Class PublicSuffixFilter

java.lang.Object
org.apache.http.impl.cookie.PublicSuffixFilter
All Implemented Interfaces:
CookieAttributeHandler

@Deprecated public class PublicSuffixFilter extends Object implements CookieAttributeHandler
Deprecated.
Wraps a CookieAttributeHandler and leverages its match method to never match a suffix from a black list. May be used to provide additional security for cross-site attack types by preventing cookies from apparent domains that are not publicly available. An uptodate list of suffixes can be obtained from publicsuffix.org
Since:
4.0
  • Constructor Details

  • Method Details

    • setPublicSuffixes

      public void setPublicSuffixes(Collection<String> suffixes)
      Deprecated.
      Sets the suffix blacklist patterns. A pattern can be "com", "*.jp" TODO add support for patterns like "lib.*.us"
      Parameters:
      suffixes -
    • setExceptions

      public void setExceptions(Collection<String> exceptions)
      Deprecated.
      Sets the exceptions from the blacklist. Exceptions can not be patterns. TODO add support for patterns
      Parameters:
      exceptions -
    • match

      public boolean match(Cookie cookie, CookieOrigin origin)
      Deprecated.
      Never matches if the cookie's domain is from the blacklist.
      Specified by:
      match in interface CookieAttributeHandler
      Parameters:
      cookie - Cookie to match
      origin - the cookie source to match against
      Returns:
      true if the match is successful; false otherwise
    • parse

      public void parse(SetCookie cookie, String value) throws MalformedCookieException
      Deprecated.
      Description copied from interface: CookieAttributeHandler
      Parse the given cookie attribute value and update the corresponding Cookie property.
      Specified by:
      parse in interface CookieAttributeHandler
      Parameters:
      cookie - Cookie to be updated
      value - cookie attribute value from the cookie response header
      Throws:
      MalformedCookieException
    • validate

      public void validate(Cookie cookie, CookieOrigin origin) throws MalformedCookieException
      Deprecated.
      Description copied from interface: CookieAttributeHandler
      Peforms cookie validation for the given attribute value.
      Specified by:
      validate in interface CookieAttributeHandler
      Parameters:
      cookie - Cookie to validate
      origin - the cookie source to validate against
      Throws:
      MalformedCookieException - if cookie validation fails for this attribute