Home | History | Annotate | Download | only in cookie 
      1 /*
      2  * $HeadURL: http://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk/module-client/src/main/java/org/apache/http/impl/cookie/BasicDomainHandler.java $
      3  * $Revision: 653041 $
      4  * $Date: 2008-05-03 03:39:28 -0700 (Sat, 03 May 2008) $
      5  *
      6  * ====================================================================
      7  * Licensed to the Apache Software Foundation (ASF) under one
      8  * or more contributor license agreements.  See the NOTICE file
      9  * distributed with this work for additional information
     10  * regarding copyright ownership.  The ASF licenses this file
     11  * to you under the Apache License, Version 2.0 (the
     12  * "License"); you may not use this file except in compliance
     13  * with the License.  You may obtain a copy of the License at
     14  *
     15  *   http://www.apache.org/licenses/LICENSE-2.0
     16  *
     17  * Unless required by applicable law or agreed to in writing,
     18  * software distributed under the License is distributed on an
     19  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
     20  * KIND, either express or implied.  See the License for the
     21  * specific language governing permissions and limitations
     22  * under the License.
     23  * ====================================================================
     24  *
     25  * This software consists of voluntary contributions made by many
     26  * individuals on behalf of the Apache Software Foundation.  For more
     27  * information on the Apache Software Foundation, please see
     28  * <http://www.apache.org/>.
     29  *
     30  */
     31 package org.apache.http.impl.cookie;
     32 
     33 import org.apache.http.cookie.Cookie;
     34 import org.apache.http.cookie.CookieAttributeHandler;
     35 import org.apache.http.cookie.CookieOrigin;
     36 import org.apache.http.cookie.MalformedCookieException;
     37 import org.apache.http.cookie.SetCookie;
     38 
     39 public class BasicDomainHandler implements CookieAttributeHandler {
     40 
     41     public BasicDomainHandler() {
     42         super();
     43     }
     44 
     45     public void parse(final SetCookie cookie, final String value)
     46             throws MalformedCookieException {
     47         if (cookie == null) {
     48             throw new IllegalArgumentException("Cookie may not be null");
     49         }
     50         if (value == null) {
     51             throw new MalformedCookieException("Missing value for domain attribute");
     52         }
     53         if (value.trim().length() == 0) {
     54             throw new MalformedCookieException("Blank value for domain attribute");
     55         }
     56         cookie.setDomain(value);
     57     }
     58 
     59     public void validate(final Cookie cookie, final CookieOrigin origin)
     60             throws MalformedCookieException {
     61         if (cookie == null) {
     62             throw new IllegalArgumentException("Cookie may not be null");
     63         }
     64         if (origin == null) {
     65             throw new IllegalArgumentException("Cookie origin may not be null");
     66         }
     67         // Validate the cookies domain attribute.  NOTE:  Domains without
     68         // any dots are allowed to support hosts on private LANs that don't
     69         // have DNS names.  Since they have no dots, to domain-match the
     70         // request-host and domain must be identical for the cookie to sent
     71         // back to the origin-server.
     72         String host = origin.getHost();
     73         String domain = cookie.getDomain();
     74         if (domain == null) {
     75             throw new MalformedCookieException("Cookie domain may not be null");
     76         }
     77         if (host.contains(".")) {
     78             // Not required to have at least two dots.  RFC 2965.
     79             // A Set-Cookie2 with Domain=ajax.com will be accepted.
     80 
     81             // domain must match host
     82             if (!host.endsWith(domain)) {
     83                 if (domain.startsWith(".")) {
     84                     domain = domain.substring(1, domain.length());
     85                 }
     86                 if (!host.equals(domain)) {
     87                     throw new MalformedCookieException(
     88                         "Illegal domain attribute \"" + domain
     89                         + "\". Domain of origin: \"" + host + "\"");
     90                 }
     91             }
     92         } else {
     93             if (!host.equals(domain)) {
     94                 throw new MalformedCookieException(
     95                     "Illegal domain attribute \"" + domain
     96                     + "\". Domain of origin: \"" + host + "\"");
     97             }
     98         }
     99     }
    100 
    101     public boolean match(final Cookie cookie, final CookieOrigin origin) {
    102         if (cookie == null) {
    103             throw new IllegalArgumentException("Cookie may not be null");
    104         }
    105         if (origin == null) {
    106             throw new IllegalArgumentException("Cookie origin may not be null");
    107         }
    108         String host = origin.getHost();
    109         String domain = cookie.getDomain();
    110         if (domain == null) {
    111             return false;
    112         }
    113         if (host.equals(domain)) {
    114             return true;
    115         }
    116         if (!domain.startsWith(".")) {
    117             domain = '.' + domain;
    118         }
    119         return host.endsWith(domain) || host.equals(domain.substring(1));
    120     }
    121 
    122 }
    123