
|
|
|
21
|
|
|
|
|
89
|
|
|
21
|
|
|
|
|
125
|
|
|
21
|
|
|
|
|
61
|
|
|
21
|
|
|
|
|
79
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
329
|
0
|
|
|
0
|
|
0
|
{ |
330
|
0
|
|
|
|
|
0
|
$tz = DateTime::TimeZone->new( name => 'UTC' ); |
331
|
3
|
0
|
0
|
3
|
|
23
|
} |
|
3
|
0
|
0
|
|
|
6
|
|
|
3
|
0
|
66
|
|
|
3334
|
|
|
0
|
0
|
33
|
|
|
0
|
|
|
0
|
0
|
66
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
33
|
|
|
0
|
|
|
0
|
0
|
66
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
21
|
0
|
|
|
|
82
|
|
|
0
|
0
|
|
|
|
0
|
|
|
21
|
0
|
|
|
|
543
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
21
|
|
|
|
|
91
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
21
|
|
|
|
|
67
|
|
332
|
21
|
|
|
|
|
54
|
my $dt; |
333
|
|
|
|
|
|
|
# unsets the value |
334
|
21
|
100
|
33
|
|
|
216
|
if( !defined( $exp ) ) |
|
|
100
|
66
|
|
|
|
|
|
|
100
|
33
|
|
|
|
|
|
|
100
|
|
|
|
|
|
|
|
100
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
335
|
|
|
|
|
|
|
{ |
336
|
1
|
|
|
|
|
3
|
$self->{expires} = undef; |
337
|
|
|
|
|
|
|
} |
338
|
|
|
|
|
|
|
elsif( $exp =~ /^\d{1,10}$/ ) |
339
|
|
|
|
|
|
|
{ |
340
|
3
|
50
|
33
|
|
|
17
|
try |
|
3
|
|
|
|
|
10
|
|
|
3
|
|
|
|
|
15
|
|
|
3
|
|
|
|
|
34
|
|
|
0
|
|
|
|
|
0
|
|
|
3
|
|
|
|
|
8
|
|
|
3
|
|
|
|
|
10
|
|
|
3
|
|
|
|
|
11
|
|
341
|
3
|
|
|
3
|
|
6
|
{ |
342
|
|
|
|
|
|
|
# Unexpectedly, DateTime sets the time zone ONLY after having instantiated the |
343
|
|
|
|
|
|
|
# object and set its time zone to UTC. |
344
|
|
|
|
|
|
|
# Thus, here setting to 'local' (e.g. corresponding to Asia/Tokyo) would |
345
|
|
|
|
|
|
|
# actually set the epoch to GMT+9 instead of treating the epoch time provided |
346
|
|
|
|
|
|
|
# to being in Asia/Tokyo time zone! |
347
|
|
|
|
|
|
|
# Issue #126 |
348
|
|
|
|
|
|
|
# <https://github.com/houseabsolute/DateTime.pm/issues/126> |
349
|
3
|
|
|
|
|
31
|
$dt = DateTime->from_epoch( epoch => $exp, time_zone => $tz ); |
350
|
|
|
|
|
|
|
} |
351
|
3
|
50
|
100
|
|
|
29
|
catch( $e ) |
|
3
|
0
|
33
|
|
|
1163
|
|
|
2
|
0
|
|
|
|
7
|
|
|
3
|
0
|
|
|
|
13
|
|
|
3
|
0
|
|
|
|
7
|
|
|
3
|
0
|
|
|
|
6
|
|
|
3
|
0
|
|
|
|
6
|
|
|
3
|
0
|
|
|
|
17
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
100
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
3
|
|
|
|
|
53
|
|
|
0
|
|
|
|
|
0
|
|
|
2
|
|
|
|
|
5
|
|
|
1
|
|
|
|
|
11
|
|
|
1
|
|
|
|
|
20
|
|
|
3
|
|
|
|
|
24
|
|
|
3
|
|
|
|
|
27
|
|
|
3
|
|
|
|
|
14
|
|
|
3
|
|
|
|
|
19
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
352
|
0
|
|
|
0
|
|
0
|
{ |
353
|
0
|
|
|
|
|
0
|
return( $self->error( "An error occurred while setting the cookie expiration date time based on the unix timestamp '$exp'." ) ); |
354
|
3
|
0
|
0
|
3
|
|
25
|
} |
|
3
|
0
|
0
|
|
|
7
|
|
|
3
|
0
|
66
|
|
|
6054
|
|
|
0
|
0
|
33
|
|
|
0
|
|
|
0
|
0
|
66
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
33
|
|
|
0
|
|
|
0
|
0
|
66
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
3
|
0
|
|
|
|
10
|
|
|
0
|
0
|
|
|
|
0
|
|
|
3
|
0
|
|
|
|
103
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
3
|
|
|
|
|
16
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
3
|
|
|
|
|
24
|
|
355
|
|
|
|
|
|
|
} |
356
|
|
|
|
|
|
|
elsif( $self->_is_object( $exp ) && ( $exp->isa( 'DateTime' ) || $exp->isa( 'Module::Generic::Datetime' ) ) ) |
357
|
|
|
|
|
|
|
{ |
358
|
2
|
|
|
|
|
167
|
$dt = $exp; |
359
|
|
|
|
|
|
|
} |
360
|
|
|
|
|
|
|
elsif( $exp =~ /^([\+\-]?\d+)([YyMDdhms])?$/ ) |
361
|
|
|
|
|
|
|
{ |
362
|
9
|
|
|
|
|
145
|
my( $num, $unit ) = ( $1, $2 ); |
363
|
9
|
100
|
|
|
|
30
|
$unit = 's' if( !length( $unit ) ); |
364
|
9
|
|
|
|
|
55
|
my $interval = |
365
|
|
|
|
|
|
|
{ |
366
|
|
|
|
|
|
|
's' => 1, |
367
|
|
|
|
|
|
|
'm' => 60, |
368
|
|
|
|
|
|
|
'h' => 3600, |
369
|
|
|
|
|
|
|
'D' => 86400, |
370
|
|
|
|
|
|
|
'd' => 86400, |
371
|
|
|
|
|
|
|
'M' => 86400 * 30, |
372
|
|
|
|
|
|
|
'Y' => 86400 * 365, |
373
|
|
|
|
|
|
|
'y' => 86400 * 365, |
374
|
|
|
|
|
|
|
}; |
375
|
9
|
|
50
|
|
|
37
|
my $offset = ( $interval->{ $unit } || 1 ) * int( $num ); |
376
|
9
|
|
|
|
|
24
|
my $ts = time() + $offset; |
377
|
9
|
|
|
|
|
90
|
$dt = DateTime->from_epoch( epoch => $ts, time_zone => $tz ); |
378
|
|
|
|
|
|
|
} |
379
|
|
|
|
|
|
|
elsif( lc( $exp ) eq 'now' ) |
380
|
|
|
|
|
|
|
{ |
381
|
1
|
|
|
|
|
24
|
$dt = DateTime->now( time_zone => $tz ); |
382
|
|
|
|
|
|
|
} |
383
|
|
|
|
|
|
|
elsif( defined( $exp ) && CORE::length( $exp ) ) |
384
|
|
|
|
|
|
|
{ |
385
|
5
|
|
|
|
|
325
|
$dt = $self->_parse_timestamp( $exp ); |
386
|
5
|
50
|
|
|
|
8093827
|
return( $self->pass_error ) if( !defined( $dt ) ); |
387
|
5
|
100
|
|
|
|
41
|
return( $self->error( "Provided expires value '$exp' is an invalid expression." ) ) if( !CORE::length( $dt ) ); |
388
|
|
|
|
|
|
|
} |
389
|
|
|
|
|
|
|
else |
390
|
|
|
|
|
|
|
{ |
391
|
|
|
|
|
|
|
} |
392
|
|
|
|
|
|
|
|
393
|
20
|
100
|
|
|
|
5919
|
if( defined( $dt ) ) |
394
|
|
|
|
|
|
|
{ |
395
|
19
|
50
|
|
|
|
139
|
$dt = $self->_header_datetime( $dt ) if( $self->_is_a( $dt, 'DateTime' ) ); |
396
|
19
|
50
|
|
|
|
298
|
$self->{expires} = $dt->isa( 'Module::Generic::DateTime' ) ? $dt : Module::Generic::DateTime->new( $dt ); |
397
|
|
|
|
|
|
|
} |
398
|
|
|
|
|
|
|
} |
399
|
81
|
|
|
|
|
10517
|
return( $self->_set_get_datetime( 'expires' ) ); |
400
|
|
|
|
|
|
|
} |
401
|
|
|
|
|
|
|
|
402
|
3
|
|
|
3
|
1
|
33
|
sub fields { return( shift->_set_get_array_as_object( 'fields', @_ ) ); } |
403
|
|
|
|
|
|
|
|
404
|
0
|
|
|
0
|
1
|
0
|
sub host { return( shift->domain( @_ ) ); } |
405
|
|
|
|
|
|
|
|
406
|
12
|
|
|
12
|
1
|
56
|
sub host_only { return( shift->implicit( @_ ) ); } |
407
|
|
|
|
|
|
|
|
408
|
46
|
|
|
46
|
1
|
1971
|
sub http_only { return( shift->reset(@_)->_set_get_boolean( 'http_only', @_ ) ); } |
409
|
|
|
|
|
|
|
|
410
|
0
|
|
|
0
|
1
|
0
|
sub httponly { return( shift->http_only( @_ ) ); } |
411
|
|
|
|
|
|
|
|
412
|
32
|
|
|
32
|
1
|
155
|
sub implicit { return( shift->reset(@_)->_set_get_boolean( 'implicit', @_ ) ); } |
413
|
|
|
|
|
|
|
|
414
|
|
|
|
|
|
|
# For cookie encryption |
415
|
0
|
|
|
0
|
1
|
0
|
sub initialisation_vector { return( shift->_set_get_scalar_as_object( 'initialisation_vector', @_ ) ); } |
416
|
|
|
|
|
|
|
|
417
|
|
|
|
|
|
|
sub is_expired |
418
|
|
|
|
|
|
|
{ |
419
|
0
|
|
|
0
|
1
|
0
|
my $self = shift( @_ ); |
420
|
0
|
|
|
|
|
0
|
my $exp = $self->expires; |
421
|
0
|
|
|
|
|
0
|
my $max_age = $self->max_age; |
422
|
0
|
0
|
0
|
|
|
0
|
return( $self->false ) if( !defined( $exp ) && !defined( $max_age ) ); |
423
|
0
|
0
|
0
|
|
|
0
|
if( ( defined( $exp ) && !$self->_is_a( $exp, 'Module::Generic::DateTime' ) && !$self->_is_a( $exp, 'DateTime' ) ) || |
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
424
|
|
|
|
|
|
|
( defined( $max_age ) && $max_age !~ /\-?\d+$/ ) ) |
425
|
|
|
|
|
|
|
{ |
426
|
0
|
|
|
|
|
0
|
return( $self->false ); |
427
|
|
|
|
|
|
|
} |
428
|
0
|
|
|
|
|
0
|
my $now = DateTime->now; |
429
|
0
|
0
|
0
|
|
|
0
|
if( ( defined( $max_age ) && $max_age <= 0 ) || |
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
430
|
|
|
|
|
|
|
( defined( $exp ) && $exp < $now ) ) |
431
|
|
|
|
|
|
|
{ |
432
|
0
|
|
|
|
|
0
|
return( $self->true ); |
433
|
|
|
|
|
|
|
} |
434
|
|
|
|
|
|
|
else |
435
|
|
|
|
|
|
|
{ |
436
|
0
|
|
|
|
|
0
|
return( $self->false ); |
437
|
|
|
|
|
|
|
} |
438
|
|
|
|
|
|
|
} |
439
|
|
|
|
|
|
|
|
440
|
0
|
|
|
0
|
1
|
0
|
sub is_persistent { return( !shift->is_session ); } |
441
|
|
|
|
|
|
|
|
442
|
|
|
|
|
|
|
sub is_session |
443
|
|
|
|
|
|
|
{ |
444
|
0
|
|
|
0
|
1
|
0
|
my $self = shift( @_ ); |
445
|
0
|
0
|
0
|
|
|
0
|
return( defined( $self->expires ) || defined( $self->max_age ) ? $self->false : $self->true ); |
446
|
|
|
|
|
|
|
} |
447
|
|
|
|
|
|
|
|
448
|
0
|
|
|
0
|
1
|
0
|
sub is_tainted { return( shift->_set_get_boolean( 'is_tainted', @_ ) ); } |
449
|
|
|
|
|
|
|
|
450
|
|
|
|
|
|
|
sub is_valid |
451
|
|
|
|
|
|
|
{ |
452
|
0
|
|
|
0
|
1
|
0
|
my $self = shift( @_ ); |
453
|
0
|
|
|
|
|
0
|
my $opts = $self->_get_args_as_hash( @_ ); |
454
|
0
|
|
0
|
|
|
0
|
$opts->{key} ||= $self->key || ''; |
|
|
|
0
|
|
|
|
|
455
|
0
|
0
|
0
|
|
|
0
|
return( $self->true ) if( !$self->sign && !CORE::length( $opts->{key} ) ); |
456
|
0
|
0
|
0
|
|
|
0
|
return( $self->error( "Signature validation is required, but no key has been set." ) ) if( !$self->key->length && !CORE::exists( $opts->{key} ) || ( CORE::exists( $opts->{key} ) && !CORE::length( $opts->{key} ) ) ); |
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
457
|
0
|
|
|
|
|
0
|
my $value = $self->value; |
458
|
0
|
0
|
|
|
|
0
|
return( $self->true ) if( !$value->length ); |
459
|
0
|
0
|
|
|
|
0
|
if( $value->index( '.' ) == -1 ) |
460
|
|
|
|
|
|
|
{ |
461
|
|
|
|
|
|
|
# Not an error, so we only issue a warning if warnings are enabled |
462
|
0
|
0
|
|
|
|
0
|
warnings::warn( "The cookie does not have a signature attached to it." ) if( warnings::enabled() ); |
463
|
0
|
|
|
|
|
0
|
return( $self->false ); |
464
|
|
|
|
|
|
|
} |
465
|
0
|
|
|
|
|
0
|
my @parts = $value->split( '.' ); |
466
|
|
|
|
|
|
|
# We take the last one, because the cookie name, itself, could potentially contain dots. |
467
|
|
|
|
|
|
|
# The value must be an uri unescaped value |
468
|
0
|
|
|
|
|
0
|
my $sig = pop( @parts ); |
469
|
0
|
|
|
|
|
0
|
my $orig = join( '.', @parts ); |
470
|
0
|
|
|
|
|
0
|
my $key = $opts->{key}; |
471
|
0
|
0
|
0
|
|
|
0
|
try |
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
472
|
0
|
|
|
0
|
|
0
|
{ |
473
|
0
|
0
|
|
|
|
0
|
$self->_load_class( 'Crypt::Mac::HMAC', { version => CRYPTX_VERSION } ) || return( $self->pass_error ); |
474
|
0
|
|
|
|
|
0
|
my $check = Crypt::Mac::HMAC::hmac_b64( 'SHA256', "$key", "$orig" ); |
475
|
0
|
|
|
|
|
0
|
return( "$check" eq "$sig" ); |
476
|
|
|
|
|
|
|
} |
477
|
0
|
0
|
0
|
|
|
0
|
catch( $e ) |
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
478
|
0
|
|
|
0
|
|
0
|
{ |
479
|
0
|
|
|
|
|
0
|
return( $self->error( "An error occurred while trying to check the cookie signature validation: $e" ) ); |
480
|
3
|
0
|
0
|
3
|
|
24
|
} |
|
3
|
0
|
0
|
|
|
6
|
|
|
3
|
0
|
0
|
|
|
4045
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
481
|
|
|
|
|
|
|
} |
482
|
|
|
|
|
|
|
|
483
|
0
|
|
|
0
|
1
|
0
|
sub iv { return( shift->initialisation_vector( @_ ) ); } |
484
|
|
|
|
|
|
|
|
485
|
0
|
|
|
0
|
1
|
0
|
sub key { return( shift->_set_get_scalar_as_object( 'key', @_ ) ); } |
486
|
|
|
|
|
|
|
|
487
|
|
|
|
|
|
|
# Check if the cookie domain is within the host provided, i.e. |
488
|
|
|
|
|
|
|
# wether this cookie should be sent as part of the request |
489
|
|
|
|
|
|
|
sub match_host |
490
|
|
|
|
|
|
|
{ |
491
|
0
|
|
|
0
|
1
|
0
|
my $self = shift( @_ ); |
492
|
|
|
|
|
|
|
# e.g. www.example.com |
493
|
0
|
|
0
|
|
|
0
|
my $host = shift( @_ ) || return(0); |
494
|
0
|
|
|
|
|
0
|
$host = lc( $host ); |
495
|
|
|
|
|
|
|
# and ours could be just example.com |
496
|
0
|
|
|
|
|
0
|
my $dom = $self->domain; |
497
|
0
|
0
|
|
|
|
0
|
return(1) if( $host eq $dom ); |
498
|
|
|
|
|
|
|
# if our domain is longer than $host, then we are not a match as we should be a subset |
499
|
|
|
|
|
|
|
# e.g. ours www.ja.example.com vs $host ja.example.com |
500
|
0
|
0
|
|
|
|
0
|
return(0) if( CORE::length( $dom ) > CORE::length( $host ) ); |
501
|
|
|
|
|
|
|
# our cookie domain has been set implicitly and since we are not an exact match, |
502
|
|
|
|
|
|
|
# no need to go further. |
503
|
0
|
0
|
|
|
|
0
|
unless( $self->implicit ) |
504
|
|
|
|
|
|
|
{ |
505
|
0
|
0
|
|
|
|
0
|
return( $host =~ /\.${dom}$/ ? 1 : 0 ); |
506
|
|
|
|
|
|
|
} |
507
|
0
|
|
|
|
|
0
|
return(0); |
508
|
|
|
|
|
|
|
} |
509
|
|
|
|
|
|
|
|
510
|
|
|
|
|
|
|
# sub max_age { return( shift->reset(@_)->_set_get_scalar( 'max_age', @_ ) ); } |
511
|
|
|
|
|
|
|
sub max_age |
512
|
|
|
|
|
|
|
{ |
513
|
60
|
|
|
60
|
1
|
19138
|
my $self = shift( @_ ); |
514
|
60
|
100
|
|
|
|
193
|
if( @_ ) |
515
|
|
|
|
|
|
|
{ |
516
|
2
|
|
|
|
|
23
|
$self->reset( @_ ); |
517
|
2
|
|
|
|
|
4
|
my $v = shift( @_ ); |
518
|
2
|
50
|
|
|
|
12
|
if( !defined( $v ) ) |
519
|
|
|
|
|
|
|
{ |
520
|
0
|
|
|
|
|
0
|
$self->{max_age} = undef; |
521
|
|
|
|
|
|
|
} |
522
|
|
|
|
|
|
|
else |
523
|
|
|
|
|
|
|
{ |
524
|
2
|
50
|
|
|
|
19
|
return( $self->error( "Invalid max-age value '$v'" ) ) if( $v !~ /^\-?\d+$/ ); |
525
|
2
|
|
|
|
|
8
|
$v = int( $v ); |
526
|
|
|
|
|
|
|
# "If both Expires and Max-Age are set, Max-Age has precedence" |
527
|
|
|
|
|
|
|
# <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie> |
528
|
2
|
|
|
|
|
4
|
my $exp; |
529
|
2
|
100
|
|
|
|
19
|
if( $v <= 0 ) |
530
|
|
|
|
|
|
|
{ |
531
|
1
|
|
|
|
|
10
|
$exp = DateTime->new( |
532
|
|
|
|
|
|
|
year => 1970, |
533
|
|
|
|
|
|
|
month => 1, |
534
|
|
|
|
|
|
|
day => 1, |
535
|
|
|
|
|
|
|
hour => 0, |
536
|
|
|
|
|
|
|
minute => 0, |
537
|
|
|
|
|
|
|
second => 0, |
538
|
|
|
|
|
|
|
time_zone => 'GMT', |
539
|
|
|
|
|
|
|
); |
540
|
|
|
|
|
|
|
} |
541
|
|
|
|
|
|
|
else |
542
|
|
|
|
|
|
|
{ |
543
|
1
|
|
|
|
|
8
|
my $tz; |
544
|
|
|
|
|
|
|
# DateTime::TimeZone::Local will die ungracefully if the local timezeon is not set with the error: |
545
|
|
|
|
|
|
|
# "Cannot determine local time zone" |
546
|
1
|
50
|
33
|
|
|
4
|
try |
|
1
|
|
|
|
|
2
|
|
|
1
|
|
|
|
|
3
|
|
|
1
|
|
|
|
|
7
|
|
|
0
|
|
|
|
|
0
|
|
|
1
|
|
|
|
|
2
|
|
|
1
|
|
|
|
|
5
|
|
|
1
|
|
|
|
|
2
|
|
547
|
1
|
|
|
1
|
|
4
|
{ |
548
|
1
|
|
|
|
|
8
|
$tz = DateTime::TimeZone->new( name => 'local' ); |
549
|
|
|
|
|
|
|
} |
550
|
1
|
0
|
50
|
|
|
9
|
catch( $e ) |
|
1
|
0
|
33
|
|
|
856
|
|
|
1
|
0
|
|
|
|
5
|
|
|
1
|
0
|
|
|
|
2
|
|
|
1
|
0
|
|
|
|
2
|
|
|
1
|
0
|
|
|
|
3
|
|
|
1
|
0
|
|
|
|
10
|
|
|
1
|
0
|
|
|
|
8
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
1
|
|
|
|
|
5
|
|
|
0
|
|
|
|
|
0
|
|
|
1
|
|
|
|
|
3
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
1
|
|
|
|
|
6
|
|
|
1
|
|
|
|
|
15
|
|
|
1
|
|
|
|
|
3
|
|
|
1
|
|
|
|
|
4
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
551
|
0
|
|
|
0
|
|
0
|
{ |
552
|
0
|
|
|
|
|
0
|
$tz = DateTime::TimeZone->new( name => 'UTC' ); |
553
|
3
|
0
|
0
|
3
|
|
24
|
} |
|
3
|
0
|
0
|
|
|
8
|
|
|
3
|
0
|
33
|
|
|
6400
|
|
|
0
|
0
|
33
|
|
|
0
|
|
|
0
|
0
|
33
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
33
|
|
|
0
|
|
|
0
|
0
|
33
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
1
|
0
|
|
|
|
5
|
|
|
0
|
0
|
|
|
|
0
|
|
|
1
|
0
|
|
|
|
65
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
50
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
1
|
|
|
|
|
5
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
1
|
|
|
|
|
4
|
|
554
|
1
|
|
|
|
|
10
|
$exp = DateTime->now( time_zone => $tz ); |
555
|
1
|
|
|
|
|
620
|
$exp->add( seconds => $v ); |
556
|
|
|
|
|
|
|
} |
557
|
2
|
|
|
|
|
2176
|
$self->expires( $exp ); |
558
|
2
|
|
|
|
|
2465
|
return( $self->_set_get_number( 'max_age' => $v ) ); |
559
|
|
|
|
|
|
|
} |
560
|
|
|
|
|
|
|
} |
561
|
58
|
|
|
|
|
205
|
return( $self->_set_get_number( 'max_age' ) ); |
562
|
|
|
|
|
|
|
} |
563
|
|
|
|
|
|
|
|
564
|
0
|
|
|
0
|
1
|
0
|
sub maxage { return( shift->max_age( @_ ) ); } |
565
|
|
|
|
|
|
|
|
566
|
|
|
|
|
|
|
sub name |
567
|
|
|
|
|
|
|
{ |
568
|
160
|
|
|
160
|
1
|
17459
|
my $self = shift( @_ ); |
569
|
160
|
100
|
|
|
|
527
|
if( @_ ) |
570
|
|
|
|
|
|
|
{ |
571
|
44
|
|
|
|
|
193
|
$self->reset( @_ ); |
572
|
44
|
|
|
|
|
116
|
my $name = shift( @_ ); |
573
|
|
|
|
|
|
|
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie |
574
|
44
|
50
|
33
|
|
|
273
|
if( $name =~ /[\(\)\<\>\@\,\;\:\\\"\/\[\]\?\=\{\}]/ && $self->strict ) |
575
|
|
|
|
|
|
|
{ |
576
|
0
|
|
|
|
|
0
|
return( $self->error( "A cookie name can only contain US ascii characters. Cookie name provided was '$name'." ) ); |
577
|
|
|
|
|
|
|
} |
578
|
44
|
50
|
|
|
|
272
|
if( $name =~ s/^__Secure\-// ) |
|
|
50
|
|
|
|
|
|
579
|
|
|
|
|
|
|
{ |
580
|
0
|
|
|
|
|
0
|
$self->secure(1); |
581
|
|
|
|
|
|
|
} |
582
|
|
|
|
|
|
|
elsif( $name =~ s/^__Host\-// ) |
583
|
|
|
|
|
|
|
{ |
584
|
0
|
|
|
|
|
0
|
$self->secure(1); |
585
|
0
|
0
|
|
|
|
0
|
$self->path( '/' ) if( !$self->path->length ); |
586
|
|
|
|
|
|
|
} |
587
|
44
|
|
|
|
|
165
|
$self->_set_get_scalar_as_object( 'name' => $name ); |
588
|
|
|
|
|
|
|
} |
589
|
160
|
|
|
|
|
3453732
|
return( $self->_set_get_scalar_as_object( 'name' ) ); |
590
|
|
|
|
|
|
|
} |
591
|
|
|
|
|
|
|
|
592
|
148
|
|
|
148
|
1
|
232633
|
sub path { return( shift->reset(@_)->_set_get_scalar_as_object( 'path', @_ ) ); } |
593
|
|
|
|
|
|
|
|
594
|
66
|
|
|
66
|
1
|
22295
|
sub port { return( shift->reset(@_)->_set_get_number( 'port', @_ ) ); } |
595
|
|
|
|
|
|
|
|
596
|
|
|
|
|
|
|
sub reset |
597
|
|
|
|
|
|
|
{ |
598
|
754
|
|
|
754
|
1
|
1418
|
my $self = shift( @_ ); |
599
|
754
|
50
|
100
|
|
|
2615
|
$self->{_reset} = scalar( @_ ) if( !CORE::length( $self->{_reset} ) && scalar( @_ ) ); |
600
|
754
|
|
|
|
|
2580
|
return( $self ); |
601
|
|
|
|
|
|
|
} |
602
|
|
|
|
|
|
|
|
603
|
|
|
|
|
|
|
sub same_as |
604
|
|
|
|
|
|
|
{ |
605
|
3
|
|
|
3
|
1
|
25
|
my $self = shift( @_ ); |
606
|
3
|
|
|
|
|
9
|
my $this = shift( @_ ); |
607
|
3
|
50
|
33
|
|
|
10
|
return(0) if( !$this || !$self->_is_object( $this ) ); |
608
|
3
|
|
|
|
|
48
|
my $fields = $self->fields; |
609
|
3
|
|
|
|
|
2788
|
foreach my $f ( @$fields ) |
610
|
|
|
|
|
|
|
{ |
611
|
45
|
|
|
|
|
868
|
my $v = $self->$f; |
612
|
45
|
|
|
|
|
41114
|
my $code = $this->can( $f ); |
613
|
45
|
50
|
|
|
|
132
|
return(0) if( !$code ); |
614
|
45
|
|
|
|
|
81
|
my $v2 = $code->( $this ); |
615
|
45
|
50
|
66
|
|
|
40468
|
if( ( !defined( $v ) && defined( $v2 ) ) || |
|
|
|
66
|
|
|
|
|
|
|
|
33
|
|
|
|
|
|
|
|
66
|
|
|
|
|
|
|
|
33
|
|
|
|
|
|
|
|
66
|
|
|
|
|
|
|
|
66
|
|
|
|
|
|
|
|
33
|
|
|
|
|
616
|
|
|
|
|
|
|
( defined( $v ) && !defined( $v2 ) ) || |
617
|
|
|
|
|
|
|
( defined( $v ) && length( "$v" ) != length( "$v2" ) ) || |
618
|
|
|
|
|
|
|
( defined( $v ) && defined( $v2 ) && "$v" ne "$v2" ) ) |
619
|
|
|
|
|
|
|
{ |
620
|
0
|
|
|
|
|
0
|
return(0); |
621
|
|
|
|
|
|
|
} |
622
|
|
|
|
|
|
|
} |
623
|
3
|
|
|
|
|
25
|
return(1); |
624
|
|
|
|
|
|
|
} |
625
|
|
|
|
|
|
|
|
626
|
51
|
|
|
51
|
1
|
5694
|
sub same_site { return( shift->reset(@_)->_set_get_scalar_as_object( 'same_site', @_ ) ); } |
627
|
|
|
|
|
|
|
|
628
|
0
|
|
|
0
|
1
|
0
|
sub samesite { return( shift->same_site( @_ ) ); } |
629
|
|
|
|
|
|
|
|
630
|
51
|
|
|
51
|
1
|
2185
|
sub secure { return( shift->reset(@_)->_set_get_boolean( 'secure', @_ ) ); } |
631
|
|
|
|
|
|
|
|
632
|
38
|
|
|
38
|
1
|
156
|
sub sign { return( shift->reset(@_)->_set_get_boolean( 'sign', @_ ) ); } |
633
|
|
|
|
|
|
|
|
634
|
0
|
|
|
0
|
1
|
0
|
sub strict { return( shift->reset(@_)->_set_get_boolean( 'strict', @_ ) ); } |
635
|
|
|
|
|
|
|
|
636
|
|
|
|
|
|
|
sub uri |
637
|
|
|
|
|
|
|
{ |
638
|
0
|
|
|
0
|
1
|
0
|
my $self = shift( @_ ); |
639
|
0
|
0
|
|
|
|
0
|
if( @_ ) |
|
|
0
|
|
|
|
|
|
640
|
|
|
|
|
|
|
{ |
641
|
0
|
|
|
|
|
0
|
$self->reset( @_ ); |
642
|
0
|
|
0
|
|
|
0
|
my $uri = $self->_set_get_uri( 'uri', @_ ) || return; |
643
|
0
|
|
|
|
|
0
|
$self->port( $uri->port ); |
644
|
0
|
|
|
|
|
0
|
$self->path( $uri->path ); |
645
|
0
|
|
|
|
|
0
|
$self->domain( $uri->host ); |
646
|
|
|
|
|
|
|
} |
647
|
|
|
|
|
|
|
elsif( $self->domain ) |
648
|
|
|
|
|
|
|
{ |
649
|
0
|
0
|
|
|
|
0
|
my $uri = |
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
650
|
|
|
|
|
|
|
( $self->secure ? 'https' : 'http' ) . '://' . |
651
|
|
|
|
|
|
|
$self->domain . |
652
|
|
|
|
|
|
|
( $self->port ? ':' . $self->port : '' ) . |
653
|
|
|
|
|
|
|
( $self->path ? $self->path : '/' ); |
654
|
0
|
|
|
|
|
0
|
return( $self->_set_get_uri( 'uri' => $uri ) ); |
655
|
|
|
|
|
|
|
} |
656
|
0
|
|
|
|
|
0
|
return( $self->_set_get_uri( 'uri' ) ); |
657
|
|
|
|
|
|
|
} |
658
|
|
|
|
|
|
|
|
659
|
96
|
|
|
96
|
1
|
124971
|
sub value { return( shift->reset(@_)->_set_get_scalar_as_object( 'value', @_ ) ); } |
660
|
|
|
|
|
|
|
|
661
|
|
|
|
|
|
|
# Deprecated. Was a version 2 cookie spec: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie2 |
662
|
15
|
|
|
15
|
1
|
82
|
sub version { return( shift->_set_get_number( 'version', @_ ) ); } |
663
|
|
|
|
|
|
|
|
664
|
|
|
|
|
|
|
sub _encrypt_objects |
665
|
|
|
|
|
|
|
{ |
666
|
0
|
|
|
0
|
|
0
|
my $self = shift( @_ ); |
667
|
0
|
|
|
|
|
0
|
my( $key, $algo, $iv ) = @_; |
668
|
0
|
0
|
0
|
|
|
0
|
return( $self->error( "Key provided is empty!" ) ) if( !defined( $key ) || !CORE::length( "$key" ) ); |
669
|
0
|
0
|
0
|
|
|
0
|
return( $self->error( "No algorithm was provided to encrypt cookie value. You can choose any <NAME> for which there exists Crypt::Cipher::<NAME>" ) ) if( !defined( $algo ) || !CORE::length( "$algo" ) ); |
670
|
0
|
|
0
|
|
|
0
|
$iv //= ''; |
671
|
0
|
0
|
0
|
|
|
0
|
try |
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
672
|
0
|
|
|
0
|
|
0
|
{ |
673
|
0
|
0
|
|
|
|
0
|
$self->_load_class( 'Crypt::Mode::CBC', { version => CRYPTX_VERSION } ) || return( $self->pass_error ); |
674
|
0
|
0
|
|
|
|
0
|
$self->_load_class( 'Bytes::Random::Secure' ) || return( $self->pass_error ); |
675
|
0
|
|
0
|
|
|
0
|
my $crypt = Crypt::Mode::CBC->new( "$algo" ) || return( $self->error( "Unable to create a Crypt::Mode::CBC object." ) ); |
676
|
0
|
|
|
|
|
0
|
my $class = "Crypt::Cipher::${algo}"; |
677
|
0
|
0
|
|
|
|
0
|
$self->_load_class( $class ) || return( $self->pass_error ); |
678
|
0
|
|
|
|
|
0
|
my $key_len = $class->keysize; |
679
|
0
|
|
|
|
|
0
|
my $block_len = $class->blocksize; |
680
|
0
|
0
|
|
|
|
0
|
return( $self->error( "The size of the key provided (", CORE::length( $key ), ") does not match the minimum key size required for this algorithm \"$algo\" (${key_len})." ) ) if( CORE::length( $key ) < $key_len ); |
681
|
|
|
|
|
|
|
# Generate an "IV", i.e. Initialisation Vector based on the required block size |
682
|
0
|
|
0
|
|
|
0
|
$iv ||= $self->initialisation_vector; |
683
|
0
|
0
|
0
|
|
|
0
|
if( defined( $iv ) && CORE::length( "$iv" ) ) |
684
|
|
|
|
|
|
|
{ |
685
|
0
|
0
|
|
|
|
0
|
if( CORE::length( "$iv" ) != $block_len ) |
686
|
|
|
|
|
|
|
{ |
687
|
0
|
|
|
|
|
0
|
return( $self->error( "The Initialisation Vector provided for cookie encryption has a length (", CORE::length( "$iv" ), ") which does not match the algorithm ($algo) size requirement ($block_len). Please refer to the cookie documentation Cookie" ) ); |
688
|
|
|
|
|
|
|
} |
689
|
|
|
|
|
|
|
} |
690
|
|
|
|
|
|
|
else |
691
|
|
|
|
|
|
|
{ |
692
|
0
|
|
|
|
|
0
|
$iv = Bytes::Random::Secure::random_bytes( $block_len ); |
693
|
|
|
|
|
|
|
# Save it for decryption |
694
|
0
|
|
|
|
|
0
|
$self->initialisation_vector( $iv ); |
695
|
|
|
|
|
|
|
} |
696
|
0
|
|
|
|
|
0
|
my $key_pack = pack( 'H' x $key_len, $key ); |
697
|
0
|
|
|
|
|
0
|
my $iv_pack = pack( 'H' x $block_len, $iv ); |
698
|
0
|
|
|
|
|
0
|
return({ 'crypt' => $crypt, key => $key_pack, iv => $iv_pack }); |
699
|
|
|
|
|
|
|
} |
700
|
0
|
0
|
0
|
|
|
0
|
catch( $e ) |
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
701
|
0
|
|
|
0
|
|
0
|
{ |
702
|
0
|
|
|
|
|
0
|
return( $self->error( "Error getting the encryption objects for algorithm \"$algo\": $e" ) ); |
703
|
3
|
0
|
0
|
3
|
|
24
|
} |
|
3
|
0
|
0
|
|
|
6
|
|
|
3
|
0
|
0
|
|
|
1145
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
0
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
0
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
|
0
|
|
|
|
|
0
|
|
704
|
|
|
|
|
|
|
} |
705
|
|
|
|
|
|
|
|
706
|
|
|
|
|
|
|
sub _header_datetime |
707
|
|
|
|
|
|
|
{ |
708
|
19
|
|
|
19
|
|
948
|
my $self = shift( @_ ); |
709
|
19
|
|
|
|
|
32
|
my $dt; |
710
|
19
|
50
|
|
|
|
56
|
if( @_ ) |
711
|
|
|
|
|
|
|
{ |
712
|
19
|
50
|
|
|
|
72
|
return( $self->error( "Date time provided ($dt) is not an object." ) ) if( !$self->_is_object( $_[0] ) ); |
713
|
19
|
50
|
|
|
|
211
|
return( $self->error( "Object provided (", ref( $_[0] ), ") is not a DateTime object." ) ) if( !$_[0]->isa( 'DateTime' ) ); |
714
|
19
|
|
|
|
|
45
|
$dt = shift( @_ ); |
715
|
|
|
|
|
|
|
} |
716
|
19
|
50
|
|
|
|
51
|
$dt = DateTime->now if( !defined( $dt ) ); |
717
|
19
|
|
|
|
|
56
|
$dt->set_time_zone( 'GMT' ); |
718
|
19
|
|
|
|
|
4556
|
my $fmt = DateTime::Format::Strptime->new( |
719
|
|
|
|
|
|
|
pattern => '%a, %d %b %Y %H:%M:%S GMT', |
720
|
|
|
|
|
|
|
locale => 'en_GB', |
721
|
|
|
|
|
|
|
time_zone => 'GMT', |
722
|
|
|
|
|
|
|
); |
723
|
19
|
|
|
|
|
32421
|
$dt->set_formatter( $fmt ); |
724
|
19
|
|
|
|
|
1338
|
return( $dt ); |
725
|
|
|
|
|
|
|
} |
726
|
|
|
|
|
|
|
|
727
|
|
|
|
|
|
|
sub TO_JSON |
728
|
|
|
|
|
|
|
{ |
729
|
0
|
|
|
0
|
1
|
|
my $self = shift( @_ ); |
730
|
0
|
|
|
|
|
|
my $fields = $self->fields; |
731
|
0
|
|
|
|
|
|
my $ref = {}; |
732
|
0
|
|
|
|
|
|
foreach my $m ( @$fields ) |
733
|
|
|
|
|
|
|
{ |
734
|
0
|
|
|
|
|
|
$ref->{ $m } = $self->$m; |
735
|
|
|
|
|
|
|
} |
736
|
0
|
|
|
|
|
|
return( $ref ); |
737
|
|
|
|
|
|
|
} |
738
|
|
|
|
|
|
|
|
739
|
|
|
|
|
|
|
1; |
740
|
|
|
|
|
|
|
# NOTE: POD |
741
|
|
|
|
|
|
|
__END__ |
742
|
|
|
|
|
|
|
|
743
|
|
|
|
|
|
|
=encoding utf8 |
744
|
|
|
|
|
|
|
|
745
|
|
|
|
|
|
|
=head1 NAME |
746
|
|
|
|
|
|
|
|
747
|
|
|
|
|
|
|
Cookie - Cookie Object with Encryption or Signature |
748
|
|
|
|
|
|
|
|
749
|
|
|
|
|
|
|
=head1 SYNOPSIS |
750
|
|
|
|
|
|
|
|
751
|
|
|
|
|
|
|
use Cookie; |
752
|
|
|
|
|
|
|
my $c = Cookie->new( |
753
|
|
|
|
|
|
|
name => 'my-cookie', |
754
|
|
|
|
|
|
|
domain => 'example.com', |
755
|
|
|
|
|
|
|
value => 'sid1234567', |
756
|
|
|
|
|
|
|
path => '/', |
757
|
|
|
|
|
|
|
expires => '+10D', |
758
|
|
|
|
|
|
|
# or alternatively |
759
|
|
|
|
|
|
|
maxage => 864000 |
760
|
|
|
|
|
|
|
# to make it exclusively accessible by regular http request and not javascript |
761
|
|
|
|
|
|
|
http_only => 1, |
762
|
|
|
|
|
|
|
same_site => 'Lax', |
763
|
|
|
|
|
|
|
# should it be used under ssl only? |
764
|
|
|
|
|
|
|
secure => 1, |
765
|
|
|
|
|
|
|
); |
766
|
|
|
|
|
|
|
# make the cookie expired |
767
|
|
|
|
|
|
|
# Sets the expiration datetime to Thu, 01 Jan 1970 09:00:00 GMT |
768
|
|
|
|
|
|
|
$c->elapse; |
769
|
|
|
|
|
|
|
# Get cookie as an hash reference |
770
|
|
|
|
|
|
|
my $hash = $c->as_hash; |
771
|
|
|
|
|
|
|
print $c->as_string, "\n"; |
772
|
|
|
|
|
|
|
# or |
773
|
|
|
|
|
|
|
print "$c\n"; |
774
|
|
|
|
|
|
|
# If expires is set, we can use its underlying DateTime object |
775
|
|
|
|
|
|
|
my $now = DateTime->now; |
776
|
|
|
|
|
|
|
if( $c->expires && $c->expires > $now ) |
777
|
|
|
|
|
|
|
{ |
778
|
|
|
|
|
|
|
# ok, we're good |
779
|
|
|
|
|
|
|
} |
780
|
|
|
|
|
|
|
# Unset expiration, effectively transforming it into a session cookie |
781
|
|
|
|
|
|
|
$c->expires( undef ); |
782
|
|
|
|
|
|
|
print "Is session cookie? ", $c->is_session ? 'yes' : 'no', "\n"; |
783
|
|
|
|
|
|
|
$c->match_host( 'www.example.com' ); |
784
|
|
|
|
|
|
|
# Set max-age (in seconds) that takes precedence over expiration |
785
|
|
|
|
|
|
|
$c->max_age( 86400 ); |
786
|
|
|
|
|
|
|
# Make it expired to tell the http client to remove it: |
787
|
|
|
|
|
|
|
$c->max_age(0) # or $c->max_age(-1) |
788
|
|
|
|
|
|
|
# Unset max-age |
789
|
|
|
|
|
|
|
$c->max_age( undef ); |
790
|
|
|
|
|
|
|
print "Is it same? ", $c->same_as( $other ) ? 'yes' : 'no', "\n"; |
791
|
|
|
|
|
|
|
# Conveniently set port, path and domain in one go, but not the secure flag |
792
|
|
|
|
|
|
|
$c->uri( 'https://www.example.com:8080/some/where' ); |
793
|
|
|
|
|
|
|
|
794
|
|
|
|
|
|
|
# Create encrypted cookie |
795
|
|
|
|
|
|
|
# You can generate a key or type one as long as it meets the size requirement |
796
|
|
|
|
|
|
|
use Bytes::Random::Secure (); |
797
|
|
|
|
|
|
|
my $c = Cookie->new( |
798
|
|
|
|
|
|
|
name => 'my-cookie', |
799
|
|
|
|
|
|
|
domain => 'example.com', |
800
|
|
|
|
|
|
|
value => 'sid1234567', |
801
|
|
|
|
|
|
|
path => '/', |
802
|
|
|
|
|
|
|
expires => '+10D', |
803
|
|
|
|
|
|
|
# or alternatively |
804
|
|
|
|
|
|
|
maxage => 864000 |
805
|
|
|
|
|
|
|
# to make it exclusively accessible by regular http request and not ajax |
806
|
|
|
|
|
|
|
http_only => 1, |
807
|
|
|
|
|
|
|
same_site => 'Lax', |
808
|
|
|
|
|
|
|
# should it be used under ssl only? |
809
|
|
|
|
|
|
|
secure => 1, |
810
|
|
|
|
|
|
|
# Encryption parameters |
811
|
|
|
|
|
|
|
key => Bytes::Random::Secure::random_bytes(32), |
812
|
|
|
|
|
|
|
algo => 'AES', |
813
|
|
|
|
|
|
|
encrypt => 1, |
814
|
|
|
|
|
|
|
); |
815
|
|
|
|
|
|
|
print( "My encrypted cookie: $c\n" ); |
816
|
|
|
|
|
|
|
|
817
|
|
|
|
|
|
|
# Sign cookie only |
818
|
|
|
|
|
|
|
my $c = Cookie->new( |
819
|
|
|
|
|
|
|
name => 'my-cookie', |
820
|
|
|
|
|
|
|
domain => 'example.com', |
821
|
|
|
|
|
|
|
value => 'sid1234567', |
822
|
|
|
|
|
|
|
path => '/', |
823
|
|
|
|
|
|
|
expires => '+10D', |
824
|
|
|
|
|
|
|
# or alternatively |
825
|
|
|
|
|
|
|
maxage => 864000 |
826
|
|
|
|
|
|
|
# to make it exclusively accessible by regular http request and not ajax |
827
|
|
|
|
|
|
|
http_only => 1, |
828
|
|
|
|
|
|
|
same_site => 'Lax', |
829
|
|
|
|
|
|
|
# should it be used under ssl only? |
830
|
|
|
|
|
|
|
secure => 1, |
831
|
|
|
|
|
|
|
# Encryption parameters |
832
|
|
|
|
|
|
|
# No size constraint for signature, but obviously the longer the better |
833
|
|
|
|
|
|
|
key => Bytes::Random::Secure::random_bytes(32), |
834
|
|
|
|
|
|
|
sign => 1, |
835
|
|
|
|
|
|
|
); |
836
|
|
|
|
|
|
|
print( "My signed cookie: $c\n" ); |
837
|
|
|
|
|
|
|
|
838
|
|
|
|
|
|
|
=head1 VERSION |
839
|
|
|
|
|
|
|
|
840
|
|
|
|
|
|
|
v0.3.0 |
841
|
|
|
|
|
|
|
|
842
|
|
|
|
|
|
|
=head1 DESCRIPTION |
843
|
|
|
|
|
|
|
|
844
|
|
|
|
|
|
|
This is a powerful and versatile package to create and represent a cookie compliant with the latest standard as set by L<rfc6265|https://datatracker.ietf.org/doc/html/rfc6265>. This can be used as a standalone module, or can be managed as part of the cookie jar L<Cookie::Jar> |
845
|
|
|
|
|
|
|
|
846
|
|
|
|
|
|
|
The object is overloaded and will call L</as_string> upon stringification and can also be used in comparison with other cookie object: |
847
|
|
|
|
|
|
|
|
848
|
|
|
|
|
|
|
if( $cookie1 eq $cookie2 ) |
849
|
|
|
|
|
|
|
{ |
850
|
|
|
|
|
|
|
# do something |
851
|
|
|
|
|
|
|
} |
852
|
|
|
|
|
|
|
|
853
|
|
|
|
|
|
|
This module does not die upon error, but instead returns C<undef> and sets an L<error|Module::Generic/error>, so you should always check the return value of a method. |
854
|
|
|
|
|
|
|
|
855
|
|
|
|
|
|
|
See also the L<Cookie::Jar> package to manage server and client side handling of cookies: |
856
|
|
|
|
|
|
|
|
857
|
|
|
|
|
|
|
use Cookie::Jar; |
858
|
|
|
|
|
|
|
# Possibly passing the cookie repository the Apache2::RequestRec object |
859
|
|
|
|
|
|
|
my $jar = Cookie::Jar->new( $r ); |
860
|
|
|
|
|
|
|
my $c = $jar->make( |
861
|
|
|
|
|
|
|
name => 'my_cookie', |
862
|
|
|
|
|
|
|
value => 'some value', |
863
|
|
|
|
|
|
|
domain => 'example.org', |
864
|
|
|
|
|
|
|
path => '/', |
865
|
|
|
|
|
|
|
secure => 1, |
866
|
|
|
|
|
|
|
http_only => 1, |
867
|
|
|
|
|
|
|
) || die( $jar->error ); |
868
|
|
|
|
|
|
|
# Set it in the server response C<Set-Cookie> header: |
869
|
|
|
|
|
|
|
$jar->set( $c ) || die( $jar->error ); |
870
|
|
|
|
|
|
|
|
871
|
|
|
|
|
|
|
=head1 METHODS |
872
|
|
|
|
|
|
|
|
873
|
|
|
|
|
|
|
=head2 new |
874
|
|
|
|
|
|
|
|
875
|
|
|
|
|
|
|
Provided with an hash or hash reference of parameters, and this initiates a new cookie object and return it. Each of the following parameters has a corresponding method. |
876
|
|
|
|
|
|
|
|
877
|
|
|
|
|
|
|
=over 4 |
878
|
|
|
|
|
|
|
|
879
|
|
|
|
|
|
|
=item * C<debug> |
880
|
|
|
|
|
|
|
|
881
|
|
|
|
|
|
|
Optional. If set with a positive integer, this will activate verbose debugging message |
882
|
|
|
|
|
|
|
|
883
|
|
|
|
|
|
|
=item * C<name> |
884
|
|
|
|
|
|
|
|
885
|
|
|
|
|
|
|
String. |
886
|
|
|
|
|
|
|
|
887
|
|
|
|
|
|
|
See also L</name> |
888
|
|
|
|
|
|
|
|
889
|
|
|
|
|
|
|
=item * C<value> |
890
|
|
|
|
|
|
|
|
891
|
|
|
|
|
|
|
String. |
892
|
|
|
|
|
|
|
|
893
|
|
|
|
|
|
|
See also L</value> |
894
|
|
|
|
|
|
|
|
895
|
|
|
|
|
|
|
=item * C<comment> |
896
|
|
|
|
|
|
|
|
897
|
|
|
|
|
|
|
String. |
898
|
|
|
|
|
|
|
|
899
|
|
|
|
|
|
|
See also L</comment> |
900
|
|
|
|
|
|
|
|
901
|
|
|
|
|
|
|
=item * C<commentURL> |
902
|
|
|
|
|
|
|
|
903
|
|
|
|
|
|
|
URI string or object. |
904
|
|
|
|
|
|
|
|
905
|
|
|
|
|
|
|
See also L</commentURL> |
906
|
|
|
|
|
|
|
|
907
|
|
|
|
|
|
|
=item * C<discard> |
908
|
|
|
|
|
|
|
|
909
|
|
|
|
|
|
|
Boolean. |
910
|
|
|
|
|
|
|
|
911
|
|
|
|
|
|
|
See also L</discard> |
912
|
|
|
|
|
|
|
|
913
|
|
|
|
|
|
|
=item * C<domain> |
914
|
|
|
|
|
|
|
|
915
|
|
|
|
|
|
|
String. |
916
|
|
|
|
|
|
|
|
917
|
|
|
|
|
|
|
See also L</domain> |
918
|
|
|
|
|
|
|
|
919
|
|
|
|
|
|
|
=item * C<expires> |
920
|
|
|
|
|
|
|
|
921
|
|
|
|
|
|
|
Datetime str | DateTime object | integer |
922
|
|
|
|
|
|
|
|
923
|
|
|
|
|
|
|
See also L</expires> |
924
|
|
|
|
|
|
|
|
925
|
|
|
|
|
|
|
=item * C<http_only> |
926
|
|
|
|
|
|
|
|
927
|
|
|
|
|
|
|
Boolean, |
928
|
|
|
|
|
|
|
|
929
|
|
|
|
|
|
|
See also L</http_only> |
930
|
|
|
|
|
|
|
|
931
|
|
|
|
|
|
|
=item * C<implicit> |
932
|
|
|
|
|
|
|
|
933
|
|
|
|
|
|
|
Boolean. |
934
|
|
|
|
|
|
|
|
935
|
|
|
|
|
|
|
See also L</implicit> |
936
|
|
|
|
|
|
|
|
937
|
|
|
|
|
|
|
=item * C<max_age> |
938
|
|
|
|
|
|
|
|
939
|
|
|
|
|
|
|
Integer. |
940
|
|
|
|
|
|
|
|
941
|
|
|
|
|
|
|
See also L</max_age> |
942
|
|
|
|
|
|
|
|
943
|
|
|
|
|
|
|
=item * C<path> |
944
|
|
|
|
|
|
|
|
945
|
|
|
|
|
|
|
String. |
946
|
|
|
|
|
|
|
|
947
|
|
|
|
|
|
|
See also L</path> |
948
|
|
|
|
|
|
|
|
949
|
|
|
|
|
|
|
=item * C<port> |
950
|
|
|
|
|
|
|
|
951
|
|
|
|
|
|
|
Integer. |
952
|
|
|
|
|
|
|
|
953
|
|
|
|
|
|
|
See also L</port> |
954
|
|
|
|
|
|
|
|
955
|
|
|
|
|
|
|
=item * C<same_site> |
956
|
|
|
|
|
|
|
|
957
|
|
|
|
|
|
|
String. |
958
|
|
|
|
|
|
|
|
959
|
|
|
|
|
|
|
See also L</same_site> |
960
|
|
|
|
|
|
|
|
961
|
|
|
|
|
|
|
=item * C<secure> |
962
|
|
|
|
|
|
|
|
963
|
|
|
|
|
|
|
Boolean. |
964
|
|
|
|
|
|
|
|
965
|
|
|
|
|
|
|
See also L</secure> |
966
|
|
|
|
|
|
|
|
967
|
|
|
|
|
|
|
=item * C<version> |
968
|
|
|
|
|
|
|
|
969
|
|
|
|
|
|
|
Integer. |
970
|
|
|
|
|
|
|
|
971
|
|
|
|
|
|
|
See also L</version> |
972
|
|
|
|
|
|
|
|
973
|
|
|
|
|
|
|
=back |
974
|
|
|
|
|
|
|
|
975
|
|
|
|
|
|
|
Other extra parameters not directly related to the cookie standard: |
976
|
|
|
|
|
|
|
|
977
|
|
|
|
|
|
|
=over 4 |
978
|
|
|
|
|
|
|
|
979
|
|
|
|
|
|
|
=item * C<accessed_on> |
980
|
|
|
|
|
|
|
|
981
|
|
|
|
|
|
|
Datetime. |
982
|
|
|
|
|
|
|
|
983
|
|
|
|
|
|
|
See also L</accessed_on> |
984
|
|
|
|
|
|
|
|
985
|
|
|
|
|
|
|
=item * C<algo> |
986
|
|
|
|
|
|
|
|
987
|
|
|
|
|
|
|
String. |
988
|
|
|
|
|
|
|
|
989
|
|
|
|
|
|
|
See also L</algo> |
990
|
|
|
|
|
|
|
|
991
|
|
|
|
|
|
|
=item * C<created_on> |
992
|
|
|
|
|
|
|
|
993
|
|
|
|
|
|
|
Datetime. |
994
|
|
|
|
|
|
|
|
995
|
|
|
|
|
|
|
See also L</created_on> |
996
|
|
|
|
|
|
|
|
997
|
|
|
|
|
|
|
=item * C<encrypt> |
998
|
|
|
|
|
|
|
|
999
|
|
|
|
|
|
|
Boolean. |
1000
|
|
|
|
|
|
|
|
1001
|
|
|
|
|
|
|
See also L</encrypt> |
1002
|
|
|
|
|
|
|
|
1003
|
|
|
|
|
|
|
=item * C<key> |
1004
|
|
|
|
|
|
|
|
1005
|
|
|
|
|
|
|
String. |
1006
|
|
|
|
|
|
|
|
1007
|
|
|
|
|
|
|
See also L</key> |
1008
|
|
|
|
|
|
|
|
1009
|
|
|
|
|
|
|
=item * C<sign> |
1010
|
|
|
|
|
|
|
|
1011
|
|
|
|
|
|
|
Boolean. |
1012
|
|
|
|
|
|
|
|
1013
|
|
|
|
|
|
|
See also L</sign> |
1014
|
|
|
|
|
|
|
|
1015
|
|
|
|
|
|
|
=back |
1016
|
|
|
|
|
|
|
|
1017
|
|
|
|
|
|
|
=head2 accessed_on |
1018
|
|
|
|
|
|
|
|
1019
|
|
|
|
|
|
|
Set or get the datetime of the cookie object last accessed. |
1020
|
|
|
|
|
|
|
|
1021
|
|
|
|
|
|
|
According to L<rfc6265, section 5.3.12.3|https://datatracker.ietf.org/doc/html/rfc6265#section-5.3>, when deciding which cookies to remove, for those who have equal removal priority: |
1022
|
|
|
|
|
|
|
|
1023
|
|
|
|
|
|
|
"If two cookies have the same removal priority, the user agent MUST evict the cookie with the earliest last-access date first." |
1024
|
|
|
|
|
|
|
|
1025
|
|
|
|
|
|
|
=head2 algo |
1026
|
|
|
|
|
|
|
|
1027
|
|
|
|
|
|
|
This set or get the the algorithm used to encrypt the cookie value. |
1028
|
|
|
|
|
|
|
|
1029
|
|
|
|
|
|
|
It can be any of L<AES|Crypt::Cipher::AES>, L<Anubis|Crypt::Cipher::Anubis>, L<Blowfish|Crypt::Cipher::Blowfish>, L<CAST5|Crypt::Cipher::CAST5>, L<Camellia|Crypt::Cipher::Camellia>, L<DES|Crypt::Cipher::DES>, L<DES_EDE|Crypt::Cipher::DES_EDE>, L<KASUMI|Crypt::Cipher::KASUMI>, L<Khazad|Crypt::Cipher::Khazad>, L<MULTI2|Crypt::Cipher::MULTI2>, L<Noekeon|Crypt::Cipher::Noekeon>, L<RC2|Crypt::Cipher::RC2>, L<RC5|Crypt::Cipher::RC5>, L<RC6|Crypt::Cipher::RC6>, L<SAFERP|Crypt::Cipher::SAFERP>, L<SAFER_K128|Crypt::Cipher::SAFER_K128>, L<SAFER_K64|Crypt::Cipher::SAFER_K64>, L<SAFER_SK128|Crypt::Cipher::SAFER_SK128>, L<SAFER_SK64|Crypt::Cipher::SAFER_SK64>, L<SEED|Crypt::Cipher::SEED>, L<Skipjack|Crypt::Cipher::Skipjack>, L<Twofish|Crypt::Cipher::Twofish>, L<XTEA|Crypt::Cipher::XTEA>, L<IDEA|Crypt::Cipher::IDEA>, L<Serpent|Crypt::Cipher::Serpent> or simply any <NAME> for which there exists Crypt::Cipher::<NAME> |
1030
|
|
|
|
|
|
|
|
1031
|
|
|
|
|
|
|
See also L<Stackoverflow on the choice of encryption algorithm|https://stackoverflow.com/questions/4147451/aes-vs-blowfish-for-file-encryption> |
1032
|
|
|
|
|
|
|
|
1033
|
|
|
|
|
|
|
By default, the algorithm is set to C<AES> |
1034
|
|
|
|
|
|
|
|
1035
|
|
|
|
|
|
|
If the algorithm set is unsupported, this method returns an L<error|Module::Generic/error> |
1036
|
|
|
|
|
|
|
|
1037
|
|
|
|
|
|
|
It returns the current value as a L<scalar object|Module::Generic::Scalar> |
1038
|
|
|
|
|
|
|
|
1039
|
|
|
|
|
|
|
=head2 apply |
1040
|
|
|
|
|
|
|
|
1041
|
|
|
|
|
|
|
Provided with an hash ore hash reference of cookie parameter, and this will apply them to each of their equivalent method. |
1042
|
|
|
|
|
|
|
|
1043
|
|
|
|
|
|
|
$c->apply( |
1044
|
|
|
|
|
|
|
expires => 'now', |
1045
|
|
|
|
|
|
|
secure => 1, |
1046
|
|
|
|
|
|
|
http_only => 1, |
1047
|
|
|
|
|
|
|
); |
1048
|
|
|
|
|
|
|
|
1049
|
|
|
|
|
|
|
In the example above, this will call methods L</expires>, L</secure> and L</http_only> passing them the relevant values. |
1050
|
|
|
|
|
|
|
|
1051
|
|
|
|
|
|
|
It returns the current object. |
1052
|
|
|
|
|
|
|
|
1053
|
|
|
|
|
|
|
=head2 as_hash |
1054
|
|
|
|
|
|
|
|
1055
|
|
|
|
|
|
|
Returns an hash reference of the cookie value. |
1056
|
|
|
|
|
|
|
|
1057
|
|
|
|
|
|
|
The hash reference returned will contain the following keys: C<name> C<value> C<comment> C<commentURL> C<domain> C<expires> C<http_only> C<implicit> C<max_age> C<path> C<port> C<same_site> C<secure> C<version> |
1058
|
|
|
|
|
|
|
|
1059
|
|
|
|
|
|
|
=head2 as_string |
1060
|
|
|
|
|
|
|
|
1061
|
|
|
|
|
|
|
Returns a string representation of the object. |
1062
|
|
|
|
|
|
|
|
1063
|
|
|
|
|
|
|
my $cookie_string = $cookie->as_string; |
1064
|
|
|
|
|
|
|
# or |
1065
|
|
|
|
|
|
|
my $cookie_string = "$cookie"; |
1066
|
|
|
|
|
|
|
my-cookie="sid1234567"; Domain=example.com; Path=/; Expires=Mon, 09 Jan 2020 12:17:30 GMT; Secure; HttpOnly |
1067
|
|
|
|
|
|
|
|
1068
|
|
|
|
|
|
|
If encryption is enabled with L</encrypt>, the cookie value will be encrypted using the key provided with L</key> and the L<Initialisation Vector|/initialisation_vector>. If the latter was not provided, it will be generated automatically. The resulting encrypted value is then encoded in base64 and escaped. For example: |
1069
|
|
|
|
|
|
|
|
1070
|
|
|
|
|
|
|
my $cookie_value = "toc_ok=1"; |
1071
|
|
|
|
|
|
|
my $key = Bytes::Random::Secure::random_bytes(32); |
1072
|
|
|
|
|
|
|
# result: |
1073
|
|
|
|
|
|
|
# session=PyJTlRJniAYVJJF6%2FswuPw%3D%3D; Path=/; SameSite=Lax; Secure; HttpOnly |
1074
|
|
|
|
|
|
|
|
1075
|
|
|
|
|
|
|
If cookie signature is enabled for integrity protection with L</sign>, an sha256 hmac will be generated using the key provided with L</key> and the resulting hash appended to the cookie value separated by a dot. For example: |
1076
|
|
|
|
|
|
|
|
1077
|
|
|
|
|
|
|
my $cookie_value = "toc_ok=1"; |
1078
|
|
|
|
|
|
|
my $key = "hard to guess key"; |
1079
|
|
|
|
|
|
|
# I2M4/rh/TiNV5RZDSBJkhLblBvrN5k9448G6w/gp/jg= |
1080
|
|
|
|
|
|
|
my $signature = Crypt::Mac::HMAC::hmac_b64( $key, $cookie_value ); |
1081
|
|
|
|
|
|
|
# result: toc_ok=1.I2M4/rh/TiNV5RZDSBJkhLblBvrN5k9448G6w/gp/jg= |
1082
|
|
|
|
|
|
|
# ultimately the cookie value sent will be: |
1083
|
|
|
|
|
|
|
# toc_ok%3D1.I2M4%2Frh%2FTiNV5RZDSBJkhLblBvrN5k9448G6w%2Fgp%2Fjg%3D |
1084
|
|
|
|
|
|
|
|
1085
|
|
|
|
|
|
|
The returned value is cached so the next time, it simply return the cached version and not re-process it. You can reset it by calling L</reset>. |
1086
|
|
|
|
|
|
|
|
1087
|
|
|
|
|
|
|
=head2 comment |
1088
|
|
|
|
|
|
|
|
1089
|
|
|
|
|
|
|
$cookie->comment( 'Some comment' ); |
1090
|
|
|
|
|
|
|
my $comment = $cookie->comment; |
1091
|
|
|
|
|
|
|
|
1092
|
|
|
|
|
|
|
Sets or gets the optional comment for this cookie. This was used in version 2 of cookies but has since been deprecated. |
1093
|
|
|
|
|
|
|
|
1094
|
|
|
|
|
|
|
Returns a L<Module::Generic::Scalar> object. |
1095
|
|
|
|
|
|
|
|
1096
|
|
|
|
|
|
|
=head2 commentURL |
1097
|
|
|
|
|
|
|
|
1098
|
|
|
|
|
|
|
$cookie->commentURL( 'https://example.com/some/where.html' ); |
1099
|
|
|
|
|
|
|
my $comment = $cookie->commentURL; |
1100
|
|
|
|
|
|
|
|
1101
|
|
|
|
|
|
|
Sets or gets the optional comment URL for this cookie. This was used in version 2 of cookies but has since been deprecated. |
1102
|
|
|
|
|
|
|
|
1103
|
|
|
|
|
|
|
Returns an L<URI> object. |
1104
|
|
|
|
|
|
|
|
1105
|
|
|
|
|
|
|
=head2 created_on |
1106
|
|
|
|
|
|
|
|
1107
|
|
|
|
|
|
|
Set or get the datetime of the cookie object created. This value is primarily used by L<Cookie::Jar>, as per the rfc6265, when setting the http request header C<Cookie> to differentiate two cookies that share the same domain and path. The cookie that has their creation datetime earlier are set first: |
1108
|
|
|
|
|
|
|
|
1109
|
|
|
|
|
|
|
"Among cookies that have equal-length path fields, cookies with earlier creation-times are listed before cookies with later creation-times." (L<rfc6265, section 5.4.2|https://datatracker.ietf.org/doc/html/rfc6265#section-5.4>) |
1110
|
|
|
|
|
|
|
|
1111
|
|
|
|
|
|
|
=head2 decrypt |
1112
|
|
|
|
|
|
|
|
1113
|
|
|
|
|
|
|
This returns the cookie decrypted value. If it used on a non-encrypted cookie, this would return C<undef> and set an L<error|Module::Generic/error> |
1114
|
|
|
|
|
|
|
|
1115
|
|
|
|
|
|
|
It takes an optional hash or hash reference of parameters: |
1116
|
|
|
|
|
|
|
|
1117
|
|
|
|
|
|
|
=over 4 |
1118
|
|
|
|
|
|
|
|
1119
|
|
|
|
|
|
|
=item I<algo> string |
1120
|
|
|
|
|
|
|
|
1121
|
|
|
|
|
|
|
The algorithm to use for encryption. Defaults to the value set with L</algo>. See this method for more information on acceptable values. |
1122
|
|
|
|
|
|
|
|
1123
|
|
|
|
|
|
|
=item I<iv> string |
1124
|
|
|
|
|
|
|
|
1125
|
|
|
|
|
|
|
The Initialisation Vector used for encryption and decryption. Default to the value set with L</initialisation_vector> |
1126
|
|
|
|
|
|
|
|
1127
|
|
|
|
|
|
|
=item I<key> string |
1128
|
|
|
|
|
|
|
|
1129
|
|
|
|
|
|
|
The encryption key. Defaults to the value set with L</key> |
1130
|
|
|
|
|
|
|
|
1131
|
|
|
|
|
|
|
=back |
1132
|
|
|
|
|
|
|
|
1133
|
|
|
|
|
|
|
=head2 discard |
1134
|
|
|
|
|
|
|
|
1135
|
|
|
|
|
|
|
Boolean. Set or get this value to true to flag this cookie to be discarded, whatever that means to you the user. This is not a standard protocol property. |
1136
|
|
|
|
|
|
|
|
1137
|
|
|
|
|
|
|
This method is used in L<Cookie::Jar/save_as_lwp> and L<Cookie::Jar/save_as_netscape> with the option C<skip_discard> |
1138
|
|
|
|
|
|
|
|
1139
|
|
|
|
|
|
|
It returns the current value as a L<Module::Generic::Boolean> object. |
1140
|
|
|
|
|
|
|
|
1141
|
|
|
|
|
|
|
=head2 domain |
1142
|
|
|
|
|
|
|
|
1143
|
|
|
|
|
|
|
$cookie->domain( 'example.com' ); |
1144
|
|
|
|
|
|
|
my $dom = $cookie->domain; |
1145
|
|
|
|
|
|
|
|
1146
|
|
|
|
|
|
|
Sets or gets the domain for this cookie. |
1147
|
|
|
|
|
|
|
|
1148
|
|
|
|
|
|
|
Returns the current value as a L<Module::Generic::Scalar> object. |
1149
|
|
|
|
|
|
|
|
1150
|
|
|
|
|
|
|
Note that you can also call it using the alias method C<host> |
1151
|
|
|
|
|
|
|
|
1152
|
|
|
|
|
|
|
=head2 elapse |
1153
|
|
|
|
|
|
|
|
1154
|
|
|
|
|
|
|
Set the C<expires> value for this cookie to C<0>, which, in turn, will set it to C<Thu, 01 Jan 1970 09:00:00 GMT> |
1155
|
|
|
|
|
|
|
|
1156
|
|
|
|
|
|
|
When sent to the http client, this will have the effect of removing the cookie. |
1157
|
|
|
|
|
|
|
|
1158
|
|
|
|
|
|
|
See L<rfc6265|https://datatracker.ietf.org/doc/html/rfc6265#section-3.1> for more information. |
1159
|
|
|
|
|
|
|
|
1160
|
|
|
|
|
|
|
=head2 encrypt |
1161
|
|
|
|
|
|
|
|
1162
|
|
|
|
|
|
|
Set or get the boolean value. If true, the this will tell L</as_string> to encrypt the cookie value. |
1163
|
|
|
|
|
|
|
|
1164
|
|
|
|
|
|
|
To use this feature, an encryption L<key|/key> must be set and the module L<Crypt::Cipher> must be installed. |
1165
|
|
|
|
|
|
|
|
1166
|
|
|
|
|
|
|
You can read more about the differences between L<sign and encryption at Stackoverflow|https://stackoverflow.com/questions/41467012/what-is-the-difference-between-signed-and-encrypted-cookies-in-rails> |
1167
|
|
|
|
|
|
|
|
1168
|
|
|
|
|
|
|
=head2 expires |
1169
|
|
|
|
|
|
|
|
1170
|
|
|
|
|
|
|
Sets or gets the expiration date and time for this cookie. |
1171
|
|
|
|
|
|
|
|
1172
|
|
|
|
|
|
|
The value provided can be one of: |
1173
|
|
|
|
|
|
|
|
1174
|
|
|
|
|
|
|
=over 4 |
1175
|
|
|
|
|
|
|
|
1176
|
|
|
|
|
|
|
=item A date compliant with L<rfc7231|https://datatracker.ietf.org/doc/html/rfc7231#section-7.1.1.1> |
1177
|
|
|
|
|
|
|
|
1178
|
|
|
|
|
|
|
For example: C<01 Nov 2021 08:42:17 GMT> |
1179
|
|
|
|
|
|
|
|
1180
|
|
|
|
|
|
|
=item unix timestamp. |
1181
|
|
|
|
|
|
|
|
1182
|
|
|
|
|
|
|
For example: C<1631099228> |
1183
|
|
|
|
|
|
|
|
1184
|
|
|
|
|
|
|
=item variable time. |
1185
|
|
|
|
|
|
|
|
1186
|
|
|
|
|
|
|
For example: C<30s> (30 seconds), C<5m> (5 minutes), C<12h> (12 hours), C<30D> (30 days), C<2M> (2 months), C<1Y> (1 year) |
1187
|
|
|
|
|
|
|
|
1188
|
|
|
|
|
|
|
However, this is not sprintf, so you cannot combine them, thus B<you cannot do this>: C<5m1D> |
1189
|
|
|
|
|
|
|
|
1190
|
|
|
|
|
|
|
=item C<now> |
1191
|
|
|
|
|
|
|
|
1192
|
|
|
|
|
|
|
Special keyword |
1193
|
|
|
|
|
|
|
|
1194
|
|
|
|
|
|
|
=item In last resort, the value provided will be parsed using L<Module::Generic/_parse_timestamp>. If parsing fails, it will return C<undef> and set an error. |
1195
|
|
|
|
|
|
|
|
1196
|
|
|
|
|
|
|
=back |
1197
|
|
|
|
|
|
|
|
1198
|
|
|
|
|
|
|
Ultimately, a L<DateTime> will be derived from those values, or C<undef> will be returned and an error will be set. |
1199
|
|
|
|
|
|
|
|
1200
|
|
|
|
|
|
|
The L<DateTime> object will be set with a formatter to allow a stringification that is compliant with rfc6265. |
1201
|
|
|
|
|
|
|
|
1202
|
|
|
|
|
|
|
And you can use L</max_age> alternatively. |
1203
|
|
|
|
|
|
|
|
1204
|
|
|
|
|
|
|
See also L<https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Date> |
1205
|
|
|
|
|
|
|
|
1206
|
|
|
|
|
|
|
Note that a cookie without an expiration datetime is referred as a C<session cookie>, so setting the cookie expiration change a cookie from being a session cookie to being a more permanent cookie. |
1207
|
|
|
|
|
|
|
|
1208
|
|
|
|
|
|
|
As L<documented|https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie>, if expiration is "unspecified, the cookie becomes a session cookie. A session finishes when the client shuts down, after which the session cookie is removed." |
1209
|
|
|
|
|
|
|
|
1210
|
|
|
|
|
|
|
=head2 fields |
1211
|
|
|
|
|
|
|
|
1212
|
|
|
|
|
|
|
Returns an L<array object|Module::Generic::Array> of cookie fields available. This is essentially used by L</apply> |
1213
|
|
|
|
|
|
|
|
1214
|
|
|
|
|
|
|
=head2 host |
1215
|
|
|
|
|
|
|
|
1216
|
|
|
|
|
|
|
Alias for L</domain> |
1217
|
|
|
|
|
|
|
|
1218
|
|
|
|
|
|
|
=head2 host_only |
1219
|
|
|
|
|
|
|
|
1220
|
|
|
|
|
|
|
This is an alias for L</implicit>. It has been added to comply with the language of L<rfc6265, section 5.3.6|https://datatracker.ietf.org/doc/html/rfc6265#section-5.3> |
1221
|
|
|
|
|
|
|
|
1222
|
|
|
|
|
|
|
If the domain attribute was not provided by the server for this cookie, then: |
1223
|
|
|
|
|
|
|
"set the cookie's host-only-flag to true." and "set the cookie's domain to the canonicalized request-host" |
1224
|
|
|
|
|
|
|
|
1225
|
|
|
|
|
|
|
Returns the current value as a L<Module::Generic::Boolean> object (that is stringifyable). |
1226
|
|
|
|
|
|
|
|
1227
|
|
|
|
|
|
|
=head2 http_only |
1228
|
|
|
|
|
|
|
|
1229
|
|
|
|
|
|
|
Sets or gets the boolean for C<httpOnly> |
1230
|
|
|
|
|
|
|
|
1231
|
|
|
|
|
|
|
Returns a L<Module::Generic::Boolean> object. |
1232
|
|
|
|
|
|
|
|
1233
|
|
|
|
|
|
|
=head2 httponly |
1234
|
|
|
|
|
|
|
|
1235
|
|
|
|
|
|
|
Alias for L</http_only> |
1236
|
|
|
|
|
|
|
|
1237
|
|
|
|
|
|
|
=head2 implicit |
1238
|
|
|
|
|
|
|
|
1239
|
|
|
|
|
|
|
This boolean is set to true if the L<domain|/domain> was not initially set and has been derived from the current host. |
1240
|
|
|
|
|
|
|
|
1241
|
|
|
|
|
|
|
Returns a L<Module::Generic::Boolean> object. |
1242
|
|
|
|
|
|
|
|
1243
|
|
|
|
|
|
|
=head2 initialisation_vector |
1244
|
|
|
|
|
|
|
|
1245
|
|
|
|
|
|
|
Set or get the L<Initialisation Vector|https://en.wikipedia.org/wiki/Initialization_vector> used for cookie encryption. If you do not provide one, it will be automatically generated. If you want to provide your own, make sure the size meets the encryption algorithm size requirement. |
1246
|
|
|
|
|
|
|
|
1247
|
|
|
|
|
|
|
To find the right size for the Initialisation Vector, for example for algorithm C<AES>, you could do: |
1248
|
|
|
|
|
|
|
|
1249
|
|
|
|
|
|
|
perl -MCrypt::Cipher::AES -lE 'say Crypt::Cipher::AES->blocksize' |
1250
|
|
|
|
|
|
|
|
1251
|
|
|
|
|
|
|
which would yield C<16> |
1252
|
|
|
|
|
|
|
|
1253
|
|
|
|
|
|
|
=head2 is_expired |
1254
|
|
|
|
|
|
|
|
1255
|
|
|
|
|
|
|
Returns true if this cookie has an expiration datetime set and it has expired, i.e. the expiration datetime is in the past. Otherwise, it returns false. |
1256
|
|
|
|
|
|
|
|
1257
|
|
|
|
|
|
|
Return value is in the form of a L<Module::Generic::Boolean> object that stringifies to 1 or 0; |
1258
|
|
|
|
|
|
|
|
1259
|
|
|
|
|
|
|
=head2 is_persistent |
1260
|
|
|
|
|
|
|
|
1261
|
|
|
|
|
|
|
Boolean. This returns true if the cookie sent from the server is not a session cookie, i.e. it has an L</expires> value set. |
1262
|
|
|
|
|
|
|
|
1263
|
|
|
|
|
|
|
See L<rfc62655, section 5.3.3|https://datatracker.ietf.org/doc/html/rfc6265#section-5.3> |
1264
|
|
|
|
|
|
|
|
1265
|
|
|
|
|
|
|
=head2 is_session |
1266
|
|
|
|
|
|
|
|
1267
|
|
|
|
|
|
|
Returns true if this is a session cookie, i.e. it has no expiration datetime nor any L</max_age> set, otherwise, it returns false. |
1268
|
|
|
|
|
|
|
|
1269
|
|
|
|
|
|
|
Return value is in the form of a L<Module::Generic::Boolean> object that stringifies to 1 or 0; |
1270
|
|
|
|
|
|
|
|
1271
|
|
|
|
|
|
|
=head2 is_tainted |
1272
|
|
|
|
|
|
|
|
1273
|
|
|
|
|
|
|
Sets or gets the boolean value. This is a legacy method of old cookie module, but not used anymore. |
1274
|
|
|
|
|
|
|
|
1275
|
|
|
|
|
|
|
Returns a L<Module::Generic::Boolean> object. |
1276
|
|
|
|
|
|
|
|
1277
|
|
|
|
|
|
|
=head2 is_valid |
1278
|
|
|
|
|
|
|
|
1279
|
|
|
|
|
|
|
This takes an optional hash or hash reference of parameters. |
1280
|
|
|
|
|
|
|
|
1281
|
|
|
|
|
|
|
It returns true if the cookie was signed and the signature is valid, or false otherwise. |
1282
|
|
|
|
|
|
|
|
1283
|
|
|
|
|
|
|
If an error occurred, this method returns C<undef> and sets an L<error|Module::Generic/error> instead, so check the return value. |
1284
|
|
|
|
|
|
|
|
1285
|
|
|
|
|
|
|
my $rv = $c->is_valid; |
1286
|
|
|
|
|
|
|
die( $c->error ) if( !defined( $rv ) ); |
1287
|
|
|
|
|
|
|
print( "Cookie is valid? ", $rv ? 'yes' : 'no', "\n" ); |
1288
|
|
|
|
|
|
|
|
1289
|
|
|
|
|
|
|
Return value is in the form of a L<Module::Generic::Boolean> object that stringifies to 1 or 0; |
1290
|
|
|
|
|
|
|
|
1291
|
|
|
|
|
|
|
Possible parameters are: |
1292
|
|
|
|
|
|
|
|
1293
|
|
|
|
|
|
|
=over 4 |
1294
|
|
|
|
|
|
|
|
1295
|
|
|
|
|
|
|
=item I<key> string |
1296
|
|
|
|
|
|
|
|
1297
|
|
|
|
|
|
|
The encryption key to use to sign and verify the cookie signature. Defaults to the value set with L</key> |
1298
|
|
|
|
|
|
|
|
1299
|
|
|
|
|
|
|
=back |
1300
|
|
|
|
|
|
|
|
1301
|
|
|
|
|
|
|
=head2 iv |
1302
|
|
|
|
|
|
|
|
1303
|
|
|
|
|
|
|
This is an alias for L</initialisation_vector> |
1304
|
|
|
|
|
|
|
|
1305
|
|
|
|
|
|
|
=head2 key |
1306
|
|
|
|
|
|
|
|
1307
|
|
|
|
|
|
|
Set or get the encryption key used to encrypt the cookie value. This is used when L</encrypt> or L</sign> are set to true. |
1308
|
|
|
|
|
|
|
|
1309
|
|
|
|
|
|
|
When used for cookie encryption, make sure the key size is big enough to satisfy the encryption algorithm requirement, which you can check with, say for C<AES>: |
1310
|
|
|
|
|
|
|
|
1311
|
|
|
|
|
|
|
perl -MCrypt::Cipher::AES -lE 'say Crypt::Cipher::AES->keysize' |
1312
|
|
|
|
|
|
|
|
1313
|
|
|
|
|
|
|
In this case, it will yield C<32>. Replace above C<AES>, byt whatever algorithm you have chosen. |
1314
|
|
|
|
|
|
|
|
1315
|
|
|
|
|
|
|
perl -MCrypt::Cipher::Blowfish -lE 'say Crypt::Cipher::Blowfish->keysize' |
1316
|
|
|
|
|
|
|
|
1317
|
|
|
|
|
|
|
would yield C<56> for C<Blowfish> |
1318
|
|
|
|
|
|
|
|
1319
|
|
|
|
|
|
|
You can use L<Bytes::Random::Secure/random_bytes> to generate a random key: |
1320
|
|
|
|
|
|
|
|
1321
|
|
|
|
|
|
|
# will generate a 32 bytes-long key |
1322
|
|
|
|
|
|
|
my $key = Bytes::Random::Secure::random_bytes(32); |
1323
|
|
|
|
|
|
|
|
1324
|
|
|
|
|
|
|
=head2 match_host |
1325
|
|
|
|
|
|
|
|
1326
|
|
|
|
|
|
|
Provided with an host name and this returns true if this cookie domain either is a perfect match or if the L</implicit> flag is on and the cookie domain is a subset of the host provided. |
1327
|
|
|
|
|
|
|
|
1328
|
|
|
|
|
|
|
Otherwise this returns false. |
1329
|
|
|
|
|
|
|
|
1330
|
|
|
|
|
|
|
=head2 max_age |
1331
|
|
|
|
|
|
|
|
1332
|
|
|
|
|
|
|
Sets or gets the integer value for C<Max-Age> |
1333
|
|
|
|
|
|
|
|
1334
|
|
|
|
|
|
|
This value should be an integer representing the number of seconds until this cookie expires. |
1335
|
|
|
|
|
|
|
|
1336
|
|
|
|
|
|
|
As per the rfc6265, C<Max-Age> takes precedence over C<Expires> when set, so if you set this, any value set with L</expires> will be discarded. |
1337
|
|
|
|
|
|
|
|
1338
|
|
|
|
|
|
|
Returns a L<Module::Generic::Number> object. |
1339
|
|
|
|
|
|
|
|
1340
|
|
|
|
|
|
|
=head2 maxage |
1341
|
|
|
|
|
|
|
|
1342
|
|
|
|
|
|
|
Alias for L</max_age> |
1343
|
|
|
|
|
|
|
|
1344
|
|
|
|
|
|
|
=head2 name |
1345
|
|
|
|
|
|
|
|
1346
|
|
|
|
|
|
|
Sets or gets the cookie name. |
1347
|
|
|
|
|
|
|
|
1348
|
|
|
|
|
|
|
As per the L<Mozilla documentation|https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie>, a cookie name cannot contain any of the following charadcters: |
1349
|
|
|
|
|
|
|
|
1350
|
|
|
|
|
|
|
\(\)\<\>\@\,\;\:\\\"\/\[\]\?\=\{\} |
1351
|
|
|
|
|
|
|
|
1352
|
|
|
|
|
|
|
Returns a L<Module::Generic::Scalar> object. |
1353
|
|
|
|
|
|
|
|
1354
|
|
|
|
|
|
|
=head2 path |
1355
|
|
|
|
|
|
|
|
1356
|
|
|
|
|
|
|
Sets or gets the path. |
1357
|
|
|
|
|
|
|
|
1358
|
|
|
|
|
|
|
Returns a L<Module::Generic::Scalar> object. |
1359
|
|
|
|
|
|
|
|
1360
|
|
|
|
|
|
|
=head2 port |
1361
|
|
|
|
|
|
|
|
1362
|
|
|
|
|
|
|
Sets or gets the port number. |
1363
|
|
|
|
|
|
|
|
1364
|
|
|
|
|
|
|
Returns a L<Module::Generic::Number> object. |
1365
|
|
|
|
|
|
|
|
1366
|
|
|
|
|
|
|
=head2 reset |
1367
|
|
|
|
|
|
|
|
1368
|
|
|
|
|
|
|
Set the reset flag to true, which will force L</as_string> to recompute the string value of the cookie. |
1369
|
|
|
|
|
|
|
|
1370
|
|
|
|
|
|
|
=head2 same_as |
1371
|
|
|
|
|
|
|
|
1372
|
|
|
|
|
|
|
Provided with another object and this returns true if it has the same property values, false otherwise. |
1373
|
|
|
|
|
|
|
|
1374
|
|
|
|
|
|
|
This is used in overloaded object comparison, such as: |
1375
|
|
|
|
|
|
|
|
1376
|
|
|
|
|
|
|
print( "Same cookie\n" ) if( $c1 eq $c2 ); |
1377
|
|
|
|
|
|
|
# or |
1378
|
|
|
|
|
|
|
print( "Same cookie\n" ) if( $c1 == $c2 ); |
1379
|
|
|
|
|
|
|
|
1380
|
|
|
|
|
|
|
=head2 same_site |
1381
|
|
|
|
|
|
|
|
1382
|
|
|
|
|
|
|
Sets or gets the boolean value for C<Same-Site>. |
1383
|
|
|
|
|
|
|
|
1384
|
|
|
|
|
|
|
The proper values should be C<Relaxed>, C<Strict> or C<None>, but this module does not enforce the value you set. Setting a proper value is your responsibility. |
1385
|
|
|
|
|
|
|
|
1386
|
|
|
|
|
|
|
See L<Mozilla documentation|https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite> for more information. |
1387
|
|
|
|
|
|
|
|
1388
|
|
|
|
|
|
|
If set to C<None>, L<secure> should be set to true. |
1389
|
|
|
|
|
|
|
|
1390
|
|
|
|
|
|
|
See L<rfc 6265|https://datatracker.ietf.org/doc/html/draft-west-first-party-cookies-07> for more information. |
1391
|
|
|
|
|
|
|
|
1392
|
|
|
|
|
|
|
Returns a L<Module::Generic::Scalar> object. |
1393
|
|
|
|
|
|
|
|
1394
|
|
|
|
|
|
|
=head2 samesite |
1395
|
|
|
|
|
|
|
|
1396
|
|
|
|
|
|
|
Alias for L</same_site>. |
1397
|
|
|
|
|
|
|
|
1398
|
|
|
|
|
|
|
=head2 secure |
1399
|
|
|
|
|
|
|
|
1400
|
|
|
|
|
|
|
Sets or gets the boolean value for C<Secure>. |
1401
|
|
|
|
|
|
|
|
1402
|
|
|
|
|
|
|
Returns a L<Module::Generic::Boolean> object. |
1403
|
|
|
|
|
|
|
|
1404
|
|
|
|
|
|
|
=head2 sign |
1405
|
|
|
|
|
|
|
|
1406
|
|
|
|
|
|
|
Set or get the boolean value. If true, then the cookie value will be signed. The way this works, is that L<Crypt::Mac::HMAC/hmac_b64> will create a C<SHA256> encrypted digest using the encryption key you provided with L</key> and attach the signature to the cookie value separated by a dot. For example: |
1407
|
|
|
|
|
|
|
|
1408
|
|
|
|
|
|
|
my $cookie_value = "toc_ok=1"; |
1409
|
|
|
|
|
|
|
my $key = "hard to guess key"; |
1410
|
|
|
|
|
|
|
my $signature = Crypt::Mac::HMAC::hmac_b64( $key, $cookie_value ); |
1411
|
|
|
|
|
|
|
# signature is I2M4/rh/TiNV5RZDSBJkhLblBvrN5k9448G6w/gp/jg= |
1412
|
|
|
|
|
|
|
# cookie resulting value before uri encoding: |
1413
|
|
|
|
|
|
|
# toc_ok%3D1.I2M4/rh/TiNV5RZDSBJkhLblBvrN5k9448G6w/gp/jg= |
1414
|
|
|
|
|
|
|
|
1415
|
|
|
|
|
|
|
So, you need to have the module L<Crypt::Mac> installed to be able to use this feature. |
1416
|
|
|
|
|
|
|
|
1417
|
|
|
|
|
|
|
Signature are used to ensure data integrity protection for content that are not secret. |
1418
|
|
|
|
|
|
|
|
1419
|
|
|
|
|
|
|
For more secret content, use L</encrypt>. |
1420
|
|
|
|
|
|
|
|
1421
|
|
|
|
|
|
|
You can read more about the difference between L<sign and encryption at Stackoverflow|https://stackoverflow.com/questions/41467012/what-is-the-difference-between-signed-and-encrypted-cookies-in-rails> |
1422
|
|
|
|
|
|
|
|
1423
|
|
|
|
|
|
|
=head2 strict |
1424
|
|
|
|
|
|
|
|
1425
|
|
|
|
|
|
|
Boolean. Should this API be strict about the cookie names? |
1426
|
|
|
|
|
|
|
When true, this will reject cookie names with invalid characters. |
1427
|
|
|
|
|
|
|
|
1428
|
|
|
|
|
|
|
Cookie name can contain only US ASCII characters and exclude any separators such as C<< ( ) < > @ , ; : \ " / [ ] ? = { } >> |
1429
|
|
|
|
|
|
|
|
1430
|
|
|
|
|
|
|
=head2 uri |
1431
|
|
|
|
|
|
|
|
1432
|
|
|
|
|
|
|
If a value is provided, it will be transformed into a L<URI> object, and its C<port>, C<path> and C<host> components will be used to set the values for L</port>, L</path> and L</domain> respectively. |
1433
|
|
|
|
|
|
|
|
1434
|
|
|
|
|
|
|
Otherwise, with no value provided, this will form an L<URI> object based on the cookie secure flag, C<domain>, C<port>, and C<path> |
1435
|
|
|
|
|
|
|
|
1436
|
|
|
|
|
|
|
$c->uri( 'https://www.example.com:8080/some/where?q=find+me' ); |
1437
|
|
|
|
|
|
|
# sets host to www.example.com, port to 8080 and path to /some/where |
1438
|
|
|
|
|
|
|
my $uri = $c->uri; |
1439
|
|
|
|
|
|
|
# get an uri based on cookie properties value, such as: |
1440
|
|
|
|
|
|
|
# https://www.example.com:8080/some/where |
1441
|
|
|
|
|
|
|
|
1442
|
|
|
|
|
|
|
=head2 value |
1443
|
|
|
|
|
|
|
|
1444
|
|
|
|
|
|
|
Sets or gets the value for this cookie. |
1445
|
|
|
|
|
|
|
|
1446
|
|
|
|
|
|
|
Returns a L<Module::Generic::Scalar> object. |
1447
|
|
|
|
|
|
|
|
1448
|
|
|
|
|
|
|
=head2 version |
1449
|
|
|
|
|
|
|
|
1450
|
|
|
|
|
|
|
Sets or gets the cookie version. This was used in version 2 of the cookie standard, but has since been deprecated by L<rfc6265|https://datatracker.ietf.org/doc/html/rfc6265>. |
1451
|
|
|
|
|
|
|
|
1452
|
|
|
|
|
|
|
Returns a L<Module::Generic::Number> object. |
1453
|
|
|
|
|
|
|
|
1454
|
|
|
|
|
|
|
=head2 _header_datetime |
1455
|
|
|
|
|
|
|
|
1456
|
|
|
|
|
|
|
Given a L<DateTime> object, or by default will instantiate a new one, and this will set its formatter to L<DateTime::Format::Strptime> with the appropriate format to ensure the stringification produces a rfc6265 compliant datetime string. |
1457
|
|
|
|
|
|
|
|
1458
|
|
|
|
|
|
|
=head2 TO_JSON |
1459
|
|
|
|
|
|
|
|
1460
|
|
|
|
|
|
|
This method is used so that if the cookie object is part of some data encoded into json, this will convert the cookie data properly to be used by L<JSON> |
1461
|
|
|
|
|
|
|
|
1462
|
|
|
|
|
|
|
=head1 SIGNED COOKIES |
1463
|
|
|
|
|
|
|
|
1464
|
|
|
|
|
|
|
As shown in the L</SYNOPSIS> you can sign cookies effortlessly. This package has taken all the hassle of doing it for you. |
1465
|
|
|
|
|
|
|
|
1466
|
|
|
|
|
|
|
To use this feature you need to have installed L<Crypt::Mode::CBC> which is part of L<CryptX> |
1467
|
|
|
|
|
|
|
|
1468
|
|
|
|
|
|
|
The methods available to use for cookie integrity protection are: L</key>, L</sign> to enable cookie signature, L</is_valid> to check if the signature is valid. |
1469
|
|
|
|
|
|
|
|
1470
|
|
|
|
|
|
|
Cookie signature is performed by L<CryptX>, which is an XS module, and thus very fast. |
1471
|
|
|
|
|
|
|
|
1472
|
|
|
|
|
|
|
=head1 ENCRYPTED COOKIES |
1473
|
|
|
|
|
|
|
|
1474
|
|
|
|
|
|
|
As shown in the L</SYNOPSIS> you can encrypt cookies effortlessly. This package has taken all the hassle of doing it for you. |
1475
|
|
|
|
|
|
|
|
1476
|
|
|
|
|
|
|
To use this feature you need to have installed L<Crypt::Mode::CBC> which is part of L<CryptX> |
1477
|
|
|
|
|
|
|
|
1478
|
|
|
|
|
|
|
The methods available to use for cookie encryption are: L</algo> to set the desired algorithm, L</key>, L</encrypt> to enable encryption, L</decrypt> to decrypt the cookie value, and optionally L</initialisation_vector>. |
1479
|
|
|
|
|
|
|
|
1480
|
|
|
|
|
|
|
Cookie encryption is performed by L<CryptX>, which is an XS module, and thus very fast. |
1481
|
|
|
|
|
|
|
|
1482
|
|
|
|
|
|
|
=head1 INSTALLATION |
1483
|
|
|
|
|
|
|
|
1484
|
|
|
|
|
|
|
As usual, to install this module, you can do: |
1485
|
|
|
|
|
|
|
|
1486
|
|
|
|
|
|
|
perl Makefile.PL |
1487
|
|
|
|
|
|
|
make |
1488
|
|
|
|
|
|
|
make test |
1489
|
|
|
|
|
|
|
sudo make install |
1490
|
|
|
|
|
|
|
|
1491
|
|
|
|
|
|
|
If you have Apache/modperl2 installed, this will also prepare the Makefile and run test under modperl. |
1492
|
|
|
|
|
|
|
|
1493
|
|
|
|
|
|
|
The Makefile.PL tries hard to find your Apache configuration, but you can give it a hand by specifying some command line parameters. See L<Apache::TestMM> for available parameters or you can type on the command line: |
1494
|
|
|
|
|
|
|
|
1495
|
|
|
|
|
|
|
perl -MApache::TestConfig -le 'Apache::TestConfig::usage()' |
1496
|
|
|
|
|
|
|
|
1497
|
|
|
|
|
|
|
For example: |
1498
|
|
|
|
|
|
|
|
1499
|
|
|
|
|
|
|
perl Makefile.PL -apxs /usr/bin/apxs -port 1234 |
1500
|
|
|
|
|
|
|
# which will also set the path to httpd_conf, otherwise |
1501
|
|
|
|
|
|
|
perl Makefile.PL -httpd_conf /etc/apache2/apache2.conf |
1502
|
|
|
|
|
|
|
|
1503
|
|
|
|
|
|
|
# then |
1504
|
|
|
|
|
|
|
make |
1505
|
|
|
|
|
|
|
make test |
1506
|
|
|
|
|
|
|
sudo make install |
1507
|
|
|
|
|
|
|
|
1508
|
|
|
|
|
|
|
See also L<modperl testing documentation|https://perl.apache.org/docs/general/testing/testing.html> |
1509
|
|
|
|
|
|
|
|
1510
|
|
|
|
|
|
|
But, if for some reason, you do not want to perform the mod_perl tests, you can use C<NO_MOD_PERL=1> when calling C<perl Makefile.PL>, such as: |
1511
|
|
|
|
|
|
|
|
1512
|
|
|
|
|
|
|
NO_MOD_PERL=1 perl Makefile.PL |
1513
|
|
|
|
|
|
|
make |
1514
|
|
|
|
|
|
|
make test |
1515
|
|
|
|
|
|
|
sudo make install |
1516
|
|
|
|
|
|
|
|
1517
|
|
|
|
|
|
|
=head1 AUTHOR |
1518
|
|
|
|
|
|
|
|
1519
|
|
|
|
|
|
|
Jacques Deguest E<lt>F<jack@deguest.jp>E<gt> |
1520
|
|
|
|
|
|
|
|
1521
|
|
|
|
|
|
|
=head1 SEE ALSO |
1522
|
|
|
|
|
|
|
|
1523
|
|
|
|
|
|
|
L<Cookie::Jar>, L<Apache2::Cookies>, L<APR::Request::Cookie> |
1524
|
|
|
|
|
|
|
|
1525
|
|
|
|
|
|
|
L<rfc6265|https://datatracker.ietf.org/doc/html/rfc6265> |
1526
|
|
|
|
|
|
|
|
1527
|
|
|
|
|
|
|
L<Latest tentative version of the cookie standard|https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis-09> |
1528
|
|
|
|
|
|
|
|
1529
|
|
|
|
|
|
|
=head1 COPYRIGHT & LICENSE |
1530
|
|
|
|
|
|
|
|
1531
|
|
|
|
|
|
|
Copyright (c) 2019-2021 DEGUEST Pte. Ltd. |
1532
|
|
|
|
|
|
|
|
1533
|
|
|
|
|
|
|
You can use, copy, modify and redistribute this package and associated |
1534
|
|
|
|
|
|
|
files under the same terms as Perl itself. |
1535
|
|
|
|
|
|
|
|
1536
|
|
|
|
|
|
|
=cut |