org.glassfish.grizzly.http

Class Cookie

java.lang.Object

org.glassfish.grizzly.http.Cookie

All Implemented Interfaces:

Cloneable, Cacheable

public class Cookie
extends Object
implements Cloneable, Cacheable

Creates a cookie, a small amount of information sent by a servlet to a Web browser, saved by the browser, and later sent back to the server. A cookie's value can uniquely identify a client, so cookies are commonly used for session management.

A cookie has a name, a single value, and optional attributes such as a comment, path and domain qualifiers, a maximum age, and a version number. Some Web browsers have bugs in how they handle the optional attributes, so use them sparingly to improve the interoperability of your servlets. The browser is expected to support 20 cookies for each Web server, 300 cookies total, and may limit cookie size to 4 KB each.

Cookies affect the caching of the Web pages that use them. HTTP 1.0 does not cache pages that use cookies created with this class. This class does not support the cache control defined with HTTP 1.1.

This class supports both the Version 0 (by Netscape) and Version 1 (by RFC 2109) cookie specifications. By default, cookies are created using Version 0 to ensure the best interoperability.

Version:

$Version$

Author:

Various

Field Summary

Fields

Modifier and Type	Field and Description
protected String	comment
protected String	domain
protected boolean	isHttpOnly
protected LazyCookieState	lazyCookieState
protected int	maxAge
protected String	name
protected String	path
protected boolean	secure
static int	UNSET
protected boolean	usingLazyCookieState
protected String	value
protected int	version

Constructor Summary

Constructors

Modifier	Constructor and Description
protected	Cookie()
	Cookie(String name, String value) Constructs a cookie with a specified name and value.

Method Summary

Modifier and Type	Method and Description
Buffer	asClientCookieBuffer()
Buffer	asClientCookieBuffer(MemoryManager memoryManager)
String	asClientCookieString()
Buffer	asServerCookieBuffer()
Buffer	asServerCookieBuffer(MemoryManager memoryManager)
String	asServerCookieString()
Object	clone() Overrides the standard java.lang.Object.clone method to return a copy of this cookie.
String	getComment() Returns the comment describing the purpose of this cookie, or null if the cookie has no comment.
String	getCookieHeaderName() Return the header name to set the cookie, based on cookie version.
static String	getCookieHeaderName(int version) Return the header name to set the cookie, based on cookie version.
String	getDomain() Returns the domain name set for this cookie.
LazyCookieState	getLazyCookieState()
int	getMaxAge() Returns the maximum age of the cookie, specified in seconds, By default, -1 indicating the cookie will persist until browser shutdown.
String	getName() Returns the name of the cookie.
String	getPath() Returns the path on the server to which the browser returns this cookie.
String	getValue() Returns the value of the cookie.
int	getVersion() Returns the version of the protocol this cookie complies with.
boolean	isHttpOnly() HttpOnly feature is used in server->client communication only to let client know, that the cookie can not be accessed on the client-side (script etc).
boolean	isSecure() Returns true if the browser is sending cookies only over a secure protocol, or false if the browser can send cookies using any protocol.
boolean	isVersionSet()
protected boolean	lazyNameEquals(String name)
void	recycle()
void	setComment(String purpose) Specifies a comment that describes a cookie's purpose.
void	setDomain(String pattern) Specifies the domain within which this cookie should be presented.
void	setHttpOnly(boolean isHttpOnly) HttpOnly feature is used in server->client communication only to let client know, that the cookie can not be accessed on the client-side (script etc).
void	setMaxAge(int expiry) Sets the maximum age of the cookie in seconds.
void	setName(String name)
void	setPath(String uri) Specifies a path for the cookie to which the client should return the cookie.
void	setSecure(boolean flag) Indicates to the browser whether the cookie should only be sent using a secure protocol, such as HTTPS or SSL.
void	setValue(String newValue) Assigns a new value to a cookie after the cookie is created.
void	setVersion(int v) Sets the version of the cookie protocol this cookie complies with.
String	toString()
protected String	unescape(String s)

Methods inherited from class java.lang.Object

equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

UNSET

public static final int UNSET

See Also:

Constant Field Values

name

protected String name

value

protected String value

comment

protected String comment

domain

protected String domain

maxAge

protected int maxAge

path

protected String path

secure

protected boolean secure

version

protected int version

isHttpOnly

protected boolean isHttpOnly

lazyCookieState

protected LazyCookieState lazyCookieState

usingLazyCookieState

protected boolean usingLazyCookieState

Constructor Detail

Cookie

protected Cookie()

Cookie

public Cookie(String name,
              String value)

Constructs a cookie with a specified name and value.

The name must conform to RFC 2109. That means it can contain only ASCII alphanumeric characters and cannot contain commas, semicolons, or white space or begin with a $ character.

The value can be anything the server chooses to send. Its value is probably of interest only to the server.

By default, cookies are created according to the Netscape cookie specification. The version can be changed with the setVersion method.

Parameters:

name - a String specifying the name of the cookie

value - a String specifying the value of the cookie

Throws:

IllegalArgumentException - if the cookie name contains illegal characters (for example, a comma, space, or semicolon) or it is one of the tokens reserved for use by the cookie protocol

See Also:

setValue(java.lang.String), setVersion(int)

Method Detail

setComment

public void setComment(String purpose)

Specifies a comment that describes a cookie's purpose. The comment is useful if the browser presents the cookie to the user. Comments are not supported by Netscape Version 0 cookies.

Parameters:

purpose - a String specifying the comment to display to the user

See Also:

getComment()

getComment

public String getComment()

Returns the comment describing the purpose of this cookie, or null if the cookie has no comment.

Returns:

a String containing the comment, or null if none

See Also:

setComment(java.lang.String)

setDomain

public void setDomain(String pattern)

Specifies the domain within which this cookie should be presented.

The form of the domain name is specified by RFC 2109. A domain name begins with a dot (.foo.com) and means that the cookie is visible to servers in a specified Domain Name System (DNS) zone (for example, www.foo.com, but not a.b.foo.com). By default, cookies are only returned to the server that sent them.

Parameters:

pattern - a String containing the domain name within which this cookie is visible; form is according to RFC 2109

See Also:

getDomain()

getDomain

public String getDomain()

Returns the domain name set for this cookie. The form of the domain name is set by RFC 2109.

Returns:

a String containing the domain name

See Also:

setDomain(java.lang.String)

setMaxAge

public void setMaxAge(int expiry)

Sets the maximum age of the cookie in seconds.

A positive value indicates that the cookie will expire after that many seconds have passed. Note that the value is the maximum age when the cookie will expire, not the cookie's current age.

A negative value means that the cookie is not stored persistently and will be deleted when the Web browser exits. A zero value causes the cookie to be deleted.

Parameters:

expiry - an integer specifying the maximum age of the cookie in seconds; if negative, means the cookie is not stored; if zero, deletes the cookie

See Also:

getMaxAge()

getMaxAge

public int getMaxAge()

Returns the maximum age of the cookie, specified in seconds, By default, -1 indicating the cookie will persist until browser shutdown.

Returns:

an integer specifying the maximum age of the cookie in seconds; if negative, means the cookie persists until browser shutdown

See Also:

setMaxAge(int)

setPath

public void setPath(String uri)

Specifies a path for the cookie to which the client should return the cookie.

The cookie is visible to all the pages in the directory you specify, and all the pages in that directory's subdirectories. A cookie's path must include the servlet that set the cookie, for example, /catalog, which makes the cookie visible to all directories on the server under /catalog.

Consult RFC 2109 (available on the Internet) for more information on setting path names for cookies.

Parameters:

uri - a String specifying a path

See Also:

getPath()

getPath

public String getPath()

Returns the path on the server to which the browser returns this cookie. The cookie is visible to all subpaths on the server.

Returns:

a String specifying a path that contains a servlet name, for example, /catalog

See Also:

setPath(java.lang.String)

setSecure

public void setSecure(boolean flag)

Indicates to the browser whether the cookie should only be sent using a secure protocol, such as HTTPS or SSL.

The default value is false.

Parameters:

flag - if true, sends the cookie from the browser to the server only when using a secure protocol; if false, sent on any protocol

See Also:

isSecure()

isSecure

public boolean isSecure()

Returns true if the browser is sending cookies only over a secure protocol, or false if the browser can send cookies using any protocol.

Returns:

true if the browser uses a secure protocol; otherwise, true

See Also:

setSecure(boolean)

getName

public String getName()

Returns the name of the cookie. The name cannot be changed after creation.

Returns:

a String specifying the cookie's name

setName

public void setName(String name)

setValue

public void setValue(String newValue)

Assigns a new value to a cookie after the cookie is created. If you use a binary value, you may want to use BASE64 encoding.

With Version 0 cookies, values should not contain white space, brackets, parentheses, equals signs, commas, double quotes, slashes, question marks, at signs, colons, and semicolons. Empty values may not behave the same way on all browsers.

Parameters:

newValue - a String specifying the new value

See Also:

getValue(), Cookie

getValue

public String getValue()

Returns the value of the cookie.

Returns:

a String containing the cookie's present value

See Also:

setValue(java.lang.String), Cookie

getVersion

public int getVersion()

Returns the version of the protocol this cookie complies with. Version 1 complies with RFC 2109, and version 0 complies with the original cookie specification drafted by Netscape. Cookies provided by a browser use and identify the browser's cookie version.

Returns:

0 if the cookie complies with the original Netscape specification; 1 if the cookie complies with RFC 2109

See Also:

setVersion(int)

setVersion

public void setVersion(int v)

Sets the version of the cookie protocol this cookie complies with. Version 0 complies with the original Netscape cookie specification. Version 1 complies with RFC 2109.

Since RFC 2109 is still somewhat new, consider version 1 as experimental; do not use it yet on production sites.

Parameters:

v - 0 if the cookie should comply with the original Netscape specification; 1 if the cookie should comply with RFC 2109

See Also:

getVersion()

isVersionSet

public boolean isVersionSet()

isHttpOnly

public boolean isHttpOnly()

HttpOnly feature is used in server->client communication only to let client know, that the cookie can not be accessed on the client-side (script etc). Returns true if this cookie is HTTP only, or false otherwise.

Returns:

true if this cookie is HTTP only, or false otherwise.

setHttpOnly

public void setHttpOnly(boolean isHttpOnly)

HttpOnly feature is used in server->client communication only to let client know, that the cookie can not be accessed on the client-side (script etc).

Parameters:

isHttpOnly - true if this cookie is HTTP only, or false otherwise.

asServerCookieString

public String asServerCookieString()

asServerCookieBuffer

public Buffer asServerCookieBuffer()

asServerCookieBuffer

public Buffer asServerCookieBuffer(MemoryManager memoryManager)

asClientCookieString

public String asClientCookieString()

asClientCookieBuffer

public Buffer asClientCookieBuffer()

asClientCookieBuffer

public Buffer asClientCookieBuffer(MemoryManager memoryManager)

getLazyCookieState

public LazyCookieState getLazyCookieState()

getCookieHeaderName

public String getCookieHeaderName()

Return the header name to set the cookie, based on cookie version.

getCookieHeaderName

public static String getCookieHeaderName(int version)

Return the header name to set the cookie, based on cookie version.

lazyNameEquals

protected boolean lazyNameEquals(String name)

unescape

protected String unescape(String s)

clone

public Object clone()
             throws CloneNotSupportedException

Overrides the standard java.lang.Object.clone method to return a copy of this cookie.

Overrides:

clone in class Object

Throws:

CloneNotSupportedException

recycle

public void recycle()

Specified by:

recycle in interface Cacheable

toString

public String toString()

Overrides:

toString in class Object