Class PublicSuffixDomainFilter
- java.lang.Object
-
- org.apache.hc.client5.http.impl.cookie.PublicSuffixDomainFilter
-
- All Implemented Interfaces:
CommonCookieAttributeHandler
,CookieAttributeHandler
@Contract(threading=STATELESS) public class PublicSuffixDomainFilter extends java.lang.Object implements CommonCookieAttributeHandler
Wraps aCookieAttributeHandler
and leverages its match method to never match a suffix from a black list. May be used to provide additional security for cross-site attack types by preventing cookies from apparent domains that are not publicly available.- Since:
- 4.4
- See Also:
PublicSuffixList
,PublicSuffixMatcher
-
-
Field Summary
Fields Modifier and Type Field Description private CommonCookieAttributeHandler
handler
private java.util.Map<java.lang.String,java.lang.Boolean>
localDomainMap
private PublicSuffixMatcher
publicSuffixMatcher
-
Constructor Summary
Constructors Constructor Description PublicSuffixDomainFilter(CommonCookieAttributeHandler handler, PublicSuffixList suffixList)
PublicSuffixDomainFilter(CommonCookieAttributeHandler handler, PublicSuffixMatcher publicSuffixMatcher)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description private static java.util.Map<java.lang.String,java.lang.Boolean>
createLocalDomainMap()
static CommonCookieAttributeHandler
decorate(CommonCookieAttributeHandler handler, PublicSuffixMatcher publicSuffixMatcher)
java.lang.String
getAttributeName()
boolean
match(Cookie cookie, CookieOrigin origin)
Never matches if the cookie's domain is from the blacklist.void
parse(SetCookie cookie, java.lang.String value)
Parse the given cookie attribute value and processChallenge the correspondingCookie
property.void
validate(Cookie cookie, CookieOrigin origin)
Performs cookie validation for the given attribute value.
-
-
-
Field Detail
-
handler
private final CommonCookieAttributeHandler handler
-
publicSuffixMatcher
private final PublicSuffixMatcher publicSuffixMatcher
-
localDomainMap
private final java.util.Map<java.lang.String,java.lang.Boolean> localDomainMap
-
-
Constructor Detail
-
PublicSuffixDomainFilter
public PublicSuffixDomainFilter(CommonCookieAttributeHandler handler, PublicSuffixMatcher publicSuffixMatcher)
-
PublicSuffixDomainFilter
public PublicSuffixDomainFilter(CommonCookieAttributeHandler handler, PublicSuffixList suffixList)
-
-
Method Detail
-
createLocalDomainMap
private static java.util.Map<java.lang.String,java.lang.Boolean> createLocalDomainMap()
-
match
public boolean match(Cookie cookie, CookieOrigin origin)
Never matches if the cookie's domain is from the blacklist.- Specified by:
match
in interfaceCookieAttributeHandler
- Parameters:
cookie
-Cookie
to matchorigin
- the cookie source to match against- Returns:
true
if the match is successful;false
otherwise
-
parse
public void parse(SetCookie cookie, java.lang.String value) throws MalformedCookieException
Description copied from interface:CookieAttributeHandler
Parse the given cookie attribute value and processChallenge the correspondingCookie
property.- Specified by:
parse
in interfaceCookieAttributeHandler
- Parameters:
cookie
-Cookie
to be updatedvalue
- cookie attribute value from the cookie response header- Throws:
MalformedCookieException
- if cookie parsing fails for this attribute
-
validate
public void validate(Cookie cookie, CookieOrigin origin) throws MalformedCookieException
Description copied from interface:CookieAttributeHandler
Performs cookie validation for the given attribute value.- Specified by:
validate
in interfaceCookieAttributeHandler
- Parameters:
cookie
-Cookie
to validateorigin
- the cookie source to validate against- Throws:
MalformedCookieException
- if cookie validation fails for this attribute
-
getAttributeName
public java.lang.String getAttributeName()
- Specified by:
getAttributeName
in interfaceCommonCookieAttributeHandler
-
decorate
public static CommonCookieAttributeHandler decorate(CommonCookieAttributeHandler handler, PublicSuffixMatcher publicSuffixMatcher)
-
-