From 4c0490a070f1b70755384472a13a6bca9e210ca1 Mon Sep 17 00:00:00 2001 From: Rossen Stoyanchev Date: Wed, 14 Aug 2013 10:15:02 -0400 Subject: [PATCH] Remove Cookie support from ServerHttpRequest Although ServletHttpRequest provides access to Cookies, other implementations may not. At the moment this was only needed for SockJS to check the value of the JSESSIONID cookie. This is now down by parsing the raw cookie values locally. If comprehensive cookie support is to be added, we should probably consider HttpHeaders as a potential candidate. --- .../java/org/springframework/http/Cookie.java | 73 ----------------- .../http/server/ServerHttpRequest.java | 7 -- .../http/server/ServletServerCookie.java | 80 ------------------- .../http/server/ServletServerHttpRequest.java | 19 +---- .../handler/DefaultSockJsService.java | 21 ++++- 5 files changed, 18 insertions(+), 182 deletions(-) delete mode 100644 spring-web/src/main/java/org/springframework/http/Cookie.java delete mode 100644 spring-web/src/main/java/org/springframework/http/server/ServletServerCookie.java diff --git a/spring-web/src/main/java/org/springframework/http/Cookie.java b/spring-web/src/main/java/org/springframework/http/Cookie.java deleted file mode 100644 index 3c81ad42c14..00000000000 --- a/spring-web/src/main/java/org/springframework/http/Cookie.java +++ /dev/null @@ -1,73 +0,0 @@ -/* - * Copyright 2002-2013 the original author or authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.springframework.http; - - -/** - * Representation of a cookie value parsed from a "Cookie" request header or a - * "Set-Cookie" response header. - * - * @author Rossen Stoyanchev - * @since 4.0 - * - * @see http://www.ietf.org/rfc/rfc2109.txt - */ -public interface Cookie { - - /** - * Returns the name of the cookie. - */ - String getName(); - - /** - * Returns the value of the cookie. - */ - String getValue(); - - /** - * Returns the path on the server to which the browser returns this cookie. - */ - String getPath(); - - /** - * Returns the comment describing the purpose of this cookie. - */ - String getComment(); - - /** - * Returns the domain name set for this cookie. - */ - String getDomain(); - - /** - * Returns the maximum age of the cookie, specified in seconds. - */ - int getMaxAge(); - - /** - * Returns true if the browser is sending cookies only over a - * secure protocol, or false if the browser can send cookies - * using any protocol. - */ - boolean isSecure(); - - /** - * Sets the version of the cookie protocol this cookie complies with. - */ - int getVersion(); - -} diff --git a/spring-web/src/main/java/org/springframework/http/server/ServerHttpRequest.java b/spring-web/src/main/java/org/springframework/http/server/ServerHttpRequest.java index 39ac8d60317..422d1d5bbdb 100644 --- a/spring-web/src/main/java/org/springframework/http/server/ServerHttpRequest.java +++ b/spring-web/src/main/java/org/springframework/http/server/ServerHttpRequest.java @@ -18,9 +18,7 @@ package org.springframework.http.server; import java.net.InetSocketAddress; import java.security.Principal; -import java.util.Map; -import org.springframework.http.Cookie; import org.springframework.http.HttpInputMessage; import org.springframework.http.HttpRequest; import org.springframework.util.MultiValueMap; @@ -39,11 +37,6 @@ public interface ServerHttpRequest extends HttpRequest, HttpInputMessage { */ MultiValueMap getQueryParams(); - /** - * Return the cookie values parsed from the "Cookie" request header. - */ - Map getCookies(); - /** * Return a {@link java.security.Principal} instance containing the name of the * authenticated user. If the user has not been authenticated, the method returns diff --git a/spring-web/src/main/java/org/springframework/http/server/ServletServerCookie.java b/spring-web/src/main/java/org/springframework/http/server/ServletServerCookie.java deleted file mode 100644 index 96af943b795..00000000000 --- a/spring-web/src/main/java/org/springframework/http/server/ServletServerCookie.java +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Copyright 2002-2012 the original author or authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springframework.http.server; - -import org.springframework.http.Cookie; - - -/** - * A {@link Cookie} that wraps a {@link javax.servlet.http.Cookie}. - * - * @author Rossen Stoyanchev - * @since 4.0 - */ -public class ServletServerCookie implements Cookie { - - private final javax.servlet.http.Cookie servletCookie; - - - public ServletServerCookie(javax.servlet.http.Cookie servletCookie) { - this.servletCookie = servletCookie; - } - - @Override - public String getName() { - return this.servletCookie.getName(); - } - - @Override - public String getValue() { - return this.servletCookie.getValue(); - } - - @Override - public String getPath() { - return this.servletCookie.getPath(); - } - - @Override - public String getComment() { - return this.servletCookie.getComment(); - } - - @Override - public String getDomain() { - return this.servletCookie.getDomain(); - } - - @Override - public int getMaxAge() { - return this.servletCookie.getMaxAge(); - } - - @Override - public boolean isSecure() { - return this.servletCookie.getSecure(); - } - - @Override - public int getVersion() { - return this.servletCookie.getVersion(); - } - - @Override - public String toString() { - return "ServletServerCookie [servletCookie=" + this.servletCookie + "]"; - } -} diff --git a/spring-web/src/main/java/org/springframework/http/server/ServletServerHttpRequest.java b/spring-web/src/main/java/org/springframework/http/server/ServletServerHttpRequest.java index 0d5ae5bfab1..e880e0a3252 100644 --- a/spring-web/src/main/java/org/springframework/http/server/ServletServerHttpRequest.java +++ b/spring-web/src/main/java/org/springframework/http/server/ServletServerHttpRequest.java @@ -29,7 +29,6 @@ import java.net.URLEncoder; import java.nio.charset.Charset; import java.security.Principal; import java.util.Arrays; -import java.util.Collections; import java.util.Enumeration; import java.util.HashMap; import java.util.Iterator; @@ -40,7 +39,6 @@ import java.util.regex.Pattern; import javax.servlet.http.HttpServletRequest; -import org.springframework.http.Cookie; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpMethod; import org.springframework.http.MediaType; @@ -69,12 +67,11 @@ public class ServletServerHttpRequest implements ServerHttpRequest { private HttpHeaders headers; - private Map cookies; - private MultiValueMap queryParams; private ServerHttpAsyncRequestControl asyncRequestControl; + /** * Construct a new instance of the ServletServerHttpRequest based on the given {@link HttpServletRequest}. * @param servletRequest the servlet request @@ -157,20 +154,6 @@ public class ServletServerHttpRequest implements ServerHttpRequest { return new InetSocketAddress(this.servletRequest.getRemoteHost(), this.servletRequest.getRemotePort()); } - @Override - public Map getCookies() { - if (this.cookies == null) { - this.cookies = new HashMap(); - if (this.servletRequest.getCookies() != null) { - for (javax.servlet.http.Cookie cookie : this.servletRequest.getCookies()) { - this.cookies.put(cookie.getName(), new ServletServerCookie(cookie)); - } - } - this.cookies = Collections.unmodifiableMap(this.cookies); - } - return this.cookies; - } - @Override public MultiValueMap getQueryParams() { if (this.queryParams == null) { diff --git a/spring-websocket/src/main/java/org/springframework/web/socket/sockjs/transport/handler/DefaultSockJsService.java b/spring-websocket/src/main/java/org/springframework/web/socket/sockjs/transport/handler/DefaultSockJsService.java index 6d6033c9604..19d29867e06 100644 --- a/spring-websocket/src/main/java/org/springframework/web/socket/sockjs/transport/handler/DefaultSockJsService.java +++ b/spring-websocket/src/main/java/org/springframework/web/socket/sockjs/transport/handler/DefaultSockJsService.java @@ -29,7 +29,7 @@ import java.util.Set; import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.ScheduledFuture; -import org.springframework.http.Cookie; +import org.springframework.http.HttpHeaders; import org.springframework.http.HttpMethod; import org.springframework.http.HttpStatus; import org.springframework.http.server.ServerHttpRequest; @@ -307,9 +307,8 @@ public class DefaultSockJsService extends AbstractSockJsService { } if (transportType.sendsSessionCookie() && isDummySessionCookieEnabled()) { - Cookie cookie = request.getCookies().get("JSESSIONID"); - String value = (cookie != null) ? cookie.getValue() : "dummy"; - response.getHeaders().set("Set-Cookie", "JSESSIONID=" + value + ";path=/"); + String cookieValue = getJsessionIdCookieValue(request.getHeaders()); + response.getHeaders().set("Set-Cookie", "JSESSIONID=" + cookieValue + ";path=/"); } if (transportType.supportsCors()) { @@ -387,6 +386,20 @@ public class DefaultSockJsService extends AbstractSockJsService { }, getDisconnectDelay()); } + private String getJsessionIdCookieValue(HttpHeaders headers) { + List rawCookies = headers.get("Cookie"); + if (!CollectionUtils.isEmpty(rawCookies)) { + for (String rawCookie : rawCookies) { + if (rawCookie.startsWith("JSESSIONID=")) { + int start = "JSESSIONID=".length(); + int end = rawCookie.indexOf(';'); + return (end != -1) ? rawCookie.substring(start, end) : rawCookie.substring(start); + } + } + } + return "dummy"; + } + private final SockJsServiceConfig sockJsServiceConfig = new SockJsServiceConfig() {