MCPcopy Create free account
hub / github.com/apache/httpd / session_identity_decode

Function session_identity_decode

modules/session/mod_session.c:391–429  ·  view source on GitHub ↗

* Default identity decoding for the session. * * By default, the name value pairs in the session are URLEncoded, separated * by equals, and then in turn separated by ampersand, in the format of an * html form. * * This was chosen to make it easy for external code to unpack a session, * should there be a need to do so. * * This function reverses that process, and populates the session tabl

Source from the content-addressed store, hash-verified

389 * @param z A pointer to where the session will be written.
390 */
391static apr_status_t session_identity_decode(request_rec * r, session_rec * z)
392{
393
394 char *last = NULL;
395 char *encoded, *pair;
396 const char *sep = "&";
397
398 /* sanity check - anything to decode? */
399 if (!z->encoded) {
400 return OK;
401 }
402
403 /* decode what we have */
404 encoded = apr_pstrdup(r->pool, z->encoded);
405 pair = apr_strtok(encoded, sep, &last);
406 while (pair && pair[0]) {
407 char *plast = NULL;
408 const char *psep = "=";
409 char *key = apr_strtok(pair, psep, &plast);
410 if (key && *key) {
411 char *val = apr_strtok(NULL, sep, &plast);
412 if (!val || !*val) {
413 apr_table_unset(z->entries, key);
414 }
415 else if (!ap_unescape_urlencoded(key) && !ap_unescape_urlencoded(val)) {
416 if (!strcmp(SESSION_EXPIRY, key)) {
417 z->expiry = (apr_time_t) apr_atoi64(val);
418 }
419 else {
420 apr_table_set(z->entries, key, val);
421 }
422 }
423 }
424 pair = apr_strtok(NULL, sep, &last);
425 }
426 z->encoded = NULL;
427 return OK;
428
429}
430
431/**
432 * Ensure any changes to the session are committed.

Callers 1

session_output_filterFunction · 0.85

Calls 1

ap_unescape_urlencodedFunction · 0.85

Tested by

no test coverage detected