View Javadoc

1   /*
2    * ====================================================================
3    * Licensed to the Apache Software Foundation (ASF) under one
4    * or more contributor license agreements.  See the NOTICE file
5    * distributed with this work for additional information
6    * regarding copyright ownership.  The ASF licenses this file
7    * to you under the Apache License, Version 2.0 (the
8    * "License"); you may not use this file except in compliance
9    * with the License.  You may obtain a copy of the License at
10   *
11   *   http://www.apache.org/licenses/LICENSE-2.0
12   *
13   * Unless required by applicable law or agreed to in writing,
14   * software distributed under the License is distributed on an
15   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16   * KIND, either express or implied.  See the License for the
17   * specific language governing permissions and limitations
18   * under the License.
19   * ====================================================================
20   *
21   * This software consists of voluntary contributions made by many
22   * individuals on behalf of the Apache Software Foundation.  For more
23   * information on the Apache Software Foundation, please see
24   * <http://www.apache.org/>.
25   *
26   */
27  
28  package org.apache.http.impl.cookie;
29  
30  import java.util.ArrayList;
31  import java.util.Collections;
32  import java.util.List;
33  import java.util.Locale;
34  
35  import org.apache.http.FormattedHeader;
36  import org.apache.http.Header;
37  import org.apache.http.HeaderElement;
38  import org.apache.http.NameValuePair;
39  import org.apache.http.annotation.NotThreadSafe;
40  import org.apache.http.client.utils.DateUtils;
41  import org.apache.http.cookie.ClientCookie;
42  import org.apache.http.cookie.Cookie;
43  import org.apache.http.cookie.CookieAttributeHandler;
44  import org.apache.http.cookie.CookieOrigin;
45  import org.apache.http.cookie.MalformedCookieException;
46  import org.apache.http.cookie.SM;
47  import org.apache.http.message.BasicHeaderElement;
48  import org.apache.http.message.BasicHeaderValueFormatter;
49  import org.apache.http.message.BufferedHeader;
50  import org.apache.http.message.ParserCursor;
51  import org.apache.http.util.Args;
52  import org.apache.http.util.CharArrayBuffer;
53  import org.apache.http.util.TextUtils;
54  
55  
56  /**
57   * Cookie specification that strives to closely mimic (mis)behavior of
58   * common web browser applications such as Microsoft Internet Explorer
59   * and Mozilla FireFox.
60   *
61   *
62   * @since 4.0
63   */
64  @NotThreadSafe // superclass is @NotThreadSafe
65  public class BrowserCompatSpec extends CookieSpecBase {
66  
67  
68      private static final String[] DEFAULT_DATE_PATTERNS = new String[] {
69          DateUtils.PATTERN_RFC1123,
70          DateUtils.PATTERN_RFC1036,
71          DateUtils.PATTERN_ASCTIME,
72          "EEE, dd-MMM-yyyy HH:mm:ss z",
73          "EEE, dd-MMM-yyyy HH-mm-ss z",
74          "EEE, dd MMM yy HH:mm:ss z",
75          "EEE dd-MMM-yyyy HH:mm:ss z",
76          "EEE dd MMM yyyy HH:mm:ss z",
77          "EEE dd-MMM-yyyy HH-mm-ss z",
78          "EEE dd-MMM-yy HH:mm:ss z",
79          "EEE dd MMM yy HH:mm:ss z",
80          "EEE,dd-MMM-yy HH:mm:ss z",
81          "EEE,dd-MMM-yyyy HH:mm:ss z",
82          "EEE, dd-MM-yyyy HH:mm:ss z",
83      };
84  
85      private final String[] datepatterns;
86  
87      /** Default constructor */
88      public BrowserCompatSpec(final String[] datepatterns, final BrowserCompatSpecFactory.SecurityLevel securityLevel) {
89          super();
90          if (datepatterns != null) {
91              this.datepatterns = datepatterns.clone();
92          } else {
93              this.datepatterns = DEFAULT_DATE_PATTERNS;
94          }
95          switch (securityLevel) {
96              case SECURITYLEVEL_DEFAULT:
97                  registerAttribHandler(ClientCookie.PATH_ATTR, new BasicPathHandler());
98                  break;
99              case SECURITYLEVEL_IE_MEDIUM:
100                 registerAttribHandler(ClientCookie.PATH_ATTR, new BasicPathHandler() {
101                         @Override
102                         public void validate(final Cookie cookie, final CookieOrigin origin) throws MalformedCookieException {
103                             // No validation
104                         }
105                     }
106                 );
107                 break;
108             default:
109                 throw new RuntimeException("Unknown security level");
110         }
111 
112         registerAttribHandler(ClientCookie.DOMAIN_ATTR, new BasicDomainHandler());
113         registerAttribHandler(ClientCookie.MAX_AGE_ATTR, new BasicMaxAgeHandler());
114         registerAttribHandler(ClientCookie.SECURE_ATTR, new BasicSecureHandler());
115         registerAttribHandler(ClientCookie.COMMENT_ATTR, new BasicCommentHandler());
116         registerAttribHandler(ClientCookie.EXPIRES_ATTR, new BasicExpiresHandler(
117                 this.datepatterns));
118         registerAttribHandler(ClientCookie.VERSION_ATTR, new BrowserCompatVersionAttributeHandler());
119     }
120 
121     /** Default constructor */
122     public BrowserCompatSpec(final String[] datepatterns) {
123         this(datepatterns, BrowserCompatSpecFactory.SecurityLevel.SECURITYLEVEL_DEFAULT);
124     }
125 
126     /** Default constructor */
127     public BrowserCompatSpec() {
128         this(null, BrowserCompatSpecFactory.SecurityLevel.SECURITYLEVEL_DEFAULT);
129     }
130 
131     public List<Cookie> parse(final Header header, final CookieOrigin origin)
132             throws MalformedCookieException {
133         Args.notNull(header, "Header");
134         Args.notNull(origin, "Cookie origin");
135         final String headername = header.getName();
136         if (!headername.equalsIgnoreCase(SM.SET_COOKIE)) {
137             throw new MalformedCookieException("Unrecognized cookie header '"
138                     + header.toString() + "'");
139         }
140         final HeaderElement[] helems = header.getElements();
141         boolean versioned = false;
142         boolean netscape = false;
143         for (final HeaderElement helem: helems) {
144             if (helem.getParameterByName("version") != null) {
145                 versioned = true;
146             }
147             if (helem.getParameterByName("expires") != null) {
148                netscape = true;
149             }
150         }
151         if (netscape || !versioned) {
152             // Need to parse the header again, because Netscape style cookies do not correctly
153             // support multiple header elements (comma cannot be treated as an element separator)
154             final NetscapeDraftHeaderParser parser = NetscapeDraftHeaderParser.DEFAULT;
155             final CharArrayBuffer buffer;
156             final ParserCursor cursor;
157             if (header instanceof FormattedHeader) {
158                 buffer = ((FormattedHeader) header).getBuffer();
159                 cursor = new ParserCursor(
160                         ((FormattedHeader) header).getValuePos(),
161                         buffer.length());
162             } else {
163                 final String s = header.getValue();
164                 if (s == null) {
165                     throw new MalformedCookieException("Header value is null");
166                 }
167                 buffer = new CharArrayBuffer(s.length());
168                 buffer.append(s);
169                 cursor = new ParserCursor(0, buffer.length());
170             }
171             final HeaderElement elem = parser.parseHeader(buffer, cursor);
172             final String name = elem.getName();
173             final String value = elem.getValue();
174             if (name == null || TextUtils.isBlank(name)) {
175                 throw new MalformedCookieException("Cookie name may not be empty");
176             }
177             final BasicClientCookie cookie = new BasicClientCookie(name, value);
178             cookie.setPath(getDefaultPath(origin));
179             cookie.setDomain(getDefaultDomain(origin));
180 
181             // cycle through the parameters
182             final NameValuePair[] attribs = elem.getParameters();
183             for (int j = attribs.length - 1; j >= 0; j--) {
184                 final NameValuePair attrib = attribs[j];
185                 final String s = attrib.getName().toLowerCase(Locale.ENGLISH);
186                 cookie.setAttribute(s, attrib.getValue());
187                 final CookieAttributeHandler handler = findAttribHandler(s);
188                 if (handler != null) {
189                     handler.parse(cookie, attrib.getValue());
190                 }
191             }
192             // Override version for Netscape style cookies
193             if (netscape) {
194                 cookie.setVersion(0);
195             }
196             return Collections.<Cookie>singletonList(cookie);
197         } else {
198             return parse(helems, origin);
199         }
200     }
201 
202     private static boolean isQuoteEnclosed(final String s) {
203         return s != null && s.startsWith("\"") && s.endsWith("\"");
204     }
205 
206     public List<Header> formatCookies(final List<Cookie> cookies) {
207         Args.notEmpty(cookies, "List of cookies");
208         final CharArrayBuffer buffer = new CharArrayBuffer(20 * cookies.size());
209         buffer.append(SM.COOKIE);
210         buffer.append(": ");
211         for (int i = 0; i < cookies.size(); i++) {
212             final Cookie cookie = cookies.get(i);
213             if (i > 0) {
214                 buffer.append("; ");
215             }
216             final String cookieName = cookie.getName();
217             final String cookieValue = cookie.getValue();
218             if (cookie.getVersion() > 0 && !isQuoteEnclosed(cookieValue)) {
219                 BasicHeaderValueFormatter.INSTANCE.formatHeaderElement(
220                         buffer,
221                         new BasicHeaderElement(cookieName, cookieValue),
222                         false);
223             } else {
224                 // Netscape style cookies do not support quoted values
225                 buffer.append(cookieName);
226                 buffer.append("=");
227                 if (cookieValue != null) {
228                     buffer.append(cookieValue);
229                 }
230             }
231         }
232         final List<Header> headers = new ArrayList<Header>(1);
233         headers.add(new BufferedHeader(buffer));
234         return headers;
235     }
236 
237     public int getVersion() {
238         return 0;
239     }
240 
241     public Header getVersionHeader() {
242         return null;
243     }
244 
245     @Override
246     public String toString() {
247         return "compatibility";
248     }
249 
250 }