Package org.apache.http.impl.cookie
Class PublicSuffixDomainFilter
- java.lang.Object
-
- org.apache.http.impl.cookie.PublicSuffixDomainFilter
-
- All Implemented Interfaces:
CommonCookieAttributeHandler
,CookieAttributeHandler
@Contract(threading=IMMUTABLE_CONDITIONAL) public class PublicSuffixDomainFilter extends Object implements CommonCookieAttributeHandler
Wraps aCookieAttributeHandler
and leverages its match method to never match a suffix from a black list. May be used to provide additional security for cross-site attack types by preventing cookies from apparent domains that are not publicly available.- Since:
- 4.4
- See Also:
PublicSuffixList
,PublicSuffixMatcher
-
-
Constructor Summary
Constructors Constructor Description PublicSuffixDomainFilter(CommonCookieAttributeHandler handler, PublicSuffixList suffixList)
PublicSuffixDomainFilter(CommonCookieAttributeHandler handler, PublicSuffixMatcher publicSuffixMatcher)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description static CommonCookieAttributeHandler
decorate(CommonCookieAttributeHandler handler, PublicSuffixMatcher publicSuffixMatcher)
String
getAttributeName()
boolean
match(Cookie cookie, CookieOrigin origin)
Never matches if the cookie's domain is from the blacklist.void
parse(SetCookie cookie, String value)
Parse the given cookie attribute value and update the correspondingCookie
property.void
validate(Cookie cookie, CookieOrigin origin)
Peforms cookie validation for the given attribute value.
-
-
-
Constructor Detail
-
PublicSuffixDomainFilter
public PublicSuffixDomainFilter(CommonCookieAttributeHandler handler, PublicSuffixMatcher publicSuffixMatcher)
-
PublicSuffixDomainFilter
public PublicSuffixDomainFilter(CommonCookieAttributeHandler handler, PublicSuffixList suffixList)
-
-
Method Detail
-
match
public boolean match(Cookie cookie, CookieOrigin origin)
Never matches if the cookie's domain is from the blacklist.- Specified by:
match
in interfaceCookieAttributeHandler
- Parameters:
cookie
-Cookie
to matchorigin
- the cookie source to match against- Returns:
true
if the match is successful;false
otherwise
-
parse
public void parse(SetCookie cookie, String value) throws MalformedCookieException
Description copied from interface:CookieAttributeHandler
Parse the given cookie attribute value and update the correspondingCookie
property.- Specified by:
parse
in interfaceCookieAttributeHandler
- Parameters:
cookie
-Cookie
to be updatedvalue
- cookie attribute value from the cookie response header- Throws:
MalformedCookieException
-
validate
public void validate(Cookie cookie, CookieOrigin origin) throws MalformedCookieException
Description copied from interface:CookieAttributeHandler
Peforms cookie validation for the given attribute value.- Specified by:
validate
in interfaceCookieAttributeHandler
- Parameters:
cookie
-Cookie
to validateorigin
- the cookie source to validate against- Throws:
MalformedCookieException
- if cookie validation fails for this attribute
-
getAttributeName
public String getAttributeName()
- Specified by:
getAttributeName
in interfaceCommonCookieAttributeHandler
-
decorate
public static CommonCookieAttributeHandler decorate(CommonCookieAttributeHandler handler, PublicSuffixMatcher publicSuffixMatcher)
-
-