Class PublicSuffixFilter

  • All Implemented Interfaces:
    CookieAttributeHandler

    @Deprecated
    public class PublicSuffixFilter
    extends java.lang.Object
    implements CookieAttributeHandler
    Deprecated.
    Wraps a CookieAttributeHandler and leverages its match method to never match a suffix from a black list. May be used to provide additional security for cross-site attack types by preventing cookies from apparent domains that are not publicly available. An uptodate list of suffixes can be obtained from publicsuffix.org
    Since:
    4.0
    • Method Summary

      All Methods Instance Methods Concrete Methods Deprecated Methods 
      Modifier and Type Method Description
      boolean match​(Cookie cookie, CookieOrigin origin)
      Deprecated.
      Never matches if the cookie's domain is from the blacklist.
      void parse​(SetCookie cookie, java.lang.String value)
      Deprecated.
      Parse the given cookie attribute value and update the corresponding Cookie property.
      void setExceptions​(java.util.Collection<java.lang.String> exceptions)
      Deprecated.
      Sets the exceptions from the blacklist.
      void setPublicSuffixes​(java.util.Collection<java.lang.String> suffixes)
      Deprecated.
      Sets the suffix blacklist patterns.
      void validate​(Cookie cookie, CookieOrigin origin)
      Deprecated.
      Peforms cookie validation for the given attribute value.
      • Methods inherited from class java.lang.Object

        equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Method Detail

      • setPublicSuffixes

        public void setPublicSuffixes​(java.util.Collection<java.lang.String> suffixes)
        Deprecated.
        Sets the suffix blacklist patterns. A pattern can be "com", "*.jp" TODO add support for patterns like "lib.*.us"
        Parameters:
        suffixes -
      • setExceptions

        public void setExceptions​(java.util.Collection<java.lang.String> exceptions)
        Deprecated.
        Sets the exceptions from the blacklist. Exceptions can not be patterns. TODO add support for patterns
        Parameters:
        exceptions -
      • match

        public boolean match​(Cookie cookie,
                             CookieOrigin origin)
        Deprecated.
        Never matches if the cookie's domain is from the blacklist.
        Specified by:
        match in interface CookieAttributeHandler
        Parameters:
        cookie - Cookie to match
        origin - the cookie source to match against
        Returns:
        true if the match is successful; false otherwise