Developers
Most visited
Recently visited
CookieManager
public
abstract
class
CookieManager
extends Object
| java.lang.Object | |
| ↳ | android.webkit.CookieManager |
Manages the cookies used by an application's WebView instances.
CookieManager represents cookies as strings in the same format as the
HTTP Cookie and Set-Cookie header fields (defined in
RFC6265bis).
Summary
Public constructors | |
|---|---|
CookieManager()
This constructor is deprecated.
This class should not be constructed by applications, use |
|
Public methods | |
|---|---|
abstract
boolean
|
acceptCookie()
Gets whether the application's |
abstract
boolean
|
acceptThirdPartyCookies(WebView webview)
Gets whether the |
static
boolean
|
allowFileSchemeCookies()
Gets whether the application's |
abstract
void
|
flush()
Ensures all cookies currently accessible through the getCookie API are written to persistent storage. |
abstract
String
|
getCookie(String url)
Gets all the cookies for the given URL. |
static
CookieManager
|
getInstance()
Gets the singleton CookieManager instance. |
abstract
boolean
|
hasCookies()
Gets whether there are stored cookies. |
abstract
void
|
removeAllCookie()
This method is deprecated.
Use |
abstract
void
|
removeAllCookies(ValueCallback<Boolean> callback)
Removes all cookies. |
abstract
void
|
removeExpiredCookie()
This method is deprecated. The WebView handles removing expired cookies automatically. |
abstract
void
|
removeSessionCookie()
This method is deprecated.
use |
abstract
void
|
removeSessionCookies(ValueCallback<Boolean> callback)
Removes all session cookies, which are cookies without an expiration date. |
abstract
void
|
setAcceptCookie(boolean accept)
Sets whether the application's |
static
void
|
setAcceptFileSchemeCookies(boolean accept)
This method is deprecated. This setting is not secure, please use androidx.webkit.WebViewAssetLoader instead. |
abstract
void
|
setAcceptThirdPartyCookies(WebView webview, boolean accept)
Sets whether the |
abstract
void
|
setCookie(String url, String value, ValueCallback<Boolean> callback)
Sets a single cookie (key-value pair) for the given URL. |
abstract
void
|
setCookie(String url, String value)
Sets a single cookie (key-value pair) for the given URL. |
Protected methods | |
|---|---|
Object
|
clone()
Creates and returns a copy of this object. |
Inherited methods | |
|---|---|
Public constructors
CookieManager
public CookieManager ()
This constructor is deprecated.
This class should not be constructed by applications, use getInstance()
instead to fetch the singleton instance.
Public methods
acceptCookie
public abstract boolean acceptCookie ()
Gets whether the application's WebView instances send and accept
cookies.
| Returns | |
|---|---|
boolean |
true if WebView instances send and accept cookies |
acceptThirdPartyCookies
public abstract boolean acceptThirdPartyCookies (WebView webview)
Gets whether the WebView should allow third party cookies to be set.
| Parameters | |
|---|---|
webview |
WebView: the WebView instance to get the cookie policy for |
| Returns | |
|---|---|
boolean |
true if the WebView accepts third party cookies |
allowFileSchemeCookies
public static boolean allowFileSchemeCookies ()
Gets whether the application's WebView instances send and accept
cookies for file scheme URLs.
| Returns | |
|---|---|
boolean |
true if WebView instances send and accept cookies for
file scheme URLs |
flush
public abstract void flush ()
Ensures all cookies currently accessible through the getCookie API are written to persistent storage. This call will block the caller until it is done and may perform I/O.
getCookie
public abstract String getCookie (String url)
Gets all the cookies for the given URL. This may return multiple key-value pairs if multiple
cookies are associated with this URL, in which case each cookie will be delimited by "; " characters (semicolon followed by a space). Each key-value pair will be of the form
"key=value".
| Parameters | |
|---|---|
url |
String: the URL for which the cookies are requested |
| Returns | |
|---|---|
String |
value the cookies as a string, using the format of the 'Cookie' HTTP request header |
getInstance
public static CookieManager getInstance ()
Gets the singleton CookieManager instance.
| Returns | |
|---|---|
CookieManager |
the singleton CookieManager instance |
hasCookies
public abstract boolean hasCookies ()
Gets whether there are stored cookies.
| Returns | |
|---|---|
boolean |
true if there are stored cookies |
removeAllCookie
public abstract void removeAllCookie ()
This method is deprecated.
Use removeAllCookies(android.webkit.ValueCallback) instead.
Removes all cookies.
removeAllCookies
public abstract void removeAllCookies (ValueCallback<Boolean> callback)
Removes all cookies.
This method is asynchronous.
If a ValueCallback is provided,
onReceiveValue() will be called on the current
thread's Looper once the operation is complete.
The value provided to the callback indicates whether any cookies were removed.
You can pass null as the callback if you don't need to know when the operation
completes or whether any cookies were removed, and in this case it is safe to call the
method from a thread without a Looper.
| Parameters | |
|---|---|
callback |
ValueCallback: a callback which is executed when the cookies have been removed
This value may be null. |
removeExpiredCookie
public abstract void removeExpiredCookie ()
This method is deprecated.
The WebView handles removing expired cookies automatically.
Removes all expired cookies.
removeSessionCookie
public abstract void removeSessionCookie ()
This method is deprecated.
use removeSessionCookies(android.webkit.ValueCallback) instead.
Removes all session cookies, which are cookies without an expiration date.
removeSessionCookies
public abstract void removeSessionCookies (ValueCallback<Boolean> callback)
Removes all session cookies, which are cookies without an expiration date.
This method is asynchronous.
If a ValueCallback is provided,
onReceiveValue() will be called on the current
thread's Looper once the operation is complete.
The value provided to the callback indicates whether any cookies were removed.
You can pass null as the callback if you don't need to know when the operation
completes or whether any cookie were removed, and in this case it is safe to call the
method from a thread without a Looper.
| Parameters | |
|---|---|
callback |
ValueCallback: a callback which is executed when the session cookies have been removed
This value may be null. |
setAcceptCookie
public abstract void setAcceptCookie (boolean accept)
Sets whether the application's WebView instances should send and
accept cookies.
By default this is set to true and the WebView accepts cookies.
When this is true
setAcceptThirdPartyCookies and
setAcceptFileSchemeCookies
can be used to control the policy for those specific types of cookie.
| Parameters | |
|---|---|
accept |
boolean: whether WebView instances should send and accept
cookies |
setAcceptFileSchemeCookies
public static void setAcceptFileSchemeCookies (boolean accept)
This method is deprecated.
This setting is not secure, please use
androidx.webkit.WebViewAssetLoader instead.
Sets whether the application's WebView instances should send and accept cookies for
file scheme URLs.
Use of cookies with file scheme URLs is potentially insecure and turned off by default. All
file:// URLs share all their cookies, which may lead to leaking private app cookies
(ex. any malicious file can access cookies previously set by other (trusted) files).
Loading content via file:// URLs is generally discouraged. See the note in
WebSettings#setAllowFileAccess.
Using
androidx.webkit.WebViewAssetLoader to load files over http(s):// URLs allows
the standard web security model to be used for setting and sharing cookies for local files.
Note that calls to this method will have no effect if made after calling other
CookieManager APIs.
| Parameters | |
|---|---|
accept |
boolean |
setAcceptThirdPartyCookies
public abstract void setAcceptThirdPartyCookies (WebView webview, boolean accept)
Sets whether the WebView should allow third party cookies to be set.
Allowing third party cookies is a per WebView policy and can be set
differently on different WebView instances.
Apps that target Build.VERSION_CODES.KITKAT or below
default to allowing third party cookies. Apps targeting
Build.VERSION_CODES.LOLLIPOP or later default to disallowing
third party cookies.
| Parameters | |
|---|---|
webview |
WebView: the WebView instance to set the cookie policy on |
accept |
boolean: whether the WebView instance should accept
third party cookies |
setCookie
public abstract void setCookie (String url, String value, ValueCallback<Boolean> callback)
Sets a single cookie (key-value pair) for the given URL. Any existing cookie with the same host, path and name will be replaced with the new cookie. The cookie being set will be ignored if it is expired. To set multiple cookies, your application should invoke this method multiple times.
The value parameter must follow the format of the Set-Cookie HTTP
response header defined by
RFC6265bis.
This is a key-value pair of the form "key=value", optionally followed by a list of
cookie attributes delimited with semicolons (ex. "key=value; Max-Age=123"). Please
consult the RFC specification for a list of valid attributes.
This method is asynchronous. If a ValueCallback is provided,
ValueCallback#onReceiveValue will be called on the current
thread's Looper once the operation is complete.
The value provided to the callback indicates whether the cookie was set successfully.
You can pass null as the callback if you don't need to know when the operation
completes or whether it succeeded, and in this case it is safe to call the method from a
thread without a Looper.
Note: if specifying a value containing the "Secure"
attribute, url must use the "https://" scheme.
| Parameters | |
|---|---|
url |
String: the URL for which the cookie is to be set |
value |
String: the cookie as a string, using the format of the 'Set-Cookie'
HTTP response header |
callback |
ValueCallback: a callback to be executed when the cookie has been set
This value may be null. |
setCookie
public abstract void setCookie (String url, String value)
Sets a single cookie (key-value pair) for the given URL. Any existing cookie with the same host, path and name will be replaced with the new cookie. The cookie being set will be ignored if it is expired. To set multiple cookies, your application should invoke this method multiple times.
The value parameter must follow the format of the Set-Cookie HTTP
response header defined by
RFC6265bis.
This is a key-value pair of the form "key=value", optionally followed by a list of
cookie attributes delimited with semicolons (ex. "key=value; Max-Age=123"). Please
consult the RFC specification for a list of valid attributes.
Note: if specifying a value containing the "Secure"
attribute, url must use the "https://" scheme.
| Parameters | |
|---|---|
url |
String: the URL for which the cookie is to be set |
value |
String: the cookie as a string, using the format of the 'Set-Cookie'
HTTP response header |
Protected methods
clone
protected Object clone ()
Creates and returns a copy of this object. The precise meaning
of "copy" may depend on the class of the object. The general
intent is that, for any object x, the expression:
will be true, and that the expression:x.clone() != x
will bex.clone().getClass() == x.getClass()
true, but these are not absolute requirements.
While it is typically the case that:
will bex.clone().equals(x)
true, this is not an absolute requirement.
By convention, the returned object should be obtained by calling
super.clone. If a class and all of its superclasses (except
Object) obey this convention, it will be the case that
x.clone().getClass() == x.getClass().
By convention, the object returned by this method should be independent
of this object (which is being cloned). To achieve this independence,
it may be necessary to modify one or more fields of the object returned
by super.clone before returning it. Typically, this means
copying any mutable objects that comprise the internal "deep structure"
of the object being cloned and replacing the references to these
objects with references to the copies. If a class contains only
primitive fields or references to immutable objects, then it is usually
the case that no fields in the object returned by super.clone
need to be modified.
The method clone for class Object performs a
specific cloning operation. First, if the class of this object does
not implement the interface Cloneable, then a
CloneNotSupportedException is thrown. Note that all arrays
are considered to implement the interface Cloneable and that
the return type of the clone method of an array type T[]
is T[] where T is any reference or primitive type.
Otherwise, this method creates a new instance of the class of this
object and initializes all its fields with exactly the contents of
the corresponding fields of this object, as if by assignment; the
contents of the fields are not themselves cloned. Thus, this method
performs a "shallow copy" of this object, not a "deep copy" operation.
The class Object does not itself implement the interface
Cloneable, so calling the clone method on an object
whose class is Object will result in throwing an
exception at run time.
| Returns | |
|---|---|
Object |
a clone of this instance. |
| Throws | |
|---|---|
CloneNotSupportedException |
|