View Javadoc

1   /*
2    * ====================================================================
3    * Licensed to the Apache Software Foundation (ASF) under one
4    * or more contributor license agreements.  See the NOTICE file
5    * distributed with this work for additional information
6    * regarding copyright ownership.  The ASF licenses this file
7    * to you under the Apache License, Version 2.0 (the
8    * "License"); you may not use this file except in compliance
9    * with the License.  You may obtain a copy of the License at
10   *
11   *   http://www.apache.org/licenses/LICENSE-2.0
12   *
13   * Unless required by applicable law or agreed to in writing,
14   * software distributed under the License is distributed on an
15   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16   * KIND, either express or implied.  See the License for the
17   * specific language governing permissions and limitations
18   * under the License.
19   * ====================================================================
20   *
21   * This software consists of voluntary contributions made by many
22   * individuals on behalf of the Apache Software Foundation.  For more
23   * information on the Apache Software Foundation, please see
24   * <http://www.apache.org/>.
25   *
26   */
27  package org.apache.http.impl.cookie;
28  
29  import org.apache.http.annotation.Immutable;
30  import org.apache.http.cookie.Cookie;
31  import org.apache.http.cookie.CookieAttributeHandler;
32  import org.apache.http.cookie.CookieOrigin;
33  import org.apache.http.cookie.CookieRestrictionViolationException;
34  import org.apache.http.cookie.MalformedCookieException;
35  import org.apache.http.cookie.SetCookie;
36  import org.apache.http.util.Args;
37  
38  /**
39   *
40   * @since 4.0
41   */
42  @Immutable
43  public class BasicDomainHandler implements CookieAttributeHandler {
44  
45      public BasicDomainHandler() {
46          super();
47      }
48  
49      @Override
50      public void parse(final SetCookie cookie, final String value)
51              throws MalformedCookieException {
52          Args.notNull(cookie, "Cookie");
53          if (value == null) {
54              throw new MalformedCookieException("Missing value for domain attribute");
55          }
56          if (value.trim().isEmpty()) {
57              throw new MalformedCookieException("Blank value for domain attribute");
58          }
59          cookie.setDomain(value);
60      }
61  
62      @Override
63      public void validate(final Cookie cookie, final CookieOrigin origin)
64              throws MalformedCookieException {
65          Args.notNull(cookie, "Cookie");
66          Args.notNull(origin, "Cookie origin");
67          // Validate the cookies domain attribute.  NOTE:  Domains without
68          // any dots are allowed to support hosts on private LANs that don't
69          // have DNS names.  Since they have no dots, to domain-match the
70          // request-host and domain must be identical for the cookie to sent
71          // back to the origin-server.
72          final String host = origin.getHost();
73          String domain = cookie.getDomain();
74          if (domain == null) {
75              throw new CookieRestrictionViolationException("Cookie domain may not be null");
76          }
77          if (host.contains(".")) {
78              // Not required to have at least two dots.  RFC 2965.
79              // A Set-Cookie2 with Domain=ajax.com will be accepted.
80  
81              // domain must match host
82              if (!host.endsWith(domain)) {
83                  if (domain.startsWith(".")) {
84                      domain = domain.substring(1, domain.length());
85                  }
86                  if (!host.equals(domain)) {
87                      throw new CookieRestrictionViolationException(
88                          "Illegal domain attribute \"" + domain
89                          + "\". Domain of origin: \"" + host + "\"");
90                  }
91              }
92          } else {
93              if (!host.equals(domain)) {
94                  throw new CookieRestrictionViolationException(
95                      "Illegal domain attribute \"" + domain
96                      + "\". Domain of origin: \"" + host + "\"");
97              }
98          }
99      }
100 
101     @Override
102     public boolean match(final Cookie cookie, final CookieOrigin origin) {
103         Args.notNull(cookie, "Cookie");
104         Args.notNull(origin, "Cookie origin");
105         final String host = origin.getHost();
106         String domain = cookie.getDomain();
107         if (domain == null) {
108             return false;
109         }
110         if (host.equals(domain)) {
111             return true;
112         }
113         if (!domain.startsWith(".")) {
114             domain = '.' + domain;
115         }
116         return host.endsWith(domain) || host.equals(domain.substring(1));
117     }
118 
119 }