Permalink
Browse files

Closes #992. Flag for Http Only cookies and the feature will only wor…

…k in Servlet 3.0 containers
  • Loading branch information...
1 parent 3bc1ec5 commit 5884fae7acaa7e9755fa6e25dfe3d30cd04f1eb6 @dpp dpp committed Jun 30, 2011
@@ -36,13 +36,21 @@ case class HTTPCookie(name: String,
path: Box[String],
maxAge: Box[Int],
version: Box[Int],
- secure_? : Box[Boolean]) extends java.lang.Cloneable {
+ secure_? : Box[Boolean],
+ httpOnly: Box[Boolean] = Empty) extends java.lang.Cloneable {
override def clone(): HTTPCookie = {
super.clone()
- new HTTPCookie(name, value, domain, path, maxAge, version, secure_?)
+ copy()
}
/**
+ * Returns a new HTTPCookie that preserve existing member values but sets the httpOnly attribute
+ * @param flagHttpOnly - should the cookie be flagged as HTTP Only (only works in Servlet 3.0 containers)
+ * @return HTTPCookie
+ */
+ def setHttpOnly(flagHttpOnly: Boolean): HTTPCookie = copy(httpOnly = Full(flagHttpOnly))
+
+ /**
* Returns a new HTTPCookie that preserve existing member values but sets the cookie value to newValue
* @param newValue - the new cookie value
* @return HTTPCookie
@@ -37,6 +37,16 @@ class HTTPResponseServlet(resp: HttpServletResponse) extends HTTPResponse {
c.maxAge map (cookie.setMaxAge(_))
c.version map (cookie.setVersion(_))
c.secure_? map (cookie.setSecure(_))
+ c.httpOnly.foreach {
+ bv =>
+ try {
+ val cook30 = cookie.asInstanceOf[{def setHttpOnly(b: Boolean): Unit}]
+ cook30.setHttpOnly(bv)
+ } catch {
+ case e => // swallow.. the exception will be thrown for Servlet 2.5 containers but work for servlet
+ // 3.0 containers
+ }
+ }
resp.addCookie(cookie)
}

0 comments on commit 5884fae

Please sign in to comment.