The Tor Browser / file comparison

comparison: mobile/android/thirdparty/ch/boye/httpclientandroidlib/impl/cookie/RFC2965DomainAttributeHandler.java

mobile/android/thirdparty/ch/boye/httpclientandroidlib/impl/cookie/RFC2965DomainAttributeHandler.java

branch
TOR_BUG_3246
changeset 4
fc2d59ddac77
equal deleted inserted replaced
-1:000000000000 0:524cc609c1dc
1 /*
2 * ====================================================================
3 * Licensed to the Apache Software Foundation (ASF) under one
4 * or more contributor license agreements. See the NOTICE file
5 * distributed with this work for additional information
6 * regarding copyright ownership. The ASF licenses this file
7 * to you under the Apache License, Version 2.0 (the
8 * "License"); you may not use this file except in compliance
9 * with the License. You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing,
14 * software distributed under the License is distributed on an
15 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16 * KIND, either express or implied. See the License for the
17 * specific language governing permissions and limitations
18 * under the License.
19 * ====================================================================
20 *
21 * This software consists of voluntary contributions made by many
22 * individuals on behalf of the Apache Software Foundation. For more
23 * information on the Apache Software Foundation, please see
24 * <http://www.apache.org/>.
25 *
26 */
27
28 package ch.boye.httpclientandroidlib.impl.cookie;
29
30 import java.util.Locale;
31
32 import ch.boye.httpclientandroidlib.annotation.Immutable;
33
34 import ch.boye.httpclientandroidlib.cookie.ClientCookie;
35 import ch.boye.httpclientandroidlib.cookie.Cookie;
36 import ch.boye.httpclientandroidlib.cookie.CookieAttributeHandler;
37 import ch.boye.httpclientandroidlib.cookie.CookieOrigin;
38 import ch.boye.httpclientandroidlib.cookie.CookieRestrictionViolationException;
39 import ch.boye.httpclientandroidlib.cookie.MalformedCookieException;
40 import ch.boye.httpclientandroidlib.cookie.SetCookie;
41
42 /**
43 * <tt>"Domain"</tt> cookie attribute handler for RFC 2965 cookie spec.
44 *
45 *
46 * @since 3.1
47 */
48 @Immutable
49 public class RFC2965DomainAttributeHandler implements CookieAttributeHandler {
50
51 public RFC2965DomainAttributeHandler() {
52 super();
53 }
54
55 /**
56 * Parse cookie domain attribute.
57 */
58 public void parse(final SetCookie cookie, String domain)
59 throws MalformedCookieException {
60 if (cookie == null) {
61 throw new IllegalArgumentException("Cookie may not be null");
62 }
63 if (domain == null) {
64 throw new MalformedCookieException(
65 "Missing value for domain attribute");
66 }
67 if (domain.trim().length() == 0) {
68 throw new MalformedCookieException(
69 "Blank value for domain attribute");
70 }
71 domain = domain.toLowerCase(Locale.ENGLISH);
72 if (!domain.startsWith(".")) {
73 // Per RFC 2965 section 3.2.2
74 // "... If an explicitly specified value does not start with
75 // a dot, the user agent supplies a leading dot ..."
76 // That effectively implies that the domain attribute
77 // MAY NOT be an IP address of a host name
78 domain = '.' + domain;
79 }
80 cookie.setDomain(domain);
81 }
82
83 /**
84 * Performs domain-match as defined by the RFC2965.
85 * <p>
86 * Host A's name domain-matches host B's if
87 * <ol>
88 * <ul>their host name strings string-compare equal; or</ul>
89 * <ul>A is a HDN string and has the form NB, where N is a non-empty
90 * name string, B has the form .B', and B' is a HDN string. (So,
91 * x.y.com domain-matches .Y.com but not Y.com.)</ul>
92 * </ol>
93 *
94 * @param host host name where cookie is received from or being sent to.
95 * @param domain The cookie domain attribute.
96 * @return true if the specified host matches the given domain.
97 */
98 public boolean domainMatch(String host, String domain) {
99 boolean match = host.equals(domain)
100 || (domain.startsWith(".") && host.endsWith(domain));
101
102 return match;
103 }
104
105 /**
106 * Validate cookie domain attribute.
107 */
108 public void validate(final Cookie cookie, final CookieOrigin origin)
109 throws MalformedCookieException {
110 if (cookie == null) {
111 throw new IllegalArgumentException("Cookie may not be null");
112 }
113 if (origin == null) {
114 throw new IllegalArgumentException("Cookie origin may not be null");
115 }
116 String host = origin.getHost().toLowerCase(Locale.ENGLISH);
117 if (cookie.getDomain() == null) {
118 throw new CookieRestrictionViolationException("Invalid cookie state: " +
119 "domain not specified");
120 }
121 String cookieDomain = cookie.getDomain().toLowerCase(Locale.ENGLISH);
122
123 if (cookie instanceof ClientCookie
124 && ((ClientCookie) cookie).containsAttribute(ClientCookie.DOMAIN_ATTR)) {
125 // Domain attribute must start with a dot
126 if (!cookieDomain.startsWith(".")) {
127 throw new CookieRestrictionViolationException("Domain attribute \"" +
128 cookie.getDomain() + "\" violates RFC 2109: domain must start with a dot");
129 }
130
131 // Domain attribute must contain at least one embedded dot,
132 // or the value must be equal to .local.
133 int dotIndex = cookieDomain.indexOf('.', 1);
134 if (((dotIndex < 0) || (dotIndex == cookieDomain.length() - 1))
135 && (!cookieDomain.equals(".local"))) {
136 throw new CookieRestrictionViolationException(
137 "Domain attribute \"" + cookie.getDomain()
138 + "\" violates RFC 2965: the value contains no embedded dots "
139 + "and the value is not .local");
140 }
141
142 // The effective host name must domain-match domain attribute.
143 if (!domainMatch(host, cookieDomain)) {
144 throw new CookieRestrictionViolationException(
145 "Domain attribute \"" + cookie.getDomain()
146 + "\" violates RFC 2965: effective host name does not "
147 + "domain-match domain attribute.");
148 }
149
150 // effective host name minus domain must not contain any dots
151 String effectiveHostWithoutDomain = host.substring(
152 0, host.length() - cookieDomain.length());
153 if (effectiveHostWithoutDomain.indexOf('.') != -1) {
154 throw new CookieRestrictionViolationException("Domain attribute \""
155 + cookie.getDomain() + "\" violates RFC 2965: "
156 + "effective host minus domain may not contain any dots");
157 }
158 } else {
159 // Domain was not specified in header. In this case, domain must
160 // string match request host (case-insensitive).
161 if (!cookie.getDomain().equals(host)) {
162 throw new CookieRestrictionViolationException("Illegal domain attribute: \""
163 + cookie.getDomain() + "\"."
164 + "Domain of origin: \""
165 + host + "\"");
166 }
167 }
168 }
169
170 /**
171 * Match cookie domain attribute.
172 */
173 public boolean match(final Cookie cookie, final CookieOrigin origin) {
174 if (cookie == null) {
175 throw new IllegalArgumentException("Cookie may not be null");
176 }
177 if (origin == null) {
178 throw new IllegalArgumentException("Cookie origin may not be null");
179 }
180 String host = origin.getHost().toLowerCase(Locale.ENGLISH);
181 String cookieDomain = cookie.getDomain();
182
183 // The effective host name MUST domain-match the Domain
184 // attribute of the cookie.
185 if (!domainMatch(host, cookieDomain)) {
186 return false;
187 }
188 // effective host name minus domain must not contain any dots
189 String effectiveHostWithoutDomain = host.substring(
190 0, host.length() - cookieDomain.length());
191 return effectiveHostWithoutDomain.indexOf('.') == -1;
192 }
193
194 }

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial