http://jakarta.apache.org/httpcomponents/httpclient-3.x/: The HttpClient component supports the client-side of RFC 1945 (HTTP/1.0) and RFC 2616 (HTTP/1.1) , several related specifications (RFC 2109 (Cookies) , RFC 2617 (HTTP Authentication) , etc.), and provides a framework by which new request types (methods) or HTTP extensions can be created easily. (Apache Software Foundation)
  • Armando Anton
  • Sebastian Bazley
  • Ola Berg
  • Sam Berlin
  • Mike Bowler
  • Samit Jain
  • Eric Johnson
  • Christian Kohlschuetter
  • Ryan Lubke
  • Sam Maloney
  • Rob Di Marco
  • Juergen Pill
  • Mohammad Rezaei
  • Roland Weber
  • Laura Werner
  • Mikael Wilstrom
  • Michael Becke ()
  • Jeff Dever (Independent consultant)
  • dIon Gillard (Multitask Consulting)
  • Ortwin Glueck ()
  • Sung-Gu ()
  • Oleg Kalnichevski
  • Sean C. Sullivan (Independent consultant)
  • Adrian Sutton (Intencha)
  • Rodney Waldhoff (Britannica) 
/*
 * $Header: /home/jerenkrantz/tmp/commons/commons-convert/cvs/home/cvs/jakarta-commons//httpclient/src/java/org/apache/commons/httpclient/cookie/NetscapeDraftSpec.java,v 1.11 2004/05/13 04:02:00 mbecke Exp $
 * $Revision: 480424 $
 * $Date: 2006-11-29 06:56:49 +0100 (Wed, 29 Nov 2006) $
 *
 * ====================================================================
 *
 *  Licensed to the Apache Software Foundation (ASF) under one or more
 *  contributor license agreements.  See the NOTICE file distributed with
 *  this work for additional information regarding copyright ownership.
 *  The ASF licenses this file to You under the Apache License, Version 2.0
 *  (the "License"); you may not use this file except in compliance with
 *  the License.  You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 *  Unless required by applicable law or agreed to in writing, software
 *  distributed under the License is distributed on an "AS IS" BASIS,
 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  See the License for the specific language governing permissions and
 *  limitations under the License.
 * ====================================================================
 *
 * This software consists of voluntary contributions made by many
 * individuals on behalf of the Apache Software Foundation.  For more
 * information on the Apache Software Foundation, please see
 * <http://www.apache.org/>.
 *
 */

package org.apache.commons.httpclient.cookie;

import java.util.StringTokenizer;
import java.util.Date;
import java.util.Locale;   
import java.text.DateFormat; 
import java.text.SimpleDateFormat;  
import java.text.ParseException; 

import org.apache.commons.httpclient.HeaderElement;
import org.apache.commons.httpclient.NameValuePair;
import org.apache.commons.httpclient.Cookie;


Netscape cookie draft specific cookie management functions

Author: B.C. Holmes, Park, Sung-Gu, Doug Sale, Rod Waldhoff, dIon Gillard, Sean C. Sullivan, John Evans, Marc A. Saegesser, Oleg Kalnichevski, Mike Bowler
Since:2.0
/**
 * <P>Netscape cookie draft specific cookie management functions
 *
 * @author  B.C. Holmes
 * @author <a href="mailto:jericho@thinkfree.com">Park, Sung-Gu</a>
 * @author <a href="mailto:dsale@us.britannica.com">Doug Sale</a>
 * @author Rod Waldhoff
 * @author dIon Gillard
 * @author Sean C. Sullivan
 * @author <a href="mailto:JEvans@Cyveillance.com">John Evans</a>
 * @author Marc A. Saegesser
 * @author <a href="mailto:oleg@ural.ru">Oleg Kalnichevski</a>
 * @author <a href="mailto:mbowler@GargoyleSoftware.com">Mike Bowler</a>
 * 
 * @since 2.0 
 */

public class NetscapeDraftSpec extends CookieSpecBase {

    
Default constructor 
/** Default constructor */
    public NetscapeDraftSpec() {
        super();
    }

    
Parses the Set-Cookie value into an array of Cookies.

Syntax of the Set-Cookie HTTP Response Header:


This is the format a CGI script would use to add to 
the HTTP headers a new piece of data which is to be stored by 
the client for later retrieval.

 

 Set-Cookie: NAME=VALUE; expires=DATE; path=PATH; domain=DOMAIN_NAME; secure



Please note that Netscape draft specification does not fully 
conform to the HTTP header format. Netscape draft does not specify 
whether multiple cookies may be sent in one header. Hence, comma 
character may be present in unquoted cookie value or unquoted 
parameter value.


Params:
  • host – the host from which the Set-Cookie value was
received
  • port – the port from which the Set-Cookie value was
received
  • path – the path from which the Set-Cookie value was
received
  • secure – true when the Set-Cookie value was
received over secure conection
  • header – the Set-Cookie received from the server
Throws:
@linkhttp://wp.netscape.com/newsref/std/cookie_spec.html
Returns:an array of Cookies parsed from the Set-Cookie value
Since:3.0
/**
      * Parses the Set-Cookie value into an array of <tt>Cookie</tt>s.
      *
      * <p>Syntax of the Set-Cookie HTTP Response Header:</p>
      * 
      * <p>This is the format a CGI script would use to add to 
      * the HTTP headers a new piece of data which is to be stored by 
      * the client for later retrieval.</p>
      *  
      * <PRE>
      *  Set-Cookie: NAME=VALUE; expires=DATE; path=PATH; domain=DOMAIN_NAME; secure
      * </PRE>
      *
      * <p>Please note that Netscape draft specification does not fully 
      * conform to the HTTP header format. Netscape draft does not specify 
      * whether multiple cookies may be sent in one header. Hence, comma 
      * character may be present in unquoted cookie value or unquoted 
      * parameter value.</p>
      * 
      * @link http://wp.netscape.com/newsref/std/cookie_spec.html
      * 
      * @param host the host from which the <tt>Set-Cookie</tt> value was
      * received
      * @param port the port from which the <tt>Set-Cookie</tt> value was
      * received
      * @param path the path from which the <tt>Set-Cookie</tt> value was
      * received
      * @param secure <tt>true</tt> when the <tt>Set-Cookie</tt> value was
      * received over secure conection
      * @param header the <tt>Set-Cookie</tt> received from the server
      * @return an array of <tt>Cookie</tt>s parsed from the Set-Cookie value
      * @throws MalformedCookieException if an exception occurs during parsing
      * 
      * @since 3.0
      */
    public Cookie[] parse(String host, int port, String path, 
        boolean secure, final String header) 
        throws MalformedCookieException {
            
        LOG.trace("enter NetscapeDraftSpec.parse(String, port, path, boolean, Header)");

        if (host == null) {
            throw new IllegalArgumentException("Host of origin may not be null");
        }
        if (host.trim().equals("")) {
            throw new IllegalArgumentException("Host of origin may not be blank");
        }
        if (port < 0) {
            throw new IllegalArgumentException("Invalid port: " + port);
        }
        if (path == null) {
            throw new IllegalArgumentException("Path of origin may not be null.");
        }
        if (header == null) {
            throw new IllegalArgumentException("Header may not be null.");
        }

        if (path.trim().equals("")) {
            path = PATH_DELIM;
        }
        host = host.toLowerCase();

        String defaultPath = path;    
        int lastSlashIndex = defaultPath.lastIndexOf(PATH_DELIM);
        if (lastSlashIndex >= 0) {
            if (lastSlashIndex == 0) {
                //Do not remove the very first slash
                lastSlashIndex = 1;
            }
            defaultPath = defaultPath.substring(0, lastSlashIndex);
        }
        HeaderElement headerelement = new HeaderElement(header.toCharArray());
        Cookie cookie = new Cookie(host,
                       headerelement.getName(),
                       headerelement.getValue(),
                       defaultPath, 
                       null,
                       false);
        // cycle through the parameters
        NameValuePair[] parameters = headerelement.getParameters();
        // could be null. In case only a header element and no parameters.
        if (parameters != null) {
            for (int j = 0; j < parameters.length; j++) {
                parseAttribute(parameters[j], cookie);
            }
        }
        return new Cookie[] {cookie};
    }


    
Parse the cookie attribute and update the corresponsing Cookie properties as defined by the Netscape draft specification 
Params:
  • attribute – NameValuePair cookie attribute from the Set- Cookie
  • cookie – Cookie to be updated
Throws:
/**
      * Parse the cookie attribute and update the corresponsing {@link Cookie}
      * properties as defined by the Netscape draft specification
      *
      * @param attribute {@link NameValuePair} cookie attribute from the
      * <tt>Set- Cookie</tt>
      * @param cookie {@link Cookie} to be updated
      * @throws MalformedCookieException if an exception occurs during parsing
      */
    public void parseAttribute(
        final NameValuePair attribute, final Cookie cookie)
        throws MalformedCookieException {
            
        if (attribute == null) {
            throw new IllegalArgumentException("Attribute may not be null.");
        }
        if (cookie == null) {
            throw new IllegalArgumentException("Cookie may not be null.");
        }
        final String paramName = attribute.getName().toLowerCase();
        final String paramValue = attribute.getValue();

        if (paramName.equals("expires")) {

            if (paramValue == null) {
                throw new MalformedCookieException(
                    "Missing value for expires attribute");
            }
            try {
                DateFormat expiryFormat = new SimpleDateFormat(
                    "EEE, dd-MMM-yyyy HH:mm:ss z", Locale.US);
                Date date = expiryFormat.parse(paramValue);
                cookie.setExpiryDate(date);
            } catch (ParseException e) {
                throw new MalformedCookieException("Invalid expires "
                    + "attribute: " + e.getMessage());
            }
        } else {
            super.parseAttribute(attribute, cookie);
        }
    }

    
Performs domain-match as described in the Netscape draft.

Params:
  • host – The target host.
  • domain – The cookie domain attribute.
Returns:true if the specified host matches the given domain.
/**
     * Performs domain-match as described in the Netscape draft.
     * @param host The target host.
     * @param domain The cookie domain attribute.
     * @return true if the specified host matches the given domain.
     */
    public boolean domainMatch(final String host, final String domain) {
        return host.endsWith(domain);
    }

    
Performs Netscape draft compliant Cookie validation 
Params:
  • host – the host from which the Cookie was received
  • port – the port from which the Cookie was received
  • path – the path from which the Cookie was received
  • secure – true when the Cookie was received using a secure connection
  • cookie – The cookie to validate.
Throws:
/**
      * Performs Netscape draft compliant {@link Cookie} validation
      *
      * @param host the host from which the {@link Cookie} was received
      * @param port the port from which the {@link Cookie} was received
      * @param path the path from which the {@link Cookie} was received
      * @param secure <tt>true</tt> when the {@link Cookie} was received 
      * using a secure connection
      * @param cookie The cookie to validate.
      * @throws MalformedCookieException if an exception occurs during
      * validation
      */
    public void validate(String host, int port, String path, 
        boolean secure, final Cookie cookie) 
        throws MalformedCookieException {
            
        LOG.trace("enterNetscapeDraftCookieProcessor "
            + "RCF2109CookieProcessor.validate(Cookie)");
        // Perform generic validation
        super.validate(host, port, path, secure, cookie);
        // Perform Netscape Cookie draft specific validation
        if (host.indexOf(".") >= 0) {
            int domainParts = new StringTokenizer(cookie.getDomain(), ".")
                .countTokens();

            if (isSpecialDomain(cookie.getDomain())) {
                if (domainParts < 2) {
                    throw new MalformedCookieException("Domain attribute \""
                        + cookie.getDomain() 
                        + "\" violates the Netscape cookie specification for "
                        + "special domains");
                }
            } else {
                if (domainParts < 3) {
                    throw new MalformedCookieException("Domain attribute \""
                        + cookie.getDomain() 
                        + "\" violates the Netscape cookie specification");
                }            
            }
        }
    }
    
    
Checks if the given domain is in one of the seven special
top level domains defined by the Netscape cookie specification.

Params:
  • domain – The domain.
Returns:True if the specified domain is "special"
/**
     * Checks if the given domain is in one of the seven special
     * top level domains defined by the Netscape cookie specification.
     * @param domain The domain.
     * @return True if the specified domain is "special"
     */
    private static boolean isSpecialDomain(final String domain) {
        final String ucDomain = domain.toUpperCase();
        if (ucDomain.endsWith(".COM") 
           || ucDomain.endsWith(".EDU")
           || ucDomain.endsWith(".NET")
           || ucDomain.endsWith(".GOV")
           || ucDomain.endsWith(".MIL")
           || ucDomain.endsWith(".ORG")
           || ucDomain.endsWith(".INT")) {
            return true;
        }
        return false;
    }
}