View Javadoc

1   /*
2    * Copyright 2015 The Netty Project
3    *
4    * The Netty Project licenses this file to you under the Apache License,
5    * version 2.0 (the "License"); you may not use this file except in compliance
6    * with the License. You may obtain a copy of the License at:
7    *
8    *   http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12   * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13   * License for the specific language governing permissions and limitations
14   * under the License.
15   */
16  package io.netty.handler.codec.http.cookie;
17  
18  import io.netty.handler.codec.http.HttpConstants;
19  import io.netty.util.internal.InternalThreadLocalMap;
20  
21  import java.util.BitSet;
22  
23  final class CookieUtil {
24  
25      private static final BitSet VALID_COOKIE_NAME_OCTETS = validCookieNameOctets();
26  
27      private static final BitSet VALID_COOKIE_VALUE_OCTETS = validCookieValueOctets();
28  
29      private static final BitSet VALID_COOKIE_ATTRIBUTE_VALUE_OCTETS = validCookieAttributeValueOctets();
30  
31      // token = 1*<any CHAR except CTLs or separators>
32      // separators = "(" | ")" | "<" | ">" | "@"
33      // | "," | ";" | ":" | "\" | <">
34      // | "/" | "[" | "]" | "?" | "="
35      // | "{" | "}" | SP | HT
36      private static BitSet validCookieNameOctets() {
37          BitSet bits = new BitSet();
38          for (int i = 32; i < 127; i++) {
39              bits.set(i);
40          }
41          int[] separators = new int[]
42                  { '(', ')', '<', '>', '@', ',', ';', ':', '\\', '"', '/', '[', ']', '?', '=', '{', '}', ' ', '\t' };
43          for (int separator : separators) {
44              bits.set(separator, false);
45          }
46          return bits;
47      }
48  
49      // cookie-octet = %x21 / %x23-2B / %x2D-3A / %x3C-5B / %x5D-7E
50      // US-ASCII characters excluding CTLs, whitespace, DQUOTE, comma, semicolon, and backslash
51      private static BitSet validCookieValueOctets() {
52          BitSet bits = new BitSet();
53          bits.set(0x21);
54          for (int i = 0x23; i <= 0x2B; i++) {
55              bits.set(i);
56          }
57          for (int i = 0x2D; i <= 0x3A; i++) {
58              bits.set(i);
59          }
60          for (int i = 0x3C; i <= 0x5B; i++) {
61              bits.set(i);
62          }
63          for (int i = 0x5D; i <= 0x7E; i++) {
64              bits.set(i);
65          }
66          return bits;
67      }
68  
69      // path-value        = <any CHAR except CTLs or ";">
70      private static BitSet validCookieAttributeValueOctets() {
71          BitSet bits = new BitSet();
72          for (int i = 32; i < 127; i++) {
73              bits.set(i);
74          }
75          bits.set(';', false);
76          return bits;
77      }
78  
79      static StringBuilder stringBuilder() {
80          return InternalThreadLocalMap.get().stringBuilder();
81      }
82  
83      /**
84       * @param buf a buffer where some cookies were maybe encoded
85       * @return the buffer String without the trailing separator, or null if no cookie was appended.
86       */
87      static String stripTrailingSeparatorOrNull(StringBuilder buf) {
88          return buf.length() == 0 ? null : stripTrailingSeparator(buf);
89      }
90  
91      static String stripTrailingSeparator(StringBuilder buf) {
92          if (buf.length() > 0) {
93              buf.setLength(buf.length() - 2);
94          }
95          return buf.toString();
96      }
97  
98      static void add(StringBuilder sb, String name, long val) {
99          sb.append(name);
100         sb.append((char) HttpConstants.EQUALS);
101         sb.append(val);
102         sb.append((char) HttpConstants.SEMICOLON);
103         sb.append((char) HttpConstants.SP);
104     }
105 
106     static void add(StringBuilder sb, String name, String val) {
107         sb.append(name);
108         sb.append((char) HttpConstants.EQUALS);
109         sb.append(val);
110         sb.append((char) HttpConstants.SEMICOLON);
111         sb.append((char) HttpConstants.SP);
112     }
113 
114     static void add(StringBuilder sb, String name) {
115         sb.append(name);
116         sb.append((char) HttpConstants.SEMICOLON);
117         sb.append((char) HttpConstants.SP);
118     }
119 
120     static void addQuoted(StringBuilder sb, String name, String val) {
121         if (val == null) {
122             val = "";
123         }
124 
125         sb.append(name);
126         sb.append((char) HttpConstants.EQUALS);
127         sb.append((char) HttpConstants.DOUBLE_QUOTE);
128         sb.append(val);
129         sb.append((char) HttpConstants.DOUBLE_QUOTE);
130         sb.append((char) HttpConstants.SEMICOLON);
131         sb.append((char) HttpConstants.SP);
132     }
133 
134     static int firstInvalidCookieNameOctet(CharSequence cs) {
135         return firstInvalidOctet(cs, VALID_COOKIE_NAME_OCTETS);
136     }
137 
138     static int firstInvalidCookieValueOctet(CharSequence cs) {
139         return firstInvalidOctet(cs, VALID_COOKIE_VALUE_OCTETS);
140     }
141 
142     static int firstInvalidOctet(CharSequence cs, BitSet bits) {
143         for (int i = 0; i < cs.length(); i++) {
144             char c = cs.charAt(i);
145             if (!bits.get(c)) {
146                 return i;
147             }
148         }
149         return -1;
150     }
151 
152     static CharSequence unwrapValue(CharSequence cs) {
153         final int len = cs.length();
154         if (len > 0 && cs.charAt(0) == '"') {
155             if (len >= 2 && cs.charAt(len - 1) == '"') {
156                 // properly balanced
157                 return len == 2 ? "" : cs.subSequence(1, len - 1);
158             } else {
159                 return null;
160             }
161         }
162         return cs;
163     }
164 
165     static String validateAttributeValue(String name, String value) {
166         if (value == null) {
167             return null;
168         }
169         value = value.trim();
170         if (value.isEmpty()) {
171             return null;
172         }
173         int i = firstInvalidOctet(value, VALID_COOKIE_ATTRIBUTE_VALUE_OCTETS);
174         if (i != -1) {
175             throw new IllegalArgumentException(name + " contains the prohibited characters: " + value.charAt(i));
176         }
177         return value;
178     }
179 
180     private CookieUtil() {
181         // Unused
182     }
183 }