You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hc.apache.org by ol...@apache.org on 2014/08/28 21:08:25 UTC
svn commit: r1621183 - in /httpcomponents/httpclient/trunk/httpclient/src:
main/java-deprecated/org/apache/http/impl/cookie/
main/java/org/apache/http/impl/cookie/ test/java/org/apache/http/impl/cookie/
Author: olegk
Date: Thu Aug 28 19:08:25 2014
New Revision: 1621183
URL: http://svn.apache.org/r1621183
Log:
Deprecated old non-thread safe public suffix domain filter in favor of new thread safe implementation
Added:
httpcomponents/httpclient/trunk/httpclient/src/main/java-deprecated/org/apache/http/impl/cookie/PublicSuffixFilter.java
- copied, changed from r1621182, httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/cookie/PublicSuffixFilter.java
httpcomponents/httpclient/trunk/httpclient/src/main/java-deprecated/org/apache/http/impl/cookie/PublicSuffixListParser.java (contents, props changed)
- copied, changed from r1621182, httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/cookie/PublicSuffixListParser.java
httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/cookie/PublicSuffixDomainFilter.java (contents, props changed)
- copied, changed from r1621182, httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/cookie/PublicSuffixFilter.java
Removed:
httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/cookie/PublicSuffixFilter.java
httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/cookie/PublicSuffixListParser.java
Modified:
httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/cookie/TestBasicCookieAttribHandlers.java
httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/cookie/TestPublicSuffixListParser.java
Copied: httpcomponents/httpclient/trunk/httpclient/src/main/java-deprecated/org/apache/http/impl/cookie/PublicSuffixFilter.java (from r1621182, httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/cookie/PublicSuffixFilter.java)
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/main/java-deprecated/org/apache/http/impl/cookie/PublicSuffixFilter.java?p2=httpcomponents/httpclient/trunk/httpclient/src/main/java-deprecated/org/apache/http/impl/cookie/PublicSuffixFilter.java&p1=httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/cookie/PublicSuffixFilter.java&r1=1621182&r2=1621183&rev=1621183&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/cookie/PublicSuffixFilter.java (original)
+++ httpcomponents/httpclient/trunk/httpclient/src/main/java-deprecated/org/apache/http/impl/cookie/PublicSuffixFilter.java Thu Aug 28 19:08:25 2014
@@ -43,8 +43,11 @@ import org.apache.http.cookie.SetCookie;
* An uptodate list of suffixes can be obtained from
* <a href="http://publicsuffix.org/">publicsuffix.org</a>
*
+ * @deprecated (4.4) use {@link org.apache.http.impl.cookie.PublicSuffixDomainFilter}
+ *
* @since 4.0
*/
+@Deprecated
public class PublicSuffixFilter implements CookieAttributeHandler {
private final CookieAttributeHandler wrapped;
private Collection<String> exceptions;
Copied: httpcomponents/httpclient/trunk/httpclient/src/main/java-deprecated/org/apache/http/impl/cookie/PublicSuffixListParser.java (from r1621182, httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/cookie/PublicSuffixListParser.java)
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/main/java-deprecated/org/apache/http/impl/cookie/PublicSuffixListParser.java?p2=httpcomponents/httpclient/trunk/httpclient/src/main/java-deprecated/org/apache/http/impl/cookie/PublicSuffixListParser.java&p1=httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/cookie/PublicSuffixListParser.java&r1=1621182&r2=1621183&rev=1621183&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/cookie/PublicSuffixListParser.java (original)
+++ httpcomponents/httpclient/trunk/httpclient/src/main/java-deprecated/org/apache/http/impl/cookie/PublicSuffixListParser.java Thu Aug 28 19:08:25 2014
@@ -41,6 +41,7 @@ import org.apache.http.conn.util.PublicS
* @since 4.0
*/
@Immutable
+@Deprecated
public class PublicSuffixListParser {
private final PublicSuffixFilter filter;
Propchange: httpcomponents/httpclient/trunk/httpclient/src/main/java-deprecated/org/apache/http/impl/cookie/PublicSuffixListParser.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: httpcomponents/httpclient/trunk/httpclient/src/main/java-deprecated/org/apache/http/impl/cookie/PublicSuffixListParser.java
------------------------------------------------------------------------------
svn:keywords = Date Revision
Propchange: httpcomponents/httpclient/trunk/httpclient/src/main/java-deprecated/org/apache/http/impl/cookie/PublicSuffixListParser.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Copied: httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/cookie/PublicSuffixDomainFilter.java (from r1621182, httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/cookie/PublicSuffixFilter.java)
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/cookie/PublicSuffixDomainFilter.java?p2=httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/cookie/PublicSuffixDomainFilter.java&p1=httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/cookie/PublicSuffixFilter.java&r1=1621182&r2=1621183&rev=1621183&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/cookie/PublicSuffixFilter.java (original)
+++ httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/cookie/PublicSuffixDomainFilter.java Thu Aug 28 19:08:25 2014
@@ -26,54 +26,43 @@
*/
package org.apache.http.impl.cookie;
-import java.util.Collection;
-
+import org.apache.http.annotation.Immutable;
+import org.apache.http.conn.util.PublicSuffixList;
import org.apache.http.conn.util.PublicSuffixMatcher;
+import org.apache.http.cookie.CommonCookieAttributeHandler;
import org.apache.http.cookie.Cookie;
-import org.apache.http.cookie.CookieAttributeHandler;
import org.apache.http.cookie.CookieOrigin;
import org.apache.http.cookie.MalformedCookieException;
import org.apache.http.cookie.SetCookie;
+import org.apache.http.util.Args;
/**
- * Wraps a CookieAttributeHandler and leverages its match method
- * to never match a suffix from a black list. May be used to provide
- * additional security for cross-site attack types by preventing
- * cookies from apparent domains that are not publicly available.
- * An uptodate list of suffixes can be obtained from
- * <a href="http://publicsuffix.org/">publicsuffix.org</a>
+ * Wraps a {@link org.apache.http.cookie.CookieAttributeHandler} and leverages its match method
+ * to never match a suffix from a black list. May be used to provide additional security for
+ * cross-site attack types by preventing cookies from apparent domains that are not publicly
+ * available.
+ *
+ * @see org.apache.http.conn.util.PublicSuffixList
+ * @see org.apache.http.conn.util.PublicSuffixMatcher
*
- * @since 4.0
+ * @since 4.4
*/
-public class PublicSuffixFilter implements CookieAttributeHandler {
- private final CookieAttributeHandler wrapped;
- private Collection<String> exceptions;
- private Collection<String> suffixes;
- private PublicSuffixMatcher matcher;
-
- public PublicSuffixFilter(final CookieAttributeHandler wrapped) {
- this.wrapped = wrapped;
- }
+@Immutable // dependencies are expected to be immutable or thread-safe
+public class PublicSuffixDomainFilter implements CommonCookieAttributeHandler {
- /**
- * Sets the suffix blacklist patterns.
- * A pattern can be "com", "*.jp"
- * TODO add support for patterns like "lib.*.us"
- * @param suffixes
- */
- public void setPublicSuffixes(final Collection<String> suffixes) {
- this.suffixes = suffixes;
- this.matcher = null;
- }
+ private final CommonCookieAttributeHandler handler;
+ private final PublicSuffixMatcher matcher;
- /**
- * Sets the exceptions from the blacklist. Exceptions can not be patterns.
- * TODO add support for patterns
- * @param exceptions
- */
- public void setExceptions(final Collection<String> exceptions) {
- this.exceptions = exceptions;
- this.matcher = null;
+ public PublicSuffixDomainFilter(final CommonCookieAttributeHandler handler, final PublicSuffixMatcher matcher) {
+ this.handler = Args.notNull(handler, "Cookie handler");
+ this.matcher = Args.notNull(matcher, "Public suffix matcher");
+ }
+
+ public PublicSuffixDomainFilter(final CommonCookieAttributeHandler handler, final PublicSuffixList suffixList) {
+ Args.notNull(handler, "Cookie handler");
+ Args.notNull(suffixList, "Public suffix list");
+ this.handler = handler;
+ this.matcher = new PublicSuffixMatcher(suffixList.getRules(), suffixList.getExceptions());
}
/**
@@ -81,26 +70,26 @@ public class PublicSuffixFilter implemen
*/
@Override
public boolean match(final Cookie cookie, final CookieOrigin origin) {
- if (isForPublicSuffix(cookie)) {
+ if (matcher.match(cookie.getDomain())) {
return false;
+ } else {
+ return handler.match(cookie, origin);
}
- return wrapped.match(cookie, origin);
}
@Override
public void parse(final SetCookie cookie, final String value) throws MalformedCookieException {
- wrapped.parse(cookie, value);
+ handler.parse(cookie, value);
}
@Override
public void validate(final Cookie cookie, final CookieOrigin origin) throws MalformedCookieException {
- wrapped.validate(cookie, origin);
+ handler.validate(cookie, origin);
}
- private boolean isForPublicSuffix(final Cookie cookie) {
- if (matcher == null) {
- matcher = new PublicSuffixMatcher(this.suffixes, this.exceptions);
- }
- return matcher.match(cookie.getDomain());
+ @Override
+ public String getAttributeName() {
+ return handler.getAttributeName();
}
+
}
Propchange: httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/cookie/PublicSuffixDomainFilter.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/cookie/PublicSuffixDomainFilter.java
------------------------------------------------------------------------------
svn:keywords = Date Revision
Propchange: httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/cookie/PublicSuffixDomainFilter.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Modified: httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/cookie/TestBasicCookieAttribHandlers.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/cookie/TestBasicCookieAttribHandlers.java?rev=1621183&r1=1621182&r2=1621183&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/cookie/TestBasicCookieAttribHandlers.java (original)
+++ httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/cookie/TestBasicCookieAttribHandlers.java Thu Aug 28 19:08:25 2014
@@ -34,6 +34,7 @@ import java.util.Date;
import java.util.Locale;
import org.apache.http.client.utils.DateUtils;
+import org.apache.http.conn.util.PublicSuffixMatcher;
import org.apache.http.cookie.CookieAttributeHandler;
import org.apache.http.cookie.CookieOrigin;
import org.apache.http.cookie.MalformedCookieException;
@@ -472,8 +473,8 @@ public class TestBasicCookieAttribHandle
public void testPublicSuffixFilter() throws Exception {
final BasicClientCookie cookie = new BasicClientCookie("name", "value");
- final PublicSuffixFilter h = new PublicSuffixFilter(new RFC2109DomainHandler());
- h.setPublicSuffixes(Arrays.asList(new String[] { "co.uk", "com" }));
+ final PublicSuffixMatcher matcher = new PublicSuffixMatcher(Arrays.asList("co.uk", "com"), null);
+ final PublicSuffixDomainFilter h = new PublicSuffixDomainFilter(new RFC2109DomainHandler(), matcher);
cookie.setDomain(".co.uk");
Assert.assertFalse(h.match(cookie, new CookieOrigin("apache.co.uk", 80, "/stuff", false)));
Modified: httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/cookie/TestPublicSuffixListParser.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/cookie/TestPublicSuffixListParser.java?rev=1621183&r1=1621182&r2=1621183&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/cookie/TestPublicSuffixListParser.java (original)
+++ httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/cookie/TestPublicSuffixListParser.java Thu Aug 28 19:08:25 2014
@@ -27,24 +27,37 @@
package org.apache.http.impl.cookie;
+import java.io.InputStream;
import java.io.InputStreamReader;
-import java.io.Reader;
+import org.apache.http.Consts;
+import org.apache.http.conn.util.PublicSuffixList;
+import org.apache.http.conn.util.PublicSuffixMatcher;
import org.apache.http.cookie.CookieOrigin;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
public class TestPublicSuffixListParser {
- private static final String LIST_FILE = "/suffixlist.txt";
- private PublicSuffixFilter filter;
+
+ private static final String SOURCE_FILE = "suffixlist.txt";
+
+ private PublicSuffixDomainFilter filter;
@Before
public void setUp() throws Exception {
- final Reader r = new InputStreamReader(getClass().getResourceAsStream(LIST_FILE), "UTF-8");
- filter = new PublicSuffixFilter(new RFC2109DomainHandler());
- final PublicSuffixListParser parser = new PublicSuffixListParser(filter);
- parser.parse(r);
+ final ClassLoader classLoader = getClass().getClassLoader();
+ final InputStream in = classLoader.getResourceAsStream(SOURCE_FILE);
+ Assert.assertNotNull(in);
+ final PublicSuffixList suffixList;
+ try {
+ final org.apache.http.conn.util.PublicSuffixListParser parser = new org.apache.http.conn.util.PublicSuffixListParser();
+ suffixList = parser.parse(new InputStreamReader(in, Consts.UTF_8));
+ } finally {
+ in.close();
+ }
+ final PublicSuffixMatcher matcher = new PublicSuffixMatcher(suffixList.getRules(), suffixList.getExceptions());
+ this.filter = new PublicSuffixDomainFilter(new RFC2109DomainHandler(), matcher);
}
@Test