equal
deleted
inserted
replaced
216 // apply path-matches rule (RFC 2965 sec. 3.3.4) |
216 // apply path-matches rule (RFC 2965 sec. 3.3.4) |
217 // and check for the possible "secure" tag (i.e. don't send |
217 // and check for the possible "secure" tag (i.e. don't send |
218 // 'secure' cookies over unsecure links) |
218 // 'secure' cookies over unsecure links) |
219 if (pathMatches(path, cookie.getPath()) && |
219 if (pathMatches(path, cookie.getPath()) && |
220 (secureLink || !cookie.getSecure())) { |
220 (secureLink || !cookie.getSecure())) { |
|
221 // Enforce httponly attribute |
|
222 if (cookie.isHttpOnly()) { |
|
223 String s = uri.getScheme(); |
|
224 if (!"http".equalsIgnoreCase(s) && !"https".equalsIgnoreCase(s)) { |
|
225 continue; |
|
226 } |
|
227 } |
221 // Let's check the authorize port list if it exists |
228 // Let's check the authorize port list if it exists |
222 String ports = cookie.getPortlist(); |
229 String ports = cookie.getPortlist(); |
223 if (ports != null && !ports.isEmpty()) { |
230 if (ports != null && !ports.isEmpty()) { |
224 int port = uri.getPort(); |
231 int port = uri.getPort(); |
225 if (port == -1) { |
232 if (port == -1) { |