* An empty "expires" field results in a session cookie, rather than
rejecting the cookie altogether
* A page can set a cookie it is not allowed to access (for example in a
subdirectory of where the page is located). Separate IsValidForUrl and
_CanBeSetFromUrl to perform the appropriate checks in each case.
* Limit cookie path to 4096 characters. As a result of the previous
change, a page would be allowed to set a cookie with an aribrarily long
subpath, wasting disk space and RAM by growing hte cookie jar.
* Don't allow path with . or .. elements. These are a source of
confusion and are not needed.
* Reset the cookie fields when parsing failed. This does not matter when
using the cookie jar, but is useful when working directly with
BNetworkCookie.
strptime can return non-NULL values even if it only parsed part of the
string. This was sometimes making us use the wrong format. Now we try
all formats and checks how much of the string strptime managed to parse.
We stop when it has parsed a big enough part of it.
Terminal crashes because fView is not connected to App Server when
this is called so calling fView->GetMouse() is not allowed. We could
perhaps check to make sure that fView is connected to App Server by
checking that fView->Window() != NULL, but, a better way to handle this
is to grab the already set fLastClickPoint variable from fView
which eliminates the need to grab the current mouse position again.
Worst case scenario is that fLastClickPoint hasn't been set in which
case Terminal won't find anything to highlight or unhighlight.
Also check to make sure that fView != NULL here for good measure.
Fixes #10902
* BString::CopyInfo() takes length as second
parameter, not the end-offset. This bug didn't
have any effect, since BString clamps the length.
* ',' is a comma, ':' is a colon.
* When parsing "additionalData" in the loop for
name=value pairs, an empty name is not useful,
continue the loop early.
* "value" may have the length 0, accessing it
with value[0] would not lead to an access violation,
since it just reads the terminating zero (I think),
but it's nicer if the code makes it clear that
value being empty is considered.
* _H() was using a static buffer, in a heavily
multi-threaded situation. I don't think this was
healthy.
* Implement the proposed optimization of using
BString::LockBuffer(). Appending one char at a time
is really bad for peformance. The Base64 encoding/decoding
should really be rewritten as well for similar reasons.
These were getting out of sync and causing trouble, and they are easy to
compute from existing information.
Fixes some problems detected by the testsuite where the user/password or
the host would sometime disappear from the URL.
No functional changes intended.
* Updated copyright information.
* Reduced doxygen documentation down to a helpful summary
in a regular comment, the documentation has been moved into
the Haiku Book.
* Some parameter renaming for consistency and clarity.
* A few other style fixes.
This shows there are some problems with BUrl, still.
CppUnit stops at the first failed assert in each test, which doesn't
give a good overview of the number of failures in this case (the first
subtest fails). A possible solution is splitting this into smaller
subsets.