-
-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathNonce.java
More file actions
69 lines (64 loc) · 2.57 KB
/
Nonce.java
File metadata and controls
69 lines (64 loc) · 2.57 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
/*
* Copyright (c) 2023-2026 Ronald Brill.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.htmlunit.csp.value;
import java.util.Locale;
import java.util.Optional;
import org.htmlunit.csp.Utils;
/**
* Represents a CSP nonce-source value, e.g. {@code 'nonce-abc123...'}.
* <p>
* A nonce-source consists of the keyword prefix {@code nonce-} followed by a
* Base64-encoded value, all enclosed in single quotes. The prefix is parsed
* case-insensitively, but the Base64 nonce value itself is case-sensitive.
* </p>
*
* @param base64ValuePart the Base64-encoded nonce value (case-sensitive)
* @see <a href="https://w3c.github.io/webappsec-csp/#grammardef-nonce-source">
* nonce-source grammar</a>
*/
public record Nonce(String base64ValuePart) {
/**
* Parses a nonce-source from its CSP string representation.
* <p>
* The input must be a single-quoted string of the form {@code 'nonce-<base64>'}.
* The prefix is matched case-insensitively; the Base64 portion is preserved as-is.
* </p>
*
* @param value the CSP nonce-source token (e.g. {@code 'nonce-abc123...'})
* @return an {@link Optional} containing the parsed {@link Nonce},
* or empty if the value does not match the nonce-source grammar
*/
public static Optional<Nonce> parseNonce(final String value) {
final String lowercaseValue = value.toLowerCase(Locale.ROOT);
if (lowercaseValue.startsWith("'nonce-") && lowercaseValue.endsWith("'")) {
final String nonce = value.substring(7, value.length() - 1);
if (Utils.IS_BASE64_VALUE.test(nonce)) {
// Note that nonces _are_ case-sensitive, even though the grammar is not
return Optional.of(new Nonce(nonce));
}
}
return Optional.empty();
}
/**
* Returns the CSP string representation of this nonce-source,
* e.g. {@code 'nonce-abc123...'}.
*
* @return the single-quoted nonce-source string
*/
@Override
public String toString() {
return "'nonce-" + base64ValuePart + "'";
}
}