List of usage examples for org.apache.http.cookie CookieSpec parse
List<Cookie> parse(Header header, CookieOrigin origin) throws MalformedCookieException;
From source file:org.esigate.http.HttpResponseUtils.java
/** * Removes ";jsessionid=<id>" from the url, if the session id is also set in "httpResponse". * <p>//from w w w .j av a 2 s. c o m * This methods first looks for the following header : * * <pre> * Set-Cookie: JSESSIONID= * </pre> * * If found and perfectly matches the jsessionid value in url, the complete jsessionid definition is removed from * the url. * * @param uri * original uri, may contains a jsessionid. * @param httpResponse * the response which set the jsessionId * @return uri, without jsession */ public static String removeSessionId(String uri, HttpResponse httpResponse) { CookieSpec cookieSpec = new BrowserCompatSpec(); // Dummy origin, used only by CookieSpec for setting the domain for the // cookie but we don't need it CookieOrigin cookieOrigin = new CookieOrigin("dummy", Http.DEFAULT_HTTP_PORT, "/", false); Header[] responseHeaders = httpResponse.getHeaders("Set-cookie"); String jsessionid = null; for (int i = 0; i < responseHeaders.length; i++) { Header header = responseHeaders[i]; try { List<Cookie> cookies = cookieSpec.parse(header, cookieOrigin); for (Cookie cookie : cookies) { if ("JSESSIONID".equalsIgnoreCase(cookie.getName())) { jsessionid = cookie.getValue(); } break; } } catch (MalformedCookieException ex) { LOG.warn("Malformed header: " + header.getName() + ": " + header.getValue()); } if (jsessionid != null) { break; } } if (jsessionid == null) { return uri; } return UriUtils.removeSessionId(jsessionid, uri); }
From source file:com.googlecode.noweco.webmail.httpclient.UnsecureResponseProcessCookies.java
private void processCookies(final HeaderIterator iterator, final CookieSpec cookieSpec, final CookieOrigin cookieOrigin, final CookieStore cookieStore) { while (iterator.hasNext()) { Header header = iterator.nextHeader(); try {/*from w w w . ja v a 2 s . c o m*/ List<Cookie> cookies = cookieSpec.parse(header, cookieOrigin); for (Cookie cookie : cookies) { cookieStore.addCookie(cookie); if (this.log.isDebugEnabled()) { this.log.debug("Cookie accepted: \"" + cookie + "\". "); } } } catch (MalformedCookieException ex) { if (this.log.isWarnEnabled()) { this.log.warn("Invalid cookie header: \"" + header + "\". " + ex.getMessage()); } } } }
From source file:com.google.acre.script.NHttpAsyncUrlfetch.java
private Scriptable callback_result(long start_time, URL url, HttpResponse res, boolean system, boolean log_to_user, String response_encoding) { BrowserCompatSpecFactory bcsf = new BrowserCompatSpecFactory(); CookieSpec cspec = bcsf.newInstance(null); String protocol = url.getProtocol(); boolean issecure = ("https".equals(protocol)); int port = url.getPort(); if (port == -1) port = 80;//from w ww . j av a2 s . com CookieOrigin origin = new CookieOrigin(url.getHost(), port, url.getPath(), issecure); Object body = ""; int status = res.getStatusLine().getStatusCode(); Context ctx = Context.getCurrentContext(); Scriptable out = ctx.newObject(_scope); Scriptable headers = ctx.newObject(_scope); Scriptable cookies = ctx.newObject(_scope); out.put("status", out, status); out.put("headers", out, headers); out.put("cookies", out, cookies); Header content_type_header = null; StringBuilder response_header_log = new StringBuilder(); for (Header h : res.getAllHeaders()) { if (h.getName().equalsIgnoreCase("set-cookie")) { String set_cookie = h.getValue(); Matcher m = Pattern.compile("\\s*(([^,]|(,\\s*\\d))+)").matcher(set_cookie); while (m.find()) { Header ch = new BasicHeader("Set-Cookie", set_cookie.substring(m.start(), m.end())); try { List<Cookie> pcookies = cspec.parse(ch, origin); for (Cookie c : pcookies) { cookies.put(c.getName(), cookies, new AcreCookie(c).toJsObject(_scope)); } } catch (MalformedCookieException e) { throw new RuntimeException(e); } } } else if (h.getName().equalsIgnoreCase("content-type")) { content_type_header = h; } response_header_log.append(h.getName() + ": " + h.getValue() + "\r\n"); headers.put(h.getName(), headers, h.getValue()); } String charset = null; if (content_type_header != null) { HeaderElement values[] = content_type_header.getElements(); if (values.length == 1) { NameValuePair param = values[0].getParameterByName("charset"); if (param != null) { charset = param.getValue(); } } } if (charset == null) charset = response_encoding; // read body HttpEntity ent = res.getEntity(); try { if (ent != null) { InputStream res_stream = ent.getContent(); Header cenc = ent.getContentEncoding(); if (cenc != null && res_stream != null) { HeaderElement[] codecs = cenc.getElements(); for (HeaderElement codec : codecs) { if (codec.getName().equalsIgnoreCase("gzip")) { res_stream = new GZIPInputStream(res_stream); } } } long first_byte_time = 0; long end_time = 0; if (content_type_header != null && (content_type_header.getValue().startsWith("image/") || content_type_header.getValue().startsWith("application/octet-stream") || content_type_header.getValue().startsWith("multipart/form-data"))) { // HttpClient's InputStream doesn't support mark/reset, so // wrap it with one that does. BufferedInputStream bufis = new BufferedInputStream(res_stream); bufis.mark(2); bufis.read(); first_byte_time = System.currentTimeMillis(); bufis.reset(); byte[] data = IOUtils.toByteArray(bufis); end_time = System.currentTimeMillis(); body = new JSBinary(); ((JSBinary) body).set_data(data); try { if (res_stream != null) res_stream.close(); } catch (IOException e) { // ignore } } else if (res_stream == null || charset == null) { first_byte_time = end_time = System.currentTimeMillis(); body = ""; } else { StringWriter writer = new StringWriter(); Reader reader = new InputStreamReader(res_stream, charset); int i = reader.read(); first_byte_time = System.currentTimeMillis(); writer.write(i); IOUtils.copy(reader, writer); end_time = System.currentTimeMillis(); body = writer.toString(); try { reader.close(); writer.close(); } catch (IOException e) { // ignore } } long reading_time = end_time - first_byte_time; long waiting_time = first_byte_time - start_time; String httprephdr = response_header_log.toString(); // XXX need to log start-time of request _logger.syslog4j("DEBUG", "urlfetch.response.async", "URL", url.toString(), "Status", Integer.toString(status), "Headers", httprephdr, "Reading time", reading_time, "Waiting time", waiting_time); if (system && log_to_user) { _response.userlog4j("DEBUG", "urlfetch.response.async", "URL", url.toString(), "Status", Integer.toString(status), "Headers", httprephdr); } // XXX seems like AcreResponse should be able to use // the statistics object to generate x-metaweb-cost // given a bit of extra information Statistics.instance().collectUrlfetchTime(start_time, first_byte_time, end_time); _costCollector.collect((system) ? "asuc" : "auuc").collect((system) ? "asuw" : "auuw", waiting_time); } } catch (IOException e) { throw new RuntimeException(e); } out.put("body", out, body); return out; }
From source file:com.google.acre.appengine.script.AppEngineAsyncUrlfetch.java
private Scriptable callback_result(AsyncRequest req, HTTPResponse res) { long waiting_time = System.currentTimeMillis() - req.start_time; URL furl = res.getFinalUrl(); if (furl == null) { furl = req.url;/*from w ww . java 2 s. com*/ } BrowserCompatSpecFactory bcsf = new BrowserCompatSpecFactory(); CookieSpec cspec = bcsf.newInstance(null); String protocol = furl.getProtocol(); boolean issecure = ("https".equals(protocol)); int port = furl.getPort(); if (port == -1) port = 80; CookieOrigin origin = new CookieOrigin(furl.getHost(), port, furl.getPath(), issecure); Context ctx = Context.getCurrentContext(); Scriptable out = ctx.newObject(_scope); Scriptable headers = ctx.newObject(_scope); Scriptable cookies = ctx.newObject(_scope); out.put("status", out, res.getResponseCode()); String response_body = null; try { response_body = new String(res.getContent(), getResponseEncoding(res)); out.put("body", out, response_body); } catch (java.io.UnsupportedEncodingException e) { throw new RuntimeException(e); } out.put("headers", out, headers); out.put("cookies", out, cookies); StringBuilder response_header_log = new StringBuilder(); for (HTTPHeader h : res.getHeaders()) { if (h.getName().equalsIgnoreCase("set-cookie")) { String set_cookie = h.getValue(); Matcher m = Pattern.compile("\\s*(([^,]|(,\\s*\\d))+)").matcher(set_cookie); while (m.find()) { Header ch = new BasicHeader("Set-Cookie", set_cookie.substring(m.start(), m.end())); try { List<Cookie> pcookies = cspec.parse(ch, origin); for (Cookie c : pcookies) { cookies.put(c.getName(), cookies, new AcreCookie(c).toJsObject(_scope)); } } catch (MalformedCookieException e) { // we've occasionally choked on cookie-set, // e.g. www.google.com returning expires=; expires=Mon, 01-Jan-1990 00:00:00 GMT; // no solution but at least log exactly what's happening. String cookiestring = ch.toString(); _logger.warn("urlfetch.response.async", "exception thrown on bad cookie " + cookiestring); throw new RuntimeException(e); } } } headers.put(h.getName(), headers, h.getValue()); response_header_log.append(h.getName() + ": " + h.getValue() + ", "); } boolean system = req.system; boolean log_to_user = req.log_to_user; String log_body = new String(); if (res.getResponseCode() != 200 && response_body != null) { log_body = response_body; } _logger.syslog4j("INFO", "urlfetch.response.async", "URL", furl.toString(), "Status", Integer.toString(res.getResponseCode()), "Headers", response_header_log, "Body", log_body); if (system && log_to_user) { _response.userlog4j("INFO", "urlfetch.response.async", "URL", furl.toString(), "Status", Integer.toString(res.getResponseCode()), "Headers", response_header_log); } _costCollector.collect((system) ? "asuc" : "auuc").collect((system) ? "asuw" : "auuw", waiting_time); return out; }
From source file:org.sonatype.nexus.testsuite.security.SimpleSessionCookieIT.java
/** * Validate Nexus Cookies during Sign-in and Sign-out *//*from w w w.j a va 2s. c o m*/ private void exerciseCookieSpec(final URL baseUrl) throws Exception { // handle cookies like a browser to aid validation final CookieSpec spec = new DefaultCookieSpecProvider().create(null); final CookieOrigin cookieOrigin = cookieOrigin(baseUrl); final CookieStore cookieStore = new BasicCookieStore(); final CredentialsProvider credProvider = credentialsProvider(); SetCookie loginCookie; try (CloseableHttpClient client = clientBuilder().setDefaultCookieStore(cookieStore) .setDefaultCredentialsProvider(credProvider).build()) { // 1. login with credentials and get session cookie // Set-Cookie: NXSESSIONID=98a766bc-bc33-4b3c-9d9f-d3bb85b0cf00; Path=/; Secure; HttpOnly HttpPost loginRequest = new HttpPost(resolveUrl(baseUrl, SESSION_PATH).toURI()); List<NameValuePair> params = new ArrayList<>(); params.add(new BasicNameValuePair("username", Strings2.encodeBase64(credentials().getUserPrincipal().getName()))); params.add(new BasicNameValuePair("password", Strings2.encodeBase64(credentials().getPassword()))); loginRequest.setEntity(new UrlEncodedFormEntity(params)); withCommonBrowserHeaders(loginRequest); try (CloseableHttpResponse response = client.execute(loginRequest, clientContext())) { assertThat(response.getStatusLine().getStatusCode(), is(200)); assertThat("login cookie should have been stored in the cookie store", cookieStore.getCookies(), hasSize(1)); assertThat("expected session cookie in cookie store", getSessionCookie(cookieStore), notNullValue()); Header[] setCookieHeaders = response.getHeaders(SET_COOKIE); Header sessionCookieHeader = getSessionCookieHeader(setCookieHeaders); List<Cookie> sessionCookies = spec.parse(sessionCookieHeader, cookieOrigin); loginCookie = (SetCookie) sessionCookies.get(0); String headerText = sessionCookieHeader.toString(); assertCommonSessionCookieAttributes(baseUrl, loginCookie, headerText); assertThat(String.format("expecting one cookie parsed from session %s header", SET_COOKIE), sessionCookies, hasSize(1)); assertThat(String.format( "expecting 2 %s headers for login, one session cookie, one remember me, but got %s", SET_COOKIE, setCookieHeaders), setCookieHeaders, arrayWithSize(2)); assertThat("login cookie should NOT look like deleteMe cookie", loginCookie.getValue(), not(containsString("deleteMe"))); assertThat( "login cookie should not have an expiry date - the UA deletes the session cookie when " + "replaced by a new one by same name from the server OR when the UA decides", loginCookie.isPersistent(), is(false)); assertThat("login session cookie with valid session id should always be marked HttpOnly", headerText, containsString("; HttpOnly")); } HttpClientContext logoutContext = HttpClientContext.create(); logoutContext.setCookieStore(cookieStore); HttpDelete logoutRequest = new HttpDelete(resolveUrl(baseUrl, SESSION_PATH).toURI()); withCommonBrowserHeaders(logoutRequest); // 2. Logout, sending valid session cookie, no credentials // Set-Cookie: NXSESSIONID=deleteMe; Path=/; Max-Age=0; Expires=Sun, 28-Dec-2014 15:59:11 GMT try (CloseableHttpResponse response = client.execute(logoutRequest, logoutContext)) { assertThat(response.getStatusLine().getStatusCode(), is(200)); // can't use client CookieStore to examine logout cookie, because the Expires header will prevent it from being // added but we can implicitly confirm it expired the existing cookie according to our client assertThat("logout cookie should have emptied the cookie store due to expiry date", cookieStore.getCookies(), hasSize(0)); Header[] setCookieHeaders = response.getHeaders(SET_COOKIE); Header sessionCookieHeader = getSessionCookieHeader(setCookieHeaders); List<Cookie> sessionCookies = spec.parse(sessionCookieHeader, cookieOrigin); SetCookie logoutCookie = (SetCookie) sessionCookies.get(0); final String headerText = sessionCookieHeader.toString(); assertCommonSessionCookieAttributes(baseUrl, logoutCookie, headerText); assertThat("expecting one cookie in same Set-Cookie header", sessionCookies, hasSize(1)); assertThat(String.format( "expecting 2 %s headers for logout, one session cookie delete cookie, one remember me delete cookie, but got %s", SET_COOKIE, setCookieHeaders), setCookieHeaders, arrayWithSize(2)); assertThat("logout session cookie value should be dummy value", logoutCookie.getValue(), equalTo("deleteMe")); assertThat("logout session cookie should be expired to tell browser to delete it", logoutCookie.isExpired(new Date()), is(true)); assertThat( "technically the presence of an expiry date means the cookie is persistent, but expiry will override", logoutCookie.isPersistent(), is(true)); assertThat( "logout cookie does not have a real session id value, therefore it does not need to be HttpOnly", headerText, not(containsString("; HttpOnly"))); } // 3. Access a protected resource again using our original login cookie, no credentials, to verify session is dead HttpGet loginFailedGet = new HttpGet(resolveUrl(baseUrl, PROTECTED_PATH).toURI()); cookieStore.addCookie(loginCookie); try (CloseableHttpResponse response = client.execute(loginFailedGet, HttpClientContext.create())) { assertThat("expected dead login session cookie to not authenticate", response.getStatusLine().getStatusCode(), is(401)); Header[] setCookieHeaders = response.getHeaders(SET_COOKIE); assertThat("expecting no session cookie since login was unsuccessful", getSessionCookieHeader(setCookieHeaders), nullValue()); assertThat("expecting no cookies since login was unsuccessful", setCookieHeaders, arrayWithSize(0)); } } }
From source file:com.gargoylesoftware.htmlunit.WebClient.java
/** * Parses the given cookie and adds this to our cookie store. * @param cookieString the string to parse * @param pageUrl the url of the page that likes to set the cookie * @param origin the requester//from w w w.j a va 2 s . c o m */ public void addCookie(final String cookieString, final URL pageUrl, final Object origin) { final CookieManager cookieManager = getCookieManager(); if (cookieManager.isCookiesEnabled()) { final CharArrayBuffer buffer = new CharArrayBuffer(cookieString.length() + 22); buffer.append("Set-Cookie: "); buffer.append(cookieString); final BrowserVersion browserVersion = getBrowserVersion(); final CookieSpec cookieSpec = new HtmlUnitBrowserCompatCookieSpec(browserVersion); try { final List<org.apache.http.cookie.Cookie> cookies = cookieSpec.parse(new BufferedHeader(buffer), cookieManager.buildCookieOrigin(pageUrl)); for (org.apache.http.cookie.Cookie cookie : cookies) { final Cookie htmlUnitCookie = new Cookie((ClientCookie) cookie); cookieManager.addCookie(htmlUnitCookie); if (LOG.isDebugEnabled()) { LOG.debug("Added cookie: '" + cookieString + "'"); } } } catch (final MalformedCookieException e) { getIncorrectnessListener().notify("set-cookie http-equiv meta tag: invalid cookie '" + cookieString + "'; reason: '" + e.getMessage() + "'.", origin); } } else if (LOG.isDebugEnabled()) { LOG.debug("Skipped adding cookie: '" + cookieString + "'"); } }
From source file:org.apache.http.client.protocol.ResponseProcessCookies.java
private void processCookies(final HeaderIterator iterator, final CookieSpec cookieSpec, final CookieOrigin cookieOrigin, final CookieStore cookieStore) { while (iterator.hasNext()) { final Header header = iterator.nextHeader(); try {//from w ww. ja va 2 s . co m final List<Cookie> cookies = cookieSpec.parse(header, cookieOrigin); for (final Cookie cookie : cookies) { try { cookieSpec.validate(cookie, cookieOrigin); cookieStore.addCookie(cookie); if (this.log.isDebugEnabled()) { this.log.debug("Cookie accepted [" + formatCooke(cookie) + "]"); } } catch (final MalformedCookieException ex) { if (this.log.isWarnEnabled()) { this.log.warn("Cookie rejected [" + formatCooke(cookie) + "] " + ex.getMessage()); } } } } catch (final MalformedCookieException ex) { if (this.log.isWarnEnabled()) { this.log.warn("Invalid cookie header: \"" + header + "\". " + ex.getMessage()); } } } }