64 * CookieHandler is at the core of cookie management. User can call
65 * CookieHandler.setDefault to set a concrete CookieHanlder implementation
66 * to be used.
67 * </li>
68 * <li>
69 * CookiePolicy.shouldAccept will be called by CookieManager.put to see whether
70 * or not one cookie should be accepted and put into cookie store. User can use
71 * any of three pre-defined CookiePolicy, namely ACCEPT_ALL, ACCEPT_NONE and
72 * ACCEPT_ORIGINAL_SERVER, or user can define his own CookiePolicy implementation
73 * and tell CookieManager to use it.
74 * </li>
75 * <li>
76 * CookieStore is the place where any accepted HTTP cookie is stored in.
77 * If not specified when created, a CookieManager instance will use an internal
78 * in-memory implementation. Or user can implements one and tell CookieManager
79 * to use it.
80 * </li>
81 * <li>
82 * Currently, only CookieStore.add(URI, HttpCookie) and CookieStore.get(URI)
83 * are used by CookieManager. Others are for completeness and might be needed
84 * by a more sophisticated CookieStore implementation, e.g. a NetscapeCookieSotre.
85 * </li>
86 * </ul>
87 * </blockquote>
88 *
89 * <p>There're various ways user can hook up his own HTTP cookie management behavior, e.g.
90 * <blockquote>
91 * <ul>
92 * <li>Use CookieHandler.setDefault to set a brand new {@link CookieHandler} implementation
93 * <li>Let CookieManager be the default {@link CookieHandler} implementation,
94 * but implement user's own {@link CookieStore} and {@link CookiePolicy}
95 * and tell default CookieManager to use them:
96 * <blockquote><pre>
97 * // this should be done at the beginning of an HTTP session
98 * CookieHandler.setDefault(new CookieManager(new MyCookieStore(), new MyCookiePolicy()));
99 * </pre></blockquote>
100 * <li>Let CookieManager be the default {@link CookieHandler} implementation, but
101 * use customized {@link CookiePolicy}:
102 * <blockquote><pre>
103 * // this should be done at the beginning of an HTTP session
104 * CookieHandler.setDefault(new CookieManager());
184
185 /**
186 * To retrieve current cookie store.
187 *
188 * @return the cookie store currently used by cookie manager.
189 */
190 public CookieStore getCookieStore() {
191 return cookieJar;
192 }
193
194
195 public Map<String, List<String>>
196 get(URI uri, Map<String, List<String>> requestHeaders)
197 throws IOException
198 {
199 // pre-condition check
200 if (uri == null || requestHeaders == null) {
201 throw new IllegalArgumentException("Argument is null");
202 }
203
204 Map<String, List<String>> cookieMap = new java.util.HashMap<>();
205 // if there's no default CookieStore, no way for us to get any cookie
206 if (cookieJar == null)
207 return Collections.unmodifiableMap(cookieMap);
208
209 boolean secureLink = "https".equalsIgnoreCase(uri.getScheme());
210 List<HttpCookie> cookies = new java.util.ArrayList<>();
211 String path = uri.getPath();
212 if (path == null || path.isEmpty()) {
213 path = "/";
214 }
215 for (HttpCookie cookie : cookieJar.get(uri)) {
216 // apply path-matches rule (RFC 2965 sec. 3.3.4)
217 // and check for the possible "secure" tag (i.e. don't send
218 // 'secure' cookies over unsecure links)
219 if (pathMatches(path, cookie.getPath()) &&
220 (secureLink || !cookie.getSecure())) {
221 // Enforce httponly attribute
222 if (cookie.isHttpOnly()) {
223 String s = uri.getScheme();
224 if (!"http".equalsIgnoreCase(s) && !"https".equalsIgnoreCase(s)) {
225 continue;
226 }
227 }
228 // Let's check the authorize port list if it exists
229 String ports = cookie.getPortlist();
230 if (ports != null && !ports.isEmpty()) {
231 int port = uri.getPort();
232 if (port == -1) {
233 port = "https".equals(uri.getScheme()) ? 443 : 80;
234 }
235 if (isInPortList(ports, port)) {
236 cookies.add(cookie);
237 }
238 } else {
239 cookies.add(cookie);
240 }
241 }
242 }
243
244 // apply sort rule (RFC 2965 sec. 3.3.4)
245 List<String> cookieHeader = sortByPath(cookies);
246
247 cookieMap.put("Cookie", cookieHeader);
248 return Collections.unmodifiableMap(cookieMap);
249 }
250
251 public void
252 put(URI uri, Map<String, List<String>> responseHeaders)
253 throws IOException
254 {
255 // pre-condition check
256 if (uri == null || responseHeaders == null) {
257 throw new IllegalArgumentException("Argument is null");
258 }
259
260
261 // if there's no default CookieStore, no need to remember any cookie
262 if (cookieJar == null)
263 return;
264
265 PlatformLogger logger = PlatformLogger.getLogger("java.net.CookieManager");
266 for (String headerKey : responseHeaders.keySet()) {
267 // RFC 2965 3.2.2, key must be 'Set-Cookie2'
268 // we also accept 'Set-Cookie' here for backward compatibility
|
64 * CookieHandler is at the core of cookie management. User can call
65 * CookieHandler.setDefault to set a concrete CookieHanlder implementation
66 * to be used.
67 * </li>
68 * <li>
69 * CookiePolicy.shouldAccept will be called by CookieManager.put to see whether
70 * or not one cookie should be accepted and put into cookie store. User can use
71 * any of three pre-defined CookiePolicy, namely ACCEPT_ALL, ACCEPT_NONE and
72 * ACCEPT_ORIGINAL_SERVER, or user can define his own CookiePolicy implementation
73 * and tell CookieManager to use it.
74 * </li>
75 * <li>
76 * CookieStore is the place where any accepted HTTP cookie is stored in.
77 * If not specified when created, a CookieManager instance will use an internal
78 * in-memory implementation. Or user can implements one and tell CookieManager
79 * to use it.
80 * </li>
81 * <li>
82 * Currently, only CookieStore.add(URI, HttpCookie) and CookieStore.get(URI)
83 * are used by CookieManager. Others are for completeness and might be needed
84 * by a more sophisticated CookieStore implementation, e.g. a NetscapeCookieStore.
85 * </li>
86 * </ul>
87 * </blockquote>
88 *
89 * <p>There're various ways user can hook up his own HTTP cookie management behavior, e.g.
90 * <blockquote>
91 * <ul>
92 * <li>Use CookieHandler.setDefault to set a brand new {@link CookieHandler} implementation
93 * <li>Let CookieManager be the default {@link CookieHandler} implementation,
94 * but implement user's own {@link CookieStore} and {@link CookiePolicy}
95 * and tell default CookieManager to use them:
96 * <blockquote><pre>
97 * // this should be done at the beginning of an HTTP session
98 * CookieHandler.setDefault(new CookieManager(new MyCookieStore(), new MyCookiePolicy()));
99 * </pre></blockquote>
100 * <li>Let CookieManager be the default {@link CookieHandler} implementation, but
101 * use customized {@link CookiePolicy}:
102 * <blockquote><pre>
103 * // this should be done at the beginning of an HTTP session
104 * CookieHandler.setDefault(new CookieManager());
184
185 /**
186 * To retrieve current cookie store.
187 *
188 * @return the cookie store currently used by cookie manager.
189 */
190 public CookieStore getCookieStore() {
191 return cookieJar;
192 }
193
194
195 public Map<String, List<String>>
196 get(URI uri, Map<String, List<String>> requestHeaders)
197 throws IOException
198 {
199 // pre-condition check
200 if (uri == null || requestHeaders == null) {
201 throw new IllegalArgumentException("Argument is null");
202 }
203
204 // if there's no default CookieStore, no way for us to get any cookie
205 if (cookieJar == null)
206 return Map.of();
207
208 boolean secureLink = "https".equalsIgnoreCase(uri.getScheme());
209 List<HttpCookie> cookies = new java.util.ArrayList<>();
210 String path = uri.getPath();
211 if (path == null || path.isEmpty()) {
212 path = "/";
213 }
214 for (HttpCookie cookie : cookieJar.get(uri)) {
215 // apply path-matches rule (RFC 2965 sec. 3.3.4)
216 // and check for the possible "secure" tag (i.e. don't send
217 // 'secure' cookies over unsecure links)
218 if (pathMatches(path, cookie.getPath()) &&
219 (secureLink || !cookie.getSecure())) {
220 // Enforce httponly attribute
221 if (cookie.isHttpOnly()) {
222 String s = uri.getScheme();
223 if (!"http".equalsIgnoreCase(s) && !"https".equalsIgnoreCase(s)) {
224 continue;
225 }
226 }
227 // Let's check the authorize port list if it exists
228 String ports = cookie.getPortlist();
229 if (ports != null && !ports.isEmpty()) {
230 int port = uri.getPort();
231 if (port == -1) {
232 port = "https".equals(uri.getScheme()) ? 443 : 80;
233 }
234 if (isInPortList(ports, port)) {
235 cookies.add(cookie);
236 }
237 } else {
238 cookies.add(cookie);
239 }
240 }
241 }
242
243 // apply sort rule (RFC 2965 sec. 3.3.4)
244 List<String> cookieHeader = sortByPath(cookies);
245
246 return Map.of("Cookie", cookieHeader);
247 }
248
249 public void
250 put(URI uri, Map<String, List<String>> responseHeaders)
251 throws IOException
252 {
253 // pre-condition check
254 if (uri == null || responseHeaders == null) {
255 throw new IllegalArgumentException("Argument is null");
256 }
257
258
259 // if there's no default CookieStore, no need to remember any cookie
260 if (cookieJar == null)
261 return;
262
263 PlatformLogger logger = PlatformLogger.getLogger("java.net.CookieManager");
264 for (String headerKey : responseHeaders.keySet()) {
265 // RFC 2965 3.2.2, key must be 'Set-Cookie2'
266 // we also accept 'Set-Cookie' here for backward compatibility
|