Java.net.HttpCookie in Java

Prerequisite – Cookies

Many websites use small strings of text known as cookies to store persistent client-side state between connections. Cookies are passed from server to client and back again in the HTTP headers of requests and responses. Cookies can be used by a server to indicate session IDs, shopping cart contents, login credentials, user preferences, and more.

An HttpCookie object represents an http cookie, which carries state information between server and user agent. Cookie is widely adopted to create stateful sessions.
There are 3 http cookie specifications:

• Netscape draft
• RFC 2109
• RFC 2965

HttpCookie class can accept all these 3 forms of syntax.

Constructor : Creates a cookie with the specified name and value. The name must contain only ASCII alphanumeric characters and conform to RFC 2965. It throws an IllegalArgument exception if the name is not correct or NullPointerException if name is null. The value can be anything cookie wanna store.

Syntax : public HttpCookie(String name,
          String value)
Parameters :
name : name of cookie
value : value of cookie
Throws :
IllegalArgumentException : if name does not conform to RFC2965
NullPointerException : if name is null

Methods :

1. parse() : returns a list of cookies parsed from header string. header must begin with set-cookie or set-cookie2 token or must not contain any token at all.

   Syntax : public static List parse(String header)
   Parameters : 
   header : String to be parsed as cookies

2. hasExpired() : returns boolean value indicating whether the cookie has expired or not.

   Syntax : public boolean hasExpired()

3. setComment() : Used to set a short description describing the purpose of the cookie. It is used when to present the cookie to the user.

   Syntax : public void setComment(String purpose)
   Parameters :
   purpose : purpose of cookie

4. getComment() : Returns the description of the cookie, or null if cookie has no comments.

   Syntax : public void getComment()

5. setCommentURL() : Used to set a short comment url describing the purpose of the cookie. It is used when browser presents the cookie to the user.

   Syntax : public void setCommentURL(String purpose)
   Parameters :
   purpose : purpose of cookie

6. getCommentURL() : Returns the URL comment of the cookie, or null if cookie has no URL comments.

   Syntax : public String getComment()

7. setDiscard() : Used to set if the user agent should discard this cookie or not.

   Syntax : public void setDiscard(Boolean discard)
   Parameters :
   discard : true if UA should discard, otherwise false

8. getDiscard() : Returns the state of discard variable set by setDiscard() method. More specifically returns true if UA is to discard this cookie, otherwise false.

   Syntax : public Boolean getDiscard()

9. setPortList() : Used to specify the ports which this cookie can use.

   Syntax : public void setPortList(String portList)
   Parameters :
   portList : String of comma separated digits specifying the ports.

10. getPortList() : Returns the list of ports which this cookie can use.

    Syntax : public String getPortList()

11. setDomain() : Specify the domain in which this cookie should be visible. For instance, cookies sent from a servlet at bali.vacations.com would not normally get returned by the browser to pages at queensland.vacations.com. If the site wanted this to happen, the servlets could specify cookie.setDomain(“.vacations.com”). To prevent servers from setting cookies that apply to hosts outside their domain, the specified domain must meet the following requirements: it must start with a dot (e.g., .coreservlets.com).

    Syntax : public void setDomain(String domain)
    Parameters :
    domain : String representing the domain in which this cookie is visible

12. getDomain() : Returns the domain in which this cookie is visible.

    Syntax : public String getDomain()

13. setMaxAge() : used to set the max age of cookie in seconds. It specifies the maximum time after creation of cookie for which it is alive. Negative values specifies that cookie will expire as soon as browser exits.

    Syntax : public void setMaxAge(long age)
    Parameters :
    age : Max survive time in seconds

14. getMaxAge() : Returns the max age of cookie.

    Syntax : public long getMaxAge()

15. setPath() : Used to specify the path to the client at which it should return the cookie. This cookie is visible to all the pages and subdirectories of the path specified. For example, if the server sent the cookie from http://ecommerce.site.com/toys/specials.html, the browser would send the cookie back when connecting to http://ecommerce.site.com/to/beginners.html, butnot to http://ecommerce.site.com/c/classic.html.

    Syntax : public void setPath(String uri)
    Parameters :
    uri - a String specifying a path

16. getPath() : Returns the path set for this cookie.

    Syntax : public String getPath()

Java Implementation :








// Java Program to illustrate various // methods of java.net.HttpCookie class public class httpcookie1  {        public static void main(String[] args)      {            // Constructor to create a new cookie.         HttpCookie cookie = new HttpCookie("First", "1");            // setComment() method         cookie.setComment("Just for explanation");            // getComment() method         System.out.println("Comment : " + cookie.getComment());            // setCommentURL() method         cookie.setCommentURL("192.168.1.1");            // getCommentURL() method         System.out.println("CommentURL : " + cookie.getCommentURL());            // setDiscard() method         cookie.setDiscard(true);            // getDiscard() method         System.out.println("Discard : " + cookie.getDiscard());            // setPortlist() method         cookie.setPortlist("1001,8520");            // getPortList() method         System.out.println("Ports: " + cookie.getPortlist());            // setDomain() method         cookie.setDomain(".localhost.com");            // getDomain() method         System.out.println("Domain : " + cookie.getDomain());            // setMaxAge() method         cookie.setMaxAge(3600);            // getMaxAge() method         System.out.println("Max Age : " + cookie.getMaxAge());            // setPath() method         cookie.setPath("192.168.1.1/admin/index.html");            // getPath() method         System.out.println("Path: " + cookie.getPath());        }    }

Output

Comment : Just for explanation
CommentURL : 192.168.1.1
Discard : true
Ports: 1001,8520
Domain : .localhost.com
Max Age : 3600
Path: 192.168.1.1/admin/index.html

17. setSecure() : Indicated if secure protocol to be used while sending this cookie. Default value is false.

    Syntax : public void setSecure(boolean secure)
    Parameters:
    secure - If true, the cookie can only be sent over a secure protocol like https. 
    If false, it can be sent over any protocol.

18. getSecure() : Returns true if this cookie must be sent by a secure protocol, otherwise false.

    Syntax : public boolean getSecure()

19. getName() : Returns the name of the cookie.

     Syntax : public String getName()

20. setValue() : Assigns new value to cookie after initialisation.

    Syntax : public void setValue(String newValue)
    Parameters :
    newValue - a String specifying the new value

21. getValue : Returns the value of the cookie.

    Syntax : public String getValue()

22. getVersion() : Returns 0 if the cookie complies with the original Netscape specification; 1 if the cookie complies with RFC 2965/2109

    Syntax : public int getVersion()

23. setVersion() : Used to set the version of the cookie protocol this cookie uses.

    Syntax :public void setVersion(int v)
                   throws IllegalArgumentException
    Parameters :
    v - 0 for original Netscape specification; 1 for RFC 2965/2109
    Throws :
    IllegalArgumentException - if v is neither 0 nor 1

24. isHttpOnly() :Returns true if cookie can only be used by http ie it cannot be used by scripting languages like JS, vb etc.

    Syntax : public boolean isHttpOnly()

25. setHttpOnly() : Used to set if this cookie is http only or not.

    Syntax : public void setHttpOnly(boolean httpOnly)
    Parameters :
    httpOnly - if true make the cookie HTTP only, i.e. only visible as part 
    of an HTTP request.

26. domainMatches() : Utility function to check if hostname is in domain or not.

    Syntax : public static boolean domainMatches(String domain,
                        String host)
    Parameters :
    domain : domain to check hostname with
    host : host to check

27. toString() : Constructs a string representation of this cookie.

     Syntax :public String toString()

28. equals() : returns true if two http cookies are equal to each other, false otherwise.

     Syntax :public boolean equals(Object obj)

29. hashCode() :Return hash code of this http cookie. The result is the sum of hash code value of three significant components of this cookie: name, domain, and path. Overrides hashCode in class Object.

    Syntax : public int hashCode()

30. clone() : Create and return a copy of this object. Overrides clone method of object class.

    Syntax : public Object clone()

Java Implementation :

Output :

Secure : true
Name : First
Value : 2
Version : 1
is HTTP only : true
toString : First="2"
Hashcode : 97440432

Another Example to show how cookies are actually used by Web servers in which we print the details of cookies stored by www.facebook.com

Output :

------------------ Cookie.1 ------------------
Cookie name: fr
Domain: .facebook.com
Max age: 7775999
Server path: /
Is secured: true
Cookie value: 0Xj7tBSsWlmtXPo92..BZFC8G.qC.AAA.0.0.BZFC8G.AWUwiIgM
Cookie protocol version: 0

Reference:
Official Java Documentation