io.netty.handler.codec.http.CookieDecoder Maven / Gradle / Ivy
Go to download
This artifact provides a single jar that contains all classes required to use remote EJB and JMS, including
all dependencies. It is intended for use by those not using maven, maven users should just import the EJB and
JMS BOM's instead (shaded JAR's cause lots of problems with maven, as it is very easy to inadvertently end up
with different versions on classes on the class path).
/*
* Copyright 2012 The Netty Project
*
* The Netty Project licenses this file to you under the Apache License,
* version 2.0 (the "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at:
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations
* under the License.
*/
package io.netty.handler.codec.http;
import static io.netty.handler.codec.http.CookieUtil.firstInvalidCookieNameOctet;
import static io.netty.handler.codec.http.CookieUtil.firstInvalidCookieValueOctet;
import static io.netty.handler.codec.http.CookieUtil.unwrapValue;
import io.netty.handler.codec.DateFormatter;
import io.netty.handler.codec.http.cookie.CookieHeaderNames;
import io.netty.util.internal.logging.InternalLogger;
import io.netty.util.internal.logging.InternalLoggerFactory;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.List;
import java.util.Set;
import java.util.TreeSet;
/**
* @deprecated Use {@link io.netty.handler.codec.http.cookie.ClientCookieDecoder}
* or {@link io.netty.handler.codec.http.cookie.ServerCookieDecoder} instead.
*
* Decodes an HTTP header value into {@link Cookie}s. This decoder can decode
* the HTTP cookie version 0, 1, and 2.
*
*
* {@link HttpRequest} req = ...;
* String value = req.getHeader("Cookie");
* Set<{@link Cookie}> cookies = {@link CookieDecoder}.decode(value);
*
*
* @see io.netty.handler.codec.http.cookie.ClientCookieDecoder
* @see io.netty.handler.codec.http.cookie.ServerCookieDecoder
*/
@Deprecated
public final class CookieDecoder {
private final InternalLogger logger = InternalLoggerFactory.getInstance(getClass());
private static final CookieDecoder STRICT = new CookieDecoder(true);
private static final CookieDecoder LAX = new CookieDecoder(false);
private static final String COMMENT = "Comment";
private static final String COMMENTURL = "CommentURL";
private static final String DISCARD = "Discard";
private static final String PORT = "Port";
private static final String VERSION = "Version";
private final boolean strict;
public static Set decode(String header) {
return decode(header, true);
}
public static Set decode(String header, boolean strict) {
return (strict ? STRICT : LAX).doDecode(header);
}
/**
* Decodes the specified HTTP header value into {@link Cookie}s.
*
* @return the decoded {@link Cookie}s
*/
private Set doDecode(String header) {
List names = new ArrayList(8);
List values = new ArrayList(8);
extractKeyValuePairs(header, names, values);
if (names.isEmpty()) {
return Collections.emptySet();
}
int i;
int version = 0;
// $Version is the only attribute that can appear before the actual
// cookie name-value pair.
if (names.get(0).equalsIgnoreCase(VERSION)) {
try {
version = Integer.parseInt(values.get(0));
} catch (NumberFormatException e) {
// Ignore.
}
i = 1;
} else {
i = 0;
}
if (names.size() <= i) {
// There's a version attribute, but nothing more.
return Collections.emptySet();
}
Set cookies = new TreeSet();
for (; i < names.size(); i ++) {
String name = names.get(i);
String value = values.get(i);
if (value == null) {
value = "";
}
Cookie c = initCookie(name, value);
if (c == null) {
break;
}
boolean discard = false;
boolean secure = false;
boolean httpOnly = false;
String comment = null;
String commentURL = null;
String domain = null;
String path = null;
long maxAge = Long.MIN_VALUE;
List ports = new ArrayList(2);
for (int j = i + 1; j < names.size(); j++, i++) {
name = names.get(j);
value = values.get(j);
if (DISCARD.equalsIgnoreCase(name)) {
discard = true;
} else if (CookieHeaderNames.SECURE.equalsIgnoreCase(name)) {
secure = true;
} else if (CookieHeaderNames.HTTPONLY.equalsIgnoreCase(name)) {
httpOnly = true;
} else if (COMMENT.equalsIgnoreCase(name)) {
comment = value;
} else if (COMMENTURL.equalsIgnoreCase(name)) {
commentURL = value;
} else if (CookieHeaderNames.DOMAIN.equalsIgnoreCase(name)) {
domain = value;
} else if (CookieHeaderNames.PATH.equalsIgnoreCase(name)) {
path = value;
} else if (CookieHeaderNames.EXPIRES.equalsIgnoreCase(name)) {
Date date = DateFormatter.parseHttpDate(value);
if (date != null) {
long maxAgeMillis = date.getTime() - System.currentTimeMillis();
maxAge = maxAgeMillis / 1000 + (maxAgeMillis % 1000 != 0? 1 : 0);
}
} else if (CookieHeaderNames.MAX_AGE.equalsIgnoreCase(name)) {
maxAge = Integer.parseInt(value);
} else if (VERSION.equalsIgnoreCase(name)) {
version = Integer.parseInt(value);
} else if (PORT.equalsIgnoreCase(name)) {
String[] portList = value.split(",");
for (String s1: portList) {
try {
ports.add(Integer.valueOf(s1));
} catch (NumberFormatException e) {
// Ignore.
}
}
} else {
break;
}
}
c.setVersion(version);
c.setMaxAge(maxAge);
c.setPath(path);
c.setDomain(domain);
c.setSecure(secure);
c.setHttpOnly(httpOnly);
if (version > 0) {
c.setComment(comment);
}
if (version > 1) {
c.setCommentUrl(commentURL);
c.setPorts(ports);
c.setDiscard(discard);
}
cookies.add(c);
}
return cookies;
}
private static void extractKeyValuePairs(
final String header, final List names, final List values) {
final int headerLen = header.length();
loop: for (int i = 0;;) {
// Skip spaces and separators.
for (;;) {
if (i == headerLen) {
break loop;
}
switch (header.charAt(i)) {
case '\t': case '\n': case 0x0b: case '\f': case '\r':
case ' ': case ',': case ';':
i ++;
continue;
}
break;
}
// Skip '$'.
for (;;) {
if (i == headerLen) {
break loop;
}
if (header.charAt(i) == '$') {
i ++;
continue;
}
break;
}
String name;
String value;
if (i == headerLen) {
name = null;
value = null;
} else {
int newNameStart = i;
keyValLoop: for (;;) {
switch (header.charAt(i)) {
case ';':
// NAME; (no value till ';')
name = header.substring(newNameStart, i);
value = null;
break keyValLoop;
case '=':
// NAME=VALUE
name = header.substring(newNameStart, i);
i ++;
if (i == headerLen) {
// NAME= (empty value, i.e. nothing after '=')
value = "";
break keyValLoop;
}
int newValueStart = i;
char c = header.charAt(i);
if (c == '"' || c == '\'') {
// NAME="VALUE" or NAME='VALUE'
StringBuilder newValueBuf = new StringBuilder(header.length() - i);
final char q = c;
boolean hadBackslash = false;
i ++;
for (;;) {
if (i == headerLen) {
value = newValueBuf.toString();
break keyValLoop;
}
if (hadBackslash) {
hadBackslash = false;
c = header.charAt(i ++);
switch (c) {
case '\\': case '"': case '\'':
// Escape last backslash.
newValueBuf.setCharAt(newValueBuf.length() - 1, c);
break;
default:
// Do not escape last backslash.
newValueBuf.append(c);
}
} else {
c = header.charAt(i ++);
if (c == q) {
value = newValueBuf.toString();
break keyValLoop;
}
newValueBuf.append(c);
if (c == '\\') {
hadBackslash = true;
}
}
}
} else {
// NAME=VALUE;
int semiPos = header.indexOf(';', i);
if (semiPos > 0) {
value = header.substring(newValueStart, semiPos);
i = semiPos;
} else {
value = header.substring(newValueStart);
i = headerLen;
}
}
break keyValLoop;
default:
i ++;
}
if (i == headerLen) {
// NAME (no value till the end of string)
name = header.substring(newNameStart);
value = null;
break;
}
}
}
names.add(name);
values.add(value);
}
}
private CookieDecoder(boolean strict) {
this.strict = strict;
}
private DefaultCookie initCookie(String name, String value) {
if (name == null || name.length() == 0) {
logger.debug("Skipping cookie with null name");
return null;
}
if (value == null) {
logger.debug("Skipping cookie with null value");
return null;
}
CharSequence unwrappedValue = unwrapValue(value);
if (unwrappedValue == null) {
logger.debug("Skipping cookie because starting quotes are not properly balanced in '{}'",
unwrappedValue);
return null;
}
int invalidOctetPos;
if (strict && (invalidOctetPos = firstInvalidCookieNameOctet(name)) >= 0) {
if (logger.isDebugEnabled()) {
logger.debug("Skipping cookie because name '{}' contains invalid char '{}'",
name, name.charAt(invalidOctetPos));
}
return null;
}
final boolean wrap = unwrappedValue.length() != value.length();
if (strict && (invalidOctetPos = firstInvalidCookieValueOctet(unwrappedValue)) >= 0) {
if (logger.isDebugEnabled()) {
logger.debug("Skipping cookie because value '{}' contains invalid char '{}'",
unwrappedValue, unwrappedValue.charAt(invalidOctetPos));
}
return null;
}
DefaultCookie cookie = new DefaultCookie(name, unwrappedValue.toString());
cookie.setWrap(wrap);
return cookie;
}
}