CookieManager
class can be customized, the
CookiePolicy
and the CookieStore
.
CookiePolicy
defines the following pre-defined
policies for accepting cookies:
CookiePolicy.ACCEPT_ORIGINAL_SERVER
only accepts cookies from the original server.
CookiePolicy.ACCEPT_ALL
accepts all cookies.
CookiePolicy.ACCEPT_NONE
accepts no cookies.
shouldAccept
method of
CookiePolicy
. You can then use this CookiePolicy
by passing it to the multi-argument CookieManager
constructor or by calling the setCookiePolicy(cookiePolicy)
method to change an already existing cookie manager.
The following is an example of a cookie policy that rejects cookies from domains that are
on a blacklist, before applying the CookiePolicy.ACCEPT_ORIGINAL_SERVER
policy:
import java.net.*; public class BlacklistCookiePolicy implements CookiePolicy { String[] blacklist; public BlacklistCookiePolicy(String[] list) { blacklist = list; } public boolean shouldAccept(URI uri, HttpCookie cookie) { String host; try { host = InetAddress.getByName(uri.getHost()).getCanonicalHostName(); } catch (UnknownHostException e) { host = uri.getHost(); } for (int i=0; i<blacklist.length; i++) { if (HttpCookie.domainMatches(blacklist[i], host)) { return false; } } return CookiePolicy.ACCEPT_ORIGINAL_SERVER.shouldAccept(uri, cookie); } }
BlacklistCookiePolicy
instance, you pass it an
array of strings representing the domains that you do not want to accept
cookies from. Then, you set this BlacklistCookiePolicy
instance as the
cookie policy for your CookieManager
.
For example:
String[] list = new String[] { ".example.com" }; CookieManager cm = new CookieManager(null, new BlacklistCookiePolicy(list)); CookieHandler.setDefault(cm);
host.example.com domain.example.com
example.com myhost.com myhost.mydomain.com
CookieStore
is an interface that represents a storage area for
cookies. CookieManager
adds the cookies to the CookieStore
for every HTTP response and retrieves cookies from the CookieStore
for every HTTP request.
You can implement this interface to provide your own CookieStore
and pass it to the CookieManager
during creation. You cannot set the
CookieStore
after the CookieManager
instance has been
created. However, you can get a reference to the cookie store by calling
CookieManager.getCookieStore()
. Doing so can be useful as it enables
you to leverage the default in-memory CookieStore
implementation
that is provided by Java SE and complement its functionality.
For example, you might want to create a persistent cookie store that would save cookies so that they can be used even if the Java Virtual Machine is restarted. Your implementation would work similar to the following:
import java.net.*; import java.util.*; public class PersistentCookieStore implements CookieStore, Runnable { CookieStore store; public PersistentCookieStore() { // get the default in memory cookie store store = new CookieManager().getCookieStore(); // todo: read in cookies from persistant storage // and add them store // add a shutdown hook to write out the in memory cookies Runtime.getRuntime().addShutdownHook(new Thread(this)); } public void run() { // todo: write cookies in store to persistent storage } public void add(URI uri, HttpCookie cookie) { store.add(uri, cookie); } public List<HttpCookie> get(URI uri) { return store.get(uri); } public List<HttpCookie> getCookies() { return store.getCookies(); } public List<URI> getURIs() { return store.getURIs(); } public boolean remove(URI uri, HttpCookie cookie) { return store.remove(uri, cookie); } public boolean removeAll() { return store.removeAll(); } }