Description
Valid or invalid that is the question?
Web applications have several challenges; perhaps the most serious being the difficultly in maintaining state information. A common solution to this issue is to use cookies as a mechanism to encode and distribute this information. However, as the cookie passes from a server to a client and back neither side can assume that the cookie is valid.
You are required to produce a Java program, which uses the regular expression to answer the question: “Is this cookie (supplied as an input) valid or not?”
For this assignment, a valid cookie is defined by these subset of rules found in RFC 6265 (HTTP State Management Mechanism), along with RFC 2616, RFC 1123, and RFC 1034. Note that only the rules in this assignment have to be implemented. A fully functional cookie checker is not required.
| set-cookie-header = “Set-Cookie:” SP set-cookie-string set-cookie-string = cookie-pair *( “;” SP cookie-av ) cookie-pair = cookie-name “=” cookie-value cookie-name = token
token = 1*<any CHAR except CTLs or separators> separators = “(” | “)” | “<” | “>” | “@” | “,” | “;” | “:” | “\” | <“> | “/” | “[” | “]” | “?” | “=” | “{” | “}” | SP | HT cookie-value = *cookie-octet / ( DQUOTE *cookie-octet DQUOTE ) cookie-octet = %x21 / %x23-2B / %x2D-3A / %x3C-5B / %x5D-7E ; US-ASCII characters excluding CTLs, ; whitespace DQUOTE, comma, semicolon, ; and backslash cookie-av = expires-av / max-age-av / domain-av / path-av / secure-av / httponly-av expires-av = “Expires=” rfc1123-date rfc1123-date = wkday “,” SP date1 SP time SP “GMT” date1 = 2DIGIT SP month SP 4DIGIT ; day month year (e.g., 02 Jun 1982) time = 2DIGIT “:” 2DIGIT “:” 2DIGIT ; 00:00:00 – 23:59:59 wkday = “Mon” | “Tue” | “Wed” | “Thu” | “Fri” | “Sat” | “Sun” month = “Jan” | “Feb” | “Mar” | “Apr” | “May” | “Jun” | “Jul” | “Aug” | “Sep” | “Oct” | “Nov” | “Dec” max-age-av = “Max-Age=” non-zero-digit *DIGIT non-zero-digit = %x31-39 ; digits 1 through 9 domain-av = “Domain=” domain-value domain-value = <domain> path-av = “Path=” path-value path-value = <any CHAR except CTLs or “;”> secure-av = “Secure” httponly-av = “HttpOnly” <domain> ::= <subdomain> | ” ” <subdomain> ::= <label> | <subdomain> “.” <label> <label> ::= <letter> [ [ <ldh-str> ] <let-dig> ] <ldh-str> ::= <let-dig-hyp> | <let-dig-hyp> <ldh-str> <let-dig-hyp> ::= <let-dig> | “-” <let-dig> ::= <letter> | <digit> <letter> ::= any one of the 52 alphabetic characters A through Z in upper case and a through <digit> ::= any one of the ten digits 0 through 9 |
z
| Hint: to understand the definition, you may need Augmented Backus-Naur Form.
Examples/Testcases Here are the examples of cookies (test cases, both valid and invalid) to assist you in cons |
| HTTP/1.x 200 OK
Server: Apache-Coyote/1.1 1. Set-Cookie: ns1=”alss/0.foobar^” # name=value 2. Set-Cookie: ns1= # empty value 3. Set-Cookie: ns1=; Expires=Wed, 19 Nov 2008 16:35:39 GMT # Expires=time_stamp 4. Set-Cookie: ns1=; Domain= # empty Domain 5. Set-Cookie: ns1=; Domain=.srv.a.com-0 # Domain=host_name 6. Set-Cookie: lu=Rg3v; Expires=Wed, 19 Nov 2008 16:35:39 GMT; Path=/; Domain=.example.com; HttpOnly 7. Set-Cookie: # empty cookie-pair 8. Set-Cookie: sd # no “=” 9. Set-Cookie: =alss/0.foobar^ # empty name 10. Set-Cookie: ns@1=alss/0.foobar^ # illegal name 11. Set-Cookie: ns1=alss/0.foobar^; # trailing “;” 12. Set-Cookie: ns1=; Expires=Wed 19 Nov 2008 16:35:39 GMT # illegal Expires value 13. Set-Cookie: ns1=alss/0.foobar^; Max-Age=01 # illegal Max-Age: starting 0 14. Set-Cookie: ns1=alss/0.foobar^; Domain=.0com # illegal Domain: starting 0 15. Set-Cookie: ns1=alss/0.foobar^; Domain=.com- # trailing non-letter-digit Domain 16. Set-Cookie: ns1=alss/0.foobar^; Path= # empty Path 17. Set-Cookie: ns1=alss/0.foobar^; httponly # lower case of “HttpOnly” Cache-Control: private Pragma: no-cache Content-Encoding: gzip Content-Type: text/html;charset=UTF-8 Content-Length: 22784
|
CookieTest.java
