本文整理了Java中javax.servlet.http.Cookie.setHttpOnly()
方法的一些代码示例,展示了Cookie.setHttpOnly()
的具体用法。这些代码示例主要来源于Github
/Stackoverflow
/Maven
等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。Cookie.setHttpOnly()
方法的具体详情如下:
包路径:javax.servlet.http.Cookie
类名称:Cookie
方法名:setHttpOnly
[英]Marks or unmarks this Cookie as HttpOnly.
If isHttpOnly is set to true, this cookie is marked as HttpOnly, by adding the HttpOnly attribute to it.
HttpOnly cookies are not supposed to be exposed to client-side scripting code, and may therefore help mitigate certain kinds of cross-site scripting attacks.
[中]将此Cookie标记为HttpOnly或取消标记为HttpOnly。
如果ishtponly设置为true,则通过向该cookie添加HttpOnly属性,将其标记为HttpOnly。
HttpOnly Cookie不应暴露于客户端脚本代码中,因此可能有助于缓解某些类型的跨站点脚本攻击。
代码示例来源:origin: ninjaframework/ninja
@Override
public void setHttpOnly(Cookie cookie) {
cookie.setHttpOnly(true);
}
代码示例来源:origin: xuxueli/xxl-job
/**
* 保存
*
* @param response
* @param key
* @param value
* @param maxAge
*/
private static void set(HttpServletResponse response, String key, String value, String domain, String path, int maxAge, boolean isHttpOnly) {
Cookie cookie = new Cookie(key, value);
if (domain != null) {
cookie.setDomain(domain);
}
cookie.setPath(path);
cookie.setMaxAge(maxAge);
cookie.setHttpOnly(isHttpOnly);
response.addCookie(cookie);
}
代码示例来源:origin: perwendel/spark
/**
* Adds cookie to the response. Can be invoked multiple times to insert more than one cookie.
*
* @param domain domain of the cookie
* @param path path of the cookie
* @param name name of the cookie
* @param value value of the cookie
* @param maxAge max age of the cookie in seconds (negative for the not persistent cookie, zero - deletes the cookie)
* @param secured if true : cookie will be secured
* @param httpOnly if true: cookie will be marked as http only
*/
public void cookie(String domain, String path, String name, String value, int maxAge, boolean secured, boolean httpOnly) {
Cookie cookie = new Cookie(name, value);
cookie.setPath(path);
cookie.setDomain(domain);
cookie.setMaxAge(maxAge);
cookie.setSecure(secured);
cookie.setHttpOnly(httpOnly);
response.addCookie(cookie);
}
代码示例来源:origin: cloudfoundry/uaa
public Cookie getNullCookie() {
Cookie currentUserCookie = new Cookie(CURRENT_USER_COOKIE_NAME, null);
currentUserCookie.setHttpOnly(false);
currentUserCookie.setMaxAge(0);
currentUserCookie.setPath("/");
return currentUserCookie;
}
代码示例来源:origin: apache/nifi
private void removeOidcRequestCookie(final HttpServletResponse httpServletResponse) {
final Cookie cookie = new Cookie(OIDC_REQUEST_IDENTIFIER, null);
cookie.setPath("/");
cookie.setHttpOnly(true);
cookie.setMaxAge(0);
cookie.setSecure(true);
httpServletResponse.addCookie(cookie);
}
代码示例来源:origin: jfinal/jfinal
private Controller doSetCookie(String name, String value, int maxAgeInSeconds, String path, String domain, Boolean isHttpOnly) {
Cookie cookie = new Cookie(name, value);
cookie.setMaxAge(maxAgeInSeconds);
// set the default path value to "/"
if (path == null) {
path = "/";
}
cookie.setPath(path);
if (domain != null) {
cookie.setDomain(domain);
}
if (isHttpOnly != null) {
cookie.setHttpOnly(isHttpOnly);
}
response.addCookie(cookie);
return this;
}
代码示例来源:origin: SonarSource/sonarqube
public Cookie build() {
Cookie cookie = new Cookie(requireNonNull(name), value);
cookie.setPath(getContextPath(request));
cookie.setSecure(isHttps(request));
cookie.setHttpOnly(httpOnly);
cookie.setMaxAge(expiry);
return cookie;
}
代码示例来源:origin: spring-projects/spring-framework
/**
* Remove the cookie that this generator describes from the response.
* Will generate a cookie with empty value and max age 0.
* <p>Delegates to {@link #createCookie} for cookie creation.
* @param response the HTTP response to remove the cookie from
* @see #setCookieName
* @see #setCookieDomain
* @see #setCookiePath
*/
public void removeCookie(HttpServletResponse response) {
Assert.notNull(response, "HttpServletResponse must not be null");
Cookie cookie = createCookie("");
cookie.setMaxAge(0);
if (isCookieSecure()) {
cookie.setSecure(true);
}
if (isCookieHttpOnly()) {
cookie.setHttpOnly(true);
}
response.addCookie(cookie);
if (logger.isTraceEnabled()) {
logger.trace("Removed cookie '" + getCookieName() + "'");
}
}
代码示例来源:origin: spring-projects/spring-framework
/**
* Add a cookie with the given value to the response,
* using the cookie descriptor settings of this generator.
* <p>Delegates to {@link #createCookie} for cookie creation.
* @param response the HTTP response to add the cookie to
* @param cookieValue the value of the cookie to add
* @see #setCookieName
* @see #setCookieDomain
* @see #setCookiePath
* @see #setCookieMaxAge
*/
public void addCookie(HttpServletResponse response, String cookieValue) {
Assert.notNull(response, "HttpServletResponse must not be null");
Cookie cookie = createCookie(cookieValue);
Integer maxAge = getCookieMaxAge();
if (maxAge != null) {
cookie.setMaxAge(maxAge);
}
if (isCookieSecure()) {
cookie.setSecure(true);
}
if (isCookieHttpOnly()) {
cookie.setHttpOnly(true);
}
response.addCookie(cookie);
if (logger.isTraceEnabled()) {
logger.trace("Added cookie [" + getCookieName() + "=" + cookieValue + "]");
}
}
代码示例来源:origin: org.springframework/spring-web
/**
* Remove the cookie that this generator describes from the response.
* Will generate a cookie with empty value and max age 0.
* <p>Delegates to {@link #createCookie} for cookie creation.
* @param response the HTTP response to remove the cookie from
* @see #setCookieName
* @see #setCookieDomain
* @see #setCookiePath
*/
public void removeCookie(HttpServletResponse response) {
Assert.notNull(response, "HttpServletResponse must not be null");
Cookie cookie = createCookie("");
cookie.setMaxAge(0);
if (isCookieSecure()) {
cookie.setSecure(true);
}
if (isCookieHttpOnly()) {
cookie.setHttpOnly(true);
}
response.addCookie(cookie);
if (logger.isTraceEnabled()) {
logger.trace("Removed cookie '" + getCookieName() + "'");
}
}
代码示例来源:origin: gocd/gocd
public SELF hasCookie(String path, String name, String value, int maxAge, boolean secured, boolean httpOnly) {
Cookie actualCookie = actual.getCookie(name);
Cookie expectedCookie = new Cookie(name, value);
expectedCookie.setDomain("");
expectedCookie.setPath(path);
expectedCookie.setMaxAge(maxAge);
expectedCookie.setSecure(secured);
expectedCookie.setHttpOnly(httpOnly);
if (!EqualsBuilder.reflectionEquals(expectedCookie, actualCookie)) {
this.as("cookie");
throw Failures.instance().failure(info, shouldBeEqual(ReflectionToStringBuilder.toString(actualCookie, ToStringStyle.MULTI_LINE_STYLE), ReflectionToStringBuilder.toString(expectedCookie, ToStringStyle.MULTI_LINE_STYLE), info.representation()));
}
return myself;
}
代码示例来源:origin: spring-projects/spring-framework
@Test
public void cookies() {
Cookie cookie = new Cookie("foo", "bar");
cookie.setPath("/path");
cookie.setDomain("example.com");
cookie.setMaxAge(0);
cookie.setSecure(true);
cookie.setHttpOnly(true);
response.addCookie(cookie);
assertEquals("foo=bar; Path=/path; Domain=example.com; " +
"Max-Age=0; Expires=Thu, 1 Jan 1970 00:00:00 GMT; " +
"Secure; HttpOnly", response.getHeader(HttpHeaders.SET_COOKIE));
}
代码示例来源:origin: spring-projects/spring-framework
@Override
protected void applyCookies() {
for (String name : getCookies().keySet()) {
for (ResponseCookie httpCookie : getCookies().get(name)) {
Cookie cookie = new Cookie(name, httpCookie.getValue());
if (!httpCookie.getMaxAge().isNegative()) {
cookie.setMaxAge((int) httpCookie.getMaxAge().getSeconds());
}
if (httpCookie.getDomain() != null) {
cookie.setDomain(httpCookie.getDomain());
}
if (httpCookie.getPath() != null) {
cookie.setPath(httpCookie.getPath());
}
cookie.setSecure(httpCookie.isSecure());
cookie.setHttpOnly(httpCookie.isHttpOnly());
this.response.addCookie(cookie);
}
}
}
代码示例来源:origin: org.springframework/spring-web
/**
* Add a cookie with the given value to the response,
* using the cookie descriptor settings of this generator.
* <p>Delegates to {@link #createCookie} for cookie creation.
* @param response the HTTP response to add the cookie to
* @param cookieValue the value of the cookie to add
* @see #setCookieName
* @see #setCookieDomain
* @see #setCookiePath
* @see #setCookieMaxAge
*/
public void addCookie(HttpServletResponse response, String cookieValue) {
Assert.notNull(response, "HttpServletResponse must not be null");
Cookie cookie = createCookie(cookieValue);
Integer maxAge = getCookieMaxAge();
if (maxAge != null) {
cookie.setMaxAge(maxAge);
}
if (isCookieSecure()) {
cookie.setSecure(true);
}
if (isCookieHttpOnly()) {
cookie.setHttpOnly(true);
}
response.addCookie(cookie);
if (logger.isTraceEnabled()) {
logger.trace("Added cookie [" + getCookieName() + "=" + cookieValue + "]");
}
}
代码示例来源:origin: cloudfoundry/uaa
public Cookie getCookie(UaaPrincipal uaaPrincipal) throws CurrentUserCookieEncodingException {
CurrentUserInformation currentUserInformation = new CurrentUserInformation();
currentUserInformation.setUserId(uaaPrincipal.getId());
Cookie cookie = new Cookie(CURRENT_USER_COOKIE_NAME, urlEncode(JsonUtils.writeValueAsString(currentUserInformation)));
cookie.setPath("/");
cookie.setHttpOnly(false);
cookie.setMaxAge(sessionTimeout);
return cookie;
}
代码示例来源:origin: jenkinsci/jenkins
/**
* Handles the logout processing.
*
* <p>
* The default implementation erases the session and do a few other clean up, then
* redirect the user to the URL specified by {@link #getPostLogOutUrl(StaplerRequest, Authentication)}.
*
* @since 1.314
*/
public void doLogout(StaplerRequest req, StaplerResponse rsp) throws IOException, ServletException {
HttpSession session = req.getSession(false);
if(session!=null)
session.invalidate();
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
SecurityContextHolder.clearContext();
// reset remember-me cookie
Cookie cookie = new Cookie(ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,"");
cookie.setMaxAge(0);
cookie.setSecure(req.isSecure());
cookie.setHttpOnly(true);
cookie.setPath(req.getContextPath().length()>0 ? req.getContextPath() : "/");
rsp.addCookie(cookie);
rsp.sendRedirect2(getPostLogOutUrl(req,auth));
}
代码示例来源:origin: org.springframework/spring-web
@Override
protected void applyCookies() {
for (String name : getCookies().keySet()) {
for (ResponseCookie httpCookie : getCookies().get(name)) {
Cookie cookie = new Cookie(name, httpCookie.getValue());
if (!httpCookie.getMaxAge().isNegative()) {
cookie.setMaxAge((int) httpCookie.getMaxAge().getSeconds());
}
if (httpCookie.getDomain() != null) {
cookie.setDomain(httpCookie.getDomain());
}
if (httpCookie.getPath() != null) {
cookie.setPath(httpCookie.getPath());
}
cookie.setSecure(httpCookie.isSecure());
cookie.setHttpOnly(httpCookie.isHttpOnly());
this.response.addCookie(cookie);
}
}
}
代码示例来源:origin: spring-projects/spring-framework
@Test
public void buildResponseHeaders() throws Exception {
this.response.addHeader("Content-Type", "text/html");
this.response.addHeader("X-Test", "value");
Cookie cookie = new Cookie("cookieA", "valueA");
cookie.setDomain("domain");
cookie.setPath("/path");
cookie.setMaxAge(1800);
cookie.setSecure(true);
cookie.setHttpOnly(true);
this.response.addCookie(cookie);
WebResponse webResponse = this.responseBuilder.build();
List<NameValuePair> responseHeaders = webResponse.getResponseHeaders();
assertThat(responseHeaders.size(), equalTo(3));
NameValuePair header = responseHeaders.get(0);
assertThat(header.getName(), equalTo("Content-Type"));
assertThat(header.getValue(), equalTo("text/html"));
header = responseHeaders.get(1);
assertThat(header.getName(), equalTo("X-Test"));
assertThat(header.getValue(), equalTo("value"));
header = responseHeaders.get(2);
assertThat(header.getName(), equalTo("Set-Cookie"));
assertThat(header.getValue(), startsWith("cookieA=valueA; Path=/path; Domain=domain; Max-Age=1800; Expires="));
assertThat(header.getValue(), endsWith("; Secure; HttpOnly"));
}
代码示例来源:origin: spring-projects/spring-framework
Cookie enigmaCookie = new Cookie("enigma", "42");
enigmaCookie.setComment("This is a comment");
enigmaCookie.setHttpOnly(true);
enigmaCookie.setMaxAge(1234);
enigmaCookie.setDomain(".example.com");
代码示例来源:origin: cloudfoundry/uaa
public MockHttpServletRequest postProcessRequest(MockHttpServletRequest request) {
CsrfTokenRepository repository = new CookieBasedCsrfTokenRepository();
CsrfToken token = repository.generateToken(request);
repository.saveToken(token, request, new MockHttpServletResponse());
String tokenValue = token.getToken();
Cookie cookie = new Cookie(token.getParameterName(), tokenValue);
cookie.setHttpOnly(true);
Cookie[] cookies = request.getCookies();
if (cookies == null) {
request.setCookies(cookie);
} else {
addCsrfCookie(request, cookie, cookies);
}
request.setParameter(token.getParameterName(), useInvalidToken ? "invalid" + tokenValue : tokenValue);
return request;
}
内容来源于网络,如有侵权,请联系作者删除!