/* * Licensed to the Apache Software Foundation (ASF) under one or more * contributor license agreements. See the NOTICE file distributed with * this work for additional information regarding copyright ownership. * The ASF licenses this file to You under the Apache License, Version 2.0 * (the "License"); you may not use this file except in compliance with * the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License.
*/ package org.apache.tomcat.util.http.parser;
/** * <p> * Cookie header parser based on RFC6265 * </p> * <p> * The parsing of cookies using RFC6265 is more relaxed that the specification in the following ways: * </p> * <ul> * <li>Values 0x80 to 0xFF are permitted in cookie-octet to support the use of UTF-8 in cookie values as used by HTML * 5.</li> * <li>For cookies without a value, the '=' is not required after the name as some browsers do not sent it.</li> * </ul> * <p> * Implementation note:<br> * This class has been carefully tuned. Before committing any changes, ensure that the TesterCookiePerformance unit test * continues to give results within 1% for the old and new parsers. * </p>
*/ publicclass Cookie {
privatestaticfinal Log log = LogFactory.getLog(Cookie.class); privatestaticfinal UserDataHelper invalidCookieLog = new UserDataHelper(log); privatestaticfinal StringManager sm = StringManager.getManager("org.apache.tomcat.util.http.parser");
static { // %x21 / %x23-2B / %x2D-3A / %x3C-5B / %x5D-7E (RFC6265) // %x80 to %xFF (UTF-8) for (int i = 0; i < 256; i++) { if (i < 0x21 || i == QUOTE_BYTE || i == COMMA_BYTE || i == SEMICOLON_BYTE || i == SLASH_BYTE ||
i == DEL_BYTE) {
isCookieOctet[i] = false;
} else {
isCookieOctet[i] = true;
}
} for (int i = 0; i < 256; i++) { if (i < TAB_BYTE || (i > TAB_BYTE && i < SPACE_BYTE) || i == DEL_BYTE) {
isText[i] = false;
} else {
isText[i] = true;
}
}
}
private Cookie() { // Hide default constructor
}
publicstaticvoid parseCookie(byte[] bytes, int offset, int len, ServerCookies serverCookies) {
// ByteBuffer is used throughout this parser as it allows the byte[] // and position information to be easily passed between parsing methods
ByteBuffer bb = new ByteBuffer(bytes, offset, len);
boolean moreToProcess = true;
while (moreToProcess) {
skipLWS(bb);
int start = bb.position();
ByteBuffer name = readToken(bb);
ByteBuffer value = null;
skipLWS(bb);
SkipResult skipResult = skipByte(bb, EQUALS_BYTE); if (skipResult == SkipResult.FOUND) {
skipLWS(bb);
value = readCookieValueRfc6265(bb); if (value == null) { // Invalid cookie value. Skip to the next semi-colon
skipUntilSemiColon(bb);
logInvalidHeader(start, bb); continue;
}
skipLWS(bb);
}
skipResult = skipByte(bb, SEMICOLON_BYTE); if (skipResult == SkipResult.FOUND) { // NO-OP
} elseif (skipResult == SkipResult.NOT_FOUND) { // Invalid cookie. Ignore it and skip to the next semi-colon
skipUntilSemiColon(bb);
logInvalidHeader(start, bb); continue;
} else { // SkipResult.EOF
moreToProcess = false;
}
Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.
Bemerkung:
Die farbliche Syntaxdarstellung und die Messung sind noch experimentell.
