LoginSignup
10
11

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 5 years have passed since last update.

@granoeste(Katsumi Onishi)in株式会社ディー・エヌ・エー

WebViewで属性が指定されたCookieをCookieManagerから取得できるのか?

Last updated at Posted at 2015-09-17

Yahoo!JAPAN (www.yahoo.co.jp) で試す。

アクセスした時のHTTPログ

HttpRequest_Headers
GET / HTTP/1.1
Host	www.yahoo.co.jp
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
User-Agent	Mozilla/5.0 (Linux; Android 4.4.4; Nexus 7 Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Safari/537.36
Accept-Encoding	gzip,deflate
Accept-Language	ja-JP,en-US;q=0.8
X-Requested-With	net.granoeste.scaffold.sample
Pragma	no-cache
Cache-Control	no-cache
HttpResponse_Headers
HTTP/1.1 200 OK
Server	nginx
Date	Thu, 17 Sep 2015 09:54:43 GMT
Content-Type	text/html; charset=UTF-8
Transfer-Encoding	chunked
Connection	close
P3P	policyref="http://privacy.yahoo.co.jp/w3c/p3p_jp.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Set-Cookie	B=304ntctavl3f3&b=3&s=3k; expires=Sun, 17-Sep-2017 09:54:43 GMT; path=/; domain=.yahoo.co.jp
Cache-Control	private, no-cache, no-store, must-revalidate
Pragma	no-cache
X-XRDS-Location	https://open.login.yahooapis.jp/openid20/www.yahoo.co.jp/xrds
Vary	Accept-Encoding
Content-Encoding	gzip
X-Frame-Options	SAMEORIGIN
Expires	0
Set-Cookie
B : 304ntctavl3f3&b=3&s=3k
    Expires | Sun, 17-Sep-2017 09:54:43 GMT
    Domain  | .yahoo.co.jp
    Path    | /

Set-Cookieにdomain属性が指定されている

ページ読み込み完了時にCookiesを取得

webView.setWebViewClient(
   new WebViewClient() {
        //ページ読み込み完了時に呼ばれる
        @Override
        public void onPageFinished(final WebView view, final String url) {
            String host = URI.create(url).getHost();
            Log.d(TAG, "cookies on " + host);

            for(String cookie : getCookies(host).split(";")) {
                Log.d(TAG, "  " + cookie.trim());
            }

            // サブドメインでCookieを取得
            Log.d(TAG, "cookies on " + "auctions.yahoo.co.jp");
            for(String cookie : getCookies("auctions.yahoo.co.jp").split(";")) {
                Log.d(TAG, "  " + cookie.trim());
            }
        }

   }
}

private String getCookies(String url) {
    return CookieManager.getInstance().getCookie(url);
}

Logcat

   WebViewActivity  V  cookies on www.yahoo.co.jp
                    V    B=304ntctavl3f3&b=3&s=3k
                    V    btpdb.2wzBV9u.dGZjLjE0NDcxNDU=UkVRVUVTVFMuMA
                    V    btpdb.2wzBV9u.dGZjLjE5ODkzNTc=REFZUw
                    V    btpdb.2wzBV9u.dGZjLjE0MzQzNDg=VVNFUg

   WebViewActivity  V  cookies on auctions.yahoo.co.jp
                    V    B=304ntctavl3f3&b=3&s=3k

/data/data/[application_id]/app_webview/Cookiesの内容

creation_utc host_key name value path expires_utc secure httponly last_access_utc has_expires persistent priority encrypted_value
13086957283745489 .yahoo.co.jp B 304ntctavl3f3&b=3&s=3k / 13150115683745489 0 0 13086957283745489 1 1 1
13086957286177547 www.yahoo.co.jp btpdb.2wzBV9u.dGZjLjE0NDcxNDU UkVRVUVTVFMuMA / 13118493286000000 0 0 13086957286177547 1 1 1
13086957286180113 www.yahoo.co.jp btpdb.2wzBV9u.dGZjLjE5ODkzNTc REFZUw / 13087043686000000 0 0 13086957286180113 1 1 1
13086957286181128 www.yahoo.co.jp btpdb.2wzBV9u.dGZjLjE0MzQzNDg VVNFUg / 13118493286000000 0 0 13086957286181128 1 1 1

オークションのURL:auctions.yahoo.co.jpのCookieは、サブドメイン(.yahoo.co.jp)指定されたものしか取得でないようになっている。

secure属性, httponly属性もCookieのテーブルには指定されているが CookieManagerで取得できるかは試せてない...

逆に、domain属性を指定したCookieはWebViewでどうなるのか試す。

@Override
protected void onStart() {
    super.onStart();

    saveCookie(".yahoo.co.jp", "material1=dough;"); // サブドメイン指定
    saveCookie("auctions.yahoo.co.jp", "material2=chocolate;"); // FQDN指定
    saveCookie("www.yahoo.co.jp", "material2=chocolate,almond,coconut;"); // FQDN指定
}

private void setCookies(String url, String cookies) {
    CookieSyncManager.createInstance(this);
    CookieManager cookieManager = CookieManager.getInstance();
    cookieManager.setAcceptCookie(true);
    for (String cookie : cookies.split(";")) {
        cookieManager.setCookie(url, cookie);
    }
    CookieManager.getInstance().flush();
}
HttpRequest_Headers
GET / HTTP/1.1
Host	www.yahoo.co.jp
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
User-Agent	Mozilla/5.0 (Linux; Android 4.4.4; Nexus 7 Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Safari/537.36
Accept-Encoding	gzip,deflate
Accept-Language	ja-JP,en-US;q=0.8
Cookie	material1=dough; material2=chocolate,almond,coconut
X-Requested-With	net.granoeste.scaffold.sample
Pragma	no-cache
Cache-Control	no-cache
HttpRequest_Headers
Host	yads.yahoo.co.jp
GET /tag?s=25597_3463&t=j&ss~ HTTP/1.1
Accept	*/*
User-Agent	Mozilla/5.0 (Linux; Android 4.4.4; Nexus 7 Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Safari/537.36
Referer	http://www.yahoo.co.jp/
Accept-Encoding	gzip,deflate
Accept-Language	ja-JP,en-US;q=0.8
Cookie	material1=dough; B=2rbkb65avmsat&b=3&s=33
X-Requested-With	net.granoeste.scaffold.sample
Pragma	no-cache
Cache-Control	no-cache

サブドメインのCookieも送られていることがわかる。

HttpRequest_Headers
Host	b11.yahoo.co.jp
GET /b?P=PMtKjzEyNy5jk27JgT4xzFEpMTIyLgAAAAD2lSSR~ HTTP/1.1
Accept	image/webp,*/*;q=0.8
User-Agent	Mozilla/5.0 (Linux; Android 4.4.4; Nexus 7 Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Safari/537.36
Referer	http://www.yahoo.co.jp/
Accept-Encoding	gzip,deflate
Accept-Language	ja-JP,en-US;q=0.8
Cookie	material1=dough; B=2rbkb65avmsat&b=3&s=33
X-Requested-With	net.granoeste.scaffold.sample
Pragma	no-cache
Cache-Control	no-cache
HttpResponse_Headers
HTTP/1.1 200 OK
Date	Fri, 18 Sep 2015 02:05:21 GMT
P3P	policyref="http://privacy.yahoo.co.jp/w3c/p3p_jp.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
X-Content-Type-Options	nosniff
X-XSS-Protection	1; mode=block
X-Frame-Options	SAMEORIGIN
Set-Cookie	material1=COOKIEBLAST; domain=.yahoo.co.jp; expires=Sat, 22-Nov-1980 20:00:00 GMT; path=/;
Cache-Control	no-cache, no-store, private, no-cache=Set-Cookie, proxy-revalidate
Pragma	no-cache
Content-Length	43
Connection	close
Content-Type	image/gif
Expires	0
Set-Cookie
material1 | COOKIEBLAST
    Expires | Sat, 22-Nov-1980 20:00:00 GMT
    Domain  | .yahoo.co.jp
    Path    | /

変なCookieを送っていたのでCOOKIEBLASTされましたw

Expiresが過去日付にされCookieが無効になったので、CookieManagerから取得することも出来なくなります。

注)
Android 4.4.4 Nexus 7 での検証です。

10
11
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
10
11

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?