257N/A/*
2362N/A * Copyright (c) 2008, Oracle and/or its affiliates. All rights reserved.
257N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
257N/A *
257N/A * This code is free software; you can redistribute it and/or modify it
257N/A * under the terms of the GNU General Public License version 2 only, as
257N/A * published by the Free Software Foundation.
257N/A *
257N/A * This code is distributed in the hope that it will be useful, but WITHOUT
257N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
257N/A * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
257N/A * version 2 for more details (a copy is included in the LICENSE file that
257N/A * accompanied this code).
257N/A *
257N/A * You should have received a copy of the GNU General Public License version
257N/A * 2 along with this work; if not, write to the Free Software Foundation,
257N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
257N/A *
2362N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
2362N/A * or visit www.oracle.com if you need additional information or have any
2362N/A * questions.
257N/A */
257N/A
257N/A/*
257N/A * @test
1788N/A * @bug 6644726 6873543
257N/A * @summary Cookie management issues
257N/A */
257N/A
257N/Aimport java.net.*;
257N/Aimport java.util.*;
257N/A
257N/Apublic class B6644726 {
257N/A public static void main(String[] args) throws Exception {
257N/A testCookieStore();
257N/A }
257N/A
257N/A private static void testCookieStore() throws Exception {
257N/A CookieManager cm = new CookieManager();
257N/A CookieStore cs = cm.getCookieStore();
257N/A URI uri = new URI("http://www.s1.sun.com/dir/foo/doc.html");
257N/A URI suri = new URI("https://www.s1.sun.com/dir/foo/index.html");
257N/A cm.setCookiePolicy(CookiePolicy.ACCEPT_ALL);
257N/A
257N/A ArrayList<String> lst = new ArrayList<String>();
257N/A // Let's test the default path
257N/A lst.add("myCookie1=foo");
257N/A // Then some alternate expires format
257N/A lst.add("myCookie2=bar; path=/dir; expires=Tue, 19 Aug 2025 16:00:00 GMT");
257N/A lst.add("myCookie3=test; path=/dir; expires=Tue Aug 19 2025 16:00:00 GMT-0100");
257N/A // Then Netscape draft cookies and domains
257N/A lst.add("myCookie4=test; domain=.sun.com; path=/dir/foo");
257N/A HashMap<String, List<String>> map = new HashMap<String, List<String>>();
257N/A map.put("Set-Cookie", lst);
257N/A cm.put(uri, map);
257N/A map.clear();
257N/A lst.clear();
257N/A // Test for secure tag
257N/A lst.add("myCookie5=test; secure");
257N/A // Test for passing cookies between http and https
257N/A map.put("Set-Cookie", lst);
257N/A cm.put(suri, map);
257N/A
257N/A List<HttpCookie> cookies = cs.getCookies();
257N/A // There should be 5 cookies if all dates parsed correctly
257N/A if (cookies.size() != 5) {
257N/A fail("Should have 5 cookies. Got only "+ cookies.size() + ", expires probably didn't parse correctly");
257N/A }
257N/A // Check Path for first Cookie
257N/A for (HttpCookie c : cookies) {
257N/A if (c.getName().equals("myCookie1")) {
257N/A if (!"/dir/foo/".equals(c.getPath())) {
257N/A fail("Default path for myCookie1 is " + c.getPath());
257N/A }
257N/A }
257N/A }
257N/A
257N/A HashMap<String, List<String>> emptyMap = new HashMap<String, List<String>>();
257N/A // We should get 1 Cookie: MyCookie4, because of the domain
257N/A Map<String, List<String>>m = cm.get(new URI("http://www.s2.sun.com/dir/foo/doc2.html"),
257N/A emptyMap);
257N/A List<String> clst = m.get("Cookie");
257N/A if (clst.size() != 1) {
257N/A fail("We should have only 1 cookie, not " + clst.size());
257N/A } else {
257N/A if (!clst.get(0).startsWith("myCookie4")) {
257N/A fail("The cookie should be myCookie4, not " + clst.get(0));
257N/A }
257N/A }
257N/A // We should get 4 cookies for non secure URI, and 5 for the secure one
257N/A m = cm.get(suri, emptyMap);
257N/A clst = m.get("Cookie");
257N/A if (clst.size() != 5) {
257N/A fail("Cookies didn't cross from http to https. Got only " + clst.size());
257N/A }
257N/A
257N/A m = cm.get(uri, emptyMap);
257N/A clst = m.get("Cookie");
257N/A if (clst.size() != 4) {
257N/A fail("We should have gotten only 4 cookies over http (non secure), got " +
257N/A clst.size());
257N/A }
257N/A if (isIn(clst, "myCookie5=")) {
257N/A // myCookie5 (the secure one) shouldn't be here
257N/A fail("Got the secure cookie over a non secure link");
257N/A }
257N/A
257N/A // Let's check that empty path is treated correctly
257N/A uri = new URI("http://www.sun.com/");
257N/A lst.clear();
257N/A lst.add("myCookie6=foo");
257N/A map.clear();
257N/A map.put("Set-Cookie", lst);
257N/A cm.put(uri, map);
257N/A uri = new URI("http://www.sun.com");
257N/A m = cm.get(uri, emptyMap);
257N/A clst = m.get("Cookie");
257N/A if (clst.size() != 1) {
257N/A fail("Missing a cookie when using an empty path");
257N/A }
257N/A
257N/A // And now, the other way around:
257N/A
257N/A uri = new URI("http://www.sun.com");
257N/A lst.clear();
257N/A lst.add("myCookie7=foo");
257N/A map.clear();
257N/A map.put("Set-Cookie", lst);
257N/A cm.put(uri, map);
257N/A uri = new URI("http://www.sun.com/");
257N/A m = cm.get(uri, emptyMap);
257N/A clst = m.get("Cookie");
257N/A if (!isIn(clst, "myCookie7=")) {
257N/A fail("Missing a cookie when using an empty path");
257N/A }
257N/A
257N/A // Let's make sure the 'Port' optional attributes is enforced
257N/A
257N/A lst.clear();
257N/A lst.add("myCookie8=porttest; port");
257N/A lst.add("myCookie9=porttest; port=\"80,8000\"");
257N/A lst.add("myCookie10=porttest; port=\"8000\"");
257N/A map.clear();
257N/A map.put("Set-Cookie", lst);
257N/A uri = new URI("http://www.sun.com/");
257N/A cm.put(uri, map);
257N/A
257N/A // myCookie10 should have been rejected
257N/A cookies = cs.getCookies();
257N/A for (HttpCookie c : cookies) {
257N/A if (c.getName().equals("myCookie10")) {
257N/A fail("A cookie with an invalid port list was accepted");
257N/A }
257N/A }
257N/A
257N/A uri = new URI("http://www.sun.com:80/");
257N/A m = cm.get(uri, emptyMap);
257N/A clst = m.get("Cookie");
257N/A // We should find both myCookie8 and myCookie9 but not myCookie10
257N/A if (!isIn(clst, "myCookie8=") || !isIn(clst, "myCookie9=")) {
257N/A fail("Missing a cookie on port 80");
257N/A }
257N/A uri = new URI("http://www.sun.com:8000/");
257N/A m = cm.get(uri, emptyMap);
257N/A clst = m.get("Cookie");
257N/A // We should find only myCookie9
257N/A if (!isIn(clst, "myCookie9=")) {
257N/A fail("Missing a cookie on port 80");
257N/A }
257N/A if (isIn(clst, "myCookie8=")) {
257N/A fail("A cookie with an invalid port list was returned");
257N/A }
1788N/A
1788N/A // Test httpOnly flag (CR# 6873543)
1788N/A lst.clear();
1788N/A map.clear();
1788N/A cm.getCookieStore().removeAll();
1788N/A lst.add("myCookie11=httpOnlyTest; httpOnly");
1788N/A map.put("Set-Cookie", lst);
1788N/A uri = new URI("http://www.sun.com/");
1788N/A cm.put(uri, map);
1788N/A m = cm.get(uri, emptyMap);
1788N/A clst = m.get("Cookie");
1788N/A // URI scheme was http: so we should get the cookie
1788N/A if (!isIn(clst, "myCookie11=")) {
1788N/A fail("Missing cookie with httpOnly flag");
1788N/A }
1788N/A uri = new URI("javascript://www.sun.com/");
1788N/A m = cm.get(uri, emptyMap);
1788N/A clst = m.get("Cookie");
1788N/A // URI scheme was neither http or https so we shouldn't get the cookie
1788N/A if (isIn(clst, "myCookie11=")) {
1788N/A fail("Should get the cookie with httpOnly when scheme is javascript:");
1788N/A }
257N/A }
257N/A
257N/A private static boolean isIn(List<String> lst, String cookie) {
257N/A if (lst == null || lst.isEmpty()) {
257N/A return false;
257N/A }
257N/A for (String s : lst) {
257N/A if (s.startsWith(cookie))
257N/A return true;
257N/A }
257N/A return false;
257N/A }
257N/A
257N/A private static void fail(String msg) throws Exception {
257N/A throw new RuntimeException(msg);
257N/A }
257N/A}