Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

153 lines
4.9 KiB

  1. #include <wininetp.h>
  2. #include "p3pparser.h"
  3. #include "policyref.h"
  4. #include "xmlwrapper.h"
  5. #include "download.h"
  6. #include <shlwapi.h>
  7. P3PReference *constructReference(TreeNode *pReference, P3PCURL pszOriginURL, P3PCURL pszReferrer) {
  8. P3PCURL pszPolicyURL = pReference->attribute("about");
  9. /* Element name must be "POLICY-REF" and the policy location
  10. must be present in the "about" attribute */
  11. if (!pszPolicyURL)
  12. return NULL;
  13. /* P3PReference object operates on absolute URLs */
  14. P3PCHAR achPolicy[URL_LIMIT];
  15. unsigned long dwSize = sizeof(achPolicy);
  16. UrlCombine(pszOriginURL, pszPolicyURL, achPolicy, &dwSize, 0);
  17. P3PReference *pResult = new P3PReference(achPolicy);
  18. for (TreeNode *pNode = pReference->child(); pNode; pNode=pNode->sibling()) {
  19. if (pNode->child()==NULL ||
  20. pNode->child()->text()==NULL)
  21. continue;
  22. int fInclude;
  23. const char *pszTagName = pNode->tagname();
  24. if (!strcmp(pszTagName, "METHOD")) {
  25. pResult->addVerb(pNode->child()->text());
  26. continue;
  27. }
  28. else if (!strcmp(pszTagName, "INCLUDE"))
  29. fInclude = TRUE;
  30. else if (!strcmp(pszTagName, "EXCLUDE"))
  31. fInclude = FALSE;
  32. else
  33. continue; /* Unrecognized tag */
  34. /* Create absolute path
  35. NOTE: we will accept absolute URLs in the INCLUDE/EXCLUDE elements,
  36. even though P3P spec mandates relative URIs. */
  37. P3PCURL pszSubtree = pNode->child()->text();
  38. P3PCHAR achAbsoluteURL[URL_LIMIT];
  39. DWORD dwLength = URL_LIMIT;
  40. /* Only spaces are to be escaped because the asterix characters
  41. is used as wildcard according to P3P spec */
  42. UrlCombine(pszReferrer, pszSubtree,
  43. achAbsoluteURL, &dwLength,
  44. URL_ESCAPE_SPACES_ONLY);
  45. if (fInclude)
  46. pResult->include(achAbsoluteURL);
  47. else
  48. pResult->exclude(achAbsoluteURL);
  49. }
  50. return pResult;
  51. }
  52. P3PPolicyRef *interpretPolicyRef(TreeNode *pXMLroot, P3PContext *pContext) {
  53. bool fHaveExpiry = false;
  54. TreeNode *prefRoot = pXMLroot->child();
  55. if (!prefRoot ||
  56. strcmp(prefRoot->tagname(), "POLICY-REFERENCES"))
  57. return NULL;
  58. P3PPolicyRef *pPolicyRef = new P3PPolicyRef();
  59. /* Loop over the individual references in this policy-ref */
  60. TreeNode *pCurrent = prefRoot->child();
  61. while (pCurrent) {
  62. if (!strcmp(pCurrent->tagname(), "EXPIRY")) {
  63. /* Check expiry time and update expiry of cache entry */
  64. FILETIME ftExpires = {0x0, 0x0}; /* initialized to past */
  65. /* expiry could be absolute HTTP date or relative max-age in seconds */
  66. if (const char *pszAbsExpiry = pCurrent->attribute("date"))
  67. setExpiration(pContext->pszOriginalLoc, pszAbsExpiry, FALSE, &ftExpires);
  68. else if (const char *pszRelExpiry = pCurrent->attribute("max-age"))
  69. setExpiration(pContext->pszOriginalLoc, pszRelExpiry, TRUE, &ftExpires);
  70. /* P3P-compliance: when expiration syntax is not recognized, user agent
  71. MUST assume the policy has expired.
  72. If both the conditionals above are false, or parse errors are
  73. encountered when interpreting the strings, the expiration is
  74. set to the zero-struct corresponding to a date in the past */
  75. pPolicyRef->setExpiration(ftExpires);
  76. fHaveExpiry = true;
  77. }
  78. else if (!strcmp(pCurrent->tagname(), "POLICY-REF")) {
  79. P3PReference *pReference = constructReference(pCurrent, pContext->pszOriginalLoc, pContext->pszReferrer);
  80. if (pReference)
  81. pPolicyRef->addReference(pReference);
  82. }
  83. pCurrent = pCurrent->sibling();
  84. }
  85. /* When policy-ref contains no EXPIRY tag,
  86. the default lifetime is assigned */
  87. if (!fHaveExpiry) {
  88. /* P3P spec states that default expiry for documents is 24 hours */
  89. const char DefRelativeExp[] = "86400";
  90. FILETIME ftHTTPexpiry;
  91. setExpiration(pContext->pszOriginalLoc, DefRelativeExp, TRUE, &ftHTTPexpiry);
  92. pPolicyRef->setExpiration(ftHTTPexpiry);
  93. }
  94. return pPolicyRef;
  95. }
  96. P3PPolicyRef *interpretPolicyRef(char *pszFileName, P3PContext *pContext) {
  97. P3PPolicyRef *pObject = NULL;
  98. IXMLDOMDocument *pDocument = parseXMLDocument(pszFileName);
  99. if (!pDocument)
  100. return NULL;
  101. TreeNode *pParseTree = createXMLtree(pDocument);
  102. pDocument->Release();
  103. if (pParseTree && !strcmp(pParseTree->tagname(), "META"))
  104. pObject = interpretPolicyRef(pParseTree, pContext);
  105. delete pParseTree;
  106. return pObject;
  107. }