Mercurial Mercurial > jdk-sandbox / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
jdk/src/share/classes/java/net/CookieManager.java
changeset 4154 afd948aaf965
parent 3858 ea9c34fc8590
child 4324 5fd48b8b450b 
--- a/jdk/src/share/classes/java/net/CookieManager.java	Wed Oct 21 00:12:59 2009 -0700
+++ b/jdk/src/share/classes/java/net/CookieManager.java	Wed Oct 21 13:42:39 2009 +0200
@@ -218,6 +218,13 @@
             // 'secure' cookies over unsecure links)
             if (pathMatches(path, cookie.getPath()) &&
                     (secureLink || !cookie.getSecure())) {
+                // Enforce httponly attribute
+                if (cookie.isHttpOnly()) {
+                    String s = uri.getScheme();
+                    if (!"http".equalsIgnoreCase(s) && !"https".equalsIgnoreCase(s)) {
+                        continue;
+                    }
+                }
                 // Let's check the authorize port list if it exists
                 String ports = cookie.getPortlist();
                 if (ports != null && !ports.isEmpty()) {
jdk-sandbox