|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Objectorg.apache.http.impl.cookie.PublicSuffixDomainFilter
@Contract(threading=IMMUTABLE_CONDITIONAL) public class PublicSuffixDomainFilter
Wraps a CookieAttributeHandler and leverages its match method
to never match a suffix from a black list. May be used to provide additional security for
cross-site attack types by preventing cookies from apparent domains that are not publicly
available.
PublicSuffixList,
PublicSuffixMatcher| Constructor Summary | |
|---|---|
PublicSuffixDomainFilter(CommonCookieAttributeHandler handler,
PublicSuffixList suffixList)
|
|
PublicSuffixDomainFilter(CommonCookieAttributeHandler handler,
PublicSuffixMatcher publicSuffixMatcher)
|
|
| Method Summary | |
|---|---|
static CommonCookieAttributeHandler |
decorate(CommonCookieAttributeHandler handler,
PublicSuffixMatcher publicSuffixMatcher)
|
String |
getAttributeName()
|
boolean |
match(Cookie cookie,
CookieOrigin origin)
Never matches if the cookie's domain is from the blacklist. |
void |
parse(SetCookie cookie,
String value)
Parse the given cookie attribute value and update the corresponding Cookie property. |
void |
validate(Cookie cookie,
CookieOrigin origin)
Peforms cookie validation for the given attribute value. |
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Constructor Detail |
|---|
public PublicSuffixDomainFilter(CommonCookieAttributeHandler handler,
PublicSuffixMatcher publicSuffixMatcher)
public PublicSuffixDomainFilter(CommonCookieAttributeHandler handler,
PublicSuffixList suffixList)
| Method Detail |
|---|
public boolean match(Cookie cookie,
CookieOrigin origin)
match in interface CookieAttributeHandlercookie - Cookie to matchorigin - the cookie source to match against
true if the match is successful; false otherwise
public void parse(SetCookie cookie,
String value)
throws MalformedCookieException
CookieAttributeHandlerCookie property.
parse in interface CookieAttributeHandlercookie - Cookie to be updatedvalue - cookie attribute value from the cookie response header
MalformedCookieException
public void validate(Cookie cookie,
CookieOrigin origin)
throws MalformedCookieException
CookieAttributeHandler
validate in interface CookieAttributeHandlercookie - Cookie to validateorigin - the cookie source to validate against
MalformedCookieException - if cookie validation fails for this attributepublic String getAttributeName()
getAttributeName in interface CommonCookieAttributeHandler
public static CommonCookieAttributeHandler decorate(CommonCookieAttributeHandler handler,
PublicSuffixMatcher publicSuffixMatcher)
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||