Package org.apache.http.impl.cookie
Class PublicSuffixDomainFilter
java.lang.Object
org.apache.http.impl.cookie.PublicSuffixDomainFilter
- All Implemented Interfaces:
CommonCookieAttributeHandler
,CookieAttributeHandler
@Contract(threading=IMMUTABLE_CONDITIONAL)
public class PublicSuffixDomainFilter
extends Object
implements CommonCookieAttributeHandler
Wraps a
CookieAttributeHandler
and leverages its match method
to never match a suffix from a black list. May be used to provide additional security for
cross-site attack types by preventing cookies from apparent domains that are not publicly
available.- Since:
- 4.4
- See Also:
-
Constructor Summary
ConstructorsConstructorDescriptionPublicSuffixDomainFilter
(CommonCookieAttributeHandler handler, PublicSuffixList suffixList) PublicSuffixDomainFilter
(CommonCookieAttributeHandler handler, PublicSuffixMatcher publicSuffixMatcher) -
Method Summary
Modifier and TypeMethodDescriptionstatic CommonCookieAttributeHandler
decorate
(CommonCookieAttributeHandler handler, PublicSuffixMatcher publicSuffixMatcher) boolean
match
(Cookie cookie, CookieOrigin origin) Never matches if the cookie's domain is from the blacklist.void
Parse the given cookie attribute value and update the correspondingCookie
property.void
validate
(Cookie cookie, CookieOrigin origin) Peforms cookie validation for the given attribute value.
-
Constructor Details
-
PublicSuffixDomainFilter
public PublicSuffixDomainFilter(CommonCookieAttributeHandler handler, PublicSuffixMatcher publicSuffixMatcher) -
PublicSuffixDomainFilter
-
-
Method Details
-
match
Never matches if the cookie's domain is from the blacklist.- Specified by:
match
in interfaceCookieAttributeHandler
- Parameters:
cookie
-Cookie
to matchorigin
- the cookie source to match against- Returns:
true
if the match is successful;false
otherwise
-
parse
Description copied from interface:CookieAttributeHandler
Parse the given cookie attribute value and update the correspondingCookie
property.- Specified by:
parse
in interfaceCookieAttributeHandler
- Parameters:
cookie
-Cookie
to be updatedvalue
- cookie attribute value from the cookie response header- Throws:
MalformedCookieException
-
validate
Description copied from interface:CookieAttributeHandler
Peforms cookie validation for the given attribute value.- Specified by:
validate
in interfaceCookieAttributeHandler
- Parameters:
cookie
-Cookie
to validateorigin
- the cookie source to validate against- Throws:
MalformedCookieException
- if cookie validation fails for this attribute
-
getAttributeName
- Specified by:
getAttributeName
in interfaceCommonCookieAttributeHandler
-
decorate
public static CommonCookieAttributeHandler decorate(CommonCookieAttributeHandler handler, PublicSuffixMatcher publicSuffixMatcher)
-