001/* 002 Licensed to the Apache Software Foundation (ASF) under one 003 or more contributor license agreements. See the NOTICE file 004 distributed with this work for additional information 005 regarding copyright ownership. The ASF licenses this file 006 to you under the Apache License, Version 2.0 (the 007 "License"); you may not use this file except in compliance 008 with the License. You may obtain a copy of the License at 009 010 http://www.apache.org/licenses/LICENSE-2.0 011 012 Unless required by applicable law or agreed to in writing, 013 software distributed under the License is distributed on an 014 "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 015 KIND, either express or implied. See the License for the 016 specific language governing permissions and limitations 017 under the License. 018 */ 019package org.apache.wiki.tags; 020 021import java.io.IOException; 022import java.io.UnsupportedEncodingException; 023import java.net.URLDecoder; 024import java.net.URLEncoder; 025import java.nio.charset.StandardCharsets; 026import java.util.HashMap; 027import java.util.Iterator; 028import java.util.Map; 029 030import javax.servlet.http.Cookie; 031import javax.servlet.http.HttpServletRequest; 032import javax.servlet.http.HttpServletResponse; 033import javax.servlet.jsp.PageContext; 034import javax.servlet.jsp.tagext.TagSupport; 035 036import org.apache.logging.log4j.LogManager; 037import org.apache.logging.log4j.Logger; 038 039 040/** 041 * Sets or gets Cookie values. This implementation makes the following 042 * assumptions: 043 * <ul> 044 * <li>The cookie contains any number of name-value pairs 045 * <li>Name-value pairs are separated by "&" in the encoded cookie value string 046 * <li>An encoded name-value pair is compatible with JavaScript's 047 * encodeURIComponent(). Notably, spaces are encoded as "%20". 048 * <li>A decoded name-value pair separates the name and value with a "=" 049 * </ul> 050 * 051 * <p>The value of a cookie carrying values n1="v1" and n2="v2 with space" 052 * would thus be 053 * <pre> 054 * n1%3Dv1&n2%3Dv2%20with%20space 055 * </pre> 056 * 057 * <p>Usage: 058 * 059 * <pre> 060 * <wiki:cookie name="cookiename" var="contextvariable" scope="page" /> 061 * </pre> 062 * - Returns the value of the named cookie, or an empty string if not set. 063 * If 'var' is specified, the value is set into a context variable of this name. 064 * The 'scope' parameter may be added to specify the context: "session", 065 * "page", "request". If var is omitted, the output is placed directly into 066 * the JSP page. 067 * 068 * <pre> 069 * <wiki:cookie name="cookiename" value="encoded_value" /> 070 * </pre> 071 * - Sets the named cookie to the given value. If the value string is empty, 072 * the cookie value is set to empty; otherwise the cookie encoding rules of 073 * this class must be followed for the value. 074 * 075 * <pre> 076 * <wiki:cookie name="cookiename" item="parameter_name" /> 077 * </pre> 078 * - Assumes that the cookie contains URLEncoded name-value pairs, 079 * with name and value separated by an equals sign, and returns the value 080 * of the specified item. 081 * 082 * <wiki:cookie name="cookiename" item="parameter_name" value="value" /> 083 * </pre> 084 * - Sets the value of 'parameter_name' in the named cookie to 'value'. 085 * 086 * <pre> 087 * <wiki:cookie name="cookiename" clear="parameter_name" /> 088 * </pre> 089 * - Removes the named parameter from the cookie. 090 * 091 * <pre> 092 * <wiki:cookie clear="cookiename" /> 093 * </pre> 094 * - Removes the named cookie. Clear may be used at the same time as a value 095 * is retrieved (or set, despite the dubious usefulness of that operation). 096 */ 097public class CookieTag 098 extends TagSupport 099{ 100 private static final long serialVersionUID = 0L; 101 102 private static final Logger LOG = LogManager.getLogger( CookieTag.class ); 103 104 /** Name of the cookie value. Required. */ 105 private String m_name; 106 /** Name of the cookie nvp item. Optional. */ 107 private String m_item; 108 /** A value to echo or set. Optional. */ 109 private String m_value; 110 /** Name of a context variable to set result in. Optional, defaults to out.*/ 111 private String m_var; 112 /** Scope of m_var: request, session, page. */ 113 private String m_scope; 114 /** Name of a cookie or a cookie nvp to clear. */ 115 private String m_clear; 116 117 /** 118 * Set the "name" parameter. 119 * 120 * @param s The name. 121 */ 122 public void setName(final String s ) 123 { 124 m_name = s; 125 } 126 127 /** 128 * Set the "item" parameter. 129 * 130 * @param s The item. 131 */ 132 public void setItem(final String s ) 133 { 134 m_item = s; 135 } 136 137 /** 138 * Set the "value" parameter. 139 * 140 * @param s The value. 141 */ 142 public void setValue(final String s ) 143 { 144 m_value = s; 145 } 146 147 /** 148 * Set the "var" parameter. 149 * 150 * @param s The parameter. 151 */ 152 public void setVar(final String s ) 153 { 154 m_scope = s; 155 } 156 157 /** 158 * Set the "clear" parameter. 159 * 160 * @param s The parameter. 161 */ 162 public void setClear(final String s ) 163 { 164 m_clear = s; 165 } 166 167 /** 168 * Set the "scope" parameter. 169 * 170 * @param s The scope. 171 */ 172 public void setScope(final String s ) 173 { 174 m_scope = s; 175 } 176 177 /** 178 * {@inheritDoc} 179 */ 180 @Override 181 public void release() 182 { 183 m_name = m_item = m_var = m_value = m_clear = m_scope = null; 184 super.release(); 185 } 186 187 /** 188 * Examines the parameter and returns the corresponding scope identifier: 189 * "request" maps to PageContext.REQUEST_SCOPE, and so on. 190 * Possible values are "page", "session", "application", and "request", 191 * which is the default return value. 192 */ 193 private int getScope(final String s ) 194 { 195 if( s == null ) 196 { 197 return PageContext.REQUEST_SCOPE; 198 } 199 if( "page".equals( m_scope ) ) 200 { 201 return PageContext.PAGE_SCOPE; 202 } 203 if( "session".equals( m_scope ) ) 204 { 205 return PageContext.SESSION_SCOPE; 206 } 207 if( "application".equals( m_scope ) ) 208 { 209 return PageContext.APPLICATION_SCOPE; 210 } 211 212 return PageContext.REQUEST_SCOPE; 213 } 214 215 /** 216 * {@inheritDoc} 217 */ 218 @Override 219 public int doEndTag() 220 { 221 String out = null; 222 final Cookie cookie = findCookie( m_name ); 223 boolean changed = false; 224 225 if( m_value != null ) 226 { 227 if( m_item != null ) 228 { 229 setItemValue( cookie, m_item, m_value ); 230 } 231 else 232 { 233 cookie.setValue( m_value ); 234 } 235 changed = true; 236 } 237 else 238 { 239 if( m_item != null ) 240 { 241 out = getItemValue( cookie, m_item ); 242 } 243 else 244 { 245 out = cookie.getValue(); 246 } 247 } 248 249 if( out != null ) 250 { 251 if( m_var != null ) 252 { 253 final int scope = getScope( m_scope ); 254 pageContext.setAttribute( m_var, out, scope ); 255 } 256 else 257 { 258 try 259 { 260 pageContext.getOut().print( out ); 261 } 262 catch( final IOException ioe ) 263 { 264 LOG.warn( "Failed to write to JSP page: " + ioe.getMessage(), ioe ); 265 } 266 } 267 } 268 269 Cookie cleared = null; 270 if( m_clear != null ) 271 { 272 cleared = findCookie( m_clear ); 273 if( m_item != null ) 274 { 275 setItemValue( cookie, m_item, null ); 276 } 277 else 278 { 279 cleared.setValue( null ); 280 } 281 } 282 283 final HttpServletResponse res = (HttpServletResponse)pageContext.getResponse(); 284 if( changed ) 285 { 286 res.addCookie( cookie ); 287 } 288 if( cleared != null ) 289 { 290 res.addCookie( cleared ); 291 } 292 293 return EVAL_PAGE; 294 } 295 296 /** 297 * Sets a single name-value pair in the given cookie. 298 */ 299 private void setItemValue(final Cookie c, final String item, final String value ) 300 { 301 if( c == null ) 302 { 303 return; 304 } 305 final String in = c.getValue(); 306 final Map<String, String> values = parseCookieValues( in ); 307 values.put( item, value ); 308 final String cv = encodeValues( values ); 309 c.setValue( cv ); 310 } 311 312 /** 313 * Returns the value of the given item in the cookie. 314 */ 315 private String getItemValue(final Cookie c, final String item ) 316 { 317 if( c == null || item == null ) { 318 return null; 319 } 320 final String in = c.getValue(); 321 final Map< String, String > values = parseCookieValues( in ); 322 return values.get( item ); 323 } 324 325 326 /** 327 * Parses a cookie value, of format name1%3Fvalue1&name2%3Fvalue2..., 328 * into a Map<String,String>. 329 */ 330 private Map<String, String> parseCookieValues(final String s ) 331 { 332 final Map< String, String > rval = new HashMap<>(); 333 if( s == null ) { 334 return rval; 335 } 336 final String[] nvps = s.split( "&" ); 337 if( nvps.length == 0 ) { 338 return rval; 339 } 340 for (final String value : nvps) { 341 final String nvp = decode(value); 342 final String[] nv = nvp.split("="); 343 if (nv[0] != null && !nv[0].trim().isEmpty()) { 344 rval.put(nv[0], nv[1]); 345 } 346 } 347 348 return rval; 349 } 350 351 /** 352 * Encodes name-value pairs in the map into a single string, in a format 353 * understood by this class and JavaScript decodeURIComponent(). 354 */ 355 private String encodeValues(final Map<String, String> values ) 356 { 357 final StringBuilder rval = new StringBuilder(); 358 if( values == null || values.size() == 0 ) { 359 return rval.toString(); 360 } 361 362 final Iterator< Map.Entry< String, String > > it = values.entrySet().iterator(); 363 while( it.hasNext() ) { 364 final Map.Entry< String, String > e = it.next(); 365 final String n = e.getKey(); 366 final String v = e.getValue(); 367 if( v != null ) { 368 final String nv = n + "=" + v; 369 rval.append( encode( nv ) ); 370 } 371 } 372 373 return rval.toString(); 374 } 375 376 /** 377 * Converts a String to an encoding understood by JavaScript 378 * decodeURIComponent. 379 */ 380 private String encode(final String nvp ) 381 { 382 String coded = ""; 383 try 384 { 385 coded = URLEncoder.encode( nvp, StandardCharsets.UTF_8.name() ); 386 } 387 catch( final UnsupportedEncodingException e ) 388 { 389 /* never happens */ 390 LOG.info( "Failed to encode UTF-8", e ); 391 } 392 return coded.replaceAll( "\\+", "%20" ); 393 } 394 395 /** 396 * Converts a cookie value (set by this class, or by a JavaScript 397 * encodeURIComponent call) into a plain string. 398 */ 399 private String decode(final String envp ) 400 { 401 final String rval; 402 try 403 { 404 rval = URLDecoder.decode( envp , StandardCharsets.UTF_8.name() ); 405 return rval; 406 } 407 catch( final UnsupportedEncodingException e ) 408 { 409 LOG.error( "Failed to decode cookie", e ); 410 return envp; 411 } 412 } 413 414 /** 415 * Locates the named cookie in the request, or creates a new one if it 416 * doesn't exist. 417 */ 418 private Cookie findCookie(final String cname ) 419 { 420 final HttpServletRequest req = (HttpServletRequest)pageContext.getRequest(); 421 if( req != null ) 422 { 423 final Cookie[] cookies = req.getCookies(); 424 if( cookies != null ) 425 { 426 for (final Cookie cookie : cookies) { 427 if (cookie.getName().equals(cname)) { 428 return cookie; 429 } 430 } 431 } 432 } 433 434 return new Cookie( cname, null ); 435 } 436 437}