wicket-core/src/main/java/org/apache/wicket/util/cookies/CookieDefaults.java - wicket - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.apache.wicket.util.cookies;

 import org.apache.wicket.util.io.IClusterable;

 /**
  * This class provides default values that are used by {@link org.apache.wicket.util.cookies.CookieUtils}
  * class when it creates cookies.
  *
  * @author Juergen Donnerstag
  */
 public class CookieDefaults implements IClusterable
 {
 	private static final long serialVersionUID = 1L;

 	public enum SameSite
 	{
 		/**
 		 * Cookies will be sent in all contexts, i.e. in responses to both
 		 * first-party and cross-site requests. If SameSite=None is set,
 		 * the cookie Secure attribute must also be set (or the cookie will be blocked).
 		 */
 		None,

 		/**
 		 * Cookies will only be sent in a first-party context and not be sent
 		 * along with requests initiated by third party websites.
 		 */
 		Strict,

 		/**
 		 * Cookies are not sent on normal cross-site subrequests (for example to load
 		 * images or frames into a third party site), but are sent when a user is
 		 * navigating to the origin site (i.e., when following a link).
 		 */
 		Lax
 	}

 	/** Max age that the component will be persisted in seconds. */
 	private int maxAge = 3600 * 24 * 30; // 30 days

 	/** Cookie comment. */
 	private String comment;

 	/** Cookie domain. */
 	private String domain;

 	/** Whether the cookie is secure. */
 	private boolean secure;

 	/** Cookie version. */
 	private int version;

 	private boolean httpOnly;

 	/**
 	 * Gets the max age. After
 	 *
 	 * @return the max age
 	 */
 	public int getMaxAge()
 	{
 		return maxAge;
 	}

 	/**
 	 * Sets the maximum age of the cookie in seconds.
 	 *
 	 * @param maxAge
 	 *            the max age in seconds.
 	 */
 	public void setMaxAge(int maxAge)
 	{
 		this.maxAge = maxAge;
 	}

 	/**
 	 * Gets the cookie comment.
 	 *
 	 * @return the cookie comment
 	 */
 	public String getComment()
 	{
 		return comment;
 	}

 	/**
 	 * Sets the cookie comment.
 	 *
 	 * @param comment
 	 *            the cookie comment
 	 */
 	public void setComment(String comment)
 	{
 		this.comment = comment;
 	}

 	/**
 	 * Gets the cookie domain name.
 	 *
 	 * @return the cookie domain name
 	 */
 	public String getDomain()
 	{
 		return domain;
 	}

 	/**
 	 * Sets the cookie domain name.
 	 *
 	 * @param domain
 	 *            the cookie domain name
 	 */
 	public void setDomain(String domain)
 	{
 		this.domain = domain;
 	}

 	/**
 	 * Returns true if the browser is sending cookies only over a secure protocol, or false if the
 	 * browser can send cookies using any protocol.
 	 *
 	 * @return whether this cookie is secure
 	 */
 	public boolean getSecure()
 	{
 		return secure;
 	}

 	/**
 	 * Indicates to the browser whether the cookie should only be sent using a secure protocol, such
 	 * as HTTPS or SSL.
 	 *
 	 * @param secure
 	 *            if true, sends the cookie from the browser to the server using only when using a
 	 *            secure protocol; if false, sent on any protocol
 	 */
 	public void setSecure(boolean secure)
 	{
 		this.secure = secure;
 	}

 	/**
 	 * Returns the version of the protocol this cookie complies with. Version 1 complies with RFC
 	 * 2109, and version 0 complies with the original cookie specification drafted by Netscape.
 	 * Cookies provided by a browser use and identify the browser's cookie version.
 	 *
 	 * @return 0 if the cookie complies with the original Netscape specification; 1 if the cookie
 	 *         complies with RFC 2109
 	 */
 	public int getVersion()
 	{
 		return version;
 	}

 	/**
 	 * Sets the version of the cookie protocol this cookie complies with. Version 0 complies with
 	 * the original Netscape cookie specification. Version 1 complies with RFC 2109. <br/>
 	 * Since RFC 2109 is still somewhat new, consider version 1 as experimental; do not use it yet
 	 * on production sites.
 	 *
 	 * @param version
 	 *            0 if the cookie should comply with the original Netscape specification; 1 if the
 	 *            cookie should comply with RFC 2109
 	 */
 	public void setVersion(int version)
 	{
 		this.version = version;
 	}

 	/**
 	 * Checks whether this Cookie has been marked as <i>HttpOnly</i>.
 	 *
 	 * @return true if this Cookie has been marked as <i>HttpOnly</i>, false otherwise
 	 */
 	public boolean isHttpOnly()
 	{
 		return httpOnly;
 	}

 	/**
 	 * Marks or unmarks this Cookie as <i>HttpOnly</i>.
 	 *
 	 * <p><i>HttpOnly</i> cookies are not supposed to be exposed to
 	 * client-side scripting code, and may therefore help mitigate certain
 	 * kinds of cross-site scripting attacks.
 	 *
 	 * @param httpOnly true if this cookie is to be marked as <i>HttpOnly</i>, false otherwise
 	 */
 	public void setHttpOnly(boolean httpOnly)
 	{
 		this.httpOnly = httpOnly;
 	}
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.apache.wicket.util.cookies;

	import org.apache.wicket.util.io.IClusterable;

	/**
	* This class provides default values that are used by {@link org.apache.wicket.util.cookies.CookieUtils}
	* class when it creates cookies.
	*
	* @author Juergen Donnerstag
	*/
	public class CookieDefaults implements IClusterable
	{
	private static final long serialVersionUID = 1L;

	public enum SameSite
	{
	/**
	* Cookies will be sent in all contexts, i.e. in responses to both
	* first-party and cross-site requests. If SameSite=None is set,
	* the cookie Secure attribute must also be set (or the cookie will be blocked).
	*/
	None,

	/**
	* Cookies will only be sent in a first-party context and not be sent
	* along with requests initiated by third party websites.
	*/
	Strict,

	/**
	* Cookies are not sent on normal cross-site subrequests (for example to load
	* images or frames into a third party site), but are sent when a user is
	* navigating to the origin site (i.e., when following a link).
	*/
	Lax
	}

	/** Max age that the component will be persisted in seconds. */
	private int maxAge = 3600 * 24 * 30; // 30 days

	/** Cookie comment. */
	private String comment;

	/** Cookie domain. */
	private String domain;

	/** Whether the cookie is secure. */
	private boolean secure;

	/** Cookie version. */
	private int version;

	private boolean httpOnly;

	/**
	* Gets the max age. After
	*
	* @return the max age
	*/
	public int getMaxAge()
	{
	return maxAge;
	}

	/**
	* Sets the maximum age of the cookie in seconds.
	*
	* @param maxAge
	* the max age in seconds.
	*/
	public void setMaxAge(int maxAge)
	{
	this.maxAge = maxAge;
	}

	/**
	* Gets the cookie comment.
	*
	* @return the cookie comment
	*/
	public String getComment()
	{
	return comment;
	}

	/**
	* Sets the cookie comment.
	*
	* @param comment
	* the cookie comment
	*/
	public void setComment(String comment)
	{
	this.comment = comment;
	}

	/**
	* Gets the cookie domain name.
	*
	* @return the cookie domain name
	*/
	public String getDomain()
	{
	return domain;
	}

	/**
	* Sets the cookie domain name.
	*
	* @param domain
	* the cookie domain name
	*/
	public void setDomain(String domain)
	{
	this.domain = domain;
	}

	/**
	* Returns true if the browser is sending cookies only over a secure protocol, or false if the
	* browser can send cookies using any protocol.
	*
	* @return whether this cookie is secure
	*/
	public boolean getSecure()
	{
	return secure;
	}

	/**
	* Indicates to the browser whether the cookie should only be sent using a secure protocol, such
	* as HTTPS or SSL.
	*
	* @param secure
	* if true, sends the cookie from the browser to the server using only when using a
	* secure protocol; if false, sent on any protocol
	*/
	public void setSecure(boolean secure)
	{
	this.secure = secure;
	}

	/**
	* Returns the version of the protocol this cookie complies with. Version 1 complies with RFC
	* 2109, and version 0 complies with the original cookie specification drafted by Netscape.
	* Cookies provided by a browser use and identify the browser's cookie version.
	*
	* @return 0 if the cookie complies with the original Netscape specification; 1 if the cookie
	* complies with RFC 2109
	*/
	public int getVersion()
	{
	return version;
	}

	/**
	* Sets the version of the cookie protocol this cookie complies with. Version 0 complies with
	* the original Netscape cookie specification. Version 1 complies with RFC 2109. <br/>
	* Since RFC 2109 is still somewhat new, consider version 1 as experimental; do not use it yet
	* on production sites.
	*
	* @param version
	* 0 if the cookie should comply with the original Netscape specification; 1 if the
	* cookie should comply with RFC 2109
	*/
	public void setVersion(int version)
	{
	this.version = version;
	}

	/**
	* Checks whether this Cookie has been marked as <i>HttpOnly</i>.
	*
	* @return true if this Cookie has been marked as <i>HttpOnly</i>, false otherwise
	*/
	public boolean isHttpOnly()
	{
	return httpOnly;
	}

	/**
	* Marks or unmarks this Cookie as <i>HttpOnly</i>.
	*
	* <p><i>HttpOnly</i> cookies are not supposed to be exposed to
	* client-side scripting code, and may therefore help mitigate certain
	* kinds of cross-site scripting attacks.
	*
	* @param httpOnly true if this cookie is to be marked as <i>HttpOnly</i>, false otherwise
	*/
	public void setHttpOnly(boolean httpOnly)
	{
	this.httpOnly = httpOnly;
	}
	}