All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.springframework.web.util.CookieGenerator Maven / Gradle / Ivy

The newest version!
/*
 * Copyright 2002-2018 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.springframework.web.util;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

import org.springframework.lang.Nullable;
import org.springframework.util.Assert;

/**
 * Helper class for cookie generation, carrying cookie descriptor settings
 * as bean properties and being able to add and remove cookie to/from a
 * given response.
 *
 * 

Can serve as base class for components that generate specific cookies, * such as CookieLocaleResolver and CookieThemeResolver. * * @author Juergen Hoeller * @since 1.1.4 * @see #addCookie * @see #removeCookie * @see org.springframework.web.servlet.i18n.CookieLocaleResolver * @see org.springframework.web.servlet.theme.CookieThemeResolver */ public class CookieGenerator { /** * Default path that cookies will be visible to: "/", i.e. the entire server. */ public static final String DEFAULT_COOKIE_PATH = "/"; protected final Log logger = LogFactory.getLog(getClass()); @Nullable private String cookieName; @Nullable private String cookieDomain; private String cookiePath = DEFAULT_COOKIE_PATH; @Nullable private Integer cookieMaxAge; private boolean cookieSecure = false; private boolean cookieHttpOnly = false; /** * Use the given name for cookies created by this generator. * @see javax.servlet.http.Cookie#getName() */ public void setCookieName(@Nullable String cookieName) { this.cookieName = cookieName; } /** * Return the given name for cookies created by this generator. */ @Nullable public String getCookieName() { return this.cookieName; } /** * Use the given domain for cookies created by this generator. * The cookie is only visible to servers in this domain. * @see javax.servlet.http.Cookie#setDomain */ public void setCookieDomain(@Nullable String cookieDomain) { this.cookieDomain = cookieDomain; } /** * Return the domain for cookies created by this generator, if any. */ @Nullable public String getCookieDomain() { return this.cookieDomain; } /** * Use the given path for cookies created by this generator. * The cookie is only visible to URLs in this path and below. * @see javax.servlet.http.Cookie#setPath */ public void setCookiePath(String cookiePath) { this.cookiePath = cookiePath; } /** * Return the path for cookies created by this generator. */ public String getCookiePath() { return this.cookiePath; } /** * Use the given maximum age (in seconds) for cookies created by this generator. * Useful special value: -1 ... not persistent, deleted when client shuts down. *

Default is no specific maximum age at all, using the Servlet container's * default. * @see javax.servlet.http.Cookie#setMaxAge */ public void setCookieMaxAge(@Nullable Integer cookieMaxAge) { this.cookieMaxAge = cookieMaxAge; } /** * Return the maximum age for cookies created by this generator. */ @Nullable public Integer getCookieMaxAge() { return this.cookieMaxAge; } /** * Set whether the cookie should only be sent using a secure protocol, * such as HTTPS (SSL). This is an indication to the receiving browser, * not processed by the HTTP server itself. *

Default is "false". * @see javax.servlet.http.Cookie#setSecure */ public void setCookieSecure(boolean cookieSecure) { this.cookieSecure = cookieSecure; } /** * Return whether the cookie should only be sent using a secure protocol, * such as HTTPS (SSL). */ public boolean isCookieSecure() { return this.cookieSecure; } /** * Set whether the cookie is supposed to be marked with the "HttpOnly" attribute. *

Default is "false". * @see javax.servlet.http.Cookie#setHttpOnly */ public void setCookieHttpOnly(boolean cookieHttpOnly) { this.cookieHttpOnly = cookieHttpOnly; } /** * Return whether the cookie is supposed to be marked with the "HttpOnly" attribute. */ public boolean isCookieHttpOnly() { return this.cookieHttpOnly; } /** * Add a cookie with the given value to the response, * using the cookie descriptor settings of this generator. *

Delegates to {@link #createCookie} for cookie creation. * @param response the HTTP response to add the cookie to * @param cookieValue the value of the cookie to add * @see #setCookieName * @see #setCookieDomain * @see #setCookiePath * @see #setCookieMaxAge */ public void addCookie(HttpServletResponse response, String cookieValue) { Assert.notNull(response, "HttpServletResponse must not be null"); Cookie cookie = createCookie(cookieValue); Integer maxAge = getCookieMaxAge(); if (maxAge != null) { cookie.setMaxAge(maxAge); } if (isCookieSecure()) { cookie.setSecure(true); } if (isCookieHttpOnly()) { cookie.setHttpOnly(true); } response.addCookie(cookie); if (logger.isTraceEnabled()) { logger.trace("Added cookie [" + getCookieName() + "=" + cookieValue + "]"); } } /** * Remove the cookie that this generator describes from the response. * Will generate a cookie with empty value and max age 0. *

Delegates to {@link #createCookie} for cookie creation. * @param response the HTTP response to remove the cookie from * @see #setCookieName * @see #setCookieDomain * @see #setCookiePath */ public void removeCookie(HttpServletResponse response) { Assert.notNull(response, "HttpServletResponse must not be null"); Cookie cookie = createCookie(""); cookie.setMaxAge(0); if (isCookieSecure()) { cookie.setSecure(true); } if (isCookieHttpOnly()) { cookie.setHttpOnly(true); } response.addCookie(cookie); if (logger.isTraceEnabled()) { logger.trace("Removed cookie '" + getCookieName() + "'"); } } /** * Create a cookie with the given value, using the cookie descriptor * settings of this generator (except for "cookieMaxAge"). * @param cookieValue the value of the cookie to crate * @return the cookie * @see #setCookieName * @see #setCookieDomain * @see #setCookiePath */ protected Cookie createCookie(String cookieValue) { Cookie cookie = new Cookie(getCookieName(), cookieValue); if (getCookieDomain() != null) { cookie.setDomain(getCookieDomain()); } cookie.setPath(getCookiePath()); return cookie; } }





© 2015 - 2024 Weber Informatics LLC | Privacy Policy