@Contract(threading=IMMUTABLE_CONDITIONAL) public class PublicSuffixDomainFilter extends Object implements CommonCookieAttributeHandler
CookieAttributeHandler
and leverages its match method
to never match a suffix from a black list. May be used to provide additional security for
cross-site attack types by preventing cookies from apparent domains that are not publicly
available.PublicSuffixList
,
PublicSuffixMatcher
Constructor and Description |
---|
PublicSuffixDomainFilter(CommonCookieAttributeHandler handler,
PublicSuffixList suffixList) |
PublicSuffixDomainFilter(CommonCookieAttributeHandler handler,
PublicSuffixMatcher publicSuffixMatcher) |
Modifier and Type | Method and Description |
---|---|
static CommonCookieAttributeHandler |
decorate(CommonCookieAttributeHandler handler,
PublicSuffixMatcher publicSuffixMatcher) |
String |
getAttributeName() |
boolean |
match(Cookie cookie,
CookieOrigin origin)
Never matches if the cookie's domain is from the blacklist.
|
void |
parse(SetCookie cookie,
String value)
Parse the given cookie attribute value and update the corresponding
Cookie property. |
void |
validate(Cookie cookie,
CookieOrigin origin)
Peforms cookie validation for the given attribute value.
|
public PublicSuffixDomainFilter(CommonCookieAttributeHandler handler, PublicSuffixMatcher publicSuffixMatcher)
public PublicSuffixDomainFilter(CommonCookieAttributeHandler handler, PublicSuffixList suffixList)
public boolean match(Cookie cookie, CookieOrigin origin)
match
in interface CookieAttributeHandler
cookie
- Cookie
to matchorigin
- the cookie source to match againsttrue
if the match is successful; false
otherwisepublic void parse(SetCookie cookie, String value) throws MalformedCookieException
CookieAttributeHandler
Cookie
property.parse
in interface CookieAttributeHandler
cookie
- Cookie
to be updatedvalue
- cookie attribute value from the cookie response headerMalformedCookieException
public void validate(Cookie cookie, CookieOrigin origin) throws MalformedCookieException
CookieAttributeHandler
validate
in interface CookieAttributeHandler
cookie
- Cookie
to validateorigin
- the cookie source to validate againstMalformedCookieException
- if cookie validation fails for this attributepublic String getAttributeName()
getAttributeName
in interface CommonCookieAttributeHandler
public static CommonCookieAttributeHandler decorate(CommonCookieAttributeHandler handler, PublicSuffixMatcher publicSuffixMatcher)
Copyright © 2010 - 2020 Adobe. All Rights Reserved