Class PublicSuffixDomainFilter

java.lang.Object

org.apache.hc.client5.http.impl.cookie.PublicSuffixDomainFilter

All Implemented Interfaces:

CommonCookieAttributeHandler, CookieAttributeHandler

@Contract(threading=STATELESS)
public class PublicSuffixDomainFilter
extends Object
implements CommonCookieAttributeHandler

Wraps a CookieAttributeHandler and leverages its match method to never match a suffix from a black list. May be used to provide additional security for cross-site attack types by preventing cookies from apparent domains that are not publicly available.

Since:

4.4

See Also:

• PublicSuffixList
• PublicSuffixMatcher

Field Summary

Fields

Modifier and Type	Field	Description
private final CommonCookieAttributeHandler	handler
private final Map<String,Boolean>	localDomainMap
private final PublicSuffixMatcher	publicSuffixMatcher

Constructor Summary

Constructors

Constructor	Description
PublicSuffixDomainFilter(CommonCookieAttributeHandler handler, PublicSuffixList suffixList)
PublicSuffixDomainFilter(CommonCookieAttributeHandler handler, PublicSuffixMatcher publicSuffixMatcher)

Method Summary

Modifier and Type	Method	Description
private static Map<String,Boolean>	createLocalDomainMap()
static CommonCookieAttributeHandler	decorate(CommonCookieAttributeHandler handler, PublicSuffixMatcher publicSuffixMatcher)
String	getAttributeName()
boolean	match(Cookie cookie, CookieOrigin origin)	Never matches if the cookie's domain is from the blacklist.
void	parse(SetCookie cookie, String value)	Parse the given cookie attribute value and processChallenge the corresponding Cookie property.
void	validate(Cookie cookie, CookieOrigin origin)	Performs cookie validation for the given attribute value.

Methods inherited from class Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

handler

private final CommonCookieAttributeHandler handler

publicSuffixMatcher

private final PublicSuffixMatcher publicSuffixMatcher

localDomainMap

private final Map<String,Boolean> localDomainMap

Constructor Details

PublicSuffixDomainFilter

public PublicSuffixDomainFilter(CommonCookieAttributeHandler handler,
 PublicSuffixMatcher publicSuffixMatcher)

PublicSuffixDomainFilter

public PublicSuffixDomainFilter(CommonCookieAttributeHandler handler,
 PublicSuffixList suffixList)

Method Details

createLocalDomainMap

private static Map<String,Boolean> createLocalDomainMap()

match

public boolean match(Cookie cookie,
 CookieOrigin origin)

Never matches if the cookie's domain is from the blacklist.

Specified by:

match in interface CookieAttributeHandler

Parameters:

cookie - Cookie to match

origin - the cookie source to match against

Returns:

true if the match is successful; false otherwise

parse

public void parse(SetCookie cookie,
 String value)
           throws MalformedCookieException

Description copied from interface: CookieAttributeHandler

Parse the given cookie attribute value and processChallenge the corresponding Cookie property.

Specified by:

parse in interface CookieAttributeHandler

Parameters:

cookie - Cookie to be updated

value - cookie attribute value from the cookie response header

Throws:

MalformedCookieException - if cookie parsing fails for this attribute

validate

public void validate(Cookie cookie,
 CookieOrigin origin)
              throws MalformedCookieException

Description copied from interface: CookieAttributeHandler

Performs cookie validation for the given attribute value.

Specified by:

validate in interface CookieAttributeHandler

Parameters:

cookie - Cookie to validate

origin - the cookie source to validate against

Throws:

MalformedCookieException - if cookie validation fails for this attribute

getAttributeName

public String getAttributeName()

Specified by:

getAttributeName in interface CommonCookieAttributeHandler

decorate

public static CommonCookieAttributeHandler decorate(CommonCookieAttributeHandler handler,
 PublicSuffixMatcher publicSuffixMatcher)