Fix for HTTPCLIENT-1264.

git-svn-id: https://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk@1479699 13f79535-47bb-0310-9956-ffa450edef68

RELEASE_NOTES.txt

@@ -1,6 +1,11 @@
 Changes since release 4.3 BETA1
 -------------------
 
+* [HTTPCLIENT-1264] Add support for multiple levels of browser compatibility
+  to BrowserCompatSpec and BrowserCompatSpecFactory.  Include constructor
+  argument for IE medium-security compatibility.
+  Contributed by Karl Wright (kwright at apache.org)
+
 * [HTTPCLIENT-1349] SSLSocketFactory incorrectly identifies key passed with keystore as 
   the keystore password.
   Contributed by David Graff <djgraff209 at gmail.com>

httpclient/src/main/java/org/apache/http/impl/cookie/BrowserCompatSpec.java

@@ -59,6 +59,7 @@ import org.apache.http.util.CharArrayBuffer;
 @NotThreadSafe // superclass is @NotThreadSafe
 public class BrowserCompatSpec extends CookieSpecBase {
 
+
     private static final String[] DEFAULT_DATE_PATTERNS = new String[] {
         DateUtils.PATTERN_RFC1123,
         DateUtils.PATTERN_RFC1036,
@@ -77,16 +78,34 @@ public class BrowserCompatSpec extends CookieSpecBase {
     };
 
     private final String[] datepatterns;
+    private final BrowserCompatSpecFactory.SecurityLevel securityLevel;
 
     /** Default constructor */
-    public BrowserCompatSpec(final String[] datepatterns) {
+    public BrowserCompatSpec(final String[] datepatterns, final BrowserCompatSpecFactory.SecurityLevel securityLevel) {
         super();
+        this.securityLevel = securityLevel;
         if (datepatterns != null) {
             this.datepatterns = datepatterns.clone();
         } else {
             this.datepatterns = DEFAULT_DATE_PATTERNS;
         }
-        registerAttribHandler(ClientCookie.PATH_ATTR, new BasicPathHandler());
+        switch (securityLevel) {
+            case SECURITYLEVEL_DEFAULT:
+                registerAttribHandler(ClientCookie.PATH_ATTR, new BasicPathHandler());
+                break;
+            case SECURITYLEVEL_IE_MEDIUM:
+                registerAttribHandler(ClientCookie.PATH_ATTR, new BasicPathHandler() {
+                        @Override
+                        public void validate(Cookie cookie, CookieOrigin origin) throws MalformedCookieException {
+                            // No validation
+                        }
+                    }
+                );
+                break;
+            default:
+                throw new RuntimeException("Unknown security level");
+        }
+
         registerAttribHandler(ClientCookie.DOMAIN_ATTR, new BasicDomainHandler());
         registerAttribHandler(ClientCookie.MAX_AGE_ATTR, new BasicMaxAgeHandler());
         registerAttribHandler(ClientCookie.SECURE_ATTR, new BasicSecureHandler());
@@ -96,9 +115,14 @@ public class BrowserCompatSpec extends CookieSpecBase {
         registerAttribHandler(ClientCookie.VERSION_ATTR, new BrowserCompatVersionAttributeHandler());
     }
 
+    /** Default constructor */
+    public BrowserCompatSpec(final String[] datepatterns) {
+        this(datepatterns, BrowserCompatSpecFactory.SecurityLevel.SECURITYLEVEL_DEFAULT);
+    }
+
     /** Default constructor */
     public BrowserCompatSpec() {
-        this(null);
+        this(null, BrowserCompatSpecFactory.SecurityLevel.SECURITYLEVEL_DEFAULT);
     }
 
     public List<Cookie> parse(final Header header, final CookieOrigin origin)

httpclient/src/main/java/org/apache/http/impl/cookie/BrowserCompatSpecFactory.java

@@ -47,15 +47,26 @@ import org.apache.http.protocol.HttpContext;
 @SuppressWarnings("deprecation")
 public class BrowserCompatSpecFactory implements CookieSpecFactory, CookieSpecProvider {
 
-    private final String[] datepatterns;
+    public enum SecurityLevel {
+        SECURITYLEVEL_DEFAULT,
+        SECURITYLEVEL_IE_MEDIUM
+    };
 
-    public BrowserCompatSpecFactory(final String[] datepatterns) {
+    private final String[] datepatterns;
+    private final SecurityLevel securityLevel;
+
+    public BrowserCompatSpecFactory(final String[] datepatterns, SecurityLevel securityLevel) {
         super();
         this.datepatterns = datepatterns;
+        this.securityLevel = securityLevel;
+    }
+
+    public BrowserCompatSpecFactory(final String[] datepatterns) {
+        this(null, SecurityLevel.SECURITYLEVEL_DEFAULT);
     }
 
     public BrowserCompatSpecFactory() {
-        this(null);
+        this(null, SecurityLevel.SECURITYLEVEL_DEFAULT);
     }
 
     public CookieSpec newInstance(final HttpParams params) {
@@ -68,9 +79,9 @@ public class BrowserCompatSpecFactory implements CookieSpecFactory, CookieSpecPr
                 patterns = new String[param.size()];
                 patterns = param.toArray(patterns);
             }
-            return new BrowserCompatSpec(patterns);
+            return new BrowserCompatSpec(patterns, securityLevel);
         } else {
-            return new BrowserCompatSpec();
+            return new BrowserCompatSpec(null, securityLevel);
         }
     }