| author | xdono |
| Thu, 02 Oct 2008 19:58:32 -0700 | |
| changeset 1247 | b4c26443dee5 |
| parent 1234 | e3dc213d4879 |
| child 1932 | d3506bce7d27 |
| permissions | -rw-r--r-- |
| 2 | 1 |
/* |
| 715 | 2 |
* Copyright 2005-2008 Sun Microsystems, Inc. All Rights Reserved. |
| 2 | 3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 |
* |
|
5 |
* This code is free software; you can redistribute it and/or modify it |
|
6 |
* under the terms of the GNU General Public License version 2 only, as |
|
7 |
* published by the Free Software Foundation. Sun designates this |
|
8 |
* particular file as subject to the "Classpath" exception as provided |
|
9 |
* by Sun in the LICENSE file that accompanied this code. |
|
10 |
* |
|
11 |
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
12 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
13 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
14 |
* version 2 for more details (a copy is included in the LICENSE file that |
|
15 |
* accompanied this code). |
|
16 |
* |
|
17 |
* You should have received a copy of the GNU General Public License version |
|
18 |
* 2 along with this work; if not, write to the Free Software Foundation, |
|
19 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
20 |
* |
|
21 |
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, |
|
22 |
* CA 95054 USA or visit www.sun.com if you need additional information or |
|
23 |
* have any questions. |
|
24 |
*/ |
|
25 |
||
26 |
package java.net; |
|
27 |
||
28 |
import java.util.List; |
|
29 |
import java.util.StringTokenizer; |
|
30 |
import java.util.NoSuchElementException; |
|
31 |
import java.text.SimpleDateFormat; |
|
32 |
import java.util.TimeZone; |
|
33 |
import java.util.Date; |
|
34 |
||
35 |
import java.lang.NullPointerException; // for javadoc |
|
36 |
||
37 |
/** |
|
38 |
* An HttpCookie object represents an http cookie, which carries state |
|
39 |
* information between server and user agent. Cookie is widely adopted |
|
40 |
* to create stateful sessions. |
|
41 |
* |
|
42 |
* <p>There are 3 http cookie specifications: |
|
43 |
* <blockquote> |
|
44 |
* Netscape draft<br> |
|
45 |
* RFC 2109 - <a href="http://www.ietf.org/rfc/rfc2109.txt"> |
|
46 |
* <i>http://www.ietf.org/rfc/rfc2109.txt</i></a><br> |
|
47 |
* RFC 2965 - <a href="http://www.ietf.org/rfc/rfc2965.txt"> |
|
48 |
* <i>http://www.ietf.org/rfc/rfc2965.txt</i></a> |
|
49 |
* </blockquote> |
|
50 |
* |
|
51 |
* <p>HttpCookie class can accept all these 3 forms of syntax. |
|
52 |
* |
|
53 |
* @author Edward Wang |
|
54 |
* @since 1.6 |
|
55 |
*/ |
|
56 |
public final class HttpCookie implements Cloneable {
|
|
57 |
/* ---------------- Fields -------------- */ |
|
58 |
||
59 |
// |
|
60 |
// The value of the cookie itself. |
|
61 |
// |
|
62 |
||
63 |
private String name; // NAME= ... "$Name" style is reserved |
|
64 |
private String value; // value of NAME |
|
65 |
||
66 |
// |
|
67 |
// Attributes encoded in the header's cookie fields. |
|
68 |
// |
|
69 |
||
70 |
private String comment; // Comment=VALUE ... describes cookie's use |
|
71 |
private String commentURL; // CommentURL="http URL" ... describes cookie's use |
|
72 |
private boolean toDiscard; // Discard ... discard cookie unconditionally |
|
73 |
private String domain; // Domain=VALUE ... domain that sees cookie |
|
74 |
private long maxAge = MAX_AGE_UNSPECIFIED; // Max-Age=VALUE ... cookies auto-expire |
|
75 |
private String path; // Path=VALUE ... URLs that see the cookie |
|
76 |
private String portlist; // Port[="portlist"] ... the port cookie may be returned to |
|
77 |
private boolean secure; // Secure ... e.g. use SSL |
|
|
1234
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
78 |
private boolean httpOnly; // HttpOnly ... i.e. not accessible to scripts |
| 2 | 79 |
private int version = 1; // Version=1 ... RFC 2965 style |
80 |
||
81 |
// |
|
82 |
// Hold the creation time (in seconds) of the http cookie for later |
|
83 |
// expiration calculation |
|
84 |
// |
|
85 |
private long whenCreated = 0; |
|
86 |
||
87 |
||
88 |
// |
|
89 |
// Since the positive and zero max-age have their meanings, |
|
90 |
// this value serves as a hint as 'not specify max-age' |
|
91 |
// |
|
92 |
private final static long MAX_AGE_UNSPECIFIED = -1; |
|
93 |
||
94 |
||
95 |
// |
|
| 480 | 96 |
// date formats used by Netscape's cookie draft |
97 |
// as well as formats seen on various sites |
|
| 2 | 98 |
// |
| 480 | 99 |
private final static String[] COOKIE_DATE_FORMATS = {
|
100 |
"EEE',' dd-MMM-yyyy HH:mm:ss 'GMT'", |
|
101 |
"EEE',' dd MMM yyyy HH:mm:ss 'GMT'", |
|
102 |
"EEE MMM dd yyyy HH:mm:ss 'GMT'Z" |
|
103 |
}; |
|
| 2 | 104 |
|
105 |
// |
|
106 |
// constant strings represent set-cookie header token |
|
107 |
// |
|
108 |
private final static String SET_COOKIE = "set-cookie:"; |
|
109 |
private final static String SET_COOKIE2 = "set-cookie2:"; |
|
110 |
||
111 |
||
112 |
/* ---------------- Ctors -------------- */ |
|
113 |
||
114 |
/** |
|
115 |
* Constructs a cookie with a specified name and value. |
|
116 |
* |
|
117 |
* <p>The name must conform to RFC 2965. That means it can contain |
|
118 |
* only ASCII alphanumeric characters and cannot contain commas, |
|
119 |
* semicolons, or white space or begin with a $ character. The cookie's |
|
120 |
* name cannot be changed after creation. |
|
121 |
* |
|
122 |
* <p>The value can be anything the server chooses to send. Its |
|
123 |
* value is probably of interest only to the server. The cookie's |
|
124 |
* value can be changed after creation with the |
|
125 |
* <code>setValue</code> method. |
|
126 |
* |
|
127 |
* <p>By default, cookies are created according to the RFC 2965 |
|
128 |
* cookie specification. The version can be changed with the |
|
129 |
* <code>setVersion</code> method. |
|
130 |
* |
|
131 |
* |
|
132 |
* @param name a <code>String</code> specifying the name of the cookie |
|
133 |
* |
|
134 |
* @param value a <code>String</code> specifying the value of the cookie |
|
135 |
* |
|
136 |
* @throws IllegalArgumentException if the cookie name contains illegal characters |
|
137 |
* or it is one of the tokens reserved for use |
|
138 |
* by the cookie protocol |
|
139 |
* @throws NullPointerException if <tt>name</tt> is <tt>null</tt> |
|
140 |
* @see #setValue |
|
141 |
* @see #setVersion |
|
142 |
* |
|
143 |
*/ |
|
144 |
||
145 |
public HttpCookie(String name, String value) {
|
|
146 |
name = name.trim(); |
|
147 |
if (name.length() == 0 || !isToken(name) || isReserved(name)) {
|
|
148 |
throw new IllegalArgumentException("Illegal cookie name");
|
|
149 |
} |
|
150 |
||
151 |
this.name = name; |
|
152 |
this.value = value; |
|
153 |
toDiscard = false; |
|
154 |
secure = false; |
|
155 |
||
156 |
whenCreated = System.currentTimeMillis(); |
|
| 480 | 157 |
portlist = null; |
| 2 | 158 |
} |
159 |
||
160 |
||
161 |
/** |
|
162 |
* Constructs cookies from set-cookie or set-cookie2 header string. |
|
163 |
* RFC 2965 section 3.2.2 set-cookie2 syntax indicates that one header line |
|
164 |
* may contain more than one cookie definitions, so this is a static |
|
165 |
* utility method instead of another constructor. |
|
166 |
* |
|
167 |
* @param header a <tt>String</tt> specifying the set-cookie header. |
|
168 |
* The header should start with "set-cookie", or "set-cookie2" |
|
169 |
* token; or it should have no leading token at all. |
|
170 |
* @return a List of cookie parsed from header line string |
|
171 |
* @throws IllegalArgumentException if header string violates the cookie |
|
172 |
* specification's syntax, or the cookie |
|
173 |
* name contains llegal characters, or |
|
174 |
* the cookie name is one of the tokens |
|
175 |
* reserved for use by the cookie protocol |
|
176 |
* @throws NullPointerException if the header string is <tt>null</tt> |
|
177 |
*/ |
|
178 |
public static List<HttpCookie> parse(String header) {
|
|
179 |
int version = guessCookieVersion(header); |
|
180 |
||
181 |
// if header start with set-cookie or set-cookie2, strip it off |
|
182 |
if (startsWithIgnoreCase(header, SET_COOKIE2)) {
|
|
183 |
header = header.substring(SET_COOKIE2.length()); |
|
184 |
} else if (startsWithIgnoreCase(header, SET_COOKIE)) {
|
|
185 |
header = header.substring(SET_COOKIE.length()); |
|
186 |
} |
|
187 |
||
188 |
||
189 |
List<HttpCookie> cookies = new java.util.ArrayList<HttpCookie>(); |
|
190 |
// The Netscape cookie may have a comma in its expires attribute, |
|
191 |
// while the comma is the delimiter in rfc 2965/2109 cookie header string. |
|
192 |
// so the parse logic is slightly different |
|
193 |
if (version == 0) {
|
|
194 |
// Netscape draft cookie |
|
195 |
HttpCookie cookie = parseInternal(header); |
|
196 |
cookie.setVersion(0); |
|
197 |
cookies.add(cookie); |
|
198 |
} else {
|
|
199 |
// rfc2965/2109 cookie |
|
200 |
// if header string contains more than one cookie, |
|
201 |
// it'll separate them with comma |
|
202 |
List<String> cookieStrings = splitMultiCookies(header); |
|
203 |
for (String cookieStr : cookieStrings) {
|
|
204 |
HttpCookie cookie = parseInternal(cookieStr); |
|
205 |
cookie.setVersion(1); |
|
206 |
cookies.add(cookie); |
|
207 |
} |
|
208 |
} |
|
209 |
||
210 |
return cookies; |
|
211 |
} |
|
212 |
||
213 |
||
214 |
||
215 |
||
216 |
/* ---------------- Public operations -------------- */ |
|
217 |
||
218 |
||
219 |
/** |
|
220 |
* Reports whether this http cookie has expired or not. |
|
221 |
* |
|
222 |
* @return <tt>true</tt> to indicate this http cookie has expired; |
|
223 |
* otherwise, <tt>false</tt> |
|
224 |
*/ |
|
225 |
public boolean hasExpired() {
|
|
226 |
if (maxAge == 0) return true; |
|
227 |
||
228 |
// if not specify max-age, this cookie should be |
|
229 |
// discarded when user agent is to be closed, but |
|
230 |
// it is not expired. |
|
231 |
if (maxAge == MAX_AGE_UNSPECIFIED) return false; |
|
232 |
||
233 |
long deltaSecond = (System.currentTimeMillis() - whenCreated) / 1000; |
|
234 |
if (deltaSecond > maxAge) |
|
235 |
return true; |
|
236 |
else |
|
237 |
return false; |
|
238 |
} |
|
239 |
||
240 |
/** |
|
241 |
* |
|
242 |
* Specifies a comment that describes a cookie's purpose. |
|
243 |
* The comment is useful if the browser presents the cookie |
|
244 |
* to the user. Comments |
|
245 |
* are not supported by Netscape Version 0 cookies. |
|
246 |
* |
|
247 |
* @param purpose a <code>String</code> specifying the comment |
|
248 |
* to display to the user |
|
249 |
* |
|
250 |
* @see #getComment |
|
251 |
* |
|
252 |
*/ |
|
253 |
||
254 |
public void setComment(String purpose) {
|
|
255 |
comment = purpose; |
|
256 |
} |
|
257 |
||
258 |
||
259 |
||
260 |
||
261 |
/** |
|
262 |
* Returns the comment describing the purpose of this cookie, or |
|
263 |
* <code>null</code> if the cookie has no comment. |
|
264 |
* |
|
265 |
* @return a <code>String</code> containing the comment, |
|
266 |
* or <code>null</code> if none |
|
267 |
* |
|
268 |
* @see #setComment |
|
269 |
* |
|
270 |
*/ |
|
271 |
||
272 |
public String getComment() {
|
|
273 |
return comment; |
|
274 |
} |
|
275 |
||
276 |
||
277 |
/** |
|
278 |
* |
|
279 |
* Specifies a comment url that describes a cookie's purpose. |
|
280 |
* The comment url is useful if the browser presents the cookie |
|
281 |
* to the user. Comment url is RFC 2965 only. |
|
282 |
* |
|
283 |
* @param purpose a <code>String</code> specifying the comment url |
|
284 |
* to display to the user |
|
285 |
* |
|
286 |
* @see #getCommentURL |
|
287 |
* |
|
288 |
*/ |
|
289 |
||
290 |
public void setCommentURL(String purpose) {
|
|
291 |
commentURL = purpose; |
|
292 |
} |
|
293 |
||
294 |
||
295 |
||
296 |
||
297 |
/** |
|
298 |
* Returns the comment url describing the purpose of this cookie, or |
|
299 |
* <code>null</code> if the cookie has no comment url. |
|
300 |
* |
|
301 |
* @return a <code>String</code> containing the comment url, |
|
302 |
* or <code>null</code> if none |
|
303 |
* |
|
304 |
* @see #setCommentURL |
|
305 |
* |
|
306 |
*/ |
|
307 |
||
308 |
public String getCommentURL() {
|
|
309 |
return commentURL; |
|
310 |
} |
|
311 |
||
312 |
||
313 |
/** |
|
314 |
* Specify whether user agent should discard the cookie unconditionally. |
|
315 |
* This is RFC 2965 only attribute. |
|
316 |
* |
|
317 |
* @param discard <tt>true</tt> indicates to discard cookie unconditionally |
|
318 |
* |
|
319 |
* @see #getDiscard |
|
320 |
*/ |
|
321 |
||
322 |
public void setDiscard(boolean discard) {
|
|
323 |
toDiscard = discard; |
|
324 |
} |
|
325 |
||
326 |
||
327 |
||
328 |
||
329 |
/** |
|
330 |
* Return the discard attribute of the cookie |
|
331 |
* |
|
332 |
* @return a <tt>boolean</tt> to represent this cookie's discard attribute |
|
333 |
* |
|
334 |
* @see #setDiscard |
|
335 |
*/ |
|
336 |
||
337 |
public boolean getDiscard() {
|
|
338 |
return toDiscard; |
|
339 |
} |
|
340 |
||
341 |
||
342 |
/** |
|
343 |
* Specify the portlist of the cookie, which restricts the port(s) |
|
344 |
* to which a cookie may be sent back in a Cookie header. |
|
345 |
* |
|
346 |
* @param ports a <tt>String</tt> specify the port list, which is |
|
347 |
* comma seperated series of digits |
|
348 |
* @see #getPortlist |
|
349 |
*/ |
|
350 |
||
351 |
public void setPortlist(String ports) {
|
|
352 |
portlist = ports; |
|
353 |
} |
|
354 |
||
355 |
||
356 |
||
357 |
||
358 |
/** |
|
359 |
* Return the port list attribute of the cookie |
|
360 |
* |
|
361 |
* @return a <tt>String</tt> contains the port list |
|
362 |
* or <tt>null</tt> if none |
|
363 |
* @see #setPortlist |
|
364 |
*/ |
|
365 |
||
366 |
public String getPortlist() {
|
|
367 |
return portlist; |
|
368 |
} |
|
369 |
||
370 |
/** |
|
371 |
* |
|
372 |
* Specifies the domain within which this cookie should be presented. |
|
373 |
* |
|
374 |
* <p>The form of the domain name is specified by RFC 2965. A domain |
|
375 |
* name begins with a dot (<code>.foo.com</code>) and means that |
|
376 |
* the cookie is visible to servers in a specified Domain Name System |
|
377 |
* (DNS) zone (for example, <code>www.foo.com</code>, but not |
|
378 |
* <code>a.b.foo.com</code>). By default, cookies are only returned |
|
379 |
* to the server that sent them. |
|
380 |
* |
|
381 |
* |
|
382 |
* @param pattern a <code>String</code> containing the domain name |
|
383 |
* within which this cookie is visible; |
|
384 |
* form is according to RFC 2965 |
|
385 |
* |
|
386 |
* @see #getDomain |
|
387 |
* |
|
388 |
*/ |
|
389 |
||
390 |
public void setDomain(String pattern) {
|
|
391 |
if (pattern != null) |
|
392 |
domain = pattern.toLowerCase(); |
|
393 |
else |
|
394 |
domain = pattern; |
|
395 |
} |
|
396 |
||
397 |
||
398 |
||
399 |
||
400 |
||
401 |
/** |
|
402 |
* Returns the domain name set for this cookie. The form of |
|
403 |
* the domain name is set by RFC 2965. |
|
404 |
* |
|
405 |
* @return a <code>String</code> containing the domain name |
|
406 |
* |
|
407 |
* @see #setDomain |
|
408 |
* |
|
409 |
*/ |
|
410 |
||
411 |
public String getDomain() {
|
|
412 |
return domain; |
|
413 |
} |
|
414 |
||
415 |
||
416 |
/** |
|
417 |
* Sets the maximum age of the cookie in seconds. |
|
418 |
* |
|
419 |
* <p>A positive value indicates that the cookie will expire |
|
420 |
* after that many seconds have passed. Note that the value is |
|
421 |
* the <i>maximum</i> age when the cookie will expire, not the cookie's |
|
422 |
* current age. |
|
423 |
* |
|
424 |
* <p>A negative value means |
|
425 |
* that the cookie is not stored persistently and will be deleted |
|
426 |
* when the Web browser exits. A zero value causes the cookie |
|
427 |
* to be deleted. |
|
428 |
* |
|
429 |
* @param expiry an integer specifying the maximum age of the |
|
430 |
* cookie in seconds; if zero, the cookie |
|
431 |
* should be discarded immediately; |
|
432 |
* otherwise, the cookie's max age is unspecified. |
|
433 |
* |
|
434 |
* @see #getMaxAge |
|
435 |
* |
|
436 |
*/ |
|
437 |
public void setMaxAge(long expiry) {
|
|
438 |
maxAge = expiry; |
|
439 |
} |
|
440 |
||
441 |
||
442 |
||
443 |
||
444 |
/** |
|
445 |
* Returns the maximum age of the cookie, specified in seconds. |
|
446 |
* By default, <code>-1</code> indicating the cookie will persist |
|
447 |
* until browser shutdown. |
|
448 |
* |
|
449 |
* |
|
450 |
* @return an integer specifying the maximum age of the |
|
451 |
* cookie in seconds |
|
452 |
* |
|
453 |
* |
|
454 |
* @see #setMaxAge |
|
455 |
* |
|
456 |
*/ |
|
457 |
||
458 |
public long getMaxAge() {
|
|
459 |
return maxAge; |
|
460 |
} |
|
461 |
||
462 |
||
463 |
||
464 |
||
465 |
/** |
|
466 |
* Specifies a path for the cookie |
|
467 |
* to which the client should return the cookie. |
|
468 |
* |
|
469 |
* <p>The cookie is visible to all the pages in the directory |
|
470 |
* you specify, and all the pages in that directory's subdirectories. |
|
471 |
* A cookie's path must include the servlet that set the cookie, |
|
472 |
* for example, <i>/catalog</i>, which makes the cookie |
|
473 |
* visible to all directories on the server under <i>/catalog</i>. |
|
474 |
* |
|
475 |
* <p>Consult RFC 2965 (available on the Internet) for more |
|
476 |
* information on setting path names for cookies. |
|
477 |
* |
|
478 |
* |
|
479 |
* @param uri a <code>String</code> specifying a path |
|
480 |
* |
|
481 |
* |
|
482 |
* @see #getPath |
|
483 |
* |
|
484 |
*/ |
|
485 |
||
486 |
public void setPath(String uri) {
|
|
487 |
path = uri; |
|
488 |
} |
|
489 |
||
490 |
||
491 |
||
492 |
||
493 |
/** |
|
494 |
* Returns the path on the server |
|
495 |
* to which the browser returns this cookie. The |
|
496 |
* cookie is visible to all subpaths on the server. |
|
497 |
* |
|
498 |
* |
|
499 |
* @return a <code>String</code> specifying a path that contains |
|
500 |
* a servlet name, for example, <i>/catalog</i> |
|
501 |
* |
|
502 |
* @see #setPath |
|
503 |
* |
|
504 |
*/ |
|
505 |
||
506 |
public String getPath() {
|
|
507 |
return path; |
|
508 |
} |
|
509 |
||
510 |
||
511 |
||
512 |
||
513 |
||
514 |
/** |
|
| 480 | 515 |
* Indicates whether the cookie should only be sent using a secure protocol, |
516 |
* such as HTTPS or SSL. |
|
| 2 | 517 |
* |
518 |
* <p>The default value is <code>false</code>. |
|
519 |
* |
|
| 480 | 520 |
* @param flag If <code>true</code>, the cookie can only be sent over |
521 |
* a secure protocol like https. |
|
522 |
* If <code>false</code>, it can be sent over any protocol. |
|
| 2 | 523 |
* |
524 |
* @see #getSecure |
|
525 |
* |
|
526 |
*/ |
|
527 |
||
528 |
public void setSecure(boolean flag) {
|
|
529 |
secure = flag; |
|
530 |
} |
|
531 |
||
532 |
||
533 |
||
534 |
||
535 |
/** |
|
| 480 | 536 |
* Returns <code>true</code> if sending this cookie should be |
537 |
* restricted to a secure protocol, or <code>false</code> if the |
|
538 |
* it can be sent using any protocol. |
|
| 2 | 539 |
* |
| 480 | 540 |
* @return <code>false</code> if the cookie can be sent over |
541 |
* any standard protocol; otherwise, <code>true</code> |
|
| 2 | 542 |
* |
543 |
* @see #setSecure |
|
544 |
* |
|
545 |
*/ |
|
546 |
||
547 |
public boolean getSecure() {
|
|
548 |
return secure; |
|
549 |
} |
|
550 |
||
551 |
||
552 |
||
553 |
||
554 |
||
555 |
/** |
|
556 |
* Returns the name of the cookie. The name cannot be changed after |
|
557 |
* creation. |
|
558 |
* |
|
559 |
* @return a <code>String</code> specifying the cookie's name |
|
560 |
* |
|
561 |
*/ |
|
562 |
||
563 |
public String getName() {
|
|
564 |
return name; |
|
565 |
} |
|
566 |
||
567 |
||
568 |
||
569 |
||
570 |
||
571 |
/** |
|
572 |
* |
|
573 |
* Assigns a new value to a cookie after the cookie is created. |
|
574 |
* If you use a binary value, you may want to use BASE64 encoding. |
|
575 |
* |
|
576 |
* <p>With Version 0 cookies, values should not contain white |
|
577 |
* space, brackets, parentheses, equals signs, commas, |
|
578 |
* double quotes, slashes, question marks, at signs, colons, |
|
579 |
* and semicolons. Empty values may not behave the same way |
|
580 |
* on all browsers. |
|
581 |
* |
|
582 |
* @param newValue a <code>String</code> specifying the new value |
|
583 |
* |
|
584 |
* |
|
585 |
* @see #getValue |
|
586 |
* |
|
587 |
*/ |
|
588 |
||
589 |
public void setValue(String newValue) {
|
|
590 |
value = newValue; |
|
591 |
} |
|
592 |
||
593 |
||
594 |
||
595 |
||
596 |
/** |
|
597 |
* Returns the value of the cookie. |
|
598 |
* |
|
599 |
* @return a <code>String</code> containing the cookie's |
|
600 |
* present value |
|
601 |
* |
|
602 |
* @see #setValue |
|
603 |
* |
|
604 |
*/ |
|
605 |
||
606 |
public String getValue() {
|
|
607 |
return value; |
|
608 |
} |
|
609 |
||
610 |
||
611 |
||
612 |
||
613 |
/** |
|
614 |
* Returns the version of the protocol this cookie complies |
|
615 |
* with. Version 1 complies with RFC 2965/2109, |
|
616 |
* and version 0 complies with the original |
|
617 |
* cookie specification drafted by Netscape. Cookies provided |
|
618 |
* by a browser use and identify the browser's cookie version. |
|
619 |
* |
|
620 |
* |
|
621 |
* @return 0 if the cookie complies with the |
|
622 |
* original Netscape specification; 1 |
|
623 |
* if the cookie complies with RFC 2965/2109 |
|
624 |
* |
|
625 |
* @see #setVersion |
|
626 |
* |
|
627 |
*/ |
|
628 |
||
629 |
public int getVersion() {
|
|
630 |
return version; |
|
631 |
} |
|
632 |
||
633 |
||
634 |
||
635 |
||
636 |
/** |
|
637 |
* Sets the version of the cookie protocol this cookie complies |
|
638 |
* with. Version 0 complies with the original Netscape cookie |
|
639 |
* specification. Version 1 complies with RFC 2965/2109. |
|
640 |
* |
|
641 |
* |
|
642 |
* @param v 0 if the cookie should comply with |
|
643 |
* the original Netscape specification; |
|
644 |
* 1 if the cookie should comply with RFC 2965/2109 |
|
645 |
* |
|
646 |
* @throws IllegalArgumentException if <tt>v</tt> is neither 0 nor 1 |
|
647 |
* |
|
648 |
* @see #getVersion |
|
649 |
* |
|
650 |
*/ |
|
651 |
||
652 |
public void setVersion(int v) {
|
|
653 |
if (v != 0 && v != 1) {
|
|
654 |
throw new IllegalArgumentException("cookie version should be 0 or 1");
|
|
655 |
} |
|
656 |
||
657 |
version = v; |
|
658 |
} |
|
659 |
||
|
1234
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
660 |
/** |
|
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
661 |
* Returns {@code true} if this cookie contains the <i>HttpOnly</i>
|
|
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
662 |
* attribute. This means that the cookie should not be accessible to |
|
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
663 |
* scripting engines, like javascript. |
|
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
664 |
* |
|
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
665 |
* @return {@code true} if this cookie should be considered http only.
|
|
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
666 |
* @see #setHttpOnly(boolean) |
|
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
667 |
*/ |
|
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
668 |
public boolean isHttpOnly() |
|
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
669 |
{
|
|
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
670 |
return httpOnly; |
|
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
671 |
} |
|
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
672 |
|
|
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
673 |
/** |
|
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
674 |
* Indicates whether the cookie should be considered HTTP Only. If set to |
|
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
675 |
* {@code true} it means the cookie should not be accessible to scripting
|
|
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
676 |
* engines like javascript. |
|
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
677 |
* |
|
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
678 |
* @param httpOnly if {@code true} make the cookie HTTP only, i.e.
|
|
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
679 |
* only visible as part of an HTTP request. |
|
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
680 |
* @see #isHttpOnly() |
|
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
681 |
*/ |
|
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
682 |
public void setHttpOnly(boolean httpOnly) |
|
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
683 |
{
|
|
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
684 |
this.httpOnly = httpOnly; |
|
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
685 |
} |
| 2 | 686 |
|
687 |
/** |
|
688 |
* The utility method to check whether a host name is in a domain |
|
689 |
* or not. |
|
690 |
* |
|
691 |
* <p>This concept is described in the cookie specification. |
|
692 |
* To understand the concept, some terminologies need to be defined first: |
|
693 |
* <blockquote> |
|
694 |
* effective host name = hostname if host name contains dot<br> |
|
695 |
* or = hostname.local if not |
|
696 |
* </blockquote> |
|
697 |
* <p>Host A's name domain-matches host B's if: |
|
698 |
* <blockquote><ul> |
|
699 |
* <li>their host name strings string-compare equal; or</li> |
|
700 |
* <li>A is a HDN string and has the form NB, where N is a non-empty |
|
701 |
* name string, B has the form .B', and B' is a HDN string. (So, |
|
702 |
* x.y.com domain-matches .Y.com but not Y.com.)</li> |
|
703 |
* </ul></blockquote> |
|
704 |
* |
|
705 |
* <p>A host isn't in a domain (RFC 2965 sec. 3.3.2) if: |
|
706 |
* <blockquote><ul> |
|
707 |
* <li>The value for the Domain attribute contains no embedded dots, |
|
708 |
* and the value is not .local.</li> |
|
709 |
* <li>The effective host name that derives from the request-host does |
|
710 |
* not domain-match the Domain attribute.</li> |
|
711 |
* <li>The request-host is a HDN (not IP address) and has the form HD, |
|
712 |
* where D is the value of the Domain attribute, and H is a string |
|
713 |
* that contains one or more dots.</li> |
|
714 |
* </ul></blockquote> |
|
715 |
* |
|
716 |
* <p>Examples: |
|
717 |
* <blockquote><ul> |
|
718 |
* <li>A Set-Cookie2 from request-host y.x.foo.com for Domain=.foo.com |
|
719 |
* would be rejected, because H is y.x and contains a dot.</li> |
|
720 |
* <li>A Set-Cookie2 from request-host x.foo.com for Domain=.foo.com |
|
721 |
* would be accepted.</li> |
|
722 |
* <li>A Set-Cookie2 with Domain=.com or Domain=.com., will always be |
|
723 |
* rejected, because there is no embedded dot.</li> |
|
724 |
* <li>A Set-Cookie2 with Domain=ajax.com will be accepted, and the |
|
725 |
* value for Domain will be taken to be .ajax.com, because a dot |
|
726 |
* gets prepended to the value.</li> |
|
727 |
* <li>A Set-Cookie2 from request-host example for Domain=.local will |
|
728 |
* be accepted, because the effective host name for the request- |
|
729 |
* host is example.local, and example.local domain-matches .local.</li> |
|
730 |
* </ul></blockquote> |
|
731 |
* |
|
732 |
* @param domain the domain name to check host name with |
|
733 |
* @param host the host name in question |
|
734 |
* @return <tt>true</tt> if they domain-matches; <tt>false</tt> if not |
|
735 |
*/ |
|
736 |
public static boolean domainMatches(String domain, String host) {
|
|
737 |
if (domain == null || host == null) |
|
738 |
return false; |
|
739 |
||
740 |
// if there's no embedded dot in domain and domain is not .local |
|
741 |
boolean isLocalDomain = ".local".equalsIgnoreCase(domain); |
|
742 |
int embeddedDotInDomain = domain.indexOf('.');
|
|
743 |
if (embeddedDotInDomain == 0) |
|
744 |
embeddedDotInDomain = domain.indexOf('.', 1);
|
|
745 |
if (!isLocalDomain |
|
746 |
&& (embeddedDotInDomain == -1 || embeddedDotInDomain == domain.length() - 1)) |
|
747 |
return false; |
|
748 |
||
749 |
// if the host name contains no dot and the domain name is .local |
|
750 |
int firstDotInHost = host.indexOf('.');
|
|
751 |
if (firstDotInHost == -1 && isLocalDomain) |
|
752 |
return true; |
|
753 |
||
754 |
int domainLength = domain.length(); |
|
755 |
int lengthDiff = host.length() - domainLength; |
|
756 |
if (lengthDiff == 0) {
|
|
757 |
// if the host name and the domain name are just string-compare euqal |
|
758 |
return host.equalsIgnoreCase(domain); |
|
759 |
} |
|
760 |
else if (lengthDiff > 0) {
|
|
761 |
// need to check H & D component |
|
762 |
String H = host.substring(0, lengthDiff); |
|
763 |
String D = host.substring(lengthDiff); |
|
764 |
||
765 |
return (H.indexOf('.') == -1 && D.equalsIgnoreCase(domain));
|
|
766 |
} |
|
767 |
else if (lengthDiff == -1) {
|
|
768 |
// if domain is actually .host |
|
769 |
return (domain.charAt(0) == '.' && |
|
770 |
host.equalsIgnoreCase(domain.substring(1))); |
|
771 |
} |
|
772 |
||
773 |
return false; |
|
774 |
} |
|
775 |
||
776 |
||
777 |
/** |
|
778 |
* Constructs a cookie header string representation of this cookie, |
|
779 |
* which is in the format defined by corresponding cookie specification, |
|
780 |
* but without the leading "Cookie:" token. |
|
781 |
* |
|
782 |
* @return a string form of the cookie. The string has the defined format |
|
783 |
*/ |
|
| 480 | 784 |
@Override |
| 2 | 785 |
public String toString() {
|
786 |
if (getVersion() > 0) {
|
|
787 |
return toRFC2965HeaderString(); |
|
788 |
} else {
|
|
789 |
return toNetscapeHeaderString(); |
|
790 |
} |
|
791 |
} |
|
792 |
||
793 |
||
794 |
/** |
|
795 |
* Test the equality of two http cookies. |
|
796 |
* |
|
797 |
* <p> The result is <tt>true</tt> only if two cookies |
|
798 |
* come from same domain (case-insensitive), |
|
799 |
* have same name (case-insensitive), |
|
800 |
* and have same path (case-sensitive). |
|
801 |
* |
|
802 |
* @return <tt>true</tt> if 2 http cookies equal to each other; |
|
803 |
* otherwise, <tt>false</tt> |
|
804 |
*/ |
|
| 480 | 805 |
@Override |
| 2 | 806 |
public boolean equals(Object obj) {
|
807 |
if (obj == this) |
|
808 |
return true; |
|
809 |
if (!(obj instanceof HttpCookie)) |
|
810 |
return false; |
|
811 |
HttpCookie other = (HttpCookie)obj; |
|
812 |
||
813 |
// One http cookie equals to another cookie (RFC 2965 sec. 3.3.3) if: |
|
814 |
// 1. they come from same domain (case-insensitive), |
|
815 |
// 2. have same name (case-insensitive), |
|
816 |
// 3. and have same path (case-sensitive). |
|
817 |
return equalsIgnoreCase(getName(), other.getName()) && |
|
818 |
equalsIgnoreCase(getDomain(), other.getDomain()) && |
|
819 |
equals(getPath(), other.getPath()); |
|
820 |
} |
|
821 |
||
822 |
||
823 |
/** |
|
824 |
* Return hash code of this http cookie. The result is the sum of |
|
825 |
* hash code value of three significant components of this cookie: |
|
826 |
* name, domain, and path. |
|
827 |
* That is, the hash code is the value of the expression: |
|
828 |
* <blockquote> |
|
829 |
* getName().toLowerCase().hashCode()<br> |
|
830 |
* + getDomain().toLowerCase().hashCode()<br> |
|
831 |
* + getPath().hashCode() |
|
832 |
* </blockquote> |
|
833 |
* |
|
834 |
* @return this http cookie's hash code |
|
835 |
*/ |
|
| 480 | 836 |
@Override |
| 2 | 837 |
public int hashCode() {
|
838 |
int h1 = name.toLowerCase().hashCode(); |
|
839 |
int h2 = (domain!=null) ? domain.toLowerCase().hashCode() : 0; |
|
840 |
int h3 = (path!=null) ? path.hashCode() : 0; |
|
841 |
||
842 |
return h1 + h2 + h3; |
|
843 |
} |
|
844 |
||
845 |
/** |
|
846 |
* Create and return a copy of this object. |
|
847 |
* |
|
848 |
* @return a clone of this http cookie |
|
849 |
*/ |
|
| 480 | 850 |
@Override |
| 2 | 851 |
public Object clone() {
|
852 |
try {
|
|
853 |
return super.clone(); |
|
854 |
} catch (CloneNotSupportedException e) {
|
|
855 |
throw new RuntimeException(e.getMessage()); |
|
856 |
} |
|
857 |
} |
|
858 |
||
859 |
||
860 |
/* ---------------- Private operations -------------- */ |
|
861 |
||
862 |
// Note -- disabled for now to allow full Netscape compatibility |
|
863 |
// from RFC 2068, token special case characters |
|
864 |
// |
|
865 |
// private static final String tspecials = "()<>@,;:\\\"/[]?={} \t";
|
|
866 |
private static final String tspecials = ",;"; |
|
867 |
||
868 |
/* |
|
869 |
* Tests a string and returns true if the string counts as a |
|
870 |
* token. |
|
871 |
* |
|
872 |
* @param value the <code>String</code> to be tested |
|
873 |
* |
|
874 |
* @return <code>true</code> if the <code>String</code> is |
|
875 |
* a token; <code>false</code> if it is not |
|
876 |
*/ |
|
877 |
||
878 |
private static boolean isToken(String value) {
|
|
879 |
int len = value.length(); |
|
880 |
||
881 |
for (int i = 0; i < len; i++) {
|
|
882 |
char c = value.charAt(i); |
|
883 |
||
884 |
if (c < 0x20 || c >= 0x7f || tspecials.indexOf(c) != -1) |
|
885 |
return false; |
|
886 |
} |
|
887 |
return true; |
|
888 |
} |
|
889 |
||
890 |
||
891 |
/* |
|
892 |
* @param name the name to be tested |
|
893 |
* @return <tt>true</tt> if the name is reserved by cookie |
|
894 |
* specification, <tt>false</tt> if it is not |
|
895 |
*/ |
|
896 |
private static boolean isReserved(String name) {
|
|
897 |
if (name.equalsIgnoreCase("Comment")
|
|
898 |
|| name.equalsIgnoreCase("CommentURL") // rfc2965 only
|
|
899 |
|| name.equalsIgnoreCase("Discard") // rfc2965 only
|
|
900 |
|| name.equalsIgnoreCase("Domain")
|
|
901 |
|| name.equalsIgnoreCase("Expires") // netscape draft only
|
|
902 |
|| name.equalsIgnoreCase("Max-Age")
|
|
903 |
|| name.equalsIgnoreCase("Path")
|
|
904 |
|| name.equalsIgnoreCase("Port") // rfc2965 only
|
|
905 |
|| name.equalsIgnoreCase("Secure")
|
|
906 |
|| name.equalsIgnoreCase("Version")
|
|
|
1234
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
907 |
|| name.equalsIgnoreCase("HttpOnly")
|
| 2 | 908 |
|| name.charAt(0) == '$') |
909 |
{
|
|
910 |
return true; |
|
911 |
} |
|
912 |
||
913 |
return false; |
|
914 |
} |
|
915 |
||
916 |
||
917 |
/* |
|
918 |
* Parse header string to cookie object. |
|
919 |
* |
|
920 |
* @param header header string; should contain only one NAME=VALUE pair |
|
921 |
* |
|
922 |
* @return an HttpCookie being extracted |
|
923 |
* |
|
924 |
* @throws IllegalArgumentException if header string violates the cookie |
|
925 |
* specification |
|
926 |
*/ |
|
927 |
private static HttpCookie parseInternal(String header) |
|
928 |
{
|
|
929 |
HttpCookie cookie = null; |
|
930 |
String namevaluePair = null; |
|
931 |
||
932 |
StringTokenizer tokenizer = new StringTokenizer(header, ";"); |
|
933 |
||
934 |
// there should always have at least on name-value pair; |
|
935 |
// it's cookie's name |
|
936 |
try {
|
|
937 |
namevaluePair = tokenizer.nextToken(); |
|
938 |
int index = namevaluePair.indexOf('=');
|
|
939 |
if (index != -1) {
|
|
940 |
String name = namevaluePair.substring(0, index).trim(); |
|
941 |
String value = namevaluePair.substring(index + 1).trim(); |
|
942 |
cookie = new HttpCookie(name, stripOffSurroundingQuote(value)); |
|
943 |
} else {
|
|
944 |
// no "=" in name-value pair; it's an error |
|
945 |
throw new IllegalArgumentException("Invalid cookie name-value pair");
|
|
946 |
} |
|
947 |
} catch (NoSuchElementException ignored) {
|
|
948 |
throw new IllegalArgumentException("Empty cookie header string");
|
|
949 |
} |
|
950 |
||
951 |
// remaining name-value pairs are cookie's attributes |
|
952 |
while (tokenizer.hasMoreTokens()) {
|
|
953 |
namevaluePair = tokenizer.nextToken(); |
|
954 |
int index = namevaluePair.indexOf('=');
|
|
955 |
String name, value; |
|
956 |
if (index != -1) {
|
|
957 |
name = namevaluePair.substring(0, index).trim(); |
|
958 |
value = namevaluePair.substring(index + 1).trim(); |
|
959 |
} else {
|
|
960 |
name = namevaluePair.trim(); |
|
961 |
value = null; |
|
962 |
} |
|
963 |
||
964 |
// assign attribute to cookie |
|
965 |
assignAttribute(cookie, name, value); |
|
966 |
} |
|
967 |
||
968 |
return cookie; |
|
969 |
} |
|
970 |
||
971 |
||
972 |
/* |
|
973 |
* assign cookie attribute value to attribute name; |
|
974 |
* use a map to simulate method dispatch |
|
975 |
*/ |
|
976 |
static interface CookieAttributeAssignor {
|
|
977 |
public void assign(HttpCookie cookie, String attrName, String attrValue); |
|
978 |
} |
|
979 |
static java.util.Map<String, CookieAttributeAssignor> assignors = null; |
|
980 |
static {
|
|
981 |
assignors = new java.util.HashMap<String, CookieAttributeAssignor>(); |
|
982 |
assignors.put("comment", new CookieAttributeAssignor(){
|
|
983 |
public void assign(HttpCookie cookie, String attrName, String attrValue) {
|
|
984 |
if (cookie.getComment() == null) cookie.setComment(attrValue); |
|
985 |
} |
|
986 |
}); |
|
987 |
assignors.put("commenturl", new CookieAttributeAssignor(){
|
|
988 |
public void assign(HttpCookie cookie, String attrName, String attrValue) {
|
|
989 |
if (cookie.getCommentURL() == null) cookie.setCommentURL(attrValue); |
|
990 |
} |
|
991 |
}); |
|
992 |
assignors.put("discard", new CookieAttributeAssignor(){
|
|
993 |
public void assign(HttpCookie cookie, String attrName, String attrValue) {
|
|
994 |
cookie.setDiscard(true); |
|
995 |
} |
|
996 |
}); |
|
997 |
assignors.put("domain", new CookieAttributeAssignor(){
|
|
998 |
public void assign(HttpCookie cookie, String attrName, String attrValue) {
|
|
999 |
if (cookie.getDomain() == null) cookie.setDomain(attrValue); |
|
1000 |
} |
|
1001 |
}); |
|
1002 |
assignors.put("max-age", new CookieAttributeAssignor(){
|
|
1003 |
public void assign(HttpCookie cookie, String attrName, String attrValue) {
|
|
1004 |
try {
|
|
1005 |
long maxage = Long.parseLong(attrValue); |
|
1006 |
if (cookie.getMaxAge() == MAX_AGE_UNSPECIFIED) cookie.setMaxAge(maxage); |
|
1007 |
} catch (NumberFormatException ignored) {
|
|
1008 |
throw new IllegalArgumentException("Illegal cookie max-age attribute");
|
|
1009 |
} |
|
1010 |
} |
|
1011 |
}); |
|
1012 |
assignors.put("path", new CookieAttributeAssignor(){
|
|
1013 |
public void assign(HttpCookie cookie, String attrName, String attrValue) {
|
|
1014 |
if (cookie.getPath() == null) cookie.setPath(attrValue); |
|
1015 |
} |
|
1016 |
}); |
|
1017 |
assignors.put("port", new CookieAttributeAssignor(){
|
|
1018 |
public void assign(HttpCookie cookie, String attrName, String attrValue) {
|
|
| 480 | 1019 |
if (cookie.getPortlist() == null) cookie.setPortlist(attrValue == null ? "" : attrValue); |
| 2 | 1020 |
} |
1021 |
}); |
|
1022 |
assignors.put("secure", new CookieAttributeAssignor(){
|
|
1023 |
public void assign(HttpCookie cookie, String attrName, String attrValue) {
|
|
1024 |
cookie.setSecure(true); |
|
1025 |
} |
|
1026 |
}); |
|
|
1234
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
1027 |
assignors.put("httponly", new CookieAttributeAssignor(){
|
|
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
1028 |
public void assign(HttpCookie cookie, String attrName, String attrValue) {
|
|
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
1029 |
cookie.setHttpOnly(true); |
|
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
1030 |
} |
|
e3dc213d4879
6692802: HttpCookie needs to support HttpOnly attribute
jccollet
parents:
715
diff
changeset
|
1031 |
}); |
| 2 | 1032 |
assignors.put("version", new CookieAttributeAssignor(){
|
1033 |
public void assign(HttpCookie cookie, String attrName, String attrValue) {
|
|
1034 |
try {
|
|
1035 |
int version = Integer.parseInt(attrValue); |
|
1036 |
cookie.setVersion(version); |
|
1037 |
} catch (NumberFormatException ignored) {
|
|
1038 |
throw new IllegalArgumentException("Illegal cookie version attribute");
|
|
1039 |
} |
|
1040 |
} |
|
1041 |
}); |
|
1042 |
assignors.put("expires", new CookieAttributeAssignor(){ // Netscape only
|
|
1043 |
public void assign(HttpCookie cookie, String attrName, String attrValue) {
|
|
1044 |
if (cookie.getMaxAge() == MAX_AGE_UNSPECIFIED) {
|
|
1045 |
cookie.setMaxAge(cookie.expiryDate2DeltaSeconds(attrValue)); |
|
1046 |
} |
|
1047 |
} |
|
1048 |
}); |
|
1049 |
} |
|
1050 |
private static void assignAttribute(HttpCookie cookie, |
|
1051 |
String attrName, |
|
1052 |
String attrValue) |
|
1053 |
{
|
|
1054 |
// strip off the surrounding "-sign if there's any |
|
1055 |
attrValue = stripOffSurroundingQuote(attrValue); |
|
1056 |
||
1057 |
CookieAttributeAssignor assignor = assignors.get(attrName.toLowerCase()); |
|
1058 |
if (assignor != null) {
|
|
1059 |
assignor.assign(cookie, attrName, attrValue); |
|
1060 |
} else {
|
|
1061 |
// must be an error |
|
1062 |
throw new IllegalArgumentException("Illegal cookie attribute");
|
|
1063 |
} |
|
1064 |
} |
|
1065 |
||
1066 |
/* |
|
1067 |
* Constructs a string representation of this cookie. The string format is |
|
1068 |
* as Netscape spec, but without leading "Cookie:" token. |
|
1069 |
*/ |
|
1070 |
private String toNetscapeHeaderString() {
|
|
1071 |
StringBuilder sb = new StringBuilder(); |
|
1072 |
||
1073 |
sb.append(getName() + "=" + getValue()); |
|
1074 |
||
1075 |
return sb.toString(); |
|
1076 |
} |
|
1077 |
||
1078 |
/* |
|
1079 |
* Constructs a string representation of this cookie. The string format is |
|
1080 |
* as RFC 2965/2109, but without leading "Cookie:" token. |
|
1081 |
*/ |
|
1082 |
private String toRFC2965HeaderString() {
|
|
1083 |
StringBuilder sb = new StringBuilder(); |
|
1084 |
||
1085 |
sb.append(getName()).append("=\"").append(getValue()).append('"');
|
|
1086 |
if (getPath() != null) |
|
1087 |
sb.append(";$Path=\"").append(getPath()).append('"');
|
|
1088 |
if (getDomain() != null) |
|
1089 |
sb.append(";$Domain=\"").append(getDomain()).append('"');
|
|
1090 |
if (getPortlist() != null) |
|
1091 |
sb.append(";$Port=\"").append(getPortlist()).append('"');
|
|
1092 |
||
1093 |
return sb.toString(); |
|
1094 |
} |
|
1095 |
||
| 480 | 1096 |
private static SimpleDateFormat[] cDateFormats = null; |
1097 |
static {
|
|
1098 |
cDateFormats = new SimpleDateFormat[COOKIE_DATE_FORMATS.length]; |
|
1099 |
for (int i = 0; i < COOKIE_DATE_FORMATS.length; i++) {
|
|
1100 |
cDateFormats[i] = new SimpleDateFormat(COOKIE_DATE_FORMATS[i]); |
|
1101 |
cDateFormats[i].setTimeZone(TimeZone.getTimeZone("GMT"));
|
|
1102 |
} |
|
1103 |
} |
|
| 2 | 1104 |
/* |
| 480 | 1105 |
* @param dateString a date string in one of the formats |
1106 |
* defined in Netscape cookie spec |
|
| 2 | 1107 |
* |
1108 |
* @return delta seconds between this cookie's creation |
|
1109 |
* time and the time specified by dateString |
|
1110 |
*/ |
|
1111 |
private long expiryDate2DeltaSeconds(String dateString) {
|
|
| 480 | 1112 |
for (SimpleDateFormat df : cDateFormats) {
|
1113 |
try {
|
|
1114 |
Date date = df.parse(dateString); |
|
1115 |
return (date.getTime() - whenCreated) / 1000; |
|
1116 |
} catch (Exception e) {
|
|
| 2 | 1117 |
|
| 480 | 1118 |
} |
| 2 | 1119 |
} |
| 480 | 1120 |
return 0; |
| 2 | 1121 |
} |
1122 |
||
1123 |
||
1124 |
||
1125 |
/* |
|
1126 |
* try to guess the cookie version through set-cookie header string |
|
1127 |
*/ |
|
1128 |
private static int guessCookieVersion(String header) {
|
|
1129 |
int version = 0; |
|
1130 |
||
1131 |
header = header.toLowerCase(); |
|
1132 |
if (header.indexOf("expires=") != -1) {
|
|
1133 |
// only netscape cookie using 'expires' |
|
1134 |
version = 0; |
|
1135 |
} else if (header.indexOf("version=") != -1) {
|
|
1136 |
// version is mandatory for rfc 2965/2109 cookie |
|
1137 |
version = 1; |
|
1138 |
} else if (header.indexOf("max-age") != -1) {
|
|
1139 |
// rfc 2965/2109 use 'max-age' |
|
1140 |
version = 1; |
|
1141 |
} else if (startsWithIgnoreCase(header, SET_COOKIE2)) {
|
|
1142 |
// only rfc 2965 cookie starts with 'set-cookie2' |
|
1143 |
version = 1; |
|
1144 |
} |
|
1145 |
||
1146 |
return version; |
|
1147 |
} |
|
1148 |
||
1149 |
private static String stripOffSurroundingQuote(String str) {
|
|
1150 |
if (str != null && str.length() > 0 && |
|
1151 |
str.charAt(0) == '"' && str.charAt(str.length() - 1) == '"') {
|
|
1152 |
return str.substring(1, str.length() - 1); |
|
1153 |
} else {
|
|
1154 |
return str; |
|
1155 |
} |
|
1156 |
} |
|
1157 |
||
1158 |
private static boolean equalsIgnoreCase(String s, String t) {
|
|
1159 |
if (s == t) return true; |
|
1160 |
if ((s != null) && (t != null)) {
|
|
1161 |
return s.equalsIgnoreCase(t); |
|
1162 |
} |
|
1163 |
return false; |
|
1164 |
} |
|
1165 |
||
1166 |
private static boolean equals(String s, String t) {
|
|
1167 |
if (s == t) return true; |
|
1168 |
if ((s != null) && (t != null)) {
|
|
1169 |
return s.equals(t); |
|
1170 |
} |
|
1171 |
return false; |
|
1172 |
} |
|
1173 |
||
1174 |
private static boolean startsWithIgnoreCase(String s, String start) {
|
|
1175 |
if (s == null || start == null) return false; |
|
1176 |
||
1177 |
if (s.length() >= start.length() && |
|
1178 |
start.equalsIgnoreCase(s.substring(0, start.length()))) {
|
|
1179 |
return true; |
|
1180 |
} |
|
1181 |
||
1182 |
return false; |
|
1183 |
} |
|
1184 |
||
1185 |
/* |
|
1186 |
* Split cookie header string according to rfc 2965: |
|
1187 |
* 1) split where it is a comma; |
|
1188 |
* 2) but not the comma surrounding by double-quotes, which is the comma |
|
1189 |
* inside port list or embeded URIs. |
|
1190 |
* |
|
1191 |
* @param header the cookie header string to split |
|
1192 |
* |
|
1193 |
* @return list of strings; never null |
|
1194 |
* |
|
1195 |
*/ |
|
1196 |
private static List<String> splitMultiCookies(String header) {
|
|
1197 |
List<String> cookies = new java.util.ArrayList<String>(); |
|
1198 |
int quoteCount = 0; |
|
1199 |
int p, q; |
|
1200 |
||
1201 |
for (p = 0, q = 0; p < header.length(); p++) {
|
|
1202 |
char c = header.charAt(p); |
|
1203 |
if (c == '"') quoteCount++; |
|
1204 |
if (c == ',' && (quoteCount % 2 == 0)) { // it is comma and not surrounding by double-quotes
|
|
1205 |
cookies.add(header.substring(q, p)); |
|
1206 |
q = p + 1; |
|
1207 |
} |
|
1208 |
} |
|
1209 |
||
1210 |
cookies.add(header.substring(q)); |
|
1211 |
||
1212 |
return cookies; |
|
1213 |
} |
|
1214 |
} |