List of usage examples for java.net HttpCookie getSecure
public boolean getSecure()
From source file:no.eris.applet.AppletViewer.java
private void overrideCookieHandler(CookieManager manager) { manager.setCookiePolicy(CookiePolicy.ACCEPT_ALL); final CookieHandler handler = CookieHandler.getDefault(); LOGGER.debug("CookieStore: size {}", manager.getCookieStore().getCookies().size()); if (cookies != null) { for (UriAndCookie uriAndCookie : cookies) { URI uri = uriAndCookie.getUri(); HttpCookie cookie = uriAndCookie.getCookie(); LOGGER.debug("Adding cookies: <{}> value={} secure={}", new Object[] { uri, cookie, cookie.getSecure() }); manager.getCookieStore().add(uri, cookie); }// w ww . j av a 2 s . c o m } LOGGER.debug("CookieStore: size {}", manager.getCookieStore().getCookies().size()); LOGGER.debug("Overriding cookie handler: {}", (handler == null ? null : handler.getClass().getName())); // FIXME because we depend on the system-wide cookie manager, we probably cannot run multiple applets at the time // we also maybe have some security issues lurking here... // I could maybe partition the callers based on the ThreadGroup ?? // FIXME theres also some cleanup to do somewhere CookieHandler.setDefault(new LoggingCookieHandler(manager)); }
From source file:org.apache.druid.security.kerberos.DruidKerberosUtil.java
public static HttpCookie getAuthCookie(CookieStore cookieStore, URI uri) { if (cookieStore == null) { return null; }/*from w ww . j a v a 2 s . co m*/ boolean isSSL = "https".equals(uri.getScheme()); List<HttpCookie> cookies = cookieStore.getCookies(); for (HttpCookie c : cookies) { // If this is a secured cookie and the current connection is non-secured, // then, skip this cookie. We need to skip this cookie because, the cookie // replay will not be transmitted to the server. if (c.getSecure() && !isSSL) { continue; } if (c.getName().equals(AuthenticatedURL.AUTH_COOKIE)) { return c; } } return null; }
From source file:org.apache.hadoop.hive.druid.security.DruidKerberosUtil.java
static HttpCookie getAuthCookie(CookieStore cookieStore, URI uri) { if (cookieStore == null) { return null; }//from w w w . j av a2 s . com boolean isSSL = uri.getScheme().equals("https"); List<HttpCookie> cookies = cookieStore.getCookies(); for (HttpCookie c : cookies) { // If this is a secured cookie and the current connection is non-secured, // then, skip this cookie. We need to skip this cookie because, the cookie // replay will not be transmitted to the server. if (c.getSecure() && !isSSL) { continue; } if (c.getName().equals(AuthenticatedURL.AUTH_COOKIE)) { return c; } } return null; }
From source file:org.jwebsocket.util.Tools.java
/** * Indicates if a cookie is valid for a given URI * * @param aURI//from ww w.j av a 2 s .co m * @param aCookie * @return TRUE if the cookie is valid, FALSE otherwise */ public static boolean isCookieValid(URI aURI, HttpCookie aCookie) { return !aCookie.hasExpired() && (null == aCookie.getDomain() || HttpCookie.domainMatches(aCookie.getDomain(), aURI.getHost())) && (null == aCookie.getPath() || (null != aURI.getPath() && aURI.getPath().startsWith(aCookie.getPath()))) && (aCookie.getSecure() == (aURI.getScheme().equals("wss"))); }
From source file:org.mitre.dsmiley.httpproxy.ProxyServlet.java
/** * Copy cookie from the proxy to the servlet client. Replaces cookie path to * local path and renames cookie to avoid collisions. *///from w w w . ja v a 2 s .c o m protected void copyProxyCookie(HttpServletRequest servletRequest, HttpServletResponse servletResponse, String headerValue) { List<HttpCookie> cookies = HttpCookie.parse(headerValue); String path = servletRequest.getContextPath(); // path starts with / or // is empty string path += servletRequest.getServletPath(); // servlet path starts with / // or is empty string for (HttpCookie cookie : cookies) { // set cookie name prefixed w/ a proxy value so it won't collide w/ // other cookies String proxyCookieName = getCookieNamePrefix(cookie.getName()) + cookie.getName(); Cookie servletCookie = new Cookie(proxyCookieName, cookie.getValue()); servletCookie.setComment(cookie.getComment()); servletCookie.setMaxAge((int) cookie.getMaxAge()); servletCookie.setPath(path); // set to the path of the proxy servlet // don't set cookie domain servletCookie.setSecure(cookie.getSecure()); servletCookie.setVersion(cookie.getVersion()); servletResponse.addCookie(servletCookie); } }
From source file:org.openhab.binding.amazonechocontrol.internal.Connection.java
public String serializeLoginData() { Date loginTime = this.loginTime; if (refreshToken == null || loginTime == null) { return ""; }// w w w. ja v a 2 s.co m StringBuilder builder = new StringBuilder(); builder.append("6\n"); // version builder.append(frc); builder.append("\n"); builder.append(serial); builder.append("\n"); builder.append(deviceId); builder.append("\n"); builder.append(refreshToken); builder.append("\n"); builder.append(amazonSite); builder.append("\n"); builder.append(deviceName); builder.append("\n"); builder.append(accountCustomerId); builder.append("\n"); builder.append(loginTime.getTime()); builder.append("\n"); List<HttpCookie> cookies = cookieManager.getCookieStore().getCookies(); builder.append(cookies.size()); builder.append("\n"); for (HttpCookie cookie : cookies) { writeValue(builder, cookie.getName()); writeValue(builder, cookie.getValue()); writeValue(builder, cookie.getComment()); writeValue(builder, cookie.getCommentURL()); writeValue(builder, cookie.getDomain()); writeValue(builder, cookie.getMaxAge()); writeValue(builder, cookie.getPath()); writeValue(builder, cookie.getPortlist()); writeValue(builder, cookie.getVersion()); writeValue(builder, cookie.getSecure()); writeValue(builder, cookie.getDiscard()); } return builder.toString(); }
From source file:org.piwik.ResponseData.java
public List<Cookie> getCookies() { List<Cookie> cookies = new ArrayList<Cookie>(); for (String key : headerData.keySet()) { List<String> headerParts = headerData.get(key); StringBuilder cookieInfo = new StringBuilder(); for (String part : headerParts) { cookieInfo.append(part);/*from w w w . ja v a2s . co m*/ } if (key == null && cookieInfo.toString().equals("")) { LOGGER.debug("No more headers, not proceeding"); return null; } if (key == null) { LOGGER.debug("The header value contains the server's HTTP version, not proceeding"); } else if (key.equals("Set-Cookie")) { List<HttpCookie> httpCookies = HttpCookie.parse(cookieInfo.toString()); for (HttpCookie h : httpCookies) { Cookie c = new Cookie(h.getName(), h.getValue()); c.setComment(h.getComment()); if (h.getDomain() != null) { c.setDomain(h.getDomain()); } c.setMaxAge(Long.valueOf(h.getMaxAge()).intValue()); c.setPath(h.getPath()); c.setSecure(h.getSecure()); c.setVersion(h.getVersion()); cookies.add(c); } } else { LOGGER.debug("The provided key (" + key + ") with value (" + cookieInfo + ") were not processed because the key is unknown"); } } return cookies; }
From source file:org.zaproxy.zap.extension.httpsessions.HttpSessionsSite.java
/** * Process the http response message received after a request. * /* w w w.j ava2s.co m*/ * @param message the message */ public void processHttpResponseMessage(HttpMessage message) { // Get the session tokens for this site HttpSessionTokensSet siteTokensSet = extension.getHttpSessionTokensSet(getSite()); // No tokens for this site, so no processing if (siteTokensSet == null) { log.debug("No session tokens for: " + this.getSite()); return; } // Create an auxiliary map of token values and insert keys for every token Map<String, Cookie> tokenValues = new HashMap<>(); // Get new values that were set for tokens (e.g. using SET-COOKIE headers), if any List<HttpCookie> cookiesToSet = message.getResponseHeader() .getHttpCookies(message.getRequestHeader().getHostName()); for (HttpCookie cookie : cookiesToSet) { String lcCookieName = cookie.getName(); if (siteTokensSet.isSessionToken(lcCookieName)) { Cookie ck = new Cookie(cookie.getDomain(), lcCookieName, cookie.getValue(), cookie.getPath(), (int) cookie.getMaxAge(), cookie.getSecure()); tokenValues.put(lcCookieName, ck); } } // Get the cookies present in the request List<HttpCookie> requestCookies = message.getRequestHeader().getHttpCookies(); // XXX When an empty HttpSession is set in the message and the response // contains session cookies, the empty HttpSession is reused which // causes the number of messages matched to be incorrect. // Get the session, based on the request header HttpSession session = message.getHttpSession(); if (session == null || !session.isValid()) { session = getMatchingHttpSession(requestCookies, siteTokensSet); if (log.isDebugEnabled()) { log.debug("Matching session for response message (from site " + getSite() + "): " + session); } } else { if (log.isDebugEnabled()) { log.debug("Matching cached session for response message (from site " + getSite() + "): " + session); } } // If the session didn't exist, create it now if (session == null) { session = new HttpSession(generateUniqueSessionName(), extension.getHttpSessionTokensSet(getSite())); this.addHttpSession(session); // Add all the existing tokens from the request, if they don't replace one in the // response for (HttpCookie cookie : requestCookies) { String cookieName = cookie.getName(); if (siteTokensSet.isSessionToken(cookieName)) { if (!tokenValues.containsKey(cookieName)) { // We must ensure that a cookie as always a valid domain and path in order to be able to reuse it. // HttpClient will discard invalid cookies String domain = cookie.getDomain(); if (domain == null) { domain = message.getRequestHeader().getHostName(); } String path = cookie.getPath(); if (path == null) { path = "/"; // Default path } Cookie ck = new Cookie(domain, cookieName, cookie.getValue(), path, (int) cookie.getMaxAge(), cookie.getSecure()); tokenValues.put(cookieName, ck); } } } log.info("Created a new session as no match was found: " + session); } // Update the session if (!tokenValues.isEmpty()) { for (Entry<String, Cookie> tv : tokenValues.entrySet()) { session.setTokenValue(tv.getKey(), tv.getValue()); } } // Update the count of messages matched session.setMessagesMatched(session.getMessagesMatched() + 1); this.model.fireHttpSessionUpdated(session); // Store the session in the HttpMessage for caching purpose message.setHttpSession(session); }
From source file:org.zaproxy.zap.utils.HarUtils.java
public static HarResponse createHarResponse(HttpMessage httpMessage) { HttpResponseHeader responseHeader = httpMessage.getResponseHeader(); HarCookies harCookies = new HarCookies(); long whenCreated = System.currentTimeMillis(); for (HttpCookie cookie : responseHeader.getHttpCookies()) { Date expires;/*from w w w . j a va 2 s . c o m*/ if (cookie.getVersion() == 0) { expires = new Date(whenCreated + (cookie.getMaxAge() * 1000)); } else { expires = new Date(httpMessage.getTimeSentMillis() + httpMessage.getTimeElapsedMillis() + (cookie.getMaxAge() * 1000)); } harCookies.addCookie(new HarCookie(cookie.getName(), cookie.getValue(), cookie.getPath(), cookie.getDomain(), expires, cookie.isHttpOnly(), cookie.getSecure(), null)); } String text = null; String encoding = null; String contentType = responseHeader.getHeader(HttpHeader.CONTENT_TYPE); if (contentType == null) { contentType = ""; } else if (!contentType.isEmpty()) { String lcContentType = contentType.toLowerCase(Locale.ROOT); final int pos = lcContentType.indexOf(';'); if (pos != -1) { lcContentType = lcContentType.substring(0, pos).trim(); } if (!lcContentType.startsWith("text")) { encoding = "base64"; text = Base64.encodeBytes(httpMessage.getResponseBody().getBytes()); } else { text = httpMessage.getResponseBody().toString(); } } HarContent harContent = new HarContent(httpMessage.getResponseBody().length(), 0, contentType, text, encoding, null); String redirectUrl = responseHeader.getHeader(HttpHeader.LOCATION); return new HarResponse(responseHeader.getStatusCode(), responseHeader.getReasonPhrase(), responseHeader.getVersion(), harCookies, createHarHeaders(responseHeader), harContent, redirectUrl == null ? "" : redirectUrl, responseHeader.toString().length(), httpMessage.getResponseBody().length(), null); }