Java设置httponly cookie的实现示例

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletResponse;
 * Cookie Tools
public class CookieUtil {
           * Set httponly cookie
     * @param  Response HTTP response
     * @param  Cookie cookie object
     * @param  Ishttponly is httponly
    public static void addCookie(HttpServletResponse response, Cookie cookie, boolean isHttpOnly) {
        String name = cookie.getName();//Cookie name
        String value = cookie.getValue();//Cookie value
        int maxAge = cookie.getMaxAge();//Maximum survival time (milliseconds, 0 representative deletion, -1 represents the same as the browser session)
        String path = cookie.getPath();//path
        String domain = cookie.getDomain();//area
        boolean isSecure = cookie.getSecure();//Is there a security protocol? 
        StringBuilder buffer = new StringBuilder();
        buffer.append(name).append("=").append(value).append(";");
        if (maxAge == 0) {
            buffer.append("Expires=Thu Jan 01 08:00:00 CST 1970;");
        } else if (maxAge > 0) {
            buffer.append("Max-Age=").append(maxAge).append(";");
        if (domain != null) {
            buffer.append("domain=").append(domain).append(";");
        if (path != null) {
            buffer.append("path=").append(path).append(";");
        if (isSecure) {
            buffer.append("secure;");
        if (isHttpOnly) {
            buffer.append("HTTPOnly;");
        response.addHeader("Set-Cookie", buffer.toString());
值得一提的是，Java Ee 6.0中的cookie已经设置了httponly，所以如果兼容Java EE 6.0兼容的容器（例如Tomcat 7），可以使用cookie.sethttponly设置HTTPONLY：
cookie.setHttpOnly(true);
Java HttpCookie 类的setHttpOnly(Boolean httpOnly) 方法用于指示cookie 是否可以被认为是HTTPOnly。如果设置为 true，则 cookie 不能被 JavaScript 等脚本引擎访问。
public void setHttpOnly(boolean httpOnly)  
上述方法只需要一个参数：
httpOnly - 如果 cookie 仅是 HTTP，则表示 true，这意味着它作为 HTTP 请求的一部分可见。
import java.net.HttpCookie;  
public class JavaHttpCookieSetHttpOnlyExample1 {  
  public static void main(String[] args) {  
    HttpCookie  cookie = new HttpCookie("Student", "1");  
    // Indicate whether the cookie can be considered as HTTP Only or not.  
        cookie.setHttpOnly(true);  
    // Return true if the cookie is considered as HTTPOnly.  
System.out.println("Check whether the cookie is HTTPOnly: "+cookie.isHttpOnly());  
Check whether the cookie is HTTPOnly: true
import java.net.HttpCookie;  
public class JavaHttpCookieSetHttpOnlyExample2 {  
    public static void main(String[] args) {  
        HttpCookie  cookie = new HttpCookie("Student", "1");  
        // Indicate whether the cookie can be considered as HTTP Only or not.  
            cookie.setHttpOnly(false);  
        // Return false if the cookie is not considered as HTTPOnly.  
    System.out.println("Check whether the cookie is HTTPOnly: "+cookie.isHttpOnly());  
Check whether the cookie is HTTPOnly: false
import java.net.HttpCookie;  
public class JavaHttpCookieSetHttpOnlyExample3 {  
    public static void main(String[] args) {  
        HttpCookie cookie1 = new HttpCookie("Student1", "1");  
        HttpCookie cookie2 = new HttpCookie("Student2", "2");  
        //Indicate whether the cookie can be considered as HTTP Only or not.  
        cookie1.setHttpOnly(true);  
        cookie2.setHttpOnly(false);  
        System.out.println("Check whether the first cookie is HTTPOnly:"+cookie1.isHttpOnly());  
        System.out.println("Check whether the second cookie is HTTPOnly:"+cookie2.isHttpOnly());  
Check whether the first cookie is HTTPOnly:true
Check whether the second cookie is HTTPOnly:false
到此这篇关于Java设置httponly cookie的实现示例的文章就介绍到这了,更多相关Java设置httponly cookie内容请搜索脚本之家以前的文章或继续浏览下面的相关文章希望大家以后多多支持脚本之家！
您可能感兴趣的文章:
在java中http请求带cookie的例子
2022-07-07
2022-07-07
2022-08-08
2022-07-07
2022-07-07
2022-07-07
2022-07-07
2022-07-07
2021-11-19
2021-11-09
2021-11-05
2021-10-26
电脑版 - 返回首页
2006-2023 脚本之家 JB51.Net , All Rights Reserved.
苏ICP备14036222号