java.lang.Object | |
↳ | org.apache.http.impl.cookie.PublicSuffixFilter |
Wraps a CookieAttributeHandler and leverages its match method to never match a suffix from a black list. May be used to provide additional security for cross-site attack types by preventing cookies from apparent domains that are not publicly available. An uptodate list of suffixes can be obtained from publicsuffix.org
Public Constructors | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Public Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Never matches if the cookie's domain is from the blacklist.
| |||||||||||
Parse the given cookie attribute value and update the corresponding
Cookie property. | |||||||||||
Sets the exceptions from the blacklist.
| |||||||||||
Sets the suffix blacklist patterns.
| |||||||||||
Peforms cookie validation for the given attribute value.
|
[Expand]
Inherited Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
From class
java.lang.Object
| |||||||||||
From interface org.apache.http.cookie.CookieAttributeHandler |
Never matches if the cookie's domain is from the blacklist.
cookie | Cookie to match |
---|---|
origin | the cookie source to match against |
Parse the given cookie attribute value and update the corresponding
Cookie
property.
cookie | Cookie to be updated |
---|---|
value | cookie attribute value from the cookie response header |
MalformedCookieException |
---|
Sets the exceptions from the blacklist. Exceptions can not be patterns. TODO add support for patterns
Sets the suffix blacklist patterns. A pattern can be "com", "*.jp" TODO add support for patterns like "lib.*.us"
Peforms cookie validation for the given attribute value.
cookie | Cookie to validate |
---|---|
origin | the cookie source to validate against |
MalformedCookieException |
---|