can java applets (not signed) create / read cookies?

后端未结

关注

 1  524

说谎

I was wondering if it\'s possible to write cookies to clients from unsigned applets.

相关标签:

1条回答

逝去的感伤

2021-01-18 09:06

Yes they can, you can use JSObject for this. Small note here, you need to add the plugin.jar from the jre/lib directory to your path in order to get this compiled.

Reading:

import netscape.javascript.JSObject;

String data = "";
String cookiename = "fooCookie";
JSObject myBrowser = JSObject.getWindow(this);
JSObject myDocument = (JSObject) myBrowser.getMember("document");

String myCookie = (String) myDocument.getMember("cookie");
if (myCookie.length() > 0) {
    String[] cookies = myCookie.split(";");
    for (String cookie : cookies) {
        int pos = cookie.indexOf("=");
        if (cookie.substring(0, pos).trim().equals(cookiename)) {
            data = cookie.substring(pos + 1);
            break;
        }
    }
}

Writing:

String data = "test";
String cookiename = "fooCookie";
JSObject win = JSObject.getWindow(this);
JSObject doc = (JSObject) win.getMember("document");
String data = cookiename + "=" + data + "; path=/; expires=Thu, 31-Dec-2019 12:00:00 GMT";
doc.setMember("cookie", data);

Don't forget to encode your data in Base64.

0 讨论(0)