Package java.net

Class HttpCookie

  • All Implemented Interfaces:
    Cloneable
    public final class HttpCookie
extends Object
implements Cloneable
    An opaque key-value value pair held by an HTTP client to permit a stateful session with an HTTP server. This class parses cookie headers for all three commonly used HTTP cookie specifications:
    • The Netscape cookie spec is officially obsolete but widely used in practice. Each cookie contains one key-value pair and the following attributes: Domain, Expires, Path, and Secure. The version of cookies in this format is 0.

      There are no accessors for the Expires attribute. When parsed, expires attributes are assigned to the Max-Age attribute as an offset from now.

    • RFC 2109 formalizes the Netscape cookie spec. It replaces the Expires timestamp with a Max-Age duration and adds Comment and Version attributes. The version of cookies in this format is 1.
    • RFC 2965 refines RFC 2109. It adds Discard, Port, and CommentURL attributes and renames the header from Set-Cookie to Set-Cookie2. The version of cookies in this format is 1.

    Support for the "HttpOnly" attribute specified in RFC 6265 is also included. RFC 6265 is intended to obsolete RFC 2965. Support for features from RFC 2965 that have been deprecated by RFC 6265 such as Cookie2, Set-Cookie2 headers and version information remain supported by this class.

    This implementation silently discards unrecognized attributes.

    Since:
    1.6

    • Constructor Detail

      • HttpCookie

        public HttpCookie​(String name,
                  String value)
        Creates a new cookie.
        Parameters:
        name - a non-empty string that contains only printable ASCII, no commas or semicolons, and is not prefixed with $. May not be an HTTP attribute name.
        value - an opaque value from the HTTP server.
        Throws:
        IllegalArgumentException - if name is invalid.

    • Method Detail

      • domainMatches

        public static boolean domainMatches​(String domainPattern,
                                    String host)
        Returns true if host matches the domain pattern domain.
        Parameters:
        domainPattern - a host name (like android.com or localhost), or a pattern to match subdomains of a domain name (like .android.com). A special case pattern is .local, which matches all hosts without a TLD (like localhost).
        host - the host name or IP address from an HTTP request.

      • parse

        public static List<HttpCookie> parse​(String header)
        Constructs a cookie from a string. The string should comply with set-cookie or set-cookie2 header format as specified in RFC 2965. Since set-cookies2 syntax allows more than one cookie definitions in one header, the returned object is a list.
        Parameters:
        header - a set-cookie or set-cookie2 header.
        Returns:
        a list of constructed cookies
        Throws:
        IllegalArgumentException - if the string does not comply with cookie specification, or the cookie name contains illegal characters, or reserved tokens of cookie specification appears
        NullPointerException - if header is null

      • getComment

        public String getComment()
        Returns the Comment attribute.

      • getCommentURL

        public String getCommentURL()
        Returns the value of CommentURL attribute.

      • getDiscard

        public boolean getDiscard()
        Returns the Discard attribute.

      • getDomain

        public String getDomain()
        Returns the Domain attribute.

      • getMaxAge

        public long getMaxAge()
        Returns the Max-Age attribute, in delta-seconds.

      • getName

        public String getName()
        Returns the name of this cookie.

      • getPath

        public String getPath()
        Returns the Path attribute. This cookie is visible to all subpaths.

      • getPortlist

        public String getPortlist()
        Returns the Port attribute, usually containing comma-separated port numbers. A null port indicates that the cookie may be sent to any port. The empty string indicates that the cookie should only be sent to the port of the originating request.

      • getSecure

        public boolean getSecure()
        Returns the Secure attribute.

      • getValue

        public String getValue()
        Returns the value of this cookie.

      • getVersion

        public int getVersion()
        Returns the version of this cookie.

      • hasExpired

        public boolean hasExpired()
        Returns true if this cookie's Max-Age is 0.

      • setComment

        public void setComment​(String comment)
        Set the Comment attribute of this cookie.

      • setCommentURL

        public void setCommentURL​(String commentURL)
        Set the CommentURL attribute of this cookie.

      • setDiscard

        public void setDiscard​(boolean discard)
        Set the Discard attribute of this cookie.

      • setDomain

        public void setDomain​(String pattern)
        Set the Domain attribute of this cookie. HTTP clients send cookies only to matching domains.

      • setMaxAge

        public void setMaxAge​(long deltaSeconds)
        Sets the Max-Age attribute of this cookie.

      • setPath

        public void setPath​(String path)
        Set the Path attribute of this cookie. HTTP clients send cookies to this path and its subpaths.

      • setPortlist

        public void setPortlist​(String portList)
        Set the Port attribute of this cookie.

      • setSecure

        public void setSecure​(boolean secure)
        Sets the Secure attribute of this cookie.

      • setValue

        public void setValue​(String value)
        Sets the opaque value of this cookie.

      • setVersion

        public void setVersion​(int newVersion)
        Sets the Version attribute of the cookie.
        Throws:
        IllegalArgumentException - if v is neither 0 nor 1

      • clone

        public Object clone()
        Description copied from class: Object
        Creates and returns a copy of this Object. The default implementation returns a so-called "shallow" copy: It creates a new instance of the same class and then copies the field values (including object references) from this instance to the new instance. A "deep" copy, in contrast, would also recursively clone nested objects. A subclass that needs to implement this kind of cloning should call super.clone() to create the new instance and then create deep copies of the nested, mutable objects.
        Overrides:
        clone in class Object
        Returns:
        a copy of this object.

      • equals

        public boolean equals​(Object object)
        Returns true if object is a cookie with the same domain, name and path. Domain and name use case-insensitive comparison; path uses a case-sensitive comparison.
        Overrides:
        equals in class Object
        Parameters:
        object - the object to compare this instance with.
        Returns:
        true if the specified object is equal to this Object; false otherwise.
        See Also:
        Object.hashCode()

      • hashCode

        public int hashCode()
        Returns the hash code of this HTTP cookie: 
           
   name.toLowerCase(Locale.US).hashCode()
       + (domain == null ? 0 : domain.toLowerCase(Locale.US).hashCode())
       + (path == null ? 0 : path.hashCode())
        Overrides:
        hashCode in class Object
        Returns:
        this object's hash code.
        See Also:
        Object.equals(java.lang.Object)

      • toString

        public String toString()
        Returns a string representing this cookie in the format used by the Cookie header line in an HTTP request as specified by RFC 2965 section 3.3.4.

        The resulting string does not include a "Cookie:" prefix or any version information. The returned String is not suitable for passing to parse(String): Several of the attributes that would be needed to preserve all of the cookie's information are omitted. The String is formatted for an HTTP request not an HTTP response.

        The attributes included and the format depends on the cookie's version:

        • Version 0: Includes only the name and value. Conforms to RFC 2965 (for version 0 cookies). This should also be used to conform with RFC 6265.
        • Version 1: Includes the name and value, and Path, Domain and Port attributes. Conforms to RFC 2965 (for version 1 cookies).
        Overrides:
        toString in class Object
        Returns:
        a printable representation of this object.