From dbd7dd0efd737009b48d41ef6aa9f5b8bfa81149 Mon Sep 17 00:00:00 2001 From: Oleg Kalnichevski Date: Tue, 13 Oct 2009 10:52:28 +0000 Subject: [PATCH] HTTPCLIENT-832: Distinguish cookie format errors from violations of restrictions imposed by a cookie specification. In the latter case CookieRestrictionViolationException will be thrown git-svn-id: https://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk@824685 13f79535-47bb-0310-9956-ffa450edef68 --- RELEASE_NOTES.txt | 5 ++ .../CookieRestrictionViolationException.java | 61 +++++++++++++++++++ .../http/impl/cookie/BasicDomainHandler.java | 7 ++- .../http/impl/cookie/BasicPathHandler.java | 3 +- .../impl/cookie/NetscapeDomainHandler.java | 5 +- .../impl/cookie/RFC2109DomainHandler.java | 13 ++-- .../apache/http/impl/cookie/RFC2109Spec.java | 5 +- .../impl/cookie/RFC2109VersionHandler.java | 3 +- .../cookie/RFC2965DomainAttributeHandler.java | 13 ++-- .../cookie/RFC2965PortAttributeHandler.java | 3 +- .../RFC2965VersionAttributeHandler.java | 3 +- 11 files changed, 98 insertions(+), 23 deletions(-) create mode 100644 httpclient/src/main/java/org/apache/http/cookie/CookieRestrictionViolationException.java diff --git a/RELEASE_NOTES.txt b/RELEASE_NOTES.txt index 79609d5a9..31e1b510d 100644 --- a/RELEASE_NOTES.txt +++ b/RELEASE_NOTES.txt @@ -1,6 +1,11 @@ Changes since 4.0 ------------------- +* [HTTPCLIENT-832] Distinguish cookie format errors from violations of restrictions + imposed by a cookie specification. In the latter case + CookieRestrictionViolationException will be thrown. + Contributed by Oleg Kalnichevski + * [HTTPCLIENT-523] Support for SPNEGO authentication scheme. Contributed by Matthew Stevenson diff --git a/httpclient/src/main/java/org/apache/http/cookie/CookieRestrictionViolationException.java b/httpclient/src/main/java/org/apache/http/cookie/CookieRestrictionViolationException.java new file mode 100644 index 000000000..9ac17169c --- /dev/null +++ b/httpclient/src/main/java/org/apache/http/cookie/CookieRestrictionViolationException.java @@ -0,0 +1,61 @@ +/* + * ==================================================================== + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * ==================================================================== + * + * This software consists of voluntary contributions made by many + * individuals on behalf of the Apache Software Foundation. For more + * information on the Apache Software Foundation, please see + * . + * + */ + +package org.apache.http.cookie; + +import org.apache.http.annotation.Immutable; + +/** + * Signals that a cookie violates a restriction imposed by the cookie + * specification. + * + * @since 4.1 + */ +@Immutable +public class CookieRestrictionViolationException extends MalformedCookieException { + + private static final long serialVersionUID = 7371235577078589013L; + + /** + * Creates a new CookeFormatViolationException with a null detail + * message. + */ + public CookieRestrictionViolationException() { + super(); + } + + /** + * Creates a new CookeRestrictionViolationException with a specified + * message string. + * + * @param message The exception detail message + */ + public CookieRestrictionViolationException(String message) { + super(message); + } + +} diff --git a/httpclient/src/main/java/org/apache/http/impl/cookie/BasicDomainHandler.java b/httpclient/src/main/java/org/apache/http/impl/cookie/BasicDomainHandler.java index 6a5b2fa74..8ee840bd0 100644 --- a/httpclient/src/main/java/org/apache/http/impl/cookie/BasicDomainHandler.java +++ b/httpclient/src/main/java/org/apache/http/impl/cookie/BasicDomainHandler.java @@ -31,6 +31,7 @@ import org.apache.http.annotation.Immutable; import org.apache.http.cookie.Cookie; import org.apache.http.cookie.CookieAttributeHandler; import org.apache.http.cookie.CookieOrigin; +import org.apache.http.cookie.CookieRestrictionViolationException; import org.apache.http.cookie.MalformedCookieException; import org.apache.http.cookie.SetCookie; @@ -75,7 +76,7 @@ public class BasicDomainHandler implements CookieAttributeHandler { String host = origin.getHost(); String domain = cookie.getDomain(); if (domain == null) { - throw new MalformedCookieException("Cookie domain may not be null"); + throw new CookieRestrictionViolationException("Cookie domain may not be null"); } if (host.contains(".")) { // Not required to have at least two dots. RFC 2965. @@ -87,14 +88,14 @@ public class BasicDomainHandler implements CookieAttributeHandler { domain = domain.substring(1, domain.length()); } if (!host.equals(domain)) { - throw new MalformedCookieException( + throw new CookieRestrictionViolationException( "Illegal domain attribute \"" + domain + "\". Domain of origin: \"" + host + "\""); } } } else { if (!host.equals(domain)) { - throw new MalformedCookieException( + throw new CookieRestrictionViolationException( "Illegal domain attribute \"" + domain + "\". Domain of origin: \"" + host + "\""); } diff --git a/httpclient/src/main/java/org/apache/http/impl/cookie/BasicPathHandler.java b/httpclient/src/main/java/org/apache/http/impl/cookie/BasicPathHandler.java index a01f4c21c..1674b6ff4 100644 --- a/httpclient/src/main/java/org/apache/http/impl/cookie/BasicPathHandler.java +++ b/httpclient/src/main/java/org/apache/http/impl/cookie/BasicPathHandler.java @@ -31,6 +31,7 @@ import org.apache.http.annotation.Immutable; import org.apache.http.cookie.Cookie; import org.apache.http.cookie.CookieAttributeHandler; import org.apache.http.cookie.CookieOrigin; +import org.apache.http.cookie.CookieRestrictionViolationException; import org.apache.http.cookie.MalformedCookieException; import org.apache.http.cookie.SetCookie; @@ -59,7 +60,7 @@ public class BasicPathHandler implements CookieAttributeHandler { public void validate(final Cookie cookie, final CookieOrigin origin) throws MalformedCookieException { if (!match(cookie, origin)) { - throw new MalformedCookieException( + throw new CookieRestrictionViolationException( "Illegal path attribute \"" + cookie.getPath() + "\". Path of origin: \"" + origin.getPath() + "\""); } diff --git a/httpclient/src/main/java/org/apache/http/impl/cookie/NetscapeDomainHandler.java b/httpclient/src/main/java/org/apache/http/impl/cookie/NetscapeDomainHandler.java index 77145ab13..09ce271ac 100644 --- a/httpclient/src/main/java/org/apache/http/impl/cookie/NetscapeDomainHandler.java +++ b/httpclient/src/main/java/org/apache/http/impl/cookie/NetscapeDomainHandler.java @@ -33,6 +33,7 @@ import org.apache.http.annotation.Immutable; import org.apache.http.cookie.Cookie; import org.apache.http.cookie.CookieOrigin; +import org.apache.http.cookie.CookieRestrictionViolationException; import org.apache.http.cookie.MalformedCookieException; /** @@ -58,14 +59,14 @@ public class NetscapeDomainHandler extends BasicDomainHandler { if (isSpecialDomain(domain)) { if (domainParts < 2) { - throw new MalformedCookieException("Domain attribute \"" + throw new CookieRestrictionViolationException("Domain attribute \"" + domain + "\" violates the Netscape cookie specification for " + "special domains"); } } else { if (domainParts < 3) { - throw new MalformedCookieException("Domain attribute \"" + throw new CookieRestrictionViolationException("Domain attribute \"" + domain + "\" violates the Netscape cookie specification"); } diff --git a/httpclient/src/main/java/org/apache/http/impl/cookie/RFC2109DomainHandler.java b/httpclient/src/main/java/org/apache/http/impl/cookie/RFC2109DomainHandler.java index d1bbe0506..10a375cbe 100644 --- a/httpclient/src/main/java/org/apache/http/impl/cookie/RFC2109DomainHandler.java +++ b/httpclient/src/main/java/org/apache/http/impl/cookie/RFC2109DomainHandler.java @@ -33,6 +33,7 @@ import org.apache.http.annotation.Immutable; import org.apache.http.cookie.Cookie; import org.apache.http.cookie.CookieAttributeHandler; import org.apache.http.cookie.CookieOrigin; +import org.apache.http.cookie.CookieRestrictionViolationException; import org.apache.http.cookie.MalformedCookieException; import org.apache.http.cookie.SetCookie; @@ -72,39 +73,39 @@ public class RFC2109DomainHandler implements CookieAttributeHandler { String host = origin.getHost(); String domain = cookie.getDomain(); if (domain == null) { - throw new MalformedCookieException("Cookie domain may not be null"); + throw new CookieRestrictionViolationException("Cookie domain may not be null"); } if (!domain.equals(host)) { int dotIndex = domain.indexOf('.'); if (dotIndex == -1) { - throw new MalformedCookieException("Domain attribute \"" + throw new CookieRestrictionViolationException("Domain attribute \"" + domain + "\" does not match the host \"" + host + "\""); } // domain must start with dot if (!domain.startsWith(".")) { - throw new MalformedCookieException("Domain attribute \"" + throw new CookieRestrictionViolationException("Domain attribute \"" + domain + "\" violates RFC 2109: domain must start with a dot"); } // domain must have at least one embedded dot dotIndex = domain.indexOf('.', 1); if (dotIndex < 0 || dotIndex == domain.length() - 1) { - throw new MalformedCookieException("Domain attribute \"" + throw new CookieRestrictionViolationException("Domain attribute \"" + domain + "\" violates RFC 2109: domain must contain an embedded dot"); } host = host.toLowerCase(Locale.ENGLISH); if (!host.endsWith(domain)) { - throw new MalformedCookieException( + throw new CookieRestrictionViolationException( "Illegal domain attribute \"" + domain + "\". Domain of origin: \"" + host + "\""); } // host minus domain may not contain any dots String hostWithoutDomain = host.substring(0, host.length() - domain.length()); if (hostWithoutDomain.indexOf('.') != -1) { - throw new MalformedCookieException("Domain attribute \"" + throw new CookieRestrictionViolationException("Domain attribute \"" + domain + "\" violates RFC 2109: host minus domain may not contain any dots"); } diff --git a/httpclient/src/main/java/org/apache/http/impl/cookie/RFC2109Spec.java b/httpclient/src/main/java/org/apache/http/impl/cookie/RFC2109Spec.java index abcde3288..489640c72 100644 --- a/httpclient/src/main/java/org/apache/http/impl/cookie/RFC2109Spec.java +++ b/httpclient/src/main/java/org/apache/http/impl/cookie/RFC2109Spec.java @@ -39,6 +39,7 @@ import org.apache.http.cookie.ClientCookie; import org.apache.http.cookie.Cookie; import org.apache.http.cookie.CookieOrigin; import org.apache.http.cookie.CookiePathComparator; +import org.apache.http.cookie.CookieRestrictionViolationException; import org.apache.http.cookie.CookieSpec; import org.apache.http.cookie.MalformedCookieException; import org.apache.http.cookie.SM; @@ -116,10 +117,10 @@ public class RFC2109Spec extends CookieSpecBase { } String name = cookie.getName(); if (name.indexOf(' ') != -1) { - throw new MalformedCookieException("Cookie name may not contain blanks"); + throw new CookieRestrictionViolationException("Cookie name may not contain blanks"); } if (name.startsWith("$")) { - throw new MalformedCookieException("Cookie name may not start with $"); + throw new CookieRestrictionViolationException("Cookie name may not start with $"); } super.validate(cookie, origin); } diff --git a/httpclient/src/main/java/org/apache/http/impl/cookie/RFC2109VersionHandler.java b/httpclient/src/main/java/org/apache/http/impl/cookie/RFC2109VersionHandler.java index 0066cee58..a5172d88d 100644 --- a/httpclient/src/main/java/org/apache/http/impl/cookie/RFC2109VersionHandler.java +++ b/httpclient/src/main/java/org/apache/http/impl/cookie/RFC2109VersionHandler.java @@ -30,6 +30,7 @@ import org.apache.http.annotation.Immutable; import org.apache.http.cookie.Cookie; import org.apache.http.cookie.CookieOrigin; +import org.apache.http.cookie.CookieRestrictionViolationException; import org.apache.http.cookie.MalformedCookieException; import org.apache.http.cookie.SetCookie; @@ -70,7 +71,7 @@ public class RFC2109VersionHandler extends AbstractCookieAttributeHandler { throw new IllegalArgumentException("Cookie may not be null"); } if (cookie.getVersion() < 0) { - throw new MalformedCookieException("Cookie version may not be negative"); + throw new CookieRestrictionViolationException("Cookie version may not be negative"); } } diff --git a/httpclient/src/main/java/org/apache/http/impl/cookie/RFC2965DomainAttributeHandler.java b/httpclient/src/main/java/org/apache/http/impl/cookie/RFC2965DomainAttributeHandler.java index e794d2d9a..560dc54f3 100644 --- a/httpclient/src/main/java/org/apache/http/impl/cookie/RFC2965DomainAttributeHandler.java +++ b/httpclient/src/main/java/org/apache/http/impl/cookie/RFC2965DomainAttributeHandler.java @@ -35,6 +35,7 @@ import org.apache.http.cookie.ClientCookie; import org.apache.http.cookie.Cookie; import org.apache.http.cookie.CookieAttributeHandler; import org.apache.http.cookie.CookieOrigin; +import org.apache.http.cookie.CookieRestrictionViolationException; import org.apache.http.cookie.MalformedCookieException; import org.apache.http.cookie.SetCookie; @@ -114,7 +115,7 @@ public class RFC2965DomainAttributeHandler implements CookieAttributeHandler { } String host = origin.getHost().toLowerCase(Locale.ENGLISH); if (cookie.getDomain() == null) { - throw new MalformedCookieException("Invalid cookie state: " + + throw new CookieRestrictionViolationException("Invalid cookie state: " + "domain not specified"); } String cookieDomain = cookie.getDomain().toLowerCase(Locale.ENGLISH); @@ -123,7 +124,7 @@ public class RFC2965DomainAttributeHandler implements CookieAttributeHandler { && ((ClientCookie) cookie).containsAttribute(ClientCookie.DOMAIN_ATTR)) { // Domain attribute must start with a dot if (!cookieDomain.startsWith(".")) { - throw new MalformedCookieException("Domain attribute \"" + + throw new CookieRestrictionViolationException("Domain attribute \"" + cookie.getDomain() + "\" violates RFC 2109: domain must start with a dot"); } @@ -132,7 +133,7 @@ public class RFC2965DomainAttributeHandler implements CookieAttributeHandler { int dotIndex = cookieDomain.indexOf('.', 1); if (((dotIndex < 0) || (dotIndex == cookieDomain.length() - 1)) && (!cookieDomain.equals(".local"))) { - throw new MalformedCookieException( + throw new CookieRestrictionViolationException( "Domain attribute \"" + cookie.getDomain() + "\" violates RFC 2965: the value contains no embedded dots " + "and the value is not .local"); @@ -140,7 +141,7 @@ public class RFC2965DomainAttributeHandler implements CookieAttributeHandler { // The effective host name must domain-match domain attribute. if (!domainMatch(host, cookieDomain)) { - throw new MalformedCookieException( + throw new CookieRestrictionViolationException( "Domain attribute \"" + cookie.getDomain() + "\" violates RFC 2965: effective host name does not " + "domain-match domain attribute."); @@ -150,7 +151,7 @@ public class RFC2965DomainAttributeHandler implements CookieAttributeHandler { String effectiveHostWithoutDomain = host.substring( 0, host.length() - cookieDomain.length()); if (effectiveHostWithoutDomain.indexOf('.') != -1) { - throw new MalformedCookieException("Domain attribute \"" + throw new CookieRestrictionViolationException("Domain attribute \"" + cookie.getDomain() + "\" violates RFC 2965: " + "effective host minus domain may not contain any dots"); } @@ -158,7 +159,7 @@ public class RFC2965DomainAttributeHandler implements CookieAttributeHandler { // Domain was not specified in header. In this case, domain must // string match request host (case-insensitive). if (!cookie.getDomain().equals(host)) { - throw new MalformedCookieException("Illegal domain attribute: \"" + throw new CookieRestrictionViolationException("Illegal domain attribute: \"" + cookie.getDomain() + "\"." + "Domain of origin: \"" + host + "\""); diff --git a/httpclient/src/main/java/org/apache/http/impl/cookie/RFC2965PortAttributeHandler.java b/httpclient/src/main/java/org/apache/http/impl/cookie/RFC2965PortAttributeHandler.java index 240c1c398..987e2dd26 100644 --- a/httpclient/src/main/java/org/apache/http/impl/cookie/RFC2965PortAttributeHandler.java +++ b/httpclient/src/main/java/org/apache/http/impl/cookie/RFC2965PortAttributeHandler.java @@ -35,6 +35,7 @@ import org.apache.http.cookie.ClientCookie; import org.apache.http.cookie.Cookie; import org.apache.http.cookie.CookieAttributeHandler; import org.apache.http.cookie.CookieOrigin; +import org.apache.http.cookie.CookieRestrictionViolationException; import org.apache.http.cookie.MalformedCookieException; import org.apache.http.cookie.SetCookie; import org.apache.http.cookie.SetCookie2; @@ -133,7 +134,7 @@ public class RFC2965PortAttributeHandler implements CookieAttributeHandler { if (cookie instanceof ClientCookie && ((ClientCookie) cookie).containsAttribute(ClientCookie.PORT_ATTR)) { if (!portMatch(port, cookie.getPorts())) { - throw new MalformedCookieException( + throw new CookieRestrictionViolationException( "Port attribute violates RFC 2965: " + "Request port not found in cookie's port list."); } diff --git a/httpclient/src/main/java/org/apache/http/impl/cookie/RFC2965VersionAttributeHandler.java b/httpclient/src/main/java/org/apache/http/impl/cookie/RFC2965VersionAttributeHandler.java index 60ff44ffc..ba58824d2 100644 --- a/httpclient/src/main/java/org/apache/http/impl/cookie/RFC2965VersionAttributeHandler.java +++ b/httpclient/src/main/java/org/apache/http/impl/cookie/RFC2965VersionAttributeHandler.java @@ -33,6 +33,7 @@ import org.apache.http.cookie.ClientCookie; import org.apache.http.cookie.Cookie; import org.apache.http.cookie.CookieAttributeHandler; import org.apache.http.cookie.CookieOrigin; +import org.apache.http.cookie.CookieRestrictionViolationException; import org.apache.http.cookie.MalformedCookieException; import org.apache.http.cookie.SetCookie; import org.apache.http.cookie.SetCookie2; @@ -84,7 +85,7 @@ public class RFC2965VersionAttributeHandler implements CookieAttributeHandler { if (cookie instanceof SetCookie2) { if (cookie instanceof ClientCookie && !((ClientCookie) cookie).containsAttribute(ClientCookie.VERSION_ATTR)) { - throw new MalformedCookieException( + throw new CookieRestrictionViolationException( "Violates RFC 2965. Version attribute is required."); } }