View Javadoc

1   /*
2    * ====================================================================
3    * Licensed to the Apache Software Foundation (ASF) under one
4    * or more contributor license agreements.  See the NOTICE file
5    * distributed with this work for additional information
6    * regarding copyright ownership.  The ASF licenses this file
7    * to you under the Apache License, Version 2.0 (the
8    * "License"); you may not use this file except in compliance
9    * with the License.  You may obtain a copy of the License at
10   *
11   *   http://www.apache.org/licenses/LICENSE-2.0
12   *
13   * Unless required by applicable law or agreed to in writing,
14   * software distributed under the License is distributed on an
15   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16   * KIND, either express or implied.  See the License for the
17   * specific language governing permissions and limitations
18   * under the License.
19   * ====================================================================
20   *
21   * This software consists of voluntary contributions made by many
22   * individuals on behalf of the Apache Software Foundation.  For more
23   * information on the Apache Software Foundation, please see
24   * <http://www.apache.org/>.
25   *
26   */
27  package org.apache.http.impl.cookie;
28  
29  import org.apache.http.annotation.Immutable;
30  import org.apache.http.cookie.ClientCookie;
31  import org.apache.http.cookie.CommonCookieAttributeHandler;
32  import org.apache.http.cookie.Cookie;
33  import org.apache.http.cookie.CookieOrigin;
34  import org.apache.http.cookie.CookieRestrictionViolationException;
35  import org.apache.http.cookie.MalformedCookieException;
36  import org.apache.http.cookie.SetCookie;
37  import org.apache.http.util.Args;
38  
39  /**
40   *
41   * @since 4.0
42   */
43  @Immutable
44  public class BasicDomainHandler implements CommonCookieAttributeHandler {
45  
46      public BasicDomainHandler() {
47          super();
48      }
49  
50      @Override
51      public void parse(final SetCookie cookie, final String value)
52              throws MalformedCookieException {
53          Args.notNull(cookie, "Cookie");
54          if (value == null) {
55              throw new MalformedCookieException("Missing value for domain attribute");
56          }
57          if (value.trim().isEmpty()) {
58              throw new MalformedCookieException("Blank value for domain attribute");
59          }
60          cookie.setDomain(value);
61      }
62  
63      @Override
64      public void validate(final Cookie cookie, final CookieOrigin origin)
65              throws MalformedCookieException {
66          Args.notNull(cookie, "Cookie");
67          Args.notNull(origin, "Cookie origin");
68          // Validate the cookies domain attribute.  NOTE:  Domains without
69          // any dots are allowed to support hosts on private LANs that don't
70          // have DNS names.  Since they have no dots, to domain-match the
71          // request-host and domain must be identical for the cookie to sent
72          // back to the origin-server.
73          final String host = origin.getHost();
74          String domain = cookie.getDomain();
75          if (domain == null) {
76              throw new CookieRestrictionViolationException("Cookie domain may not be null");
77          }
78          if (host.contains(".")) {
79              // Not required to have at least two dots.  RFC 2965.
80              // A Set-Cookie2 with Domain=ajax.com will be accepted.
81  
82              // domain must match host
83              if (!host.endsWith(domain)) {
84                  if (domain.startsWith(".")) {
85                      domain = domain.substring(1, domain.length());
86                  }
87                  if (!host.equals(domain)) {
88                      throw new CookieRestrictionViolationException(
89                          "Illegal domain attribute \"" + domain
90                          + "\". Domain of origin: \"" + host + "\"");
91                  }
92              }
93          } else {
94              if (!host.equals(domain)) {
95                  throw new CookieRestrictionViolationException(
96                      "Illegal domain attribute \"" + domain
97                      + "\". Domain of origin: \"" + host + "\"");
98              }
99          }
100     }
101 
102     @Override
103     public boolean match(final Cookie cookie, final CookieOrigin origin) {
104         Args.notNull(cookie, "Cookie");
105         Args.notNull(origin, "Cookie origin");
106         final String host = origin.getHost();
107         String domain = cookie.getDomain();
108         if (domain == null) {
109             return false;
110         }
111         if (host.equals(domain)) {
112             return true;
113         }
114         if (!domain.startsWith(".")) {
115             domain = '.' + domain;
116         }
117         return host.endsWith(domain) || host.equals(domain.substring(1));
118     }
119 
120     @Override
121     public String getAttributeName() {
122         return ClientCookie.DOMAIN_ATTR;
123     }
124 
125 }