/// <exception cref="Apache.Http.Cookie.MalformedCookieException"></exception>
public override void Validate(Apache.Http.Cookie.Cookie cookie, CookieOrigin origin
)
{
base.Validate(cookie, origin);
// Perform Netscape Cookie draft specific validation
string host = origin.GetHost();
string domain = cookie.GetDomain();
if (host.Contains("."))
{
int domainParts = new StringTokenizer(domain, ".").CountTokens();
if (IsSpecialDomain(domain))
{
if (domainParts < 2)
{
throw new CookieRestrictionViolationException("Domain attribute \"" + domain + "\" violates the Netscape cookie specification for "
+ "special domains");
}
}
else
{
if (domainParts < 3)
{
throw new CookieRestrictionViolationException("Domain attribute \"" + domain + "\" violates the Netscape cookie specification"
);
}
}
}
}
public virtual bool Match(Apache.Http.Cookie.Cookie cookie, CookieOrigin origin)
{
Args.NotNull(cookie, "Cookie");
Args.NotNull(origin, "Cookie origin");
string host = origin.GetHost();
string domain = cookie.GetDomain();
if (domain == null)
{
return(false);
}
return(host.Equals(domain) || (domain.StartsWith(".") && host.EndsWith(domain)));
}
public override bool Match(Apache.Http.Cookie.Cookie cookie, CookieOrigin origin)
{
Args.NotNull(cookie, "Cookie");
Args.NotNull(origin, "Cookie origin");
string host = origin.GetHost();
string domain = cookie.GetDomain();
if (domain == null)
{
return(false);
}
return(host.EndsWith(domain));
}
/// <summary>
/// Return a string suitable for sending in a <tt>"Cookie"</tt> header
/// as defined in RFC 2109 for backward compatibility with cookie version 0
/// </summary>
/// <param name="buffer">The char array buffer to use for output</param>
/// <param name="cookie">
/// The
/// <see cref="Apache.Http.Cookie.Cookie">Apache.Http.Cookie.Cookie</see>
/// to be formatted as string
/// </param>
/// <param name="version">The version to use.</param>
protected internal virtual void FormatCookieAsVer(CharArrayBuffer buffer, Apache.Http.Cookie.Cookie
cookie, int version)
{
FormatParamAsVer(buffer, cookie.GetName(), cookie.GetValue(), version);
if (cookie.GetPath() != null)
{
if (cookie is ClientCookie && ((ClientCookie)cookie).ContainsAttribute(ClientCookie
.PathAttr))
{
buffer.Append("; ");
FormatParamAsVer(buffer, "$Path", cookie.GetPath(), version);
}
}
if (cookie.GetDomain() != null)
{
if (cookie is ClientCookie && ((ClientCookie)cookie).ContainsAttribute(ClientCookie
.DomainAttr))
{
buffer.Append("; ");
FormatParamAsVer(buffer, "$Domain", cookie.GetDomain(), version);
}
}
}
/// <exception cref="Apache.Http.Cookie.MalformedCookieException"></exception>
public virtual void Validate(Apache.Http.Cookie.Cookie cookie, CookieOrigin origin
)
{
Args.NotNull(cookie, "Cookie");
Args.NotNull(origin, "Cookie origin");
string host = origin.GetHost();
string domain = cookie.GetDomain();
if (domain == null)
{
throw new CookieRestrictionViolationException("Cookie domain may not be null");
}
if (!domain.Equals(host))
{
int dotIndex = domain.IndexOf('.');
if (dotIndex == -1)
{
throw new CookieRestrictionViolationException("Domain attribute \"" + domain + "\" does not match the host \""
+ host + "\"");
}
// domain must start with dot
if (!domain.StartsWith("."))
{
throw new CookieRestrictionViolationException("Domain attribute \"" + domain + "\" violates RFC 2109: domain must start with a dot"
);
}
// domain must have at least one embedded dot
dotIndex = domain.IndexOf('.', 1);
if (dotIndex < 0 || dotIndex == domain.Length - 1)
{
throw new CookieRestrictionViolationException("Domain attribute \"" + domain + "\" violates RFC 2109: domain must contain an embedded dot"
);
}
host = host.ToLower(Sharpen.Extensions.GetEnglishCulture());
if (!host.EndsWith(domain))
{
throw new CookieRestrictionViolationException("Illegal domain attribute \"" + domain
+ "\". Domain of origin: \"" + host + "\"");
}
// host minus domain may not contain any dots
string hostWithoutDomain = Sharpen.Runtime.Substring(host, 0, host.Length - domain
.Length);
if (hostWithoutDomain.IndexOf('.') != -1)
{
throw new CookieRestrictionViolationException("Domain attribute \"" + domain + "\" violates RFC 2109: host minus domain may not contain any dots"
);
}
}
}
/// <exception cref="Apache.Http.Cookie.MalformedCookieException"></exception>
public virtual void Validate(Apache.Http.Cookie.Cookie cookie, CookieOrigin origin
)
{
Args.NotNull(cookie, "Cookie");
Args.NotNull(origin, "Cookie origin");
// Validate the cookies domain attribute. NOTE: Domains without
// any dots are allowed to support hosts on private LANs that don't
// have DNS names. Since they have no dots, to domain-match the
// request-host and domain must be identical for the cookie to sent
// back to the origin-server.
string host = origin.GetHost();
string domain = cookie.GetDomain();
if (domain == null)
{
throw new CookieRestrictionViolationException("Cookie domain may not be null");
}
if (host.Contains("."))
{
// Not required to have at least two dots. RFC 2965.
// A Set-Cookie2 with Domain=ajax.com will be accepted.
// domain must match host
if (!host.EndsWith(domain))
{
if (domain.StartsWith("."))
{
domain = Sharpen.Runtime.Substring(domain, 1, domain.Length);
}
if (!host.Equals(domain))
{
throw new CookieRestrictionViolationException("Illegal domain attribute \"" + domain
+ "\". Domain of origin: \"" + host + "\"");
}
}
}
else
{
if (!host.Equals(domain))
{
throw new CookieRestrictionViolationException("Illegal domain attribute \"" + domain
+ "\". Domain of origin: \"" + host + "\"");
}
}
}
/// <summary>Match cookie domain attribute.</summary>
/// <remarks>Match cookie domain attribute.</remarks>
public virtual bool Match(Apache.Http.Cookie.Cookie cookie, CookieOrigin origin)
{
Args.NotNull(cookie, "Cookie");
Args.NotNull(origin, "Cookie origin");
string host = origin.GetHost().ToLower(Sharpen.Extensions.GetEnglishCulture());
string cookieDomain = cookie.GetDomain();
// The effective host name MUST domain-match the Domain
// attribute of the cookie.
if (!DomainMatch(host, cookieDomain))
{
return(false);
}
// effective host name minus domain must not contain any dots
string effectiveHostWithoutDomain = Sharpen.Runtime.Substring(host, 0, host.Length
- cookieDomain.Length);
return(effectiveHostWithoutDomain.IndexOf('.') == -1);
}
private bool IsForPublicSuffix(Apache.Http.Cookie.Cookie cookie)
{
string domain = cookie.GetDomain();
if (domain.StartsWith("."))
{
domain = Sharpen.Runtime.Substring(domain, 1);
}
domain = Punycode.ToUnicode(domain);
// An exception rule takes priority over any other matching rule.
if (this.exceptions != null)
{
if (this.exceptions.Contains(domain))
{
return(false);
}
}
if (this.suffixes == null)
{
return(false);
}
do
{
if (this.suffixes.Contains(domain))
{
return(true);
}
// patterns
if (domain.StartsWith("*."))
{
domain = Sharpen.Runtime.Substring(domain, 2);
}
int nextdot = domain.IndexOf('.');
if (nextdot == -1)
{
break;
}
domain = "*" + Sharpen.Runtime.Substring(domain, nextdot);
}while (domain.Length > 0);
return(false);
}
public virtual bool Match(Apache.Http.Cookie.Cookie cookie, CookieOrigin origin)
{
Args.NotNull(cookie, "Cookie");
Args.NotNull(origin, "Cookie origin");
string host = origin.GetHost();
string domain = cookie.GetDomain();
if (domain == null)
{
return(false);
}
if (host.Equals(domain))
{
return(true);
}
if (!domain.StartsWith("."))
{
domain = '.' + domain;
}
return(host.EndsWith(domain) || host.Equals(Sharpen.Runtime.Substring(domain, 1)));
}
private static string FormatCooke(Apache.Http.Cookie.Cookie cookie)
{
StringBuilder buf = new StringBuilder();
buf.Append(cookie.GetName());
buf.Append("=\"");
string v = cookie.GetValue();
if (v.Length > 100)
{
v = Sharpen.Runtime.Substring(v, 0, 100) + "...";
}
buf.Append(v);
buf.Append("\"");
buf.Append(", version:");
buf.Append(Sharpen.Extensions.ToString(cookie.GetVersion()));
buf.Append(", domain:");
buf.Append(cookie.GetDomain());
buf.Append(", path:");
buf.Append(cookie.GetPath());
buf.Append(", expiry:");
buf.Append(cookie.GetExpiryDate());
return(buf.ToString());
}
/// <summary>Validate cookie domain attribute.</summary>
/// <remarks>Validate cookie domain attribute.</remarks>
/// <exception cref="Apache.Http.Cookie.MalformedCookieException"></exception>
public virtual void Validate(Apache.Http.Cookie.Cookie cookie, CookieOrigin origin
)
{
Args.NotNull(cookie, "Cookie");
Args.NotNull(origin, "Cookie origin");
string host = origin.GetHost().ToLower(Sharpen.Extensions.GetEnglishCulture());
if (cookie.GetDomain() == null)
{
throw new CookieRestrictionViolationException("Invalid cookie state: " + "domain not specified"
);
}
string cookieDomain = cookie.GetDomain().ToLower(Sharpen.Extensions.GetEnglishCulture()
);
if (cookie is ClientCookie && ((ClientCookie)cookie).ContainsAttribute(ClientCookie
.DomainAttr))
{
// Domain attribute must start with a dot
if (!cookieDomain.StartsWith("."))
{
throw new CookieRestrictionViolationException("Domain attribute \"" + cookie.GetDomain
() + "\" violates RFC 2109: domain must start with a dot");
}
// Domain attribute must contain at least one embedded dot,
// or the value must be equal to .local.
int dotIndex = cookieDomain.IndexOf('.', 1);
if (((dotIndex < 0) || (dotIndex == cookieDomain.Length - 1)) && (!cookieDomain.Equals
(".local")))
{
throw new CookieRestrictionViolationException("Domain attribute \"" + cookie.GetDomain
() + "\" violates RFC 2965: the value contains no embedded dots " + "and the value is not .local"
);
}
// The effective host name must domain-match domain attribute.
if (!DomainMatch(host, cookieDomain))
{
throw new CookieRestrictionViolationException("Domain attribute \"" + cookie.GetDomain
() + "\" violates RFC 2965: effective host name does not " + "domain-match domain attribute."
);
}
// effective host name minus domain must not contain any dots
string effectiveHostWithoutDomain = Sharpen.Runtime.Substring(host, 0, host.Length
- cookieDomain.Length);
if (effectiveHostWithoutDomain.IndexOf('.') != -1)
{
throw new CookieRestrictionViolationException("Domain attribute \"" + cookie.GetDomain
() + "\" violates RFC 2965: " + "effective host minus domain may not contain any dots"
);
}
}
else
{
// Domain was not specified in header. In this case, domain must
// string match request host (case-insensitive).
if (!cookie.GetDomain().Equals(host))
{
throw new CookieRestrictionViolationException("Illegal domain attribute: \"" + cookie
.GetDomain() + "\"." + "Domain of origin: \"" + host + "\"");
}
}
}