View Javadoc

1   /*
2    * ====================================================================
3    * Licensed to the Apache Software Foundation (ASF) under one
4    * or more contributor license agreements.  See the NOTICE file
5    * distributed with this work for additional information
6    * regarding copyright ownership.  The ASF licenses this file
7    * to you under the Apache License, Version 2.0 (the
8    * "License"); you may not use this file except in compliance
9    * with the License.  You may obtain a copy of the License at
10   *
11   *   http://www.apache.org/licenses/LICENSE-2.0
12   *
13   * Unless required by applicable law or agreed to in writing,
14   * software distributed under the License is distributed on an
15   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16   * KIND, either express or implied.  See the License for the
17   * specific language governing permissions and limitations
18   * under the License.
19   * ====================================================================
20   *
21   * This software consists of voluntary contributions made by many
22   * individuals on behalf of the Apache Software Foundation.  For more
23   * information on the Apache Software Foundation, please see
24   * <http://www.apache.org/>.
25   *
26   */
27  package org.apache.http.impl.cookie;
28  
29  import java.util.Locale;
30  
31  import org.apache.http.annotation.Immutable;
32  
33  import org.apache.http.cookie.Cookie;
34  import org.apache.http.cookie.CookieAttributeHandler;
35  import org.apache.http.cookie.CookieOrigin;
36  import org.apache.http.cookie.CookieRestrictionViolationException;
37  import org.apache.http.cookie.MalformedCookieException;
38  import org.apache.http.cookie.SetCookie;
39  
40  /**
41   *
42   * @since 4.0
43   */
44  @Immutable
45  public class RFC2109DomainHandler implements CookieAttributeHandler {
46  
47      public RFC2109DomainHandler() {
48          super();
49      }
50  
51      public void parse(final SetCookie cookie, final String value)
52              throws MalformedCookieException {
53          if (cookie == null) {
54              throw new IllegalArgumentException("Cookie may not be null");
55          }
56          if (value == null) {
57              throw new MalformedCookieException("Missing value for domain attribute");
58          }
59          if (value.trim().length() == 0) {
60              throw new MalformedCookieException("Blank value for domain attribute");
61          }
62          cookie.setDomain(value);
63      }
64  
65      public void validate(final Cookie cookie, final CookieOrigin origin)
66              throws MalformedCookieException {
67          if (cookie == null) {
68              throw new IllegalArgumentException("Cookie may not be null");
69          }
70          if (origin == null) {
71              throw new IllegalArgumentException("Cookie origin may not be null");
72          }
73          String host = origin.getHost();
74          String domain = cookie.getDomain();
75          if (domain == null) {
76              throw new CookieRestrictionViolationException("Cookie domain may not be null");
77          }
78          if (!domain.equals(host)) {
79              int dotIndex = domain.indexOf('.');
80              if (dotIndex == -1) {
81                  throw new CookieRestrictionViolationException("Domain attribute \""
82                          + domain
83                          + "\" does not match the host \""
84                          + host + "\"");
85              }
86              // domain must start with dot
87              if (!domain.startsWith(".")) {
88                  throw new CookieRestrictionViolationException("Domain attribute \""
89                      + domain
90                      + "\" violates RFC 2109: domain must start with a dot");
91              }
92              // domain must have at least one embedded dot
93              dotIndex = domain.indexOf('.', 1);
94              if (dotIndex < 0 || dotIndex == domain.length() - 1) {
95                  throw new CookieRestrictionViolationException("Domain attribute \""
96                      + domain
97                      + "\" violates RFC 2109: domain must contain an embedded dot");
98              }
99              host = host.toLowerCase(Locale.ENGLISH);
100             if (!host.endsWith(domain)) {
101                 throw new CookieRestrictionViolationException(
102                     "Illegal domain attribute \"" + domain
103                     + "\". Domain of origin: \"" + host + "\"");
104             }
105             // host minus domain may not contain any dots
106             String hostWithoutDomain = host.substring(0, host.length() - domain.length());
107             if (hostWithoutDomain.indexOf('.') != -1) {
108                 throw new CookieRestrictionViolationException("Domain attribute \""
109                     + domain
110                     + "\" violates RFC 2109: host minus domain may not contain any dots");
111             }
112         }
113     }
114 
115     public boolean match(final Cookie cookie, final CookieOrigin origin) {
116         if (cookie == null) {
117             throw new IllegalArgumentException("Cookie may not be null");
118         }
119         if (origin == null) {
120             throw new IllegalArgumentException("Cookie origin may not be null");
121         }
122         String host = origin.getHost();
123         String domain = cookie.getDomain();
124         if (domain == null) {
125             return false;
126         }
127         return host.equals(domain) || (domain.startsWith(".") && host.endsWith(domain));
128     }
129 
130 }