org.apache.http.impl.cookie.PublicSuffixDomainFilter

All Implemented Interfaces:: CommonCookieAttributeHandler, CookieAttributeHandler

@Contract(threading=IMMUTABLE_CONDITIONAL) public class PublicSuffixDomainFilter extends Object implements CommonCookieAttributeHandler

Wraps a CookieAttributeHandler and leverages its match method to never match a suffix from a black list. May be used to provide additional security for cross-site attack types by preventing cookies from apparent domains that are not publicly available.

Since:

4.4

See Also:

Constructor Summary

Constructors

Constructor

Description

PublicSuffixDomainFilter(CommonCookieAttributeHandler handler, PublicSuffixList suffixList)

PublicSuffixDomainFilter(CommonCookieAttributeHandler handler, PublicSuffixMatcher publicSuffixMatcher)
Method Summary

Modifier and Type

Method

Description

static CommonCookieAttributeHandler

decorate(CommonCookieAttributeHandler handler, PublicSuffixMatcher publicSuffixMatcher)

String

getAttributeName()

boolean

match(Cookie cookie, CookieOrigin origin)

Never matches if the cookie's domain is from the blacklist.

void

parse(SetCookie cookie, String value)

Parse the given cookie attribute value and update the corresponding Cookie property.

void

validate(Cookie cookie, CookieOrigin origin)

Peforms cookie validation for the given attribute value.

Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details
- PublicSuffixDomainFilter
  
  public PublicSuffixDomainFilter(CommonCookieAttributeHandler handler, PublicSuffixMatcher publicSuffixMatcher)
- PublicSuffixDomainFilter
  
  public PublicSuffixDomainFilter(CommonCookieAttributeHandler handler, PublicSuffixList suffixList)
Method Details
- match
  
  public boolean match(Cookie cookie, CookieOrigin origin)
  
  Never matches if the cookie's domain is from the blacklist.
  
  Specified by:
  
  match in interface CookieAttributeHandler
  
  Parameters:
  
  cookie - Cookie to match
  
  origin - the cookie source to match against
  
  Returns:
  
  true if the match is successful; false otherwise
- parse
  
  public void parse(SetCookie cookie, String value) throws MalformedCookieException
  
  Description copied from interface: CookieAttributeHandler
  
  Parse the given cookie attribute value and update the corresponding Cookie property.
  
  Specified by:
  
  parse in interface CookieAttributeHandler
  
  Parameters:
  
  cookie - Cookie to be updated
  
  value - cookie attribute value from the cookie response header
  
  Throws:
  
  MalformedCookieException
- validate
  
  public void validate(Cookie cookie, CookieOrigin origin) throws MalformedCookieException
  
  Description copied from interface: CookieAttributeHandler
  
  Peforms cookie validation for the given attribute value.
  
  Specified by:
  
  validate in interface CookieAttributeHandler
  
  Parameters:
  
  cookie - Cookie to validate
  
  origin - the cookie source to validate against
  
  Throws:
  
  MalformedCookieException - if cookie validation fails for this attribute
- getAttributeName
  
  public String getAttributeName()
  
  Specified by:
  
  getAttributeName in interface CommonCookieAttributeHandler
- decorate
  
  public static CommonCookieAttributeHandler decorate(CommonCookieAttributeHandler handler, PublicSuffixMatcher publicSuffixMatcher)

Class PublicSuffixDomainFilter

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Details

PublicSuffixDomainFilter

PublicSuffixDomainFilter

Method Details

match

parse

validate

getAttributeName

decorate