Overview

Packages

  • Requests
    • Authentication
    • Cookies
    • Proxy
    • Session
    • Transport
    • Utilities

Classes

  • Requests
  • Requests_Auth_Basic
  • Requests_Cookie
  • Requests_Cookie_Jar
  • Requests_Hooks
  • Requests_IDNAEncoder
  • Requests_IPv6
  • Requests_IRI
  • Requests_Proxy_HTTP
  • Requests_Response
  • Requests_Response_Headers
  • Requests_Session
  • Requests_SSL
  • Requests_Transport_cURL
  • Requests_Transport_fsockopen
  • Requests_Utility_CaseInsensitiveDictionary
  • Requests_Utility_FilteredIterator

Interfaces

  • Requests_Auth
  • Requests_Hooker
  • Requests_Proxy
  • Requests_Transport

Exceptions

  • Requests_Exception
  • Requests_Exception_HTTP
  • Requests_Exception_HTTP_304
  • Requests_Exception_HTTP_305
  • Requests_Exception_HTTP_306
  • Requests_Exception_HTTP_400
  • Requests_Exception_HTTP_401
  • Requests_Exception_HTTP_402
  • Requests_Exception_HTTP_403
  • Requests_Exception_HTTP_404
  • Requests_Exception_HTTP_405
  • Requests_Exception_HTTP_406
  • Requests_Exception_HTTP_407
  • Requests_Exception_HTTP_408
  • Requests_Exception_HTTP_409
  • Requests_Exception_HTTP_410
  • Requests_Exception_HTTP_411
  • Requests_Exception_HTTP_412
  • Requests_Exception_HTTP_413
  • Requests_Exception_HTTP_414
  • Requests_Exception_HTTP_415
  • Requests_Exception_HTTP_416
  • Requests_Exception_HTTP_417
  • Requests_Exception_HTTP_418
  • Requests_Exception_HTTP_428
  • Requests_Exception_HTTP_429
  • Requests_Exception_HTTP_431
  • Requests_Exception_HTTP_500
  • Requests_Exception_HTTP_501
  • Requests_Exception_HTTP_502
  • Requests_Exception_HTTP_503
  • Requests_Exception_HTTP_504
  • Requests_Exception_HTTP_505
  • Requests_Exception_HTTP_511
  • Requests_Exception_HTTP_Unknown
  • Requests_Exception_Transport
  • Requests_Exception_Transport_cURL
  • Overview
  • Package
  • Class
  • Tree
  • Deprecated

Warning! You are currently reading the documentation for Requests 1.x.

It is recommended to upgrade to Requests 2.x at your earliest convenience. Upgrading to Requests 2.x is fairly straight-forward.
A full list of the changes can be found in the Changelog.

Visit the Requests 2.x documentation.

  1:   2:   3:   4:   5:   6:   7:   8:   9:  10:  11:  12:  13:  14:  15:  16:  17:  18:  19:  20:  21:  22:  23:  24:  25:  26:  27:  28:  29:  30:  31:  32:  33:  34:  35:  36:  37:  38:  39:  40:  41:  42:  43:  44:  45:  46:  47:  48:  49:  50:  51:  52:  53:  54:  55:  56:  57:  58:  59:  60:  61:  62:  63:  64:  65:  66:  67:  68:  69:  70:  71:  72:  73:  74:  75:  76:  77:  78:  79:  80:  81:  82:  83:  84:  85:  86:  87:  88:  89:  90:  91:  92:  93:  94:  95:  96:  97:  98:  99: 100: 101: 102: 103: 104: 105: 106: 107: 108: 109: 110: 111: 112: 113: 114: 115: 116: 117: 118: 119: 120: 121: 122: 123: 124: 125: 126: 127: 128: 129: 130: 131: 132: 133: 134: 135: 136: 137: 138: 139: 140: 141: 142: 143: 144: 145: 146: 147: 148: 149: 150: 151: 152: 153: 154: 155: 156: 157: 158: 159: 160: 161: 162: 163: 164: 165: 166: 167: 168: 169: 170: 171: 172: 173: 174: 175: 176: 177: 178: 179: 180: 181: 182: 183: 184: 185: 186: 187: 188: 189: 190: 191: 192: 193: 194: 195: 196: 197: 198: 199: 200: 201: 202: 203: 204: 205: 206: 207: 208: 209: 210: 211: 212: 213: 214: 215: 216: 217: 218: 219: 220: 221: 222: 223: 224: 225: 226: 227: 228: 229: 230: 231: 232: 233: 234: 235: 236: 237: 238: 239: 240: 241: 242: 243: 244: 245: 246: 247: 248: 249: 250: 251: 252: 253: 254: 255: 256: 257: 258: 259: 260: 261: 262: 263: 264: 265: 266: 267: 268: 269: 270: 271: 272: 273: 274: 275: 276: 277: 278: 279: 280: 281: 282: 283: 284: 285: 286: 287: 288: 289: 290: 291: 292: 293: 294: 295: 296: 297: 298: 299: 300: 301: 302: 303: 304: 305: 306: 307: 308: 309: 310: 311: 312: 313: 314: 315: 316: 317: 318: 319: 320: 321: 322: 323: 324: 325: 326: 327: 328: 329: 330: 331: 332: 333: 334: 335: 336: 337: 338: 339: 340: 341: 342: 343: 344: 345: 346: 347: 348: 349: 350: 351: 352: 353: 354: 355: 356: 357: 358: 359: 360: 361: 362: 363: 364: 365: 366: 367: 368: 369: 370: 371: 372: 373: 374: 375: 376: 377: 378: 379: 380: 381: 382: 383: 384: 385: 386: 387: 388: 389: 390: 391: 392: 393: 394: 395: 396: 397: 398: 399: 400: 401: 402: 403: 404: 405: 406: 407: 408: 409: 410: 411: 412: 413: 414: 415: 416: 417: 418: 419: 420: 421: 422: 423: 424: 425: 426: 427: 428: 429: 430: 431: 432: 433: 434: 435: 436: 437: 438: 439: 440: 441: 442: 443: 444: 445: 446: 447: 448: 449: 450: 451: 452: 453: 454: 455: 456: 457: 458: 459: 460: 461: 462: 463: 464: 465: 466: 467: 468: 469: 470: 471: 472: 473: 474: 475: 476: 477: 478: 479: 480: 481: 482: 483: 484: 485: 486: 487: 488: 489: 490: 491: 492: 493: 494: 495: 496: 497: 498: 499: 500: 501: 502: 503: 504: 505: 506: 
<?php
/**
 * Cookie storage object
 *
 * @package Requests
 * @subpackage Cookies
 */

/**
 * Cookie storage object
 *
 * @package Requests
 * @subpackage Cookies
 */
class Requests_Cookie {
    /**
     * Cookie name.
     *
     * @var string
     */
    public $name;

    /**
     * Cookie value.
     *
     * @var string
     */
    public $value;

    /**
     * Cookie attributes
     *
     * Valid keys are (currently) path, domain, expires, max-age, secure and
     * httponly.
     *
     * @var Requests_Utility_CaseInsensitiveDictionary|array Array-like object
     */
    public $attributes = array();

    /**
     * Cookie flags
     *
     * Valid keys are (currently) creation, last-access, persistent and
     * host-only.
     *
     * @var array
     */
    public $flags = array();

    /**
     * Reference time for relative calculations
     *
     * This is used in place of `time()` when calculating Max-Age expiration and
     * checking time validity.
     *
     * @var int
     */
    public $reference_time = 0;

    /**
     * Create a new cookie object
     *
     * @param string $name
     * @param string $value
     * @param array|Requests_Utility_CaseInsensitiveDictionary $attributes Associative array of attribute data
     */
    public function __construct($name, $value, $attributes = array(), $flags = array(), $reference_time = null) {
        $this->name       = $name;
        $this->value      = $value;
        $this->attributes = $attributes;
        $default_flags    = array(
            'creation'    => time(),
            'last-access' => time(),
            'persistent'  => false,
            'host-only'   => true,
        );
        $this->flags      = array_merge($default_flags, $flags);

        $this->reference_time = time();
        if ($reference_time !== null) {
            $this->reference_time = $reference_time;
        }

        $this->normalize();
    }

    /**
     * Check if a cookie is expired.
     *
     * Checks the age against $this->reference_time to determine if the cookie
     * is expired.
     *
     * @return boolean True if expired, false if time is valid.
     */
    public function is_expired() {
        // RFC6265, s. 4.1.2.2:
        // If a cookie has both the Max-Age and the Expires attribute, the Max-
        // Age attribute has precedence and controls the expiration date of the
        // cookie.
        if (isset($this->attributes['max-age'])) {
            $max_age = $this->attributes['max-age'];
            return $max_age < $this->reference_time;
        }

        if (isset($this->attributes['expires'])) {
            $expires = $this->attributes['expires'];
            return $expires < $this->reference_time;
        }

        return false;
    }

    /**
     * Check if a cookie is valid for a given URI
     *
     * @param Requests_IRI $uri URI to check
     * @return boolean Whether the cookie is valid for the given URI
     */
    public function uri_matches(Requests_IRI $uri) {
        if (!$this->domain_matches($uri->host)) {
            return false;
        }

        if (!$this->path_matches($uri->path)) {
            return false;
        }

        return empty($this->attributes['secure']) || $uri->scheme === 'https';
    }

    /**
     * Check if a cookie is valid for a given domain
     *
     * @param string $string Domain to check
     * @return boolean Whether the cookie is valid for the given domain
     */
    public function domain_matches($string) {
        if (!isset($this->attributes['domain'])) {
            // Cookies created manually; cookies created by Requests will set
            // the domain to the requested domain
            return true;
        }

        $domain_string = $this->attributes['domain'];
        if ($domain_string === $string) {
            // The domain string and the string are identical.
            return true;
        }

        // If the cookie is marked as host-only and we don't have an exact
        // match, reject the cookie
        if ($this->flags['host-only'] === true) {
            return false;
        }

        if (strlen($string) <= strlen($domain_string)) {
            // For obvious reasons, the string cannot be a suffix if the domain
            // is shorter than the domain string
            return false;
        }

        if (substr($string, -1 * strlen($domain_string)) !== $domain_string) {
            // The domain string should be a suffix of the string.
            return false;
        }

        $prefix = substr($string, 0, strlen($string) - strlen($domain_string));
        if (substr($prefix, -1) !== '.') {
            // The last character of the string that is not included in the
            // domain string should be a %x2E (".") character.
            return false;
        }

        // The string should be a host name (i.e., not an IP address).
        return !preg_match('#^(.+\.)\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$#', $string);
    }

    /**
     * Check if a cookie is valid for a given path
     *
     * From the path-match check in RFC 6265 section 5.1.4
     *
     * @param string $request_path Path to check
     * @return boolean Whether the cookie is valid for the given path
     */
    public function path_matches($request_path) {
        if (empty($request_path)) {
            // Normalize empty path to root
            $request_path = '/';
        }

        if (!isset($this->attributes['path'])) {
            // Cookies created manually; cookies created by Requests will set
            // the path to the requested path
            return true;
        }

        $cookie_path = $this->attributes['path'];

        if ($cookie_path === $request_path) {
            // The cookie-path and the request-path are identical.
            return true;
        }

        if (strlen($request_path) > strlen($cookie_path) && substr($request_path, 0, strlen($cookie_path)) === $cookie_path) {
            if (substr($cookie_path, -1) === '/') {
                // The cookie-path is a prefix of the request-path, and the last
                // character of the cookie-path is %x2F ("/").
                return true;
            }

            if (substr($request_path, strlen($cookie_path), 1) === '/') {
                // The cookie-path is a prefix of the request-path, and the
                // first character of the request-path that is not included in
                // the cookie-path is a %x2F ("/") character.
                return true;
            }
        }

        return false;
    }

    /**
     * Normalize cookie and attributes
     *
     * @return boolean Whether the cookie was successfully normalized
     */
    public function normalize() {
        foreach ($this->attributes as $key => $value) {
            $orig_value = $value;
            $value      = $this->normalize_attribute($key, $value);
            if ($value === null) {
                unset($this->attributes[$key]);
                continue;
            }

            if ($value !== $orig_value) {
                $this->attributes[$key] = $value;
            }
        }

        return true;
    }

    /**
     * Parse an individual cookie attribute
     *
     * Handles parsing individual attributes from the cookie values.
     *
     * @param string $name Attribute name
     * @param string|boolean $value Attribute value (string value, or true if empty/flag)
     * @return mixed Value if available, or null if the attribute value is invalid (and should be skipped)
     */
    protected function normalize_attribute($name, $value) {
        switch (strtolower($name)) {
            case 'expires':
                // Expiration parsing, as per RFC 6265 section 5.2.1
                if (is_int($value)) {
                    return $value;
                }

                $expiry_time = strtotime($value);
                if ($expiry_time === false) {
                    return null;
                }

                return $expiry_time;

            case 'max-age':
                // Expiration parsing, as per RFC 6265 section 5.2.2
                if (is_int($value)) {
                    return $value;
                }

                // Check that we have a valid age
                if (!preg_match('/^-?\d+$/', $value)) {
                    return null;
                }

                $delta_seconds = (int) $value;
                if ($delta_seconds <= 0) {
                    $expiry_time = 0;
                }
                else {
                    $expiry_time = $this->reference_time + $delta_seconds;
                }

                return $expiry_time;

            case 'domain':
                // Domains are not required as per RFC 6265 section 5.2.3
                if (empty($value)) {
                    return null;
                }

                // Domain normalization, as per RFC 6265 section 5.2.3
                if ($value[0] === '.') {
                    $value = substr($value, 1);
                }

                return $value;

            default:
                return $value;
        }
    }

    /**
     * Format a cookie for a Cookie header
     *
     * This is used when sending cookies to a server.
     *
     * @return string Cookie formatted for Cookie header
     */
    public function format_for_header() {
        return sprintf('%s=%s', $this->name, $this->value);
    }

    /**
     * Format a cookie for a Cookie header
     *
     * @codeCoverageIgnore
     * @deprecated Use {@see Requests_Cookie::format_for_header}
     * @return string
     */
    public function formatForHeader() {
        return $this->format_for_header();
    }

    /**
     * Format a cookie for a Set-Cookie header
     *
     * This is used when sending cookies to clients. This isn't really
     * applicable to client-side usage, but might be handy for debugging.
     *
     * @return string Cookie formatted for Set-Cookie header
     */
    public function format_for_set_cookie() {
        $header_value = $this->format_for_header();
        if (!empty($this->attributes)) {
            $parts = array();
            foreach ($this->attributes as $key => $value) {
                // Ignore non-associative attributes
                if (is_numeric($key)) {
                    $parts[] = $value;
                }
                else {
                    $parts[] = sprintf('%s=%s', $key, $value);
                }
            }

            $header_value .= '; ' . implode('; ', $parts);
        }
        return $header_value;
    }

    /**
     * Format a cookie for a Set-Cookie header
     *
     * @codeCoverageIgnore
     * @deprecated Use {@see Requests_Cookie::format_for_set_cookie}
     * @return string
     */
    public function formatForSetCookie() {
        return $this->format_for_set_cookie();
    }

    /**
     * Get the cookie value
     *
     * Attributes and other data can be accessed via methods.
     */
    public function __toString() {
        return $this->value;
    }

    /**
     * Parse a cookie string into a cookie object
     *
     * Based on Mozilla's parsing code in Firefox and related projects, which
     * is an intentional deviation from RFC 2109 and RFC 2616. RFC 6265
     * specifies some of this handling, but not in a thorough manner.
     *
     * @param string Cookie header value (from a Set-Cookie header)
     * @return Requests_Cookie Parsed cookie object
     */
    public static function parse($string, $name = '', $reference_time = null) {
        $parts   = explode(';', $string);
        $kvparts = array_shift($parts);

        if (!empty($name)) {
            $value = $string;
        }
        elseif (strpos($kvparts, '=') === false) {
            // Some sites might only have a value without the equals separator.
            // Deviate from RFC 6265 and pretend it was actually a blank name
            // (`=foo`)
            //
            // https://bugzilla.mozilla.org/show_bug.cgi?id=169091
            $name  = '';
            $value = $kvparts;
        }
        else {
            list($name, $value) = explode('=', $kvparts, 2);
        }
        $name  = trim($name);
        $value = trim($value);

        // Attribute key are handled case-insensitively
        $attributes = new Requests_Utility_CaseInsensitiveDictionary();

        if (!empty($parts)) {
            foreach ($parts as $part) {
                if (strpos($part, '=') === false) {
                    $part_key   = $part;
                    $part_value = true;
                }
                else {
                    list($part_key, $part_value) = explode('=', $part, 2);
                    $part_value                  = trim($part_value);
                }

                $part_key              = trim($part_key);
                $attributes[$part_key] = $part_value;
            }
        }

        return new Requests_Cookie($name, $value, $attributes, array(), $reference_time);
    }

    /**
     * Parse all Set-Cookie headers from request headers
     *
     * @param Requests_Response_Headers $headers Headers to parse from
     * @param Requests_IRI|null $origin URI for comparing cookie origins
     * @param int|null $time Reference time for expiration calculation
     * @return array
     */
    public static function parse_from_headers(Requests_Response_Headers $headers, Requests_IRI $origin = null, $time = null) {
        $cookie_headers = $headers->getValues('Set-Cookie');
        if (empty($cookie_headers)) {
            return array();
        }

        $cookies = array();
        foreach ($cookie_headers as $header) {
            $parsed = self::parse($header, '', $time);

            // Default domain/path attributes
            if (empty($parsed->attributes['domain']) && !empty($origin)) {
                $parsed->attributes['domain'] = $origin->host;
                $parsed->flags['host-only']   = true;
            }
            else {
                $parsed->flags['host-only'] = false;
            }

            $path_is_valid = (!empty($parsed->attributes['path']) && $parsed->attributes['path'][0] === '/');
            if (!$path_is_valid && !empty($origin)) {
                $path = $origin->path;

                // Default path normalization as per RFC 6265 section 5.1.4
                if (substr($path, 0, 1) !== '/') {
                    // If the uri-path is empty or if the first character of
                    // the uri-path is not a %x2F ("/") character, output
                    // %x2F ("/") and skip the remaining steps.
                    $path = '/';
                }
                elseif (substr_count($path, '/') === 1) {
                    // If the uri-path contains no more than one %x2F ("/")
                    // character, output %x2F ("/") and skip the remaining
                    // step.
                    $path = '/';
                }
                else {
                    // Output the characters of the uri-path from the first
                    // character up to, but not including, the right-most
                    // %x2F ("/").
                    $path = substr($path, 0, strrpos($path, '/'));
                }
                $parsed->attributes['path'] = $path;
            }

            // Reject invalid cookie domains
            if (!empty($origin) && !$parsed->domain_matches($origin->host)) {
                continue;
            }

            $cookies[$parsed->name] = $parsed;
        }

        return $cookies;
    }

    /**
     * Parse all Set-Cookie headers from request headers
     *
     * @codeCoverageIgnore
     * @deprecated Use {@see Requests_Cookie::parse_from_headers}
     * @return array
     */
    public static function parseFromHeaders(Requests_Response_Headers $headers) {
        return self::parse_from_headers($headers);
    }
}
Requests 1.8.1 API Documentation API documentation generated by ApiGen