private void setCookie()

in src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java [846:870]

• 16 lines of code
• 5 McCabe index (conditional complexity)

        private void setCookie(final HttpServletRequest request, final HttpServletResponse response, final String name,
                final String value, final int age, final String domain) {

            final String ctxPath = request.getContextPath();
            final String cookiePath = (ctxPath == null || ctxPath.length() == 0) ? "/" : ctxPath;

            Cookie c = new Cookie(name, value);
            c.setPath(cookiePath);
            c.setHttpOnly(true); // don't allow JS access

            // set the cookie domain if so configured
            if (domain != null) {
                c.setDomain(domain);
            }

            // Only set the Max-Age attribute to remove the cookie
            if (age >= 0) {
                c.setMaxAge(age);
            }

            // ensure the cookie is secured if this is an https request
            c.setSecure(request.isSecure());

            response.addCookie(c);
        }