@Override public void afterPropertiesSet() throws Exception { cookieSpecRegistry = RegistryBuilder.<CookieSpecProvider> create().register("easy", new CookieSpecProvider() { public CookieSpec create(HttpContext context) { return new DefaultCookieSpec() { @Override public void validate(Cookie cookie, CookieOrigin origin) throws MalformedCookieException { } }; } }).build(); requestConfig = RequestConfig.custom().setCookieSpec("easy") .setConnectionRequestTimeout(propertyConfigurer.getIntValue("connection.request.timeout")) .setSocketTimeout(propertyConfigurer.getIntValue("socket_timeout")) .setConnectTimeout(propertyConfigurer.getIntValue("connection_timeout")).build(); }
/** * Parse cookie version attribute. */ public void parse(final SetCookie cookie, final String value) throws MalformedCookieException { if (cookie == null) { throw new IllegalArgumentException("Cookie may not be null"); } if (value == null) { throw new MalformedCookieException( "Missing value for version attribute"); } int version = -1; try { version = Integer.parseInt(value); } catch (NumberFormatException e) { version = -1; } if (version < 0) { throw new MalformedCookieException("Invalid cookie version."); } cookie.setVersion(version); }
public void parse(final SetCookie cookie, final String value) throws MalformedCookieException { if (cookie == null) { throw new IllegalArgumentException("Cookie may not be null"); } if (value == null) { throw new MalformedCookieException("Missing value for max-age attribute"); } int age; try { age = Integer.parseInt(value); } catch (NumberFormatException e) { throw new MalformedCookieException ("Invalid max-age attribute: " + value); } if (age < 0) { throw new MalformedCookieException ("Negative max-age attribute: " + value); } cookie.setExpiryDate(new Date(System.currentTimeMillis() + age * 1000L)); }
@Override public List<Cookie> parse( final Header header, CookieOrigin origin) throws MalformedCookieException { if (header == null) { throw new IllegalArgumentException("Header may not be null"); } if (origin == null) { throw new IllegalArgumentException("Cookie origin may not be null"); } if (!header.getName().equalsIgnoreCase(SM.SET_COOKIE2)) { throw new MalformedCookieException("Unrecognized cookie header '" + header.toString() + "'"); } origin = adjustEffectiveHost(origin); HeaderElement[] elems = header.getElements(); return createCookies(elems, origin); }
public void validate( final Cookie cookie, final CookieOrigin origin) throws MalformedCookieException { if (cookie == null) { throw new IllegalArgumentException("Cookie may not be null"); } if (origin == null) { throw new IllegalArgumentException("Cookie origin may not be null"); } if (cookie.getVersion() > 0) { if (cookie instanceof SetCookie2) { getStrict().validate(cookie, origin); } else { getObsoleteStrict().validate(cookie, origin); } } else { getCompat().validate(cookie, origin); } }
/** * Parses the given Port attribute value (e.g. "8000,8001,8002") * into an array of ports. * * @param portValue port attribute value * @return parsed array of ports * @throws MalformedCookieException if there is a problem in * parsing due to invalid portValue. */ private static int[] parsePortAttribute(final String portValue) throws MalformedCookieException { StringTokenizer st = new StringTokenizer(portValue, ","); int[] ports = new int[st.countTokens()]; try { int i = 0; while(st.hasMoreTokens()) { ports[i] = Integer.parseInt(st.nextToken().trim()); if (ports[i] < 0) { throw new MalformedCookieException ("Invalid Port attribute."); } ++i; } } catch (NumberFormatException e) { throw new MalformedCookieException ("Invalid Port " + "attribute: " + e.getMessage()); } return ports; }
/** * Validate cookie port attribute. If the Port attribute was specified * in header, the request port must be in cookie's port list. */ public void validate(final Cookie cookie, final CookieOrigin origin) throws MalformedCookieException { if (cookie == null) { throw new IllegalArgumentException("Cookie may not be null"); } if (origin == null) { throw new IllegalArgumentException("Cookie origin may not be null"); } int port = origin.getPort(); if (cookie instanceof ClientCookie && ((ClientCookie) cookie).containsAttribute(ClientCookie.PORT_ATTR)) { if (!portMatch(port, cookie.getPorts())) { throw new CookieRestrictionViolationException( "Port attribute violates RFC 2965: " + "Request port not found in cookie's port list."); } } }
/** * Parse cookie domain attribute. */ public void parse(final SetCookie cookie, String domain) throws MalformedCookieException { if (cookie == null) { throw new IllegalArgumentException("Cookie may not be null"); } if (domain == null) { throw new MalformedCookieException( "Missing value for domain attribute"); } if (domain.trim().length() == 0) { throw new MalformedCookieException( "Blank value for domain attribute"); } domain = domain.toLowerCase(Locale.ENGLISH); if (!domain.startsWith(".")) { // Per RFC 2965 section 3.2.2 // "... If an explicitly specified value does not start with // a dot, the user agent supplies a leading dot ..." // That effectively implies that the domain attribute // MAY NOT be an IP address of a host name domain = '.' + domain; } cookie.setDomain(domain); }
public void parse(final SetCookie cookie, final String value) throws MalformedCookieException { if (cookie == null) { throw new IllegalArgumentException("Cookie may not be null"); } if (value == null) { throw new MalformedCookieException("Missing value for version attribute"); } if (value.trim().length() == 0) { throw new MalformedCookieException("Blank value for version attribute"); } try { cookie.setVersion(Integer.parseInt(value)); } catch (NumberFormatException e) { throw new MalformedCookieException("Invalid version: " + e.getMessage()); } }
@Override public void validate(final Cookie cookie, final CookieOrigin origin) throws MalformedCookieException { super.validate(cookie, origin); // Perform Netscape Cookie draft specific validation String host = origin.getHost(); String domain = cookie.getDomain(); if (host.contains(".")) { int domainParts = new StringTokenizer(domain, ".").countTokens(); if (isSpecialDomain(domain)) { if (domainParts < 2) { throw new CookieRestrictionViolationException("Domain attribute \"" + domain + "\" violates the Netscape cookie specification for " + "special domains"); } } else { if (domainParts < 3) { throw new CookieRestrictionViolationException("Domain attribute \"" + domain + "\" violates the Netscape cookie specification"); } } } }
/** * Parses the given Port attribute value (e.g. "8000,8001,8002") * into an array of ports. * * @param portValue port attribute value * @return parsed array of ports * @throws MalformedCookieException if there is a problem in * parsing due to invalid portValue. */ private static int[] parsePortAttribute(final String portValue) throws MalformedCookieException { final StringTokenizer st = new StringTokenizer(portValue, ","); final int[] ports = new int[st.countTokens()]; try { int i = 0; while(st.hasMoreTokens()) { ports[i] = Integer.parseInt(st.nextToken().trim()); if (ports[i] < 0) { throw new MalformedCookieException ("Invalid Port attribute."); } ++i; } } catch (final NumberFormatException e) { throw new MalformedCookieException ("Invalid Port " + "attribute: " + e.getMessage()); } return ports; }
@Test public void testRFC2109VersionValidate() throws Exception { final BasicClientCookie cookie = new BasicClientCookie("name", "value"); final CookieOrigin origin = new CookieOrigin("somedomain.com", 80, "/", false); final CookieAttributeHandler h = new RFC2109VersionHandler(); cookie.setVersion(12); h.validate(cookie, origin); cookie.setVersion(-12); try { h.validate(cookie, origin); Assert.fail("MalformedCookieException must have been thrown"); } catch (final MalformedCookieException ex) { // expected } }
/** * Tests if that invalid second domain level cookie gets * rejected in the strict mode, but gets accepted in the * browser compatibility mode. */ @Test public void testSecondDomainLevelCookie() throws Exception { final BasicClientCookie cookie = new BasicClientCookie("name", null); cookie.setDomain(".sourceforge.net"); cookie.setAttribute(ClientCookie.DOMAIN_ATTR, cookie.getDomain()); cookie.setPath("/"); cookie.setAttribute(ClientCookie.PATH_ATTR, cookie.getPath()); final CookieSpec cookiespec = new RFC2109Spec(); final CookieOrigin origin = new CookieOrigin("sourceforge.net", 80, "/", false); try { cookiespec.validate(cookie, origin); Assert.fail("MalformedCookieException should have been thrown"); } catch (final MalformedCookieException e) { // Expected } }
public void parse(final SetCookie cookie, final String value) throws MalformedCookieException { Args.notNull(cookie, "Cookie"); if (value == null) { throw new MalformedCookieException("Missing value for version attribute"); } if (value.trim().length() == 0) { throw new MalformedCookieException("Blank value for version attribute"); } try { cookie.setVersion(Integer.parseInt(value)); } catch (final NumberFormatException e) { throw new MalformedCookieException("Invalid version: " + e.getMessage()); } }
@Test public void testNetscapeDomainValidate3() throws Exception { final BasicClientCookie cookie = new BasicClientCookie("name", "value"); final CookieOrigin origin = new CookieOrigin("www.a.com", 80, "/", false); final CookieAttributeHandler h = new NetscapeDomainHandler(); cookie.setDomain(".a.com"); h.validate(cookie, origin); cookie.setDomain(".com"); try { h.validate(cookie, origin); Assert.fail("MalformedCookieException should have been thrown"); } catch (final MalformedCookieException ex) { // expected } }
@Test public void testRFC2109DomainValidate3() throws Exception { final BasicClientCookie cookie = new BasicClientCookie("name", "value"); final CookieOrigin origin = new CookieOrigin("www.a.com", 80, "/", false); final CookieAttributeHandler h = new RFC2109DomainHandler(); cookie.setDomain(".a.com"); h.validate(cookie, origin); cookie.setDomain(".com"); try { h.validate(cookie, origin); Assert.fail("MalformedCookieException should have been thrown"); } catch (final MalformedCookieException ex) { // expected } }
public void parse(final SetCookie cookie, final String value) throws MalformedCookieException { Args.notNull(cookie, "Cookie"); if (value == null) { throw new MalformedCookieException("Missing value for max-age attribute"); } final int age; try { age = Integer.parseInt(value); } catch (final NumberFormatException e) { throw new MalformedCookieException ("Invalid max-age attribute: " + value); } if (age < 0) { throw new MalformedCookieException ("Negative max-age attribute: " + value); } cookie.setExpiryDate(new Date(System.currentTimeMillis() + age * 1000L)); }
/** Default constructor */ public BrowserCompatSpec(final String[] datepatterns, final BrowserCompatSpecFactory.SecurityLevel securityLevel) { super(new BrowserCompatVersionAttributeHandler(), new BasicDomainHandler(), securityLevel == BrowserCompatSpecFactory.SecurityLevel.SECURITYLEVEL_IE_MEDIUM ? new BasicPathHandler() { @Override public void validate(final Cookie cookie, final CookieOrigin origin) throws MalformedCookieException { // No validation } } : new BasicPathHandler(), new BasicMaxAgeHandler(), new BasicSecureHandler(), new BasicCommentHandler(), new BasicExpiresHandler(datepatterns != null ? datepatterns.clone() : DEFAULT_DATE_PATTERNS)); }
/** * Parse cookie version attribute. */ @Override public void parse(final SetCookie cookie, final String value) throws MalformedCookieException { Args.notNull(cookie, "Cookie"); if (value == null) { throw new MalformedCookieException( "Missing value for version attribute"); } int version = -1; try { version = Integer.parseInt(value); } catch (final NumberFormatException e) { version = -1; } if (version < 0) { throw new MalformedCookieException("Invalid cookie version."); } cookie.setVersion(version); }
@Override public void parse(final SetCookie cookie, final String value) throws MalformedCookieException { Args.notNull(cookie, "Cookie"); if (value == null) { throw new MalformedCookieException("Missing value for 'max-age' attribute"); } final int age; try { age = Integer.parseInt(value); } catch (final NumberFormatException e) { throw new MalformedCookieException ("Invalid 'max-age' attribute: " + value); } if (age < 0) { throw new MalformedCookieException ("Negative 'max-age' attribute: " + value); } cookie.setExpiryDate(new Date(System.currentTimeMillis() + age * 1000L)); }
/** * Parse cookie domain attribute. */ @Override public void parse( final SetCookie cookie, final String domain) throws MalformedCookieException { Args.notNull(cookie, "Cookie"); if (domain == null) { throw new MalformedCookieException( "Missing value for domain attribute"); } if (domain.trim().isEmpty()) { throw new MalformedCookieException( "Blank value for domain attribute"); } String s = domain; s = s.toLowerCase(Locale.ROOT); if (!domain.startsWith(".")) { // Per RFC 2965 section 3.2.2 // "... If an explicitly specified value does not start with // a dot, the user agent supplies a leading dot ..." // That effectively implies that the domain attribute // MAY NOT be an IP address of a host name s = '.' + s; } cookie.setDomain(s); }
@Override public void parse(final SetCookie cookie, final String value) throws MalformedCookieException { Args.notNull(cookie, "Cookie"); if (value == null) { throw new MalformedCookieException("Missing value for version attribute"); } if (value.trim().isEmpty()) { throw new MalformedCookieException("Blank value for version attribute"); } try { cookie.setVersion(Integer.parseInt(value)); } catch (final NumberFormatException e) { throw new MalformedCookieException("Invalid version: " + e.getMessage()); } }
/** * Domain must have alt least one embedded dot */ @Test public void testParseWithIllegalDomain2() throws Exception { final Header header = new BasicHeader("Set-Cookie", "cookie-name=cookie-value; domain=.com; version=1"); final CookieSpec cookiespec = new RFC2109Spec(); final CookieOrigin origin = new CookieOrigin("b.com", 80, "/", false); try { final List<Cookie> cookies = cookiespec.parse(header, origin); for (int i = 0; i < cookies.size(); i++) { cookiespec.validate(cookies.get(i), origin); } Assert.fail("MalformedCookieException should have been thrown"); } catch (final MalformedCookieException e) { // expected } }
/** * Tests if cookie constructor rejects cookie name starting with $. */ @Test public void testCookieNameStartingWithDollarSign() throws Exception { final Header setcookie = new BasicHeader("Set-Cookie", "$invalid_name="); final CookieSpec cookiespec = new RFC2109Spec(); final CookieOrigin origin = new CookieOrigin("127.0.0.1", 80, "/", false); try { final List<Cookie> cookies = cookiespec.parse(setcookie, origin); for (int i = 0; i < cookies.size(); i++) { cookiespec.validate(cookies.get(i), origin); } Assert.fail("MalformedCookieException exception should have been thrown"); } catch (final MalformedCookieException e) { // expected } }
@Override public void parse(final SetCookie cookie, final String value) throws MalformedCookieException { Args.notNull(cookie, "Cookie"); if (TextUtils.isBlank(value)) { throw new MalformedCookieException("Blank or null value for domain attribute"); } // Ignore domain attributes ending with '.' per RFC 6265, 4.1.2.3 if (value.endsWith(".")) { return; } String domain = value; if (domain.startsWith(".")) { domain = domain.substring(1); } domain = domain.toLowerCase(Locale.ROOT); cookie.setDomain(domain); }
@Override public void validate(final Cookie cookie, final CookieOrigin origin) throws MalformedCookieException { Args.notNull(cookie, "Cookie"); Args.notNull(origin, "Cookie origin"); // Validate the cookies domain attribute. NOTE: Domains without // any dots are allowed to support hosts on private LANs that don't // have DNS names. Since they have no dots, to domain-match the // request-host and domain must be identical for the cookie to sent // back to the origin-server. final String host = origin.getHost(); final String domain = cookie.getDomain(); if (domain == null) { throw new CookieRestrictionViolationException("Cookie 'domain' may not be null"); } if (!host.equals(domain) && !domainMatch(domain, host)) { throw new CookieRestrictionViolationException( "Illegal 'domain' attribute \"" + domain + "\". Domain of origin: \"" + host + "\""); } }
@Test public void testParseWithWrongPath() throws Exception { final Header header = new BasicHeader("Set-Cookie", "cookie-name=cookie-value; domain=127.0.0.1; path=/not/just/root"); final CookieSpec cookiespec = new RFC2109Spec(); final CookieOrigin origin = new CookieOrigin("127.0.0.1", 80, "/", false); try { final List<Cookie> cookies = cookiespec.parse(header, origin); for (int i = 0; i < cookies.size(); i++) { cookiespec.validate(cookies.get(i), origin); } Assert.fail("MalformedCookieException exception should have been thrown"); } catch (final MalformedCookieException e) { // expected } }
@Override public void parse(final SetCookie cookie, final String value) throws MalformedCookieException { Args.notNull(cookie, "Cookie"); if (TextUtils.isBlank(value)) { return; } final Matcher matcher = MAX_AGE_PATTERN.matcher(value); if (matcher.matches()) { final int age; try { age = Integer.parseInt(value); } catch (final NumberFormatException e) { return; } final Date expiryDate = age >= 0 ? new Date(System.currentTimeMillis() + age * 1000L) : new Date(Long.MIN_VALUE); cookie.setExpiryDate(expiryDate); } }
@Test public void testBasicDomainValidate2() throws Exception { final BasicClientCookie cookie = new BasicClientCookie("name", "value"); final CookieOrigin origin = new CookieOrigin("somehost", 80, "/", false); final CookieAttributeHandler h = new BasicDomainHandler(); cookie.setDomain("somehost"); h.validate(cookie, origin); cookie.setDomain("otherhost"); try { h.validate(cookie, origin); Assert.fail("MalformedCookieException should have been thrown"); } catch (final MalformedCookieException ex) { // expected } }
@Test public void testNetscapeDomainValidate4() throws Exception { final BasicClientCookie cookie = new BasicClientCookie("name", "value"); final CookieOrigin origin = new CookieOrigin("www.a.b.c", 80, "/", false); final CookieAttributeHandler h = new NetscapeDomainHandler(); cookie.setDomain(".a.b.c"); h.validate(cookie, origin); cookie.setDomain(".b.c"); try { h.validate(cookie, origin); Assert.fail("MalformedCookieException should have been thrown"); } catch (final MalformedCookieException ex) { // expected } }
@Test public void testParseWithIllegalNetscapeDomain1() throws Exception { final Header header = new BasicHeader("Set-Cookie","cookie-name=cookie-value; domain=.com"); final CookieSpec cookiespec = new NetscapeDraftSpec(); try { final CookieOrigin origin = new CookieOrigin("a.com", 80, "/", false); final List<Cookie> cookies = cookiespec.parse(header, origin); for (int i = 0; i < cookies.size(); i++) { cookiespec.validate(cookies.get(i), origin); } Assert.fail("MalformedCookieException exception should have been thrown"); } catch (final MalformedCookieException e) { // expected } }
@Test public void testParseWithWrongNetscapeDomain2() throws Exception { final Header header = new BasicHeader("Set-Cookie","cookie-name=cookie-value; domain=.y.z"); final CookieSpec cookiespec = new NetscapeDraftSpec(); try { final CookieOrigin origin = new CookieOrigin("x.y.z", 80, "/", false); final List<Cookie> cookies = cookiespec.parse(header, origin); for (int i = 0; i < cookies.size(); i++) { cookiespec.validate(cookies.get(i), origin); } Assert.fail("MalformedCookieException exception should have been thrown"); } catch (final MalformedCookieException e) { // expected } }
@Override public List<Cookie> parse(Header header, CookieOrigin origin) throws MalformedCookieException { List<Cookie> cookies = super.parse(header, origin); for (Cookie cookie : cookies) { if (cookie.getName().equals(StickyCookieHolder.COOKIE_NAME)) { // store it in the TestStickySessionRule threadlocal var StickyCookieHolder.setTestStickySessionCookie(cookie); } } return cookies; }
public void parse(final SetCookie cookie, String value) throws MalformedCookieException { if (cookie == null) { throw new IllegalArgumentException("Cookie may not be null"); } if (value == null || value.trim().length() == 0) { value = "/"; } cookie.setPath(value); }
public void validate(final Cookie cookie, final CookieOrigin origin) throws MalformedCookieException { if (!match(cookie, origin)) { throw new CookieRestrictionViolationException( "Illegal path attribute \"" + cookie.getPath() + "\". Path of origin: \"" + origin.getPath() + "\""); } }
/** * validate cookie version attribute. Version attribute is REQUIRED. */ public void validate(final Cookie cookie, final CookieOrigin origin) throws MalformedCookieException { if (cookie == null) { throw new IllegalArgumentException("Cookie may not be null"); } if (cookie instanceof SetCookie2) { if (cookie instanceof ClientCookie && !((ClientCookie) cookie).containsAttribute(ClientCookie.VERSION_ATTR)) { throw new CookieRestrictionViolationException( "Violates RFC 2965. Version attribute is required."); } } }
@Override protected List<Cookie> parse( final HeaderElement[] elems, CookieOrigin origin) throws MalformedCookieException { origin = adjustEffectiveHost(origin); return createCookies(elems, origin); }
@Override public void validate(final Cookie cookie, CookieOrigin origin) throws MalformedCookieException { if (cookie == null) { throw new IllegalArgumentException("Cookie may not be null"); } if (origin == null) { throw new IllegalArgumentException("Cookie origin may not be null"); } origin = adjustEffectiveHost(origin); super.validate(cookie, origin); }
/** * Parse cookie port attribute. */ public void parse(final SetCookie cookie, final String portValue) throws MalformedCookieException { if (cookie == null) { throw new IllegalArgumentException("Cookie may not be null"); } if (cookie instanceof SetCookie2) { SetCookie2 cookie2 = (SetCookie2) cookie; if (portValue != null && portValue.trim().length() > 0) { int[] ports = parsePortAttribute(portValue); cookie2.setPorts(ports); } } }
public void parse(final SetCookie cookie, final String value) throws MalformedCookieException { if (cookie == null) { throw new IllegalArgumentException("Cookie may not be null"); } if (value == null) { throw new MalformedCookieException("Missing value for domain attribute"); } if (value.trim().length() == 0) { throw new MalformedCookieException("Blank value for domain attribute"); } cookie.setDomain(value); }
