1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/mobile/android/thirdparty/ch/boye/httpclientandroidlib/impl/cookie/RFC2965DomainAttributeHandler.java Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,194 @@
1.4 +/*
1.5 + * ====================================================================
1.6 + * Licensed to the Apache Software Foundation (ASF) under one
1.7 + * or more contributor license agreements. See the NOTICE file
1.8 + * distributed with this work for additional information
1.9 + * regarding copyright ownership. The ASF licenses this file
1.10 + * to you under the Apache License, Version 2.0 (the
1.11 + * "License"); you may not use this file except in compliance
1.12 + * with the License. You may obtain a copy of the License at
1.13 + *
1.14 + * http://www.apache.org/licenses/LICENSE-2.0
1.15 + *
1.16 + * Unless required by applicable law or agreed to in writing,
1.17 + * software distributed under the License is distributed on an
1.18 + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
1.19 + * KIND, either express or implied. See the License for the
1.20 + * specific language governing permissions and limitations
1.21 + * under the License.
1.22 + * ====================================================================
1.23 + *
1.24 + * This software consists of voluntary contributions made by many
1.25 + * individuals on behalf of the Apache Software Foundation. For more
1.26 + * information on the Apache Software Foundation, please see
1.27 + * <http://www.apache.org/>.
1.28 + *
1.29 + */
1.30 +
1.31 +package ch.boye.httpclientandroidlib.impl.cookie;
1.32 +
1.33 +import java.util.Locale;
1.34 +
1.35 +import ch.boye.httpclientandroidlib.annotation.Immutable;
1.36 +
1.37 +import ch.boye.httpclientandroidlib.cookie.ClientCookie;
1.38 +import ch.boye.httpclientandroidlib.cookie.Cookie;
1.39 +import ch.boye.httpclientandroidlib.cookie.CookieAttributeHandler;
1.40 +import ch.boye.httpclientandroidlib.cookie.CookieOrigin;
1.41 +import ch.boye.httpclientandroidlib.cookie.CookieRestrictionViolationException;
1.42 +import ch.boye.httpclientandroidlib.cookie.MalformedCookieException;
1.43 +import ch.boye.httpclientandroidlib.cookie.SetCookie;
1.44 +
1.45 +/**
1.46 + * <tt>"Domain"</tt> cookie attribute handler for RFC 2965 cookie spec.
1.47 + *
1.48 + *
1.49 + * @since 3.1
1.50 + */
1.51 +@Immutable
1.52 +public class RFC2965DomainAttributeHandler implements CookieAttributeHandler {
1.53 +
1.54 + public RFC2965DomainAttributeHandler() {
1.55 + super();
1.56 + }
1.57 +
1.58 + /**
1.59 + * Parse cookie domain attribute.
1.60 + */
1.61 + public void parse(final SetCookie cookie, String domain)
1.62 + throws MalformedCookieException {
1.63 + if (cookie == null) {
1.64 + throw new IllegalArgumentException("Cookie may not be null");
1.65 + }
1.66 + if (domain == null) {
1.67 + throw new MalformedCookieException(
1.68 + "Missing value for domain attribute");
1.69 + }
1.70 + if (domain.trim().length() == 0) {
1.71 + throw new MalformedCookieException(
1.72 + "Blank value for domain attribute");
1.73 + }
1.74 + domain = domain.toLowerCase(Locale.ENGLISH);
1.75 + if (!domain.startsWith(".")) {
1.76 + // Per RFC 2965 section 3.2.2
1.77 + // "... If an explicitly specified value does not start with
1.78 + // a dot, the user agent supplies a leading dot ..."
1.79 + // That effectively implies that the domain attribute
1.80 + // MAY NOT be an IP address of a host name
1.81 + domain = '.' + domain;
1.82 + }
1.83 + cookie.setDomain(domain);
1.84 + }
1.85 +
1.86 + /**
1.87 + * Performs domain-match as defined by the RFC2965.
1.88 + * <p>
1.89 + * Host A's name domain-matches host B's if
1.90 + * <ol>
1.91 + * <ul>their host name strings string-compare equal; or</ul>
1.92 + * <ul>A is a HDN string and has the form NB, where N is a non-empty
1.93 + * name string, B has the form .B', and B' is a HDN string. (So,
1.94 + * x.y.com domain-matches .Y.com but not Y.com.)</ul>
1.95 + * </ol>
1.96 + *
1.97 + * @param host host name where cookie is received from or being sent to.
1.98 + * @param domain The cookie domain attribute.
1.99 + * @return true if the specified host matches the given domain.
1.100 + */
1.101 + public boolean domainMatch(String host, String domain) {
1.102 + boolean match = host.equals(domain)
1.103 + || (domain.startsWith(".") && host.endsWith(domain));
1.104 +
1.105 + return match;
1.106 + }
1.107 +
1.108 + /**
1.109 + * Validate cookie domain attribute.
1.110 + */
1.111 + public void validate(final Cookie cookie, final CookieOrigin origin)
1.112 + throws MalformedCookieException {
1.113 + if (cookie == null) {
1.114 + throw new IllegalArgumentException("Cookie may not be null");
1.115 + }
1.116 + if (origin == null) {
1.117 + throw new IllegalArgumentException("Cookie origin may not be null");
1.118 + }
1.119 + String host = origin.getHost().toLowerCase(Locale.ENGLISH);
1.120 + if (cookie.getDomain() == null) {
1.121 + throw new CookieRestrictionViolationException("Invalid cookie state: " +
1.122 + "domain not specified");
1.123 + }
1.124 + String cookieDomain = cookie.getDomain().toLowerCase(Locale.ENGLISH);
1.125 +
1.126 + if (cookie instanceof ClientCookie
1.127 + && ((ClientCookie) cookie).containsAttribute(ClientCookie.DOMAIN_ATTR)) {
1.128 + // Domain attribute must start with a dot
1.129 + if (!cookieDomain.startsWith(".")) {
1.130 + throw new CookieRestrictionViolationException("Domain attribute \"" +
1.131 + cookie.getDomain() + "\" violates RFC 2109: domain must start with a dot");
1.132 + }
1.133 +
1.134 + // Domain attribute must contain at least one embedded dot,
1.135 + // or the value must be equal to .local.
1.136 + int dotIndex = cookieDomain.indexOf('.', 1);
1.137 + if (((dotIndex < 0) || (dotIndex == cookieDomain.length() - 1))
1.138 + && (!cookieDomain.equals(".local"))) {
1.139 + throw new CookieRestrictionViolationException(
1.140 + "Domain attribute \"" + cookie.getDomain()
1.141 + + "\" violates RFC 2965: the value contains no embedded dots "
1.142 + + "and the value is not .local");
1.143 + }
1.144 +
1.145 + // The effective host name must domain-match domain attribute.
1.146 + if (!domainMatch(host, cookieDomain)) {
1.147 + throw new CookieRestrictionViolationException(
1.148 + "Domain attribute \"" + cookie.getDomain()
1.149 + + "\" violates RFC 2965: effective host name does not "
1.150 + + "domain-match domain attribute.");
1.151 + }
1.152 +
1.153 + // effective host name minus domain must not contain any dots
1.154 + String effectiveHostWithoutDomain = host.substring(
1.155 + 0, host.length() - cookieDomain.length());
1.156 + if (effectiveHostWithoutDomain.indexOf('.') != -1) {
1.157 + throw new CookieRestrictionViolationException("Domain attribute \""
1.158 + + cookie.getDomain() + "\" violates RFC 2965: "
1.159 + + "effective host minus domain may not contain any dots");
1.160 + }
1.161 + } else {
1.162 + // Domain was not specified in header. In this case, domain must
1.163 + // string match request host (case-insensitive).
1.164 + if (!cookie.getDomain().equals(host)) {
1.165 + throw new CookieRestrictionViolationException("Illegal domain attribute: \""
1.166 + + cookie.getDomain() + "\"."
1.167 + + "Domain of origin: \""
1.168 + + host + "\"");
1.169 + }
1.170 + }
1.171 + }
1.172 +
1.173 + /**
1.174 + * Match cookie domain attribute.
1.175 + */
1.176 + public boolean match(final Cookie cookie, final CookieOrigin origin) {
1.177 + if (cookie == null) {
1.178 + throw new IllegalArgumentException("Cookie may not be null");
1.179 + }
1.180 + if (origin == null) {
1.181 + throw new IllegalArgumentException("Cookie origin may not be null");
1.182 + }
1.183 + String host = origin.getHost().toLowerCase(Locale.ENGLISH);
1.184 + String cookieDomain = cookie.getDomain();
1.185 +
1.186 + // The effective host name MUST domain-match the Domain
1.187 + // attribute of the cookie.
1.188 + if (!domainMatch(host, cookieDomain)) {
1.189 + return false;
1.190 + }
1.191 + // effective host name minus domain must not contain any dots
1.192 + String effectiveHostWithoutDomain = host.substring(
1.193 + 0, host.length() - cookieDomain.length());
1.194 + return effectiveHostWithoutDomain.indexOf('.') == -1;
1.195 + }
1.196 +
1.197 +}
