diff options
| -rw-r--r-- | doc/man3/http_cookie_create.3 | 28 | ||||
| -rw-r--r-- | http.c | 36 | ||||
| -rw-r--r-- | include/libweb/http.h | 4 |
3 files changed, 30 insertions, 38 deletions
diff --git a/doc/man3/http_cookie_create.3 b/doc/man3/http_cookie_create.3 index 3ed78be..c439d91 100644 --- a/doc/man3/http_cookie_create.3 +++ b/doc/man3/http_cookie_create.3 @@ -1,4 +1,4 @@ -.TH HTTP_COOKIE_CREATE 3 2024-08-22 0.4.0 "libweb Library Reference" +.TH HTTP_COOKIE_CREATE 3 2026-02-12 0.6.0 "libweb Library Reference" .SH NAME http_cookie_create \- creates a HTTP/1.1 cookie @@ -8,7 +8,7 @@ http_cookie_create \- creates a HTTP/1.1 cookie .nf #include <libweb/http.h> .P -char *http_cookie_create(const char *\fIkey\fP, const char *\fIvalue\fP); +char *http_cookie_create(const char *\fIkey\fP, const char *\fIvalue\fP, const struct tm *\fIexp\fP); .fi .SH DESCRIPTION @@ -19,7 +19,13 @@ defined by .I key and .IR value , -which are null-terminated strings. +which are null-terminated strings, with an optional expiration date defined by +.IR exp . + +If +.I exp +is a null pointer, no expiration date is set to the cookie, and therefore it +effectively acts as a session cookie. .SH RETURN VALUE On success, a null-terminated string with the newly HTTP/1.1 cookie is @@ -34,11 +40,13 @@ A successful call to with .I ExampleValue as -.I key -and +.IR key , .I ExampleValue as .I value +and +.I exp +pointing to a given calendar time might return a null-terminated string such as the one below: .LP @@ -48,19 +56,11 @@ ExampleHeader=ExampleValue; HttpOnly; Expires Wed, 07 Sep 2023 00:00:00 GMT .EE .in -.SH FUTURE DIRECTIONS - -.I libweb -sets a 1-year expiration date for HTTP cookies due to arbitrary design -limitations. Future versions of this library shall allow a custom -expiration date as an additional parameter to -.IR http_cookie_create (3). - .SH SEE ALSO .BR libweb_http (7). .SH COPYRIGHT -Copyright (C) 2023-2024 libweb contributors +Copyright (C) 2023-2026 libweb contributors .P This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by @@ -2748,29 +2748,11 @@ failure: return ret; } -static int append_expire(struct dynstr *const d) +static int append_expire(struct dynstr *const d, const struct tm *const exp) { - time_t t = time(NULL); - - if (t == (time_t)-1) - { - fprintf(stderr, "%s: time(3): %s\n", __func__, strerror(errno)); - return -1; - } - - t += 365 * 24 * 60 * 60; - - struct tm tm; - - if (!localtime_r(&t, &tm)) - { - fprintf(stderr, "%s: localtime_r(3): %s\n", __func__, strerror(errno)); - return -1; - } - char s[sizeof "Thu, 01 Jan 1970 00:00:00 GMT"]; - if (!strftime(s, sizeof s, "%a, %d %b %Y %H:%M:%S GMT", &tm)) + if (!strftime(s, sizeof s, "%a, %d %b %Y %H:%M:%S GMT", exp)) { fprintf(stderr, "%s: strftime(3) failed\n", __func__); return -1; @@ -2784,15 +2766,23 @@ static int append_expire(struct dynstr *const d) return 0; } -char *http_cookie_create(const char *const key, const char *const value) +char *http_cookie_create(const char *const key, const char *const value, + const struct tm *const exp) { struct dynstr d; dynstr_init(&d); - if (dynstr_append(&d, "%s=%s; HttpOnly; SameSite=Strict", key, value) - || append_expire(&d)) + if (dynstr_append(&d, "%s=%s; HttpOnly; SameSite=Strict", key, value)) + { + fprintf(stderr, "%s: dynstr_append failed\n", __func__); goto failure; + } + else if (exp && append_expire(&d, exp)) + { + fprintf(stderr, "%s: append_expire failed\n", __func__); + goto failure; + } return d.str; diff --git a/include/libweb/http.h b/include/libweb/http.h index dab19df..bd7769e 100644 --- a/include/libweb/http.h +++ b/include/libweb/http.h @@ -4,6 +4,7 @@ #include <stdbool.h> #include <stddef.h> #include <stdio.h> +#include <time.h> struct http_header { @@ -144,7 +145,8 @@ void http_free(struct http_ctx *h); int http_update(struct http_ctx *h, bool *write, bool *close); int http_response_add_header(struct http_response *r, const char *header, const char *value); -char *http_cookie_create(const char *key, const char *value); +char *http_cookie_create(const char *key, const char *value, + const struct tm *exp); char *http_encode_url(const char *url); int http_decode_url(const char *url, bool spaces, char **out); |