@Contract(threading=IMMUTABLE_CONDITIONAL) public class PublicSuffixDomainFilter extends java.lang.Object implements CommonCookieAttributeHandler
CookieAttributeHandler
and leverages its match method
to never match a suffix from a black list. May be used to provide additional security for
cross-site attack types by preventing cookies from apparent domains that are not publicly
available.PublicSuffixList
,
PublicSuffixMatcher
Modifier and Type | Field and Description |
---|---|
private CommonCookieAttributeHandler |
handler |
private java.util.Map<java.lang.String,java.lang.Boolean> |
localDomainMap |
private PublicSuffixMatcher |
publicSuffixMatcher |
Constructor and Description |
---|
PublicSuffixDomainFilter(CommonCookieAttributeHandler handler,
PublicSuffixList suffixList) |
PublicSuffixDomainFilter(CommonCookieAttributeHandler handler,
PublicSuffixMatcher publicSuffixMatcher) |
Modifier and Type | Method and Description |
---|---|
private static java.util.Map<java.lang.String,java.lang.Boolean> |
createLocalDomainMap() |
static CommonCookieAttributeHandler |
decorate(CommonCookieAttributeHandler handler,
PublicSuffixMatcher publicSuffixMatcher) |
java.lang.String |
getAttributeName() |
boolean |
match(Cookie cookie,
CookieOrigin origin)
Never matches if the cookie's domain is from the blacklist.
|
void |
parse(SetCookie cookie,
java.lang.String value)
Parse the given cookie attribute value and update the corresponding
Cookie property. |
void |
validate(Cookie cookie,
CookieOrigin origin)
Peforms cookie validation for the given attribute value.
|
private final CommonCookieAttributeHandler handler
private final PublicSuffixMatcher publicSuffixMatcher
private final java.util.Map<java.lang.String,java.lang.Boolean> localDomainMap
public PublicSuffixDomainFilter(CommonCookieAttributeHandler handler, PublicSuffixMatcher publicSuffixMatcher)
public PublicSuffixDomainFilter(CommonCookieAttributeHandler handler, PublicSuffixList suffixList)
private static java.util.Map<java.lang.String,java.lang.Boolean> createLocalDomainMap()
public boolean match(Cookie cookie, CookieOrigin origin)
match
in interface CookieAttributeHandler
cookie
- Cookie
to matchorigin
- the cookie source to match againsttrue
if the match is successful; false
otherwisepublic void parse(SetCookie cookie, java.lang.String value) throws MalformedCookieException
CookieAttributeHandler
Cookie
property.parse
in interface CookieAttributeHandler
cookie
- Cookie
to be updatedvalue
- cookie attribute value from the cookie response headerMalformedCookieException
public void validate(Cookie cookie, CookieOrigin origin) throws MalformedCookieException
CookieAttributeHandler
validate
in interface CookieAttributeHandler
cookie
- Cookie
to validateorigin
- the cookie source to validate againstMalformedCookieException
- if cookie validation fails for this attributepublic java.lang.String getAttributeName()
getAttributeName
in interface CommonCookieAttributeHandler
public static CommonCookieAttributeHandler decorate(CommonCookieAttributeHandler handler, PublicSuffixMatcher publicSuffixMatcher)