< prev index next >

src/share/classes/java/net/CookieManager.java

Print this page 
rev 1562 : 6901170: HttpCookie parsing of version and max-age mis-handled
Summary: Accept single quotes in cookies and better exception handling in CookieManager
Reviewed-by: chegar
rev 1564 : 7090158: Networking Libraries don't build with javac -Werror
7125055: ContentHandler.getContent API changed in error
Summary: Minor changes to networking java files to remove warnings
Reviewed-by: chegar, weijun, hawtin, alanb
Contributed-by: kurchi.subhra.hazra@oracle.com, sasha_bu@hotmail.com
@@ -27,10 +27,12 @@
 
 import java.util.Map;
 import java.util.List;
 import java.util.Collections;
 import java.util.Comparator;
+import java.util.logging.Level;
+import java.util.logging.Logger;
 import java.io.IOException;
 
 /**
  * CookieManager provides a concrete implementation of {@link CookieHandler},
  * which separates the storage of cookies from the policy surrounding accepting

@@ -218,11 +220,10 @@
 
         cookieMap.put("Cookie", cookieHeader);
         return Collections.unmodifiableMap(cookieMap);
     }
 
-
     public void
         put(URI uri, Map<String, List<String>> responseHeaders)
         throws IOException
     {
         // pre-condition check

@@ -233,10 +234,11 @@
 
         // if there's no default CookieStore, no need to remember any cookie
         if (cookieJar == null)
             return;
 
+        Logger logger = Logger.getLogger("java.net.CookieManager");
         for (String headerKey : responseHeaders.keySet()) {
             // RFC 2965 3.2.2, key must be 'Set-Cookie2'
             // we also accept 'Set-Cookie' here for backward compatibility
             if (headerKey == null
                 || !(headerKey.equalsIgnoreCase("Set-Cookie2")

@@ -247,11 +249,20 @@
                 continue;
             }
 
             for (String headerValue : responseHeaders.get(headerKey)) {
                 try {
-                    List<HttpCookie> cookies = HttpCookie.parse(headerValue);
+                    List<HttpCookie> cookies;
+                    try {
+                        cookies = HttpCookie.parse(headerValue);
+                    } catch (IllegalArgumentException e) {
+                        // Bogus header, make an empty list and log the error
+                        cookies = java.util.Collections.emptyList();
+                        if (logger.isLoggable(Level.SEVERE)) {
+                            logger.severe("Invalid cookie for " + uri + ": " + headerValue);
+                        }
+                    }
                     for (HttpCookie cookie : cookies) {
                         if (shouldAcceptInternal(uri, cookie)) {
                             cookieJar.add(uri, cookie);
                         }
                     }



< prev index next >