mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
194 lines
8.0 KiB
Java
194 lines
8.0 KiB
Java
/*
|
|
* ====================================================================
|
|
* Licensed to the Apache Software Foundation (ASF) under one
|
|
* or more contributor license agreements. See the NOTICE file
|
|
* distributed with this work for additional information
|
|
* regarding copyright ownership. The ASF licenses this file
|
|
* to you under the Apache License, Version 2.0 (the
|
|
* "License"); you may not use this file except in compliance
|
|
* with the License. You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing,
|
|
* software distributed under the License is distributed on an
|
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
* KIND, either express or implied. See the License for the
|
|
* specific language governing permissions and limitations
|
|
* under the License.
|
|
* ====================================================================
|
|
*
|
|
* This software consists of voluntary contributions made by many
|
|
* individuals on behalf of the Apache Software Foundation. For more
|
|
* information on the Apache Software Foundation, please see
|
|
* <http://www.apache.org/>.
|
|
*
|
|
*/
|
|
|
|
package ch.boye.httpclientandroidlib.impl.cookie;
|
|
|
|
import java.util.Locale;
|
|
|
|
import ch.boye.httpclientandroidlib.annotation.Immutable;
|
|
|
|
import ch.boye.httpclientandroidlib.cookie.ClientCookie;
|
|
import ch.boye.httpclientandroidlib.cookie.Cookie;
|
|
import ch.boye.httpclientandroidlib.cookie.CookieAttributeHandler;
|
|
import ch.boye.httpclientandroidlib.cookie.CookieOrigin;
|
|
import ch.boye.httpclientandroidlib.cookie.CookieRestrictionViolationException;
|
|
import ch.boye.httpclientandroidlib.cookie.MalformedCookieException;
|
|
import ch.boye.httpclientandroidlib.cookie.SetCookie;
|
|
|
|
/**
|
|
* <tt>"Domain"</tt> cookie attribute handler for RFC 2965 cookie spec.
|
|
*
|
|
*
|
|
* @since 3.1
|
|
*/
|
|
@Immutable
|
|
public class RFC2965DomainAttributeHandler implements CookieAttributeHandler {
|
|
|
|
public RFC2965DomainAttributeHandler() {
|
|
super();
|
|
}
|
|
|
|
/**
|
|
* Parse cookie domain attribute.
|
|
*/
|
|
public void parse(final SetCookie cookie, String domain)
|
|
throws MalformedCookieException {
|
|
if (cookie == null) {
|
|
throw new IllegalArgumentException("Cookie may not be null");
|
|
}
|
|
if (domain == null) {
|
|
throw new MalformedCookieException(
|
|
"Missing value for domain attribute");
|
|
}
|
|
if (domain.trim().length() == 0) {
|
|
throw new MalformedCookieException(
|
|
"Blank value for domain attribute");
|
|
}
|
|
domain = domain.toLowerCase(Locale.ENGLISH);
|
|
if (!domain.startsWith(".")) {
|
|
// Per RFC 2965 section 3.2.2
|
|
// "... If an explicitly specified value does not start with
|
|
// a dot, the user agent supplies a leading dot ..."
|
|
// That effectively implies that the domain attribute
|
|
// MAY NOT be an IP address of a host name
|
|
domain = '.' + domain;
|
|
}
|
|
cookie.setDomain(domain);
|
|
}
|
|
|
|
/**
|
|
* Performs domain-match as defined by the RFC2965.
|
|
* <p>
|
|
* Host A's name domain-matches host B's if
|
|
* <ol>
|
|
* <ul>their host name strings string-compare equal; or</ul>
|
|
* <ul>A is a HDN string and has the form NB, where N is a non-empty
|
|
* name string, B has the form .B', and B' is a HDN string. (So,
|
|
* x.y.com domain-matches .Y.com but not Y.com.)</ul>
|
|
* </ol>
|
|
*
|
|
* @param host host name where cookie is received from or being sent to.
|
|
* @param domain The cookie domain attribute.
|
|
* @return true if the specified host matches the given domain.
|
|
*/
|
|
public boolean domainMatch(String host, String domain) {
|
|
boolean match = host.equals(domain)
|
|
|| (domain.startsWith(".") && host.endsWith(domain));
|
|
|
|
return match;
|
|
}
|
|
|
|
/**
|
|
* Validate cookie domain attribute.
|
|
*/
|
|
public void validate(final Cookie cookie, final CookieOrigin origin)
|
|
throws MalformedCookieException {
|
|
if (cookie == null) {
|
|
throw new IllegalArgumentException("Cookie may not be null");
|
|
}
|
|
if (origin == null) {
|
|
throw new IllegalArgumentException("Cookie origin may not be null");
|
|
}
|
|
String host = origin.getHost().toLowerCase(Locale.ENGLISH);
|
|
if (cookie.getDomain() == null) {
|
|
throw new CookieRestrictionViolationException("Invalid cookie state: " +
|
|
"domain not specified");
|
|
}
|
|
String cookieDomain = cookie.getDomain().toLowerCase(Locale.ENGLISH);
|
|
|
|
if (cookie instanceof ClientCookie
|
|
&& ((ClientCookie) cookie).containsAttribute(ClientCookie.DOMAIN_ATTR)) {
|
|
// Domain attribute must start with a dot
|
|
if (!cookieDomain.startsWith(".")) {
|
|
throw new CookieRestrictionViolationException("Domain attribute \"" +
|
|
cookie.getDomain() + "\" violates RFC 2109: domain must start with a dot");
|
|
}
|
|
|
|
// Domain attribute must contain at least one embedded dot,
|
|
// or the value must be equal to .local.
|
|
int dotIndex = cookieDomain.indexOf('.', 1);
|
|
if (((dotIndex < 0) || (dotIndex == cookieDomain.length() - 1))
|
|
&& (!cookieDomain.equals(".local"))) {
|
|
throw new CookieRestrictionViolationException(
|
|
"Domain attribute \"" + cookie.getDomain()
|
|
+ "\" violates RFC 2965: the value contains no embedded dots "
|
|
+ "and the value is not .local");
|
|
}
|
|
|
|
// The effective host name must domain-match domain attribute.
|
|
if (!domainMatch(host, cookieDomain)) {
|
|
throw new CookieRestrictionViolationException(
|
|
"Domain attribute \"" + cookie.getDomain()
|
|
+ "\" violates RFC 2965: effective host name does not "
|
|
+ "domain-match domain attribute.");
|
|
}
|
|
|
|
// effective host name minus domain must not contain any dots
|
|
String effectiveHostWithoutDomain = host.substring(
|
|
0, host.length() - cookieDomain.length());
|
|
if (effectiveHostWithoutDomain.indexOf('.') != -1) {
|
|
throw new CookieRestrictionViolationException("Domain attribute \""
|
|
+ cookie.getDomain() + "\" violates RFC 2965: "
|
|
+ "effective host minus domain may not contain any dots");
|
|
}
|
|
} else {
|
|
// Domain was not specified in header. In this case, domain must
|
|
// string match request host (case-insensitive).
|
|
if (!cookie.getDomain().equals(host)) {
|
|
throw new CookieRestrictionViolationException("Illegal domain attribute: \""
|
|
+ cookie.getDomain() + "\"."
|
|
+ "Domain of origin: \""
|
|
+ host + "\"");
|
|
}
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Match cookie domain attribute.
|
|
*/
|
|
public boolean match(final Cookie cookie, final CookieOrigin origin) {
|
|
if (cookie == null) {
|
|
throw new IllegalArgumentException("Cookie may not be null");
|
|
}
|
|
if (origin == null) {
|
|
throw new IllegalArgumentException("Cookie origin may not be null");
|
|
}
|
|
String host = origin.getHost().toLowerCase(Locale.ENGLISH);
|
|
String cookieDomain = cookie.getDomain();
|
|
|
|
// The effective host name MUST domain-match the Domain
|
|
// attribute of the cookie.
|
|
if (!domainMatch(host, cookieDomain)) {
|
|
return false;
|
|
}
|
|
// effective host name minus domain must not contain any dots
|
|
String effectiveHostWithoutDomain = host.substring(
|
|
0, host.length() - cookieDomain.length());
|
|
return effectiveHostWithoutDomain.indexOf('.') == -1;
|
|
}
|
|
|
|
} |