* cookies. Used internally after a request to parse the
* Set-Cookie headers.
*
- * @param string $value the value of the cookie
- * @param array $attr possible key/values:
+ * @param string $value The value of the cookie
+ * @param array $attr Possible key/values:
* expires A date string
* path The path this cookie is used on
* domain Domain this cookie is used on
* @todo fixme fails to detect 2-letter top-level domains for single-domain use (probably
* not a big problem in practice, but there are test cases)
*
- * @param string $domain the domain to validate
+ * @param string $domain The domain to validate
* @param string $originDomain (optional) the domain the cookie originates from
- * @return Boolean
+ * @return bool
*/
public static function validateCookieDomain( $domain, $originDomain = null ) {
- // Don't allow a trailing dot
- if ( substr( $domain, -1 ) == '.' ) {
+ $dc = explode( ".", $domain );
+
+ // Don't allow a trailing dot or addresses without a or just a leading dot
+ if ( substr( $domain, -1 ) == '.' ||
+ count( $dc ) <= 1 ||
+ count( $dc ) == 2 && $dc[0] === ''
+ ) {
return false;
}
- $dc = explode( ".", $domain );
-
// Only allow full, valid IP addresses
if ( preg_match( '/^[0-9.]+$/', $domain ) ) {
if ( count( $dc ) != 4 ) {
}
if ( substr( $domain, 0, 1 ) == '.'
- && substr_compare( $originDomain, $domain, -strlen( $domain ),
- strlen( $domain ), true ) != 0 ) {
+ && substr_compare(
+ $originDomain,
+ $domain,
+ -strlen( $domain ),
+ strlen( $domain ),
+ true
+ ) != 0
+ ) {
return false;
}
}
/**
* Serialize the cookie jar into a format useful for HTTP Request headers.
*
- * @param string $path the path that will be used. Required.
- * @param string $domain the domain that will be used. Required.
- * @return String
+ * @param string $path The path that will be used. Required.
+ * @param string $domain The domain that will be used. Required.
+ * @return string
*/
public function serializeToHttpRequest( $path, $domain ) {
$ret = '';
}
/**
- * @param $domain
+ * @param string $domain
* @return bool
*/
protected function canServeDomain( $domain ) {
if ( $domain == $this->domain
|| ( strlen( $domain ) > strlen( $this->domain )
&& substr( $this->domain, 0, 1 ) == '.'
- && substr_compare( $domain, $this->domain, -strlen( $this->domain ),
- strlen( $this->domain ), true ) == 0 ) ) {
+ && substr_compare(
+ $domain,
+ $this->domain,
+ -strlen( $this->domain ),
+ strlen( $this->domain ),
+ true
+ ) == 0
+ )
+ ) {
return true;
}
}
/**
- * @param $path
+ * @param string $path
* @return bool
*/
protected function canServePath( $path ) {
/**
* Set a cookie in the cookie jar. Make sure only one cookie per-name exists.
* @see Cookie::set()
+ * @param string $name
+ * @param string $value
+ * @param array $attr
*/
public function setCookie( $name, $value, $attr ) {
/* cookies: case insensitive, so this should work.
/**
* @see Cookie::serializeToHttpRequest
+ * @param string $path
+ * @param string $domain
* @return string
*/
public function serializeToHttpRequest( $path, $domain ) {
/**
* Parse the content of an Set-Cookie HTTP Response header.
*
- * @param $cookie String
- * @param string $domain cookie's domain
+ * @param string $cookie
+ * @param string $domain Cookie's domain
* @return null
*/
public function parseCookieResponseHeader( $cookie, $domain ) {
dépôts / lhc / web / wiklou.git / blobdiff