堆栈内存溢出
  简体   繁体   English

如何从android.webkit.CookieManager获取httpOnly cookie

[英]How to get httpOnly cookies from android.webkit.CookieManager

 原文  2016-04-12 20:46:38       java/ android/ cookies/ webkit

问题描述

I need to know whether a cookie in the webkit browser is httpOnly or not. 我需要知道webkit浏览器中的cookie是否是httpOnly。 Using the method getCookie(URL) only return a String with the cookies name and values. 使用方法getCookie(URL)仅返回带有cookie名称和值的String。

I can get it from java.net.CookieManager easily, but I have no idea if it is possible to convert android.webkit.CookieManager to java.net.CookieManager. 我可以轻松地从java.net.CookieManager获取它,但我不知道是否可以将android.webkit.CookieManager转换为java.net.CookieManager。

Update 1 I gave up trying do that. 更新1我放弃尝试这样做。 My guess is that what I want to do is impossible. 我的猜测是,我想做的事情是不可能的。 I tried to Override the shouldInterceptRequest method to open a new connection using HttpUrlConnection and return a new WebResourceResponse with the ImputStream returned from HttpUrlConnection but, seems that the webview doesn't accept javascript after a call come from shouldInterceptRequest. 我试图覆盖shouldInterceptRequest方法以使用HttpUrlConnection打开一个新连接,并使用从HttpUrlConnection返回的ImputStream返回一个新的WebResourceResponse,但似乎webview在来自shouldInterceptRequest的调用后不接受javascript。 :-( :-(

2 个解决方案

解决方案1
 1  2017-02-10 16:55:41

This can be done via reflection, eg: 这可以通过反射来完成,例如: 

CookieManager cookieManager = CookieManager.getInstance();

Field mChromeCookieManager = cookieManager.getClass().getDeclaredField("mChromeCookieManager");
mChromeCookieManager.setAccessible(true);

Object awCookieManager = mChromeCookieManager.get(cookieManager);

Method getCookie = awCookieManager.getClass().getDeclaredMethod("nativeGetCookie", String.class);
getCookie.setAccessible(true);

Object cookie = getCookie.invoke(awCookieManager, url);

(Tested on Android 5.1.1) (在Android 5.1.1上测试过)

解决方案2
 -1  2017-08-13 20:50:45

To isolate http-cookies, Inject document.cookie into the page it should return all non-http cookies to the JS interface callback. 要隔离http-cookies,请将document.cookie注入页面,它应该将所有非http cookie返回给JS接口回调。 Then get the result of the CookieManager call. 然后获取CookieManager调用的结果。 The extra cookies in the set are most likely httponly. 该集合中的额外cookie很可能是httponly。 Simple string work or a hash should do the trick! 简单的字符串工作或哈希应该可以做到! Works on Android 6 and 7 for me. 适用于Android 6和7。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Android Webkit CookieManager:如何通过 CookieManager 获取所有 cookie? - Android Webkit CookieManager: How to get all cookies via CookieManager? 如何从Java客户端获取httponly cookie? - How to get httponly cookies from a Java client? 为什么cookieManager的cookie与Android中的httpClient的cookie不同? - why the cookies of cookieManager is differenet from cookies of httpClient In Android? 在Android中区分HTTPOnly Cookie与其他Cookie - Differentiating HTTPOnly cookies from other in android 不使用CookieManager的Android会话cookie - Android Session cookies without using CookieManager Android中是否存在用于将Cookie格式化为CookieManager值的类? - Is there a class in Android for formatting Cookies into the value for a CookieManager? Android CookieManager - Android CookieManager 如何在Java中使用HttpURLConnection和CookieManager对每个连接使用不同的cookie - How to use different cookies for each connection using HttpURLConnection and the CookieManager in Java 如何获取HttpOnly cookie - How to get HttpOnly cookie 如何在Vaadin中禁用HttpOnly cookie? - How do i disable HttpOnly cookies in Vaadin?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM