Module org.eclipse.jetty.server
Package org.eclipse.jetty.server

Class HttpCookieUtils

java.lang.Object
org.eclipse.jetty.server.HttpCookieUtils
public final class HttpCookieUtils extends Object

Utility methods for server-side HTTP cookie handling.

  • Field Details

    • SAME_SITE_DEFAULT_ATTRIBUTE

      public static final String SAME_SITE_DEFAULT_ATTRIBUTE
      Name of context attribute with default SameSite cookie value
      See Also:

  • Method Details

    • checkSameSite

      public static org.eclipse.jetty.http.HttpCookie checkSameSite(org.eclipse.jetty.http.HttpCookie cookie, org.eclipse.jetty.util.Attributes attributes)
      Check that samesite is set on the cookie. If not, use a context default value, if one has been set.
      Parameters:
      cookie - the cookie to check
      attributes - the context to check settings
      Returns:
      either the original cookie, or a new one that has the samesit default set

    • extractBasics

      public static Map<String,String> extractBasics(String setCookieHeader)
      Extract the bare minimum of info from a Set-Cookie header string.

      Ideally this method should not be necessary, however as java.net.HttpCookie does not yet support generic attributes, we have to use it in a minimal fashion. When it supports attributes, we could look at reverting to a constructor on o.e.j.h.HttpCookie to take the set-cookie header string.

      Parameters:
      setCookieHeader - the header as a string
      Returns:
      a map containing the name, value, domain, path. max-age of the set cookie header

    • getSameSiteDefault

      public static org.eclipse.jetty.http.HttpCookie.SameSite getSameSiteDefault(org.eclipse.jetty.util.Attributes contextAttributes)
      Get the default value for SameSite cookie attribute, if one has been set for the given context.
      Parameters:
      contextAttributes - the context to check for default SameSite value
      Returns:
      the default SameSite value or null if one does not exist
      Throws:
      IllegalStateException - if the default value is not a permitted value

    • getSetCookie

      public static String getSetCookie(org.eclipse.jetty.http.HttpCookie httpCookie, org.eclipse.jetty.http.CookieCompliance compliance)

    • getRFC2965SetCookie

      public static String getRFC2965SetCookie(org.eclipse.jetty.http.HttpCookie httpCookie)

    • getRFC6265SetCookie

      public static String getRFC6265SetCookie(org.eclipse.jetty.http.HttpCookie httpCookie)

    • match

      public static boolean match(String setCookieHeader, String name, String domain, String path)
      Check if the Set-Cookie header represented as a string is for the name, domain and path given.
      Parameters:
      setCookieHeader - a Set-Cookie header
      name - the cookie name to check
      domain - the cookie domain to check
      path - the cookie path to check
      Returns:
      true if all of the name, domain and path match the Set-Cookie header, false otherwise

    • match

      public static boolean match(org.eclipse.jetty.http.HttpCookie cookie, String name, String domain, String path)
      Check if the HttpCookie is for the given name, domain and path.
      Parameters:
      cookie - the jetty HttpCookie to check
      name - the cookie name to check
      domain - the cookie domain to check
      path - the cookie path to check
      Returns:
      true if name, domain, and path, match all match the HttpCookie, false otherwise

    • getSetCookie

      public static org.eclipse.jetty.http.HttpCookie getSetCookie(org.eclipse.jetty.http.HttpField field)
      Get a HttpHeader.SET_COOKIE field as a HttpCookie, either by optimally checking for a HttpCookieUtils.SetCookieHttpField or by parsing the value with parseSetCookie(String).
      Parameters:
      field - The field
      Returns:
      The field value as a HttpCookie or null if the field is not a HttpHeader.SET_COOKIE or cannot be parsed.

    • parseSetCookie

      public static org.eclipse.jetty.http.HttpCookie parseSetCookie(String value)