org.apache.http.cookie.CookieOrigin Java Examples

The following examples show how to use org.apache.http.cookie.CookieOrigin. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: SolrPortAwareCookieSpecTest.java    From lucene-solr with Apache License 2.0 6 votes vote down vote up
@Test
public void testDomainHostPortMatch() throws Exception {
  final BasicClientCookie cookie = new BasicClientCookie("name", "value");
  final CookieOrigin origin = new CookieOrigin("myhost", 80, "/", false);
  final CookieAttributeHandler h = new SolrPortAwareCookieSpecFactory.PortAwareDomainHandler();

  cookie.setDomain("myhost");
  SolrTestCaseJ4.expectThrows(IllegalArgumentException.class, () -> h.match(cookie, null));

  cookie.setDomain(null);
  Assert.assertFalse(h.match(cookie, origin));

  cookie.setDomain("otherhost");
  Assert.assertFalse(h.match(cookie, origin));

  cookie.setDomain("myhost");
  Assert.assertTrue(h.match(cookie, origin));

  cookie.setDomain("myhost:80");
  Assert.assertTrue(h.match(cookie, origin));

  cookie.setDomain("myhost:8080");
  Assert.assertFalse(h.match(cookie, origin));
}
 
Example #2
Source File: SolrPortAwareCookieSpecTest.java    From lucene-solr with Apache License 2.0 5 votes vote down vote up
@Test
public void testDomainValidate3() throws Exception {
  final BasicClientCookie cookie = new BasicClientCookie("name", "value");
  final CookieOrigin origin = new CookieOrigin("www.a.com", 80, "/", false);
  final CookieAttributeHandler h = new SolrPortAwareCookieSpecFactory.PortAwareDomainHandler();

  cookie.setDomain(".a.com");
  h.validate(cookie, origin);

  cookie.setDomain(".com");
  SolrTestCaseJ4.expectThrows(MalformedCookieException.class, () ->  h.validate(cookie, origin));
}
 
Example #3
Source File: CookieUtilTest.java    From esigate with Apache License 2.0 5 votes vote down vote up
public void testCookieValueWithoutDotsAndSlashIsNotQuoted() throws Exception {
    String cookieString = "myCookie=value./; Domain=www.foo.com; Path=/";
    Header header = new BasicHeader("Set-Cookie", cookieString);
    CookieOrigin origin = new CookieOrigin("www.foo.com", Http.DEFAULT_HTTP_PORT, "/", false);
    Cookie cookie = cookieSpec.parse(header, origin).get(0);
    String result = CookieUtil.encodeCookie(cookie);
    assertEquals(cookieString, result);
}
 
Example #4
Source File: CookieUtilTest.java    From esigate with Apache License 2.0 5 votes vote down vote up
public void testCookieValueWithoutQuotesIsNotQuoted() throws Exception {
    String cookieString = "myCookie=value; Domain=www.foo.com; Path=/";
    Header header = new BasicHeader("Set-Cookie", cookieString);
    CookieOrigin origin = new CookieOrigin("www.foo.com", Http.DEFAULT_HTTP_PORT, "/", false);
    Cookie cookie = cookieSpec.parse(header, origin).get(0);
    String result = CookieUtil.encodeCookie(cookie);
    assertEquals(cookieString, result);
}
 
Example #5
Source File: CookieUtilTest.java    From esigate with Apache License 2.0 5 votes vote down vote up
public void testCookieValueWithSpacesVersion1IsQuoted() throws Exception {
    String cookieString = "myCookie=\"value with spaces\"; Domain=www.foo.com; Path=/; Version=1";
    Header header = new BasicHeader("Set-Cookie", cookieString);
    CookieOrigin origin = new CookieOrigin("www.foo.com", Http.DEFAULT_HTTP_PORT, "/", false);
    Cookie cookie = cookieSpec.parse(header, origin).get(0);
    cookieSpec.validate(cookie, origin);
    String result = CookieUtil.encodeCookie(cookie);
    assertEquals(cookieString, result);
}
 
Example #6
Source File: CookieUtilTest.java    From esigate with Apache License 2.0 5 votes vote down vote up
public void testRewriteCookieExpiresLongTime() throws Exception {
    String expires = format.format(new Date(System.currentTimeMillis() + 15552000000L));
    Header header =
            new BasicHeader("Set-Cookie", "K_66638=121203111217326896; Domain=.foo.com; Expires=" + expires
                    + "; Path=/");
    CookieOrigin origin = new CookieOrigin("www.foo.com", Http.DEFAULT_HTTP_PORT, "/", false);
    Cookie src = cookieSpec.parse(header, origin).get(0);
    String result = CookieUtil.encodeCookie(src);
    HttpCookie httpcookie = HttpCookie.parse(result).get(0);
    assertTrue("maxAge should be greater than 15551995, actual value " + httpcookie.getMaxAge(),
            httpcookie.getMaxAge() > 15551995);
    assertTrue("maxAge should be lower than 15552001, actual value " + httpcookie.getMaxAge(),
            httpcookie.getMaxAge() < 15552001);
}
 
Example #7
Source File: CookieUtilTest.java    From esigate with Apache License 2.0 5 votes vote down vote up
public void testRewriteCookieExpires() throws Exception {
    String expires = format.format(new Date(System.currentTimeMillis() + ONE_DAY));
    Header header =
            new BasicHeader("Set-Cookie", "K_lm_66638=121203111217326896; Domain=.foo.com; Expires=" + expires
                    + "; Path=/");
    CookieOrigin origin = new CookieOrigin("www.foo.com", Http.DEFAULT_HTTP_PORT, "/", false);
    Cookie src = cookieSpec.parse(header, origin).get(0);
    String result = CookieUtil.encodeCookie(src);
    HttpCookie httpcookie = HttpCookie.parse(result).get(0);
    assertTrue("maxAge should be greater than 86395, actual value " + httpcookie.getMaxAge(),
            httpcookie.getMaxAge() > 86395);
    assertTrue("maxAge should be lower than 86401, actual value " + httpcookie.getMaxAge(),
            httpcookie.getMaxAge() < 86401);
}
 
Example #8
Source File: CookieUtilTest.java    From esigate with Apache License 2.0 5 votes vote down vote up
public void testHttpOnlyCookie() throws Exception {

        String expires = format.format(new Date(System.currentTimeMillis() + ONE_DAY));
        Header header =
                new BasicHeader("Set-Cookie", "K_lm_66638=121203111217326896; Domain=.foo.com; Expires=" + expires
                        + "; HttpOnly;Secure;Path=/");
        CookieOrigin origin = new CookieOrigin("www.foo.com", Http.DEFAULT_HTTP_PORT, "/", false);
        Cookie src = cookieSpec.parse(header, origin).get(0);
        String result = CookieUtil.encodeCookie(src);
        HttpCookie httpcookie = HttpCookie.parse(result).get(0);
        assertTrue("Should be an httponly cookie", httpcookie.isHttpOnly());
        assertTrue("Should be a secure cookie", httpcookie.getSecure());
    }
 
Example #9
Source File: CustomBrowserCompatSpecFactoryTest.java    From esigate with Apache License 2.0 5 votes vote down vote up
public void testAcceptCookieWithLongerPathThanRequestPath() throws Exception {
    Header header = new BasicHeader("Set-Cookie", "wordpress_dce20=admin%7Ca; Path=/wp-content/plugins");
    CookieOrigin origin = new CookieOrigin("www.foo.com", Http.DEFAULT_HTTP_PORT, "/wp-login.php", false);
    Cookie cookie = cookieSpec.parse(header, origin).get(0);
    cookieSpec.validate(cookie, origin);
    // BrowserCompatSpec would throw an exception:
    // org.apache.http.cookie.CookieRestrictionViolationException: Illegal path attribute "/wp-content/plugins".
    // Path of origin: "/wp-login.php"
}
 
Example #10
Source File: HttpResponseUtils.java    From esigate with Apache License 2.0 5 votes vote down vote up
/**
 * Removes ";jsessionid=&lt;id&gt;" from the url, if the session id is also set in "httpResponse".
 * <p>
 * This methods first looks for the following header :
 * 
 * <pre>
 * Set-Cookie: JSESSIONID=
 * </pre>
 * 
 * If found and perfectly matches the jsessionid value in url, the complete jsessionid definition is removed from
 * the url.
 * 
 * @param uri
 *            original uri, may contains a jsessionid.
 * @param httpResponse
 *            the response which set the jsessionId
 * @return uri, without jsession
 */
public static String removeSessionId(String uri, HttpResponse httpResponse) {
    CookieSpec cookieSpec = new DefaultCookieSpec();
    // Dummy origin, used only by CookieSpec for setting the domain for the
    // cookie but we don't need it
    CookieOrigin cookieOrigin = new CookieOrigin("dummy", Http.DEFAULT_HTTP_PORT, "/", false);
    Header[] responseHeaders = httpResponse.getHeaders("Set-cookie");
    String jsessionid = null;
    for (Header header : responseHeaders) {
        try {
            List<Cookie> cookies = cookieSpec.parse(header, cookieOrigin);
            for (Cookie cookie : cookies) {
                if ("JSESSIONID".equalsIgnoreCase(cookie.getName())) {
                    jsessionid = cookie.getValue();
                }
                break;
            }
        } catch (MalformedCookieException ex) {
            LOG.warn("Malformed header: " + header.getName() + ": " + header.getValue());
        }
        if (jsessionid != null) {
            break;
        }
    }
    if (jsessionid == null) {
        return uri;
    }

    return UriUtils.removeSessionId(jsessionid, uri);

}
 
Example #11
Source File: SolrPortAwareCookieSpecTest.java    From lucene-solr with Apache License 2.0 5 votes vote down vote up
@Test
public void testDomainMatch2() throws Exception {
  final BasicClientCookie cookie = new BasicClientCookie("name", "value");
  final CookieOrigin origin = new CookieOrigin("www.whatever.somedomain.com", 80, "/", false);
  final CookieAttributeHandler h = new SolrPortAwareCookieSpecFactory.PortAwareDomainHandler();

  cookie.setDomain(".somedomain.com");
  Assert.assertTrue(h.match(cookie, origin));
}
 
Example #12
Source File: SolrPortAwareCookieSpecTest.java    From lucene-solr with Apache License 2.0 5 votes vote down vote up
@Test
public void testDomainMatch1() throws Exception {
  final BasicClientCookie cookie = new BasicClientCookie("name", "value");
  final CookieOrigin origin = new CookieOrigin("www.somedomain.com", 80, "/", false);
  final CookieAttributeHandler h = new SolrPortAwareCookieSpecFactory.PortAwareDomainHandler();

  cookie.setDomain(null);
  Assert.assertFalse(h.match(cookie, origin));

  cookie.setDomain(".somedomain.com");
  Assert.assertTrue(h.match(cookie, origin));
}
 
Example #13
Source File: SolrPortAwareCookieSpecTest.java    From lucene-solr with Apache License 2.0 5 votes vote down vote up
@Test
public void testDomainValidate4() throws Exception {
  final BasicClientCookie cookie = new BasicClientCookie("name", "value");
  final CookieOrigin origin = new CookieOrigin("www.a.b.c", 80, "/", false);
  final CookieAttributeHandler h = new SolrPortAwareCookieSpecFactory.PortAwareDomainHandler();

  cookie.setDomain(".a.b.c");
  h.validate(cookie, origin);

  cookie.setDomain(".b.c");
  SolrTestCaseJ4.expectThrows(MalformedCookieException.class, () ->  h.validate(cookie, origin));
}
 
Example #14
Source File: CookieManager.java    From htmlunit with Apache License 2.0 5 votes vote down vote up
/**
 * Helper that builds a CookieOrigin.
 * @param url the url to be used
 * @return the new CookieOrigin
 */
public CookieOrigin buildCookieOrigin(final URL url) {
    final URL normalizedUrl = replaceForCookieIfNecessary(url);

    return new CookieOrigin(
            normalizedUrl.getHost(),
            getPort(normalizedUrl),
            normalizedUrl.getPath(),
            "https".equals(normalizedUrl.getProtocol()));
}
 
Example #15
Source File: SolrPortAwareCookieSpecTest.java    From lucene-solr with Apache License 2.0 5 votes vote down vote up
@Test
public void testDomainValidate2() throws Exception {
  final BasicClientCookie cookie = new BasicClientCookie("name", "value");
  final CookieOrigin origin = new CookieOrigin("www.somedomain.com", 80, "/", false);
  final CookieAttributeHandler h = new SolrPortAwareCookieSpecFactory.PortAwareDomainHandler();

  cookie.setDomain(".somedomain.com");
  h.validate(cookie, origin);

  cookie.setDomain(".otherdomain.com");
  SolrTestCaseJ4.expectThrows(MalformedCookieException.class, () ->  h.validate(cookie, origin));

  cookie.setDomain("www.otherdomain.com");
  SolrTestCaseJ4.expectThrows(MalformedCookieException.class, () ->  h.validate(cookie, origin));
}
 
Example #16
Source File: SolrPortAwareCookieSpecTest.java    From lucene-solr with Apache License 2.0 5 votes vote down vote up
@Test
public void testDomainValidate1() throws Exception {
  final BasicClientCookie cookie = new BasicClientCookie("name", "value");
  final CookieOrigin origin = new CookieOrigin("somehost", 80, "/", false);
  final CookieAttributeHandler h = new SolrPortAwareCookieSpecFactory.PortAwareDomainHandler();

  cookie.setDomain("somehost");
  h.validate(cookie, origin);

  cookie.setDomain("otherhost");
  SolrTestCaseJ4.expectThrows(MalformedCookieException.class, () ->  h.validate(cookie, origin));
}
 
Example #17
Source File: SolrPortAwareCookieSpecTest.java    From lucene-solr with Apache License 2.0 5 votes vote down vote up
@Test
public void testDomainHostPortValidate() throws Exception {
  final BasicClientCookie cookie = new BasicClientCookie("name", "value");
  final CookieOrigin origin = new CookieOrigin("somehost", 80, "/", false);
  final CookieAttributeHandler h = new SolrPortAwareCookieSpecFactory.PortAwareDomainHandler();

  cookie.setDomain("somehost:80");
  h.validate(cookie, origin);

  cookie.setDomain("somehost:1234");
  SolrTestCaseJ4.expectThrows(MalformedCookieException.class, () -> h.validate(cookie, origin));
}
 
Example #18
Source File: SolrPortAwareCookieSpecFactory.java    From lucene-solr with Apache License 2.0 5 votes vote down vote up
@Override
public boolean match(final Cookie cookie, final CookieOrigin origin) {
  if (origin != null && origin.getHost() != null && cookie != null) {
    String hostPort = origin.getHost() + ":" + origin.getPort();
    String domain = cookie.getDomain();
    if (hostPort.equals(domain)) {
      return true;
    }
  }
  return super.match(cookie, origin);
}
 
Example #19
Source File: SolrPortAwareCookieSpecFactory.java    From lucene-solr with Apache License 2.0 5 votes vote down vote up
public void validate(final Cookie cookie, final CookieOrigin origin)
    throws MalformedCookieException {
  if (origin != null && origin.getHost() != null && cookie != null) {
    String hostPort = origin.getHost() + ":" + origin.getPort();
    String domain = cookie.getDomain();

    if (hostPort.equals(domain)) {
      return;
    }
  }
  super.validate(cookie, origin);
}
 
Example #20
Source File: CookieManager3Test.java    From htmlunit with Apache License 2.0 5 votes vote down vote up
/**
 * Test that " are not discarded.
 * Once this test passes, our hack in HttpWebConnection.HtmlUnitBrowserCompatCookieSpec can safely be removed.
 * @see <a href="https://issues.apache.org/jira/browse/HTTPCLIENT-1006">HttpClient bug 1006</a>
 * @throws Exception if the test fails
 */
@Test
public void httpClientParsesCookiesQuotedValuesCorrectly() throws Exception {
    final Header header = new BasicHeader("Set-Cookie", "first=\"hello world\"");
    final DefaultCookieSpec spec = new DefaultCookieSpec();
    final CookieOrigin origin = new CookieOrigin("localhost", 80, "/", false);
    final List<org.apache.http.cookie.Cookie> list = spec.parse(header, origin);
    assertEquals(1, list.size());
    assertEquals("\"hello world\"", list.get(0).getValue());
}
 
Example #21
Source File: HtmlUnitDomainHandler.java    From htmlunit with Apache License 2.0 5 votes vote down vote up
/**
 * {@inheritDoc}
 */
@Override
public boolean match(final Cookie cookie, final CookieOrigin origin) {
    String domain = cookie.getDomain();
    if (domain == null) {
        return false;
    }

    final int dotIndex = domain.indexOf('.');
    if (dotIndex == 0 && domain.length() > 1 && domain.indexOf('.', 1) == -1) {
        final String host = origin.getHost();
        domain = domain.toLowerCase(Locale.ROOT);
        if (browserVersion_.hasFeature(HTTP_COOKIE_REMOVE_DOT_FROM_ROOT_DOMAINS)) {
            domain = domain.substring(1);
        }
        return host.equals(domain);
    }

    if (dotIndex == -1
            && !HtmlUnitBrowserCompatCookieSpec.LOCAL_FILESYSTEM_DOMAIN.equalsIgnoreCase(domain)) {
        try {
            InetAddress.getByName(domain);
        }
        catch (final UnknownHostException e) {
            return false;
        }
    }

    return super.match(cookie, origin);
}
 
Example #22
Source File: NexusITSupport.java    From nexus-public with Eclipse Public License 1.0 4 votes vote down vote up
/**
 * @return CookieOrigin suitable for validating session cookies from the given base URL
 */
protected CookieOrigin cookieOrigin(final URL url) {
  return new CookieOrigin(url.getHost(), url.getPort(), cookiePath(url), "https".equals(url.getProtocol()));
}
 
Example #23
Source File: NexusITSupport.java    From nexus-public with Eclipse Public License 1.0 4 votes vote down vote up
/**
 * @return CookieOrigin suitable for validating session cookies from the given base URL
 */
protected CookieOrigin cookieOrigin(final URL url) {
  return new CookieOrigin(url.getHost(), url.getPort(), cookiePath(url), "https".equals(url.getProtocol()));
}
 
Example #24
Source File: LenientCookieSpec.java    From karate with MIT License 4 votes vote down vote up
@Override
public void validate(Cookie cookie, CookieOrigin origin) throws MalformedCookieException {
    // do nothing
}
 
Example #25
Source File: LenientCookieSpec.java    From karate with MIT License 4 votes vote down vote up
@Override
public boolean match(Cookie cookie, CookieOrigin origin) {
    return true;
}
 
Example #26
Source File: HtmlUnitHttpOnlyHandler.java    From htmlunit with Apache License 2.0 4 votes vote down vote up
@Override
public boolean match(final Cookie cookie, final CookieOrigin origin) {
    return true;
}
 
Example #27
Source File: HtmlUnitHttpOnlyHandler.java    From htmlunit with Apache License 2.0 4 votes vote down vote up
@Override
public void validate(final Cookie cookie, final CookieOrigin origin) throws MalformedCookieException {
    // nothing
}
 
Example #28
Source File: HtmlUnitPathHandler.java    From htmlunit with Apache License 2.0 4 votes vote down vote up
@Override
public void validate(final Cookie cookie, final CookieOrigin origin) throws MalformedCookieException {
    // nothing, browsers seem not to perform any validation
}