From: José Bollo Date: Tue, 23 Feb 2016 08:48:15 +0000 (+0100) Subject: refactor cookie to add #port X-Git-Tag: blowfish_2.0.1~278 X-Git-Url: https://gerrit.automotivelinux.org/gerrit/gitweb?a=commitdiff_plain;h=6930cdc6c322f88d1f3cc99622941e3d5037f74a;p=src%2Fapp-framework-binder.git refactor cookie to add #port Change-Id: Ieac2936413a59b80db66e9ba69d586d7fa481ef8 Signed-off-by: José Bollo --- diff --git a/include/local-def.h b/include/local-def.h index 01f10626..0bf0294d 100644 --- a/include/local-def.h +++ b/include/local-def.h @@ -54,7 +54,7 @@ #define MAGIC_DB "/usr/share/misc/magic.mgc" #define OPA_INDEX "index.html" #define MAX_ALIAS 10 // max number of aliases -#define COOKIE_NAME "AJB_session" +#define COOKIE_NAME "afb-session" #define DEFLT_CNTX_TIMEOUT 3600 // default Client Connection Timeout diff --git a/src/rest-api.c b/src/rest-api.c index c85fbea1..b83e8932 100644 --- a/src/rest-api.c +++ b/src/rest-api.c @@ -514,7 +514,7 @@ ProcessApiCall: // client did not pass token on URI let's use cookies if ((!request->restfull) && (request->context != NULL)) { char cookie[256]; - snprintf (cookie, sizeof (cookie), "%s=%s;path=%s;max-age=%d", COOKIE_NAME, request->uuid, request->config->rootapi,request->config->cntxTimeout); + snprintf (cookie, sizeof (cookie), "%s-%d=%s; Path=%s; Max-Age=%d; HttpOnly", COOKIE_NAME, request->config->httpdPort, request->uuid, request->config->rootapi,request->config->cntxTimeout); MHD_add_response_header (webResponse, MHD_HTTP_HEADER_SET_COOKIE, cookie); } diff --git a/src/session.c b/src/session.c index 9e25c27f..481e04c7 100644 --- a/src/session.c +++ b/src/session.c @@ -449,8 +449,10 @@ PUBLIC AFB_clientCtx *ctxClientGet (AFB_request *request, int idx) { // if UUID in query we're restfull with no cookies otherwise check for cookie if (uuid != NULL) request->restfull = TRUE; else { + char cookie[64]; request->restfull = FALSE; - uuid = MHD_lookup_connection_value (request->connection, MHD_COOKIE_KIND, COOKIE_NAME); + snprintf(cookie, sizeof cookie, "%s-%d", COOKIE_NAME, request->config->httpdPort); + uuid = MHD_lookup_connection_value (request->connection, MHD_COOKIE_KIND, cookie); }; // Warning when no cookie defined MHD_lookup_connection_value may return something !!!