author | lana |
Thu, 31 Oct 2013 16:44:18 -0700 | |
changeset 21428 | e408bf58d482 |
parent 21278 | ef8a3a2a72f2 |
parent 21344 | 13091b742137 |
child 21952 | 6fdca3d54613 |
permissions | -rw-r--r-- |
2 | 1 |
/* |
16007
cf20f016fa94
8007315: HttpURLConnection.filterHeaderField method returns null where empty string is expected
coffeys
parents:
14766
diff
changeset
|
2 |
* Copyright (c) 1995, 2013, Oracle and/or its affiliates. All rights reserved. |
2 | 3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 |
* |
|
5 |
* This code is free software; you can redistribute it and/or modify it |
|
6 |
* under the terms of the GNU General Public License version 2 only, as |
|
5506 | 7 |
* published by the Free Software Foundation. Oracle designates this |
2 | 8 |
* particular file as subject to the "Classpath" exception as provided |
5506 | 9 |
* by Oracle in the LICENSE file that accompanied this code. |
2 | 10 |
* |
11 |
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
12 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
13 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
14 |
* version 2 for more details (a copy is included in the LICENSE file that |
|
15 |
* accompanied this code). |
|
16 |
* |
|
17 |
* You should have received a copy of the GNU General Public License version |
|
18 |
* 2 along with this work; if not, write to the Free Software Foundation, |
|
19 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
20 |
* |
|
5506 | 21 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
22 |
* or visit www.oracle.com if you need additional information or have any |
|
23 |
* questions. |
|
2 | 24 |
*/ |
25 |
||
26 |
package sun.net.www.protocol.http; |
|
27 |
||
10596
39b3a979e600
7090158: Networking Libraries don't build with javac -Werror
chegar
parents:
10136
diff
changeset
|
28 |
import java.util.Arrays; |
2 | 29 |
import java.net.URL; |
30 |
import java.net.URLConnection; |
|
31 |
import java.net.ProtocolException; |
|
32 |
import java.net.HttpRetryException; |
|
33 |
import java.net.PasswordAuthentication; |
|
34 |
import java.net.Authenticator; |
|
11284
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
35 |
import java.net.HttpCookie; |
2 | 36 |
import java.net.InetAddress; |
37 |
import java.net.UnknownHostException; |
|
38 |
import java.net.SocketTimeoutException; |
|
17473
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
39 |
import java.net.SocketPermission; |
2 | 40 |
import java.net.Proxy; |
41 |
import java.net.ProxySelector; |
|
42 |
import java.net.URI; |
|
43 |
import java.net.InetSocketAddress; |
|
44 |
import java.net.CookieHandler; |
|
45 |
import java.net.ResponseCache; |
|
46 |
import java.net.CacheResponse; |
|
47 |
import java.net.SecureCacheResponse; |
|
48 |
import java.net.CacheRequest; |
|
20787
ab071ce90368
8014719: HttpClient/ProxyTest.java failing with IAE HttpURLPermission.parseURI
michaelm
parents:
18577
diff
changeset
|
49 |
import java.net.URLPermission; |
2 | 50 |
import java.net.Authenticator.RequestorType; |
17473
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
51 |
import java.security.AccessController; |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
52 |
import java.security.PrivilegedExceptionAction; |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
53 |
import java.security.PrivilegedActionException; |
2 | 54 |
import java.io.*; |
17473
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
55 |
import java.net.*; |
11284
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
56 |
import java.util.ArrayList; |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
57 |
import java.util.Collections; |
2 | 58 |
import java.util.Date; |
59 |
import java.util.Map; |
|
60 |
import java.util.List; |
|
61 |
import java.util.Locale; |
|
62 |
import java.util.StringTokenizer; |
|
63 |
import java.util.Iterator; |
|
6876
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
64 |
import java.util.HashSet; |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
65 |
import java.util.HashMap; |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
66 |
import java.util.Set; |
2 | 67 |
import sun.net.*; |
68 |
import sun.net.www.*; |
|
69 |
import sun.net.www.http.HttpClient; |
|
70 |
import sun.net.www.http.PosterOutputStream; |
|
71 |
import sun.net.www.http.ChunkedInputStream; |
|
72 |
import sun.net.www.http.ChunkedOutputStream; |
|
3866
34cd368bd2dd
6882384: Update http protocol handler to use PlatformLogger
chegar
parents:
3859
diff
changeset
|
73 |
import sun.util.logging.PlatformLogger; |
2 | 74 |
import java.text.SimpleDateFormat; |
75 |
import java.util.TimeZone; |
|
76 |
import java.net.MalformedURLException; |
|
77 |
import java.nio.ByteBuffer; |
|
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
78 |
import static sun.net.www.protocol.http.AuthScheme.BASIC; |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
79 |
import static sun.net.www.protocol.http.AuthScheme.DIGEST; |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
80 |
import static sun.net.www.protocol.http.AuthScheme.NTLM; |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
81 |
import static sun.net.www.protocol.http.AuthScheme.NEGOTIATE; |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
82 |
import static sun.net.www.protocol.http.AuthScheme.KERBEROS; |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
83 |
import static sun.net.www.protocol.http.AuthScheme.UNKNOWN; |
2 | 84 |
|
85 |
/** |
|
86 |
* A class to represent an HTTP connection to a remote object. |
|
87 |
*/ |
|
88 |
||
89 |
||
90 |
public class HttpURLConnection extends java.net.HttpURLConnection { |
|
91 |
||
479
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
92 |
static String HTTP_CONNECT = "CONNECT"; |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
93 |
|
2 | 94 |
static final String version; |
95 |
public static final String userAgent; |
|
96 |
||
97 |
/* max # of allowed re-directs */ |
|
98 |
static final int defaultmaxRedirects = 20; |
|
99 |
static final int maxRedirects; |
|
100 |
||
101 |
/* Not all servers support the (Proxy)-Authentication-Info headers. |
|
102 |
* By default, we don't require them to be sent |
|
103 |
*/ |
|
104 |
static final boolean validateProxy; |
|
105 |
static final boolean validateServer; |
|
106 |
||
107 |
private StreamingOutputStream strOutputStream; |
|
108 |
private final static String RETRY_MSG1 = |
|
109 |
"cannot retry due to proxy authentication, in streaming mode"; |
|
110 |
private final static String RETRY_MSG2 = |
|
111 |
"cannot retry due to server authentication, in streaming mode"; |
|
112 |
private final static String RETRY_MSG3 = |
|
113 |
"cannot retry due to redirection, in streaming mode"; |
|
114 |
||
115 |
/* |
|
116 |
* System properties related to error stream handling: |
|
117 |
* |
|
118 |
* sun.net.http.errorstream.enableBuffering = <boolean> |
|
119 |
* |
|
120 |
* With the above system property set to true (default is false), |
|
121 |
* when the response code is >=400, the HTTP handler will try to |
|
122 |
* buffer the response body (up to a certain amount and within a |
|
123 |
* time limit). Thus freeing up the underlying socket connection |
|
124 |
* for reuse. The rationale behind this is that usually when the |
|
125 |
* server responds with a >=400 error (client error or server |
|
126 |
* error, such as 404 file not found), the server will send a |
|
127 |
* small response body to explain who to contact and what to do to |
|
128 |
* recover. With this property set to true, even if the |
|
129 |
* application doesn't call getErrorStream(), read the response |
|
130 |
* body, and then call close(), the underlying socket connection |
|
131 |
* can still be kept-alive and reused. The following two system |
|
132 |
* properties provide further control to the error stream |
|
133 |
* buffering behaviour. |
|
134 |
* |
|
135 |
* sun.net.http.errorstream.timeout = <int> |
|
136 |
* the timeout (in millisec) waiting the error stream |
|
137 |
* to be buffered; default is 300 ms |
|
138 |
* |
|
139 |
* sun.net.http.errorstream.bufferSize = <int> |
|
140 |
* the size (in bytes) to use for the buffering the error stream; |
|
141 |
* default is 4k |
|
142 |
*/ |
|
143 |
||
144 |
||
145 |
/* Should we enable buffering of error streams? */ |
|
146 |
private static boolean enableESBuffer = false; |
|
147 |
||
148 |
/* timeout waiting for read for buffered error stream; |
|
149 |
*/ |
|
150 |
private static int timeout4ESBuffer = 0; |
|
151 |
||
152 |
/* buffer size for buffered error stream; |
|
153 |
*/ |
|
154 |
private static int bufSize4ES = 0; |
|
155 |
||
6876
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
156 |
/* |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
157 |
* Restrict setting of request headers through the public api |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
158 |
* consistent with JavaScript XMLHttpRequest2 with a few |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
159 |
* exceptions. Disallowed headers are silently ignored for |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
160 |
* backwards compatibility reasons rather than throwing a |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
161 |
* SecurityException. For example, some applets set the |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
162 |
* Host header since old JREs did not implement HTTP 1.1. |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
163 |
* Additionally, any header starting with Sec- is |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
164 |
* disallowed. |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
165 |
* |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
166 |
* The following headers are allowed for historical reasons: |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
167 |
* |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
168 |
* Accept-Charset, Accept-Encoding, Cookie, Cookie2, Date, |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
169 |
* Referer, TE, User-Agent, headers beginning with Proxy-. |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
170 |
* |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
171 |
* The following headers are allowed in a limited form: |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
172 |
* |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
173 |
* Connection: close |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
174 |
* |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
175 |
* See http://www.w3.org/TR/XMLHttpRequest2. |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
176 |
*/ |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
177 |
private static final boolean allowRestrictedHeaders; |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
178 |
private static final Set<String> restrictedHeaderSet; |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
179 |
private static final String[] restrictedHeaders = { |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
180 |
/* Restricted by XMLHttpRequest2 */ |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
181 |
//"Accept-Charset", |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
182 |
//"Accept-Encoding", |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
183 |
"Access-Control-Request-Headers", |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
184 |
"Access-Control-Request-Method", |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
185 |
"Connection", /* close is allowed */ |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
186 |
"Content-Length", |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
187 |
//"Cookie", |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
188 |
//"Cookie2", |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
189 |
"Content-Transfer-Encoding", |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
190 |
//"Date", |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
191 |
//"Expect", |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
192 |
"Host", |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
193 |
"Keep-Alive", |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
194 |
"Origin", |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
195 |
// "Referer", |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
196 |
// "TE", |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
197 |
"Trailer", |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
198 |
"Transfer-Encoding", |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
199 |
"Upgrade", |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
200 |
//"User-Agent", |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
201 |
"Via" |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
202 |
}; |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
203 |
|
2 | 204 |
static { |
205 |
maxRedirects = java.security.AccessController.doPrivileged( |
|
51 | 206 |
new sun.security.action.GetIntegerAction( |
207 |
"http.maxRedirects", defaultmaxRedirects)).intValue(); |
|
2 | 208 |
version = java.security.AccessController.doPrivileged( |
209 |
new sun.security.action.GetPropertyAction("java.version")); |
|
210 |
String agent = java.security.AccessController.doPrivileged( |
|
211 |
new sun.security.action.GetPropertyAction("http.agent")); |
|
212 |
if (agent == null) { |
|
213 |
agent = "Java/"+version; |
|
214 |
} else { |
|
215 |
agent = agent + " Java/"+version; |
|
216 |
} |
|
217 |
userAgent = agent; |
|
218 |
validateProxy = java.security.AccessController.doPrivileged( |
|
219 |
new sun.security.action.GetBooleanAction( |
|
220 |
"http.auth.digest.validateProxy")).booleanValue(); |
|
221 |
validateServer = java.security.AccessController.doPrivileged( |
|
222 |
new sun.security.action.GetBooleanAction( |
|
223 |
"http.auth.digest.validateServer")).booleanValue(); |
|
224 |
||
225 |
enableESBuffer = java.security.AccessController.doPrivileged( |
|
226 |
new sun.security.action.GetBooleanAction( |
|
227 |
"sun.net.http.errorstream.enableBuffering")).booleanValue(); |
|
228 |
timeout4ESBuffer = java.security.AccessController.doPrivileged( |
|
229 |
new sun.security.action.GetIntegerAction( |
|
230 |
"sun.net.http.errorstream.timeout", 300)).intValue(); |
|
231 |
if (timeout4ESBuffer <= 0) { |
|
232 |
timeout4ESBuffer = 300; // use the default |
|
233 |
} |
|
234 |
||
235 |
bufSize4ES = java.security.AccessController.doPrivileged( |
|
236 |
new sun.security.action.GetIntegerAction( |
|
237 |
"sun.net.http.errorstream.bufferSize", 4096)).intValue(); |
|
238 |
if (bufSize4ES <= 0) { |
|
239 |
bufSize4ES = 4096; // use the default |
|
240 |
} |
|
241 |
||
10596
39b3a979e600
7090158: Networking Libraries don't build with javac -Werror
chegar
parents:
10136
diff
changeset
|
242 |
allowRestrictedHeaders = java.security.AccessController.doPrivileged( |
6876
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
243 |
new sun.security.action.GetBooleanAction( |
10596
39b3a979e600
7090158: Networking Libraries don't build with javac -Werror
chegar
parents:
10136
diff
changeset
|
244 |
"sun.net.http.allowRestrictedHeaders")).booleanValue(); |
6876
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
245 |
if (!allowRestrictedHeaders) { |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
246 |
restrictedHeaderSet = new HashSet<String>(restrictedHeaders.length); |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
247 |
for (int i=0; i < restrictedHeaders.length; i++) { |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
248 |
restrictedHeaderSet.add(restrictedHeaders[i].toLowerCase()); |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
249 |
} |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
250 |
} else { |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
251 |
restrictedHeaderSet = null; |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
252 |
} |
2 | 253 |
} |
254 |
||
255 |
static final String httpVersion = "HTTP/1.1"; |
|
256 |
static final String acceptString = |
|
257 |
"text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2"; |
|
258 |
||
259 |
// the following http request headers should NOT have their values |
|
260 |
// returned for security reasons. |
|
261 |
private static final String[] EXCLUDE_HEADERS = { |
|
262 |
"Proxy-Authorization", |
|
263 |
"Authorization" |
|
264 |
}; |
|
6876
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
265 |
|
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
266 |
// also exclude system cookies when any might be set |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
267 |
private static final String[] EXCLUDE_HEADERS2= { |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
268 |
"Proxy-Authorization", |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
269 |
"Authorization", |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
270 |
"Cookie", |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
271 |
"Cookie2" |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
272 |
}; |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
273 |
|
2 | 274 |
protected HttpClient http; |
275 |
protected Handler handler; |
|
276 |
protected Proxy instProxy; |
|
277 |
||
278 |
private CookieHandler cookieHandler; |
|
11839
53065c5f535d
7133367: ResponseCache.put should not be called when setUseCaches(false)
chegar
parents:
11528
diff
changeset
|
279 |
private final ResponseCache cacheHandler; |
2 | 280 |
|
281 |
// the cached response, and cached response headers and body |
|
282 |
protected CacheResponse cachedResponse; |
|
283 |
private MessageHeader cachedHeaders; |
|
284 |
private InputStream cachedInputStream; |
|
285 |
||
286 |
/* output stream to server */ |
|
287 |
protected PrintStream ps = null; |
|
288 |
||
289 |
||
290 |
/* buffered error stream */ |
|
291 |
private InputStream errorStream = null; |
|
292 |
||
293 |
/* User set Cookies */ |
|
294 |
private boolean setUserCookies = true; |
|
295 |
private String userCookies = null; |
|
6876
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
296 |
private String userCookies2 = null; |
2 | 297 |
|
298 |
/* We only have a single static authenticator for now. |
|
299 |
* REMIND: backwards compatibility with JDK 1.1. Should be |
|
300 |
* eliminated for JDK 2.0. |
|
301 |
*/ |
|
10596
39b3a979e600
7090158: Networking Libraries don't build with javac -Werror
chegar
parents:
10136
diff
changeset
|
302 |
@Deprecated |
2 | 303 |
private static HttpAuthenticator defaultAuth; |
304 |
||
305 |
/* all the headers we send |
|
306 |
* NOTE: do *NOT* dump out the content of 'requests' in the |
|
307 |
* output or stacktrace since it may contain security-sensitive |
|
308 |
* headers such as those defined in EXCLUDE_HEADERS. |
|
309 |
*/ |
|
310 |
private MessageHeader requests; |
|
311 |
||
17473
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
312 |
/* The headers actually set by the user are recorded here also |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
313 |
*/ |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
314 |
private MessageHeader userHeaders; |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
315 |
|
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
316 |
/* Headers and request method cannot be changed |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
317 |
* once this flag is set in :- |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
318 |
* - getOutputStream() |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
319 |
* - getInputStream()) |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
320 |
* - connect() |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
321 |
* Access synchronized on this. |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
322 |
*/ |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
323 |
private boolean connecting = false; |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
324 |
|
2 | 325 |
/* The following two fields are only used with Digest Authentication */ |
326 |
String domain; /* The list of authentication domains */ |
|
327 |
DigestAuthentication.Parameters digestparams; |
|
328 |
||
329 |
/* Current credentials in use */ |
|
330 |
AuthenticationInfo currentProxyCredentials = null; |
|
331 |
AuthenticationInfo currentServerCredentials = null; |
|
332 |
boolean needToCheck = true; |
|
333 |
private boolean doingNTLM2ndStage = false; /* doing the 2nd stage of an NTLM server authentication */ |
|
334 |
private boolean doingNTLMp2ndStage = false; /* doing the 2nd stage of an NTLM proxy authentication */ |
|
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
335 |
|
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
336 |
/* try auth without calling Authenticator. Used for transparent NTLM authentication */ |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
337 |
private boolean tryTransparentNTLMServer = true; |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
338 |
private boolean tryTransparentNTLMProxy = true; |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
339 |
|
3061 | 340 |
/* Used by Windows specific code */ |
4157
558590fb3b49
6893238: Move NTLM and SPNEGO implementations into separate packages
chegar
parents:
4047
diff
changeset
|
341 |
private Object authObj; |
2 | 342 |
|
343 |
/* Set if the user is manually setting the Authorization or Proxy-Authorization headers */ |
|
344 |
boolean isUserServerAuth; |
|
345 |
boolean isUserProxyAuth; |
|
346 |
||
5199
98b1778f0fd1
6648001: Cancelling HTTP authentication causes subsequent deadlocks
chegar
parents:
5161
diff
changeset
|
347 |
String serverAuthKey, proxyAuthKey; |
98b1778f0fd1
6648001: Cancelling HTTP authentication causes subsequent deadlocks
chegar
parents:
5161
diff
changeset
|
348 |
|
2 | 349 |
/* Progress source */ |
350 |
protected ProgressSource pi; |
|
351 |
||
352 |
/* all the response headers we get back */ |
|
353 |
private MessageHeader responses; |
|
354 |
/* the stream _from_ the server */ |
|
355 |
private InputStream inputStream = null; |
|
356 |
/* post stream _to_ the server, if any */ |
|
357 |
private PosterOutputStream poster = null; |
|
358 |
||
359 |
/* Indicates if the std. request headers have been set in requests. */ |
|
360 |
private boolean setRequests=false; |
|
361 |
||
362 |
/* Indicates whether a request has already failed or not */ |
|
363 |
private boolean failedOnce=false; |
|
364 |
||
365 |
/* Remembered Exception, we will throw it again if somebody |
|
366 |
calls getInputStream after disconnect */ |
|
367 |
private Exception rememberedException = null; |
|
368 |
||
369 |
/* If we decide we want to reuse a client, we put it here */ |
|
370 |
private HttpClient reuseClient = null; |
|
371 |
||
479
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
372 |
/* Tunnel states */ |
14008
b572c1f3a7ad
7199219: Proxy-Connection headers set incorrectly when a HttpClient is retrieved from the Keep Alive Cache
robm
parents:
14007
diff
changeset
|
373 |
public enum TunnelState { |
479
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
374 |
/* No tunnel */ |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
375 |
NONE, |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
376 |
|
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
377 |
/* Setting up a tunnel */ |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
378 |
SETUP, |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
379 |
|
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
380 |
/* Tunnel has been successfully setup */ |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
381 |
TUNNELING |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
382 |
} |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
383 |
|
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
384 |
private TunnelState tunnelState = TunnelState.NONE; |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
385 |
|
7022
1066bfde0f5e
6993490: SocketTimeoutException on HTTP keep-alive connections
chegar
parents:
6879
diff
changeset
|
386 |
/* Redefine timeouts from java.net.URLConnection as we need -1 to mean |
2 | 387 |
* not set. This is to ensure backward compatibility. |
388 |
*/ |
|
7022
1066bfde0f5e
6993490: SocketTimeoutException on HTTP keep-alive connections
chegar
parents:
6879
diff
changeset
|
389 |
private int connectTimeout = NetworkClient.DEFAULT_CONNECT_TIMEOUT; |
1066bfde0f5e
6993490: SocketTimeoutException on HTTP keep-alive connections
chegar
parents:
6879
diff
changeset
|
390 |
private int readTimeout = NetworkClient.DEFAULT_READ_TIMEOUT; |
2 | 391 |
|
20787
ab071ce90368
8014719: HttpClient/ProxyTest.java failing with IAE HttpURLPermission.parseURI
michaelm
parents:
18577
diff
changeset
|
392 |
/* A permission converted from a URLPermission */ |
17473
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
393 |
private SocketPermission socketPermission; |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
394 |
|
3866
34cd368bd2dd
6882384: Update http protocol handler to use PlatformLogger
chegar
parents:
3859
diff
changeset
|
395 |
/* Logging support */ |
34cd368bd2dd
6882384: Update http protocol handler to use PlatformLogger
chegar
parents:
3859
diff
changeset
|
396 |
private static final PlatformLogger logger = |
34cd368bd2dd
6882384: Update http protocol handler to use PlatformLogger
chegar
parents:
3859
diff
changeset
|
397 |
PlatformLogger.getLogger("sun.net.www.protocol.http.HttpURLConnection"); |
34cd368bd2dd
6882384: Update http protocol handler to use PlatformLogger
chegar
parents:
3859
diff
changeset
|
398 |
|
2 | 399 |
/* |
400 |
* privileged request password authentication |
|
401 |
* |
|
402 |
*/ |
|
403 |
private static PasswordAuthentication |
|
404 |
privilegedRequestPasswordAuthentication( |
|
405 |
final String host, |
|
406 |
final InetAddress addr, |
|
407 |
final int port, |
|
408 |
final String protocol, |
|
409 |
final String prompt, |
|
410 |
final String scheme, |
|
411 |
final URL url, |
|
412 |
final RequestorType authType) { |
|
51 | 413 |
return java.security.AccessController.doPrivileged( |
414 |
new java.security.PrivilegedAction<PasswordAuthentication>() { |
|
415 |
public PasswordAuthentication run() { |
|
18178
ee71c923891d
8016747: Replace deprecated PlatformLogger isLoggable(int) with isLoggable(Level)
chegar
parents:
17952
diff
changeset
|
416 |
if (logger.isLoggable(PlatformLogger.Level.FINEST)) { |
3866
34cd368bd2dd
6882384: Update http protocol handler to use PlatformLogger
chegar
parents:
3859
diff
changeset
|
417 |
logger.finest("Requesting Authentication: host =" + host + " url = " + url); |
3059
2975ff687a6b
6811297: Add more logging to HTTP protocol handler
jccollet
parents:
2942
diff
changeset
|
418 |
} |
2975ff687a6b
6811297: Add more logging to HTTP protocol handler
jccollet
parents:
2942
diff
changeset
|
419 |
PasswordAuthentication pass = Authenticator.requestPasswordAuthentication( |
2 | 420 |
host, addr, port, protocol, |
421 |
prompt, scheme, url, authType); |
|
18178
ee71c923891d
8016747: Replace deprecated PlatformLogger isLoggable(int) with isLoggable(Level)
chegar
parents:
17952
diff
changeset
|
422 |
if (logger.isLoggable(PlatformLogger.Level.FINEST)) { |
3866
34cd368bd2dd
6882384: Update http protocol handler to use PlatformLogger
chegar
parents:
3859
diff
changeset
|
423 |
logger.finest("Authentication returned: " + (pass != null ? pass.toString() : "null")); |
3059
2975ff687a6b
6811297: Add more logging to HTTP protocol handler
jccollet
parents:
2942
diff
changeset
|
424 |
} |
2975ff687a6b
6811297: Add more logging to HTTP protocol handler
jccollet
parents:
2942
diff
changeset
|
425 |
return pass; |
2 | 426 |
} |
427 |
}); |
|
428 |
} |
|
429 |
||
6876
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
430 |
private boolean isRestrictedHeader(String key, String value) { |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
431 |
if (allowRestrictedHeaders) { |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
432 |
return false; |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
433 |
} |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
434 |
|
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
435 |
key = key.toLowerCase(); |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
436 |
if (restrictedHeaderSet.contains(key)) { |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
437 |
/* |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
438 |
* Exceptions to restricted headers: |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
439 |
* |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
440 |
* Allow "Connection: close". |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
441 |
*/ |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
442 |
if (key.equals("connection") && value.equalsIgnoreCase("close")) { |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
443 |
return false; |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
444 |
} |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
445 |
return true; |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
446 |
} else if (key.startsWith("sec-")) { |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
447 |
return true; |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
448 |
} |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
449 |
return false; |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
450 |
} |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
451 |
|
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
452 |
/* |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
453 |
* Checks the validity of http message header and whether the header |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
454 |
* is restricted and throws IllegalArgumentException if invalid or |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
455 |
* restricted. |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
456 |
*/ |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
457 |
private boolean isExternalMessageHeaderAllowed(String key, String value) { |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
458 |
checkMessageHeader(key, value); |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
459 |
if (!isRestrictedHeader(key, value)) { |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
460 |
return true; |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
461 |
} |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
462 |
return false; |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
463 |
} |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
464 |
|
3866
34cd368bd2dd
6882384: Update http protocol handler to use PlatformLogger
chegar
parents:
3859
diff
changeset
|
465 |
/* Logging support */ |
34cd368bd2dd
6882384: Update http protocol handler to use PlatformLogger
chegar
parents:
3859
diff
changeset
|
466 |
public static PlatformLogger getHttpLogger() { |
34cd368bd2dd
6882384: Update http protocol handler to use PlatformLogger
chegar
parents:
3859
diff
changeset
|
467 |
return logger; |
34cd368bd2dd
6882384: Update http protocol handler to use PlatformLogger
chegar
parents:
3859
diff
changeset
|
468 |
} |
34cd368bd2dd
6882384: Update http protocol handler to use PlatformLogger
chegar
parents:
3859
diff
changeset
|
469 |
|
4157
558590fb3b49
6893238: Move NTLM and SPNEGO implementations into separate packages
chegar
parents:
4047
diff
changeset
|
470 |
/* Used for Windows NTLM implementation */ |
558590fb3b49
6893238: Move NTLM and SPNEGO implementations into separate packages
chegar
parents:
4047
diff
changeset
|
471 |
public Object authObj() { |
558590fb3b49
6893238: Move NTLM and SPNEGO implementations into separate packages
chegar
parents:
4047
diff
changeset
|
472 |
return authObj; |
558590fb3b49
6893238: Move NTLM and SPNEGO implementations into separate packages
chegar
parents:
4047
diff
changeset
|
473 |
} |
558590fb3b49
6893238: Move NTLM and SPNEGO implementations into separate packages
chegar
parents:
4047
diff
changeset
|
474 |
|
558590fb3b49
6893238: Move NTLM and SPNEGO implementations into separate packages
chegar
parents:
4047
diff
changeset
|
475 |
public void authObj(Object authObj) { |
558590fb3b49
6893238: Move NTLM and SPNEGO implementations into separate packages
chegar
parents:
4047
diff
changeset
|
476 |
this.authObj = authObj; |
558590fb3b49
6893238: Move NTLM and SPNEGO implementations into separate packages
chegar
parents:
4047
diff
changeset
|
477 |
} |
558590fb3b49
6893238: Move NTLM and SPNEGO implementations into separate packages
chegar
parents:
4047
diff
changeset
|
478 |
|
2 | 479 |
/* |
480 |
* checks the validity of http message header and throws |
|
481 |
* IllegalArgumentException if invalid. |
|
482 |
*/ |
|
483 |
private void checkMessageHeader(String key, String value) { |
|
484 |
char LF = '\n'; |
|
485 |
int index = key.indexOf(LF); |
|
486 |
if (index != -1) { |
|
487 |
throw new IllegalArgumentException( |
|
488 |
"Illegal character(s) in message header field: " + key); |
|
489 |
} |
|
490 |
else { |
|
491 |
if (value == null) { |
|
492 |
return; |
|
493 |
} |
|
494 |
||
495 |
index = value.indexOf(LF); |
|
496 |
while (index != -1) { |
|
497 |
index++; |
|
498 |
if (index < value.length()) { |
|
499 |
char c = value.charAt(index); |
|
500 |
if ((c==' ') || (c=='\t')) { |
|
501 |
// ok, check the next occurrence |
|
502 |
index = value.indexOf(LF, index); |
|
503 |
continue; |
|
504 |
} |
|
505 |
} |
|
506 |
throw new IllegalArgumentException( |
|
507 |
"Illegal character(s) in message header value: " + value); |
|
508 |
} |
|
509 |
} |
|
510 |
} |
|
511 |
||
17473
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
512 |
public synchronized void setRequestMethod(String method) |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
513 |
throws ProtocolException { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
514 |
if (connecting) { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
515 |
throw new IllegalStateException("connect in progress"); |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
516 |
} |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
517 |
super.setRequestMethod(method); |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
518 |
} |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
519 |
|
2 | 520 |
/* adds the standard key/val pairs to reqests if necessary & write to |
521 |
* given PrintStream |
|
522 |
*/ |
|
523 |
private void writeRequests() throws IOException { |
|
524 |
/* print all message headers in the MessageHeader |
|
525 |
* onto the wire - all the ones we've set and any |
|
526 |
* others that have been set |
|
527 |
*/ |
|
528 |
// send any pre-emptive authentication |
|
479
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
529 |
if (http.usingProxy && tunnelState() != TunnelState.TUNNELING) { |
2 | 530 |
setPreemptiveProxyAuthentication(requests); |
531 |
} |
|
532 |
if (!setRequests) { |
|
533 |
||
534 |
/* We're very particular about the order in which we |
|
535 |
* set the request headers here. The order should not |
|
536 |
* matter, but some careless CGI programs have been |
|
537 |
* written to expect a very particular order of the |
|
538 |
* standard headers. To name names, the order in which |
|
539 |
* Navigator3.0 sends them. In particular, we make *sure* |
|
540 |
* to send Content-type: <> and Content-length:<> second |
|
541 |
* to last and last, respectively, in the case of a POST |
|
542 |
* request. |
|
543 |
*/ |
|
544 |
if (!failedOnce) |
|
3952
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
545 |
requests.prepend(method + " " + getRequestURI()+" " + |
2 | 546 |
httpVersion, null); |
547 |
if (!getUseCaches()) { |
|
548 |
requests.setIfNotSet ("Cache-Control", "no-cache"); |
|
549 |
requests.setIfNotSet ("Pragma", "no-cache"); |
|
550 |
} |
|
551 |
requests.setIfNotSet("User-Agent", userAgent); |
|
552 |
int port = url.getPort(); |
|
553 |
String host = url.getHost(); |
|
554 |
if (port != -1 && port != url.getDefaultPort()) { |
|
555 |
host += ":" + String.valueOf(port); |
|
556 |
} |
|
557 |
requests.setIfNotSet("Host", host); |
|
558 |
requests.setIfNotSet("Accept", acceptString); |
|
559 |
||
560 |
/* |
|
561 |
* For HTTP/1.1 the default behavior is to keep connections alive. |
|
562 |
* However, we may be talking to a 1.0 server so we should set |
|
563 |
* keep-alive just in case, except if we have encountered an error |
|
564 |
* or if keep alive is disabled via a system property |
|
565 |
*/ |
|
566 |
||
567 |
// Try keep-alive only on first attempt |
|
568 |
if (!failedOnce && http.getHttpKeepAliveSet()) { |
|
4923
cd2829ef32e2
6365587: Proxy-Connection header sent through tunnel
chegar
parents:
4158
diff
changeset
|
569 |
if (http.usingProxy && tunnelState() != TunnelState.TUNNELING) { |
2 | 570 |
requests.setIfNotSet("Proxy-Connection", "keep-alive"); |
571 |
} else { |
|
572 |
requests.setIfNotSet("Connection", "keep-alive"); |
|
573 |
} |
|
574 |
} else { |
|
575 |
/* |
|
576 |
* RFC 2616 HTTP/1.1 section 14.10 says: |
|
577 |
* HTTP/1.1 applications that do not support persistent |
|
578 |
* connections MUST include the "close" connection option |
|
579 |
* in every message |
|
580 |
*/ |
|
581 |
requests.setIfNotSet("Connection", "close"); |
|
582 |
} |
|
583 |
// Set modified since if necessary |
|
584 |
long modTime = getIfModifiedSince(); |
|
585 |
if (modTime != 0 ) { |
|
586 |
Date date = new Date(modTime); |
|
587 |
//use the preferred date format according to RFC 2068(HTTP1.1), |
|
588 |
// RFC 822 and RFC 1123 |
|
589 |
SimpleDateFormat fo = |
|
590 |
new SimpleDateFormat ("EEE, dd MMM yyyy HH:mm:ss 'GMT'", Locale.US); |
|
591 |
fo.setTimeZone(TimeZone.getTimeZone("GMT")); |
|
592 |
requests.setIfNotSet("If-Modified-Since", fo.format(date)); |
|
593 |
} |
|
594 |
// check for preemptive authorization |
|
595 |
AuthenticationInfo sauth = AuthenticationInfo.getServerAuth(url); |
|
596 |
if (sauth != null && sauth.supportsPreemptiveAuthorization() ) { |
|
597 |
// Sets "Authorization" |
|
598 |
requests.setIfNotSet(sauth.getHeaderName(), sauth.getHeaderValue(url,method)); |
|
599 |
currentServerCredentials = sauth; |
|
600 |
} |
|
601 |
||
602 |
if (!method.equals("PUT") && (poster != null || streaming())) { |
|
603 |
requests.setIfNotSet ("Content-type", |
|
604 |
"application/x-www-form-urlencoded"); |
|
605 |
} |
|
606 |
||
6873
7fe1f614001e
6952017: HttpURLConnection chunked encoding issue (Http request splitting)
michaelm
parents:
5979
diff
changeset
|
607 |
boolean chunked = false; |
7fe1f614001e
6952017: HttpURLConnection chunked encoding issue (Http request splitting)
michaelm
parents:
5979
diff
changeset
|
608 |
|
2 | 609 |
if (streaming()) { |
610 |
if (chunkLength != -1) { |
|
611 |
requests.set ("Transfer-Encoding", "chunked"); |
|
6873
7fe1f614001e
6952017: HttpURLConnection chunked encoding issue (Http request splitting)
michaelm
parents:
5979
diff
changeset
|
612 |
chunked = true; |
1576
b697b141012d
6755625: Add HttpURLConnection.setFixedLengthStreamingMode(long)
chegar
parents:
715
diff
changeset
|
613 |
} else { /* fixed content length */ |
b697b141012d
6755625: Add HttpURLConnection.setFixedLengthStreamingMode(long)
chegar
parents:
715
diff
changeset
|
614 |
if (fixedContentLengthLong != -1) { |
b697b141012d
6755625: Add HttpURLConnection.setFixedLengthStreamingMode(long)
chegar
parents:
715
diff
changeset
|
615 |
requests.set ("Content-Length", |
b697b141012d
6755625: Add HttpURLConnection.setFixedLengthStreamingMode(long)
chegar
parents:
715
diff
changeset
|
616 |
String.valueOf(fixedContentLengthLong)); |
b697b141012d
6755625: Add HttpURLConnection.setFixedLengthStreamingMode(long)
chegar
parents:
715
diff
changeset
|
617 |
} else if (fixedContentLength != -1) { |
b697b141012d
6755625: Add HttpURLConnection.setFixedLengthStreamingMode(long)
chegar
parents:
715
diff
changeset
|
618 |
requests.set ("Content-Length", |
b697b141012d
6755625: Add HttpURLConnection.setFixedLengthStreamingMode(long)
chegar
parents:
715
diff
changeset
|
619 |
String.valueOf(fixedContentLength)); |
b697b141012d
6755625: Add HttpURLConnection.setFixedLengthStreamingMode(long)
chegar
parents:
715
diff
changeset
|
620 |
} |
2 | 621 |
} |
622 |
} else if (poster != null) { |
|
623 |
/* add Content-Length & POST/PUT data */ |
|
624 |
synchronized (poster) { |
|
625 |
/* close it, so no more data can be added */ |
|
626 |
poster.close(); |
|
627 |
requests.set("Content-Length", |
|
628 |
String.valueOf(poster.size())); |
|
629 |
} |
|
630 |
} |
|
631 |
||
6873
7fe1f614001e
6952017: HttpURLConnection chunked encoding issue (Http request splitting)
michaelm
parents:
5979
diff
changeset
|
632 |
if (!chunked) { |
7fe1f614001e
6952017: HttpURLConnection chunked encoding issue (Http request splitting)
michaelm
parents:
5979
diff
changeset
|
633 |
if (requests.findValue("Transfer-Encoding") != null) { |
7fe1f614001e
6952017: HttpURLConnection chunked encoding issue (Http request splitting)
michaelm
parents:
5979
diff
changeset
|
634 |
requests.remove("Transfer-Encoding"); |
18178
ee71c923891d
8016747: Replace deprecated PlatformLogger isLoggable(int) with isLoggable(Level)
chegar
parents:
17952
diff
changeset
|
635 |
if (logger.isLoggable(PlatformLogger.Level.WARNING)) { |
6873
7fe1f614001e
6952017: HttpURLConnection chunked encoding issue (Http request splitting)
michaelm
parents:
5979
diff
changeset
|
636 |
logger.warning( |
7fe1f614001e
6952017: HttpURLConnection chunked encoding issue (Http request splitting)
michaelm
parents:
5979
diff
changeset
|
637 |
"use streaming mode for chunked encoding"); |
7fe1f614001e
6952017: HttpURLConnection chunked encoding issue (Http request splitting)
michaelm
parents:
5979
diff
changeset
|
638 |
} |
7fe1f614001e
6952017: HttpURLConnection chunked encoding issue (Http request splitting)
michaelm
parents:
5979
diff
changeset
|
639 |
} |
7fe1f614001e
6952017: HttpURLConnection chunked encoding issue (Http request splitting)
michaelm
parents:
5979
diff
changeset
|
640 |
} |
7fe1f614001e
6952017: HttpURLConnection chunked encoding issue (Http request splitting)
michaelm
parents:
5979
diff
changeset
|
641 |
|
2 | 642 |
// get applicable cookies based on the uri and request headers |
643 |
// add them to the existing request headers |
|
644 |
setCookieHeader(); |
|
645 |
||
646 |
setRequests=true; |
|
647 |
} |
|
18178
ee71c923891d
8016747: Replace deprecated PlatformLogger isLoggable(int) with isLoggable(Level)
chegar
parents:
17952
diff
changeset
|
648 |
if (logger.isLoggable(PlatformLogger.Level.FINE)) { |
3866
34cd368bd2dd
6882384: Update http protocol handler to use PlatformLogger
chegar
parents:
3859
diff
changeset
|
649 |
logger.fine(requests.toString()); |
2 | 650 |
} |
6673
3674dbc66612
6672144: HttpURLConnection.getInputStream sends POST request after failed chunked
chegar
parents:
6292
diff
changeset
|
651 |
http.writeRequests(requests, poster, streaming()); |
2 | 652 |
if (ps.checkError()) { |
653 |
String proxyHost = http.getProxyHostUsed(); |
|
654 |
int proxyPort = http.getProxyPortUsed(); |
|
655 |
disconnectInternal(); |
|
656 |
if (failedOnce) { |
|
657 |
throw new IOException("Error writing to server"); |
|
658 |
} else { // try once more |
|
659 |
failedOnce=true; |
|
660 |
if (proxyHost != null) { |
|
661 |
setProxiedClient(url, proxyHost, proxyPort); |
|
662 |
} else { |
|
663 |
setNewClient (url); |
|
664 |
} |
|
665 |
ps = (PrintStream) http.getOutputStream(); |
|
666 |
connected=true; |
|
667 |
responses = new MessageHeader(); |
|
668 |
setRequests=false; |
|
669 |
writeRequests(); |
|
670 |
} |
|
671 |
} |
|
672 |
} |
|
673 |
||
674 |
||
675 |
/** |
|
676 |
* Create a new HttpClient object, bypassing the cache of |
|
677 |
* HTTP client objects/connections. |
|
678 |
* |
|
679 |
* @param url the URL being accessed |
|
680 |
*/ |
|
681 |
protected void setNewClient (URL url) |
|
682 |
throws IOException { |
|
683 |
setNewClient(url, false); |
|
684 |
} |
|
685 |
||
686 |
/** |
|
687 |
* Obtain a HttpsClient object. Use the cached copy if specified. |
|
688 |
* |
|
689 |
* @param url the URL being accessed |
|
690 |
* @param useCache whether the cached connection should be used |
|
691 |
* if present |
|
692 |
*/ |
|
693 |
protected void setNewClient (URL url, boolean useCache) |
|
694 |
throws IOException { |
|
14007
2fde9d6d874a
7199862: Make sure that a connection is still alive when retrieved from KeepAliveCache in certain cases
robm
parents:
11839
diff
changeset
|
695 |
http = HttpClient.New(url, null, -1, useCache, connectTimeout, this); |
2 | 696 |
http.setReadTimeout(readTimeout); |
697 |
} |
|
698 |
||
699 |
||
700 |
/** |
|
701 |
* Create a new HttpClient object, set up so that it uses |
|
702 |
* per-instance proxying to the given HTTP proxy. This |
|
703 |
* bypasses the cache of HTTP client objects/connections. |
|
704 |
* |
|
705 |
* @param url the URL being accessed |
|
706 |
* @param proxyHost the proxy host to use |
|
707 |
* @param proxyPort the proxy port to use |
|
708 |
*/ |
|
709 |
protected void setProxiedClient (URL url, String proxyHost, int proxyPort) |
|
710 |
throws IOException { |
|
711 |
setProxiedClient(url, proxyHost, proxyPort, false); |
|
712 |
} |
|
713 |
||
714 |
/** |
|
715 |
* Obtain a HttpClient object, set up so that it uses per-instance |
|
716 |
* proxying to the given HTTP proxy. Use the cached copy of HTTP |
|
717 |
* client objects/connections if specified. |
|
718 |
* |
|
719 |
* @param url the URL being accessed |
|
720 |
* @param proxyHost the proxy host to use |
|
721 |
* @param proxyPort the proxy port to use |
|
722 |
* @param useCache whether the cached connection should be used |
|
723 |
* if present |
|
724 |
*/ |
|
725 |
protected void setProxiedClient (URL url, |
|
726 |
String proxyHost, int proxyPort, |
|
727 |
boolean useCache) |
|
728 |
throws IOException { |
|
729 |
proxiedConnect(url, proxyHost, proxyPort, useCache); |
|
730 |
} |
|
731 |
||
732 |
protected void proxiedConnect(URL url, |
|
733 |
String proxyHost, int proxyPort, |
|
734 |
boolean useCache) |
|
735 |
throws IOException { |
|
14007
2fde9d6d874a
7199862: Make sure that a connection is still alive when retrieved from KeepAliveCache in certain cases
robm
parents:
11839
diff
changeset
|
736 |
http = HttpClient.New (url, proxyHost, proxyPort, useCache, |
2fde9d6d874a
7199862: Make sure that a connection is still alive when retrieved from KeepAliveCache in certain cases
robm
parents:
11839
diff
changeset
|
737 |
connectTimeout, this); |
2 | 738 |
http.setReadTimeout(readTimeout); |
739 |
} |
|
740 |
||
741 |
protected HttpURLConnection(URL u, Handler handler) |
|
742 |
throws IOException { |
|
743 |
// we set proxy == null to distinguish this case with the case |
|
744 |
// when per connection proxy is set |
|
745 |
this(u, null, handler); |
|
746 |
} |
|
747 |
||
748 |
public HttpURLConnection(URL u, String host, int port) { |
|
749 |
this(u, new Proxy(Proxy.Type.HTTP, InetSocketAddress.createUnresolved(host, port))); |
|
750 |
} |
|
751 |
||
752 |
/** this constructor is used by other protocol handlers such as ftp |
|
753 |
that want to use http to fetch urls on their behalf.*/ |
|
754 |
public HttpURLConnection(URL u, Proxy p) { |
|
755 |
this(u, p, new Handler()); |
|
756 |
} |
|
757 |
||
758 |
protected HttpURLConnection(URL u, Proxy p, Handler handler) { |
|
759 |
super(u); |
|
760 |
requests = new MessageHeader(); |
|
761 |
responses = new MessageHeader(); |
|
17473
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
762 |
userHeaders = new MessageHeader(); |
2 | 763 |
this.handler = handler; |
764 |
instProxy = p; |
|
3450
2f08a8bb9b83
6801071: Remote sites can compromise user privacy and possibly hijack web sessions
chegar
parents:
1576
diff
changeset
|
765 |
if (instProxy instanceof sun.net.ApplicationProxy) { |
2f08a8bb9b83
6801071: Remote sites can compromise user privacy and possibly hijack web sessions
chegar
parents:
1576
diff
changeset
|
766 |
/* Application set Proxies should not have access to cookies |
2f08a8bb9b83
6801071: Remote sites can compromise user privacy and possibly hijack web sessions
chegar
parents:
1576
diff
changeset
|
767 |
* in a secure environment unless explicitly allowed. */ |
2f08a8bb9b83
6801071: Remote sites can compromise user privacy and possibly hijack web sessions
chegar
parents:
1576
diff
changeset
|
768 |
try { |
2f08a8bb9b83
6801071: Remote sites can compromise user privacy and possibly hijack web sessions
chegar
parents:
1576
diff
changeset
|
769 |
cookieHandler = CookieHandler.getDefault(); |
2f08a8bb9b83
6801071: Remote sites can compromise user privacy and possibly hijack web sessions
chegar
parents:
1576
diff
changeset
|
770 |
} catch (SecurityException se) { /* swallow exception */ } |
2f08a8bb9b83
6801071: Remote sites can compromise user privacy and possibly hijack web sessions
chegar
parents:
1576
diff
changeset
|
771 |
} else { |
2f08a8bb9b83
6801071: Remote sites can compromise user privacy and possibly hijack web sessions
chegar
parents:
1576
diff
changeset
|
772 |
cookieHandler = java.security.AccessController.doPrivileged( |
2f08a8bb9b83
6801071: Remote sites can compromise user privacy and possibly hijack web sessions
chegar
parents:
1576
diff
changeset
|
773 |
new java.security.PrivilegedAction<CookieHandler>() { |
51 | 774 |
public CookieHandler run() { |
3450
2f08a8bb9b83
6801071: Remote sites can compromise user privacy and possibly hijack web sessions
chegar
parents:
1576
diff
changeset
|
775 |
return CookieHandler.getDefault(); |
2f08a8bb9b83
6801071: Remote sites can compromise user privacy and possibly hijack web sessions
chegar
parents:
1576
diff
changeset
|
776 |
} |
2f08a8bb9b83
6801071: Remote sites can compromise user privacy and possibly hijack web sessions
chegar
parents:
1576
diff
changeset
|
777 |
}); |
2f08a8bb9b83
6801071: Remote sites can compromise user privacy and possibly hijack web sessions
chegar
parents:
1576
diff
changeset
|
778 |
} |
51 | 779 |
cacheHandler = java.security.AccessController.doPrivileged( |
780 |
new java.security.PrivilegedAction<ResponseCache>() { |
|
781 |
public ResponseCache run() { |
|
2 | 782 |
return ResponseCache.getDefault(); |
783 |
} |
|
784 |
}); |
|
785 |
} |
|
786 |
||
787 |
/** |
|
788 |
* @deprecated. Use java.net.Authenticator.setDefault() instead. |
|
789 |
*/ |
|
10596
39b3a979e600
7090158: Networking Libraries don't build with javac -Werror
chegar
parents:
10136
diff
changeset
|
790 |
@Deprecated |
2 | 791 |
public static void setDefaultAuthenticator(HttpAuthenticator a) { |
792 |
defaultAuth = a; |
|
793 |
} |
|
794 |
||
795 |
/** |
|
796 |
* opens a stream allowing redirects only to the same host. |
|
797 |
*/ |
|
798 |
public static InputStream openConnectionCheckRedirects(URLConnection c) |
|
799 |
throws IOException |
|
800 |
{ |
|
801 |
boolean redir; |
|
802 |
int redirects = 0; |
|
3059
2975ff687a6b
6811297: Add more logging to HTTP protocol handler
jccollet
parents:
2942
diff
changeset
|
803 |
InputStream in; |
2 | 804 |
|
805 |
do { |
|
806 |
if (c instanceof HttpURLConnection) { |
|
807 |
((HttpURLConnection) c).setInstanceFollowRedirects(false); |
|
808 |
} |
|
809 |
||
810 |
// We want to open the input stream before |
|
811 |
// getting headers, because getHeaderField() |
|
812 |
// et al swallow IOExceptions. |
|
813 |
in = c.getInputStream(); |
|
814 |
redir = false; |
|
815 |
||
816 |
if (c instanceof HttpURLConnection) { |
|
817 |
HttpURLConnection http = (HttpURLConnection) c; |
|
818 |
int stat = http.getResponseCode(); |
|
819 |
if (stat >= 300 && stat <= 307 && stat != 306 && |
|
820 |
stat != HttpURLConnection.HTTP_NOT_MODIFIED) { |
|
821 |
URL base = http.getURL(); |
|
822 |
String loc = http.getHeaderField("Location"); |
|
823 |
URL target = null; |
|
824 |
if (loc != null) { |
|
825 |
target = new URL(base, loc); |
|
826 |
} |
|
827 |
http.disconnect(); |
|
828 |
if (target == null |
|
829 |
|| !base.getProtocol().equals(target.getProtocol()) |
|
830 |
|| base.getPort() != target.getPort() |
|
831 |
|| !hostsEqual(base, target) |
|
832 |
|| redirects >= 5) |
|
833 |
{ |
|
834 |
throw new SecurityException("illegal URL redirect"); |
|
835 |
} |
|
836 |
redir = true; |
|
837 |
c = target.openConnection(); |
|
838 |
redirects++; |
|
839 |
} |
|
840 |
} |
|
841 |
} while (redir); |
|
842 |
return in; |
|
843 |
} |
|
844 |
||
845 |
||
846 |
// |
|
847 |
// Same as java.net.URL.hostsEqual |
|
848 |
// |
|
849 |
private static boolean hostsEqual(URL u1, URL u2) { |
|
850 |
final String h1 = u1.getHost(); |
|
851 |
final String h2 = u2.getHost(); |
|
852 |
||
853 |
if (h1 == null) { |
|
854 |
return h2 == null; |
|
855 |
} else if (h2 == null) { |
|
856 |
return false; |
|
857 |
} else if (h1.equalsIgnoreCase(h2)) { |
|
858 |
return true; |
|
859 |
} |
|
860 |
// Have to resolve addresses before comparing, otherwise |
|
861 |
// names like tachyon and tachyon.eng would compare different |
|
862 |
final boolean result[] = {false}; |
|
863 |
||
864 |
java.security.AccessController.doPrivileged( |
|
51 | 865 |
new java.security.PrivilegedAction<Void>() { |
866 |
public Void run() { |
|
2 | 867 |
try { |
868 |
InetAddress a1 = InetAddress.getByName(h1); |
|
869 |
InetAddress a2 = InetAddress.getByName(h2); |
|
870 |
result[0] = a1.equals(a2); |
|
10596
39b3a979e600
7090158: Networking Libraries don't build with javac -Werror
chegar
parents:
10136
diff
changeset
|
871 |
} catch(UnknownHostException | SecurityException e) { |
2 | 872 |
} |
873 |
return null; |
|
874 |
} |
|
875 |
}); |
|
876 |
||
877 |
return result[0]; |
|
878 |
} |
|
879 |
||
880 |
// overridden in HTTPS subclass |
|
881 |
||
882 |
public void connect() throws IOException { |
|
17473
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
883 |
synchronized (this) { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
884 |
connecting = true; |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
885 |
} |
2 | 886 |
plainConnect(); |
887 |
} |
|
888 |
||
889 |
private boolean checkReuseConnection () { |
|
890 |
if (connected) { |
|
891 |
return true; |
|
892 |
} |
|
893 |
if (reuseClient != null) { |
|
894 |
http = reuseClient; |
|
895 |
http.setReadTimeout(getReadTimeout()); |
|
896 |
http.reuse = false; |
|
897 |
reuseClient = null; |
|
898 |
connected = true; |
|
899 |
return true; |
|
900 |
} |
|
901 |
return false; |
|
902 |
} |
|
903 |
||
17473
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
904 |
private String getHostAndPort(URL url) { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
905 |
String host = url.getHost(); |
21344
13091b742137
8025734: Use literal IP address where possible in SocketPermission generated by HttpURLPermission
michaelm
parents:
20787
diff
changeset
|
906 |
final String hostarg = host; |
13091b742137
8025734: Use literal IP address where possible in SocketPermission generated by HttpURLPermission
michaelm
parents:
20787
diff
changeset
|
907 |
try { |
13091b742137
8025734: Use literal IP address where possible in SocketPermission generated by HttpURLPermission
michaelm
parents:
20787
diff
changeset
|
908 |
// lookup hostname and use IP address if available |
13091b742137
8025734: Use literal IP address where possible in SocketPermission generated by HttpURLPermission
michaelm
parents:
20787
diff
changeset
|
909 |
host = AccessController.doPrivileged( |
13091b742137
8025734: Use literal IP address where possible in SocketPermission generated by HttpURLPermission
michaelm
parents:
20787
diff
changeset
|
910 |
new PrivilegedExceptionAction<String>() { |
13091b742137
8025734: Use literal IP address where possible in SocketPermission generated by HttpURLPermission
michaelm
parents:
20787
diff
changeset
|
911 |
public String run() throws IOException { |
13091b742137
8025734: Use literal IP address where possible in SocketPermission generated by HttpURLPermission
michaelm
parents:
20787
diff
changeset
|
912 |
InetAddress addr = InetAddress.getByName(hostarg); |
13091b742137
8025734: Use literal IP address where possible in SocketPermission generated by HttpURLPermission
michaelm
parents:
20787
diff
changeset
|
913 |
return addr.getHostAddress(); |
13091b742137
8025734: Use literal IP address where possible in SocketPermission generated by HttpURLPermission
michaelm
parents:
20787
diff
changeset
|
914 |
} |
13091b742137
8025734: Use literal IP address where possible in SocketPermission generated by HttpURLPermission
michaelm
parents:
20787
diff
changeset
|
915 |
} |
13091b742137
8025734: Use literal IP address where possible in SocketPermission generated by HttpURLPermission
michaelm
parents:
20787
diff
changeset
|
916 |
); |
13091b742137
8025734: Use literal IP address where possible in SocketPermission generated by HttpURLPermission
michaelm
parents:
20787
diff
changeset
|
917 |
} catch (PrivilegedActionException e) {} |
17473
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
918 |
int port = url.getPort(); |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
919 |
if (port == -1) { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
920 |
String scheme = url.getProtocol(); |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
921 |
if ("http".equals(scheme)) { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
922 |
return host + ":80"; |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
923 |
} else { // scheme must be https |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
924 |
return host + ":443"; |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
925 |
} |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
926 |
} |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
927 |
return host + ":" + Integer.toString(port); |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
928 |
} |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
929 |
|
2 | 930 |
protected void plainConnect() throws IOException { |
17473
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
931 |
synchronized (this) { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
932 |
if (connected) { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
933 |
return; |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
934 |
} |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
935 |
} |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
936 |
SocketPermission p = URLtoSocketPermission(this.url); |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
937 |
if (p != null) { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
938 |
try { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
939 |
AccessController.doPrivileged( |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
940 |
new PrivilegedExceptionAction<Void>() { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
941 |
public Void run() throws IOException { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
942 |
plainConnect0(); |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
943 |
return null; |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
944 |
} |
20787
ab071ce90368
8014719: HttpClient/ProxyTest.java failing with IAE HttpURLPermission.parseURI
michaelm
parents:
18577
diff
changeset
|
945 |
}, null, p |
17473
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
946 |
); |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
947 |
} catch (PrivilegedActionException e) { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
948 |
throw (IOException) e.getException(); |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
949 |
} |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
950 |
} else { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
951 |
// run without additional permission |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
952 |
plainConnect0(); |
2 | 953 |
} |
17473
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
954 |
} |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
955 |
|
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
956 |
/** |
20787
ab071ce90368
8014719: HttpClient/ProxyTest.java failing with IAE HttpURLPermission.parseURI
michaelm
parents:
18577
diff
changeset
|
957 |
* if the caller has a URLPermission for connecting to the |
17473
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
958 |
* given URL, then return a SocketPermission which permits |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
959 |
* access to that destination. Return null otherwise. The permission |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
960 |
* is cached in a field (which can only be changed by redirects) |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
961 |
*/ |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
962 |
SocketPermission URLtoSocketPermission(URL url) throws IOException { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
963 |
|
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
964 |
if (socketPermission != null) { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
965 |
return socketPermission; |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
966 |
} |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
967 |
|
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
968 |
SecurityManager sm = System.getSecurityManager(); |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
969 |
|
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
970 |
if (sm == null) { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
971 |
return null; |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
972 |
} |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
973 |
|
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
974 |
// the permission, which we might grant |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
975 |
|
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
976 |
SocketPermission newPerm = new SocketPermission( |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
977 |
getHostAndPort(url), "connect" |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
978 |
); |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
979 |
|
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
980 |
String actions = getRequestMethod()+":" + |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
981 |
getUserSetHeaders().getHeaderNamesInList(); |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
982 |
|
20787
ab071ce90368
8014719: HttpClient/ProxyTest.java failing with IAE HttpURLPermission.parseURI
michaelm
parents:
18577
diff
changeset
|
983 |
String urlstring = url.getProtocol() + "://" + url.getAuthority() |
ab071ce90368
8014719: HttpClient/ProxyTest.java failing with IAE HttpURLPermission.parseURI
michaelm
parents:
18577
diff
changeset
|
984 |
+ url.getPath(); |
ab071ce90368
8014719: HttpClient/ProxyTest.java failing with IAE HttpURLPermission.parseURI
michaelm
parents:
18577
diff
changeset
|
985 |
|
ab071ce90368
8014719: HttpClient/ProxyTest.java failing with IAE HttpURLPermission.parseURI
michaelm
parents:
18577
diff
changeset
|
986 |
URLPermission p = new URLPermission(urlstring, actions); |
17473
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
987 |
try { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
988 |
sm.checkPermission(p); |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
989 |
socketPermission = newPerm; |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
990 |
return socketPermission; |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
991 |
} catch (SecurityException e) { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
992 |
// fall thru |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
993 |
} |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
994 |
return null; |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
995 |
} |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
996 |
|
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
997 |
protected void plainConnect0() throws IOException { |
2 | 998 |
// try to see if request can be served from local cache |
999 |
if (cacheHandler != null && getUseCaches()) { |
|
1000 |
try { |
|
1001 |
URI uri = ParseUtil.toURI(url); |
|
1002 |
if (uri != null) { |
|
1003 |
cachedResponse = cacheHandler.get(uri, getRequestMethod(), requests.getHeaders(EXCLUDE_HEADERS)); |
|
1004 |
if ("https".equalsIgnoreCase(uri.getScheme()) |
|
1005 |
&& !(cachedResponse instanceof SecureCacheResponse)) { |
|
1006 |
cachedResponse = null; |
|
1007 |
} |
|
18178
ee71c923891d
8016747: Replace deprecated PlatformLogger isLoggable(int) with isLoggable(Level)
chegar
parents:
17952
diff
changeset
|
1008 |
if (logger.isLoggable(PlatformLogger.Level.FINEST)) { |
3866
34cd368bd2dd
6882384: Update http protocol handler to use PlatformLogger
chegar
parents:
3859
diff
changeset
|
1009 |
logger.finest("Cache Request for " + uri + " / " + getRequestMethod()); |
34cd368bd2dd
6882384: Update http protocol handler to use PlatformLogger
chegar
parents:
3859
diff
changeset
|
1010 |
logger.finest("From cache: " + (cachedResponse != null ? cachedResponse.toString() : "null")); |
3059
2975ff687a6b
6811297: Add more logging to HTTP protocol handler
jccollet
parents:
2942
diff
changeset
|
1011 |
} |
2 | 1012 |
if (cachedResponse != null) { |
1013 |
cachedHeaders = mapToMessageHeader(cachedResponse.getHeaders()); |
|
1014 |
cachedInputStream = cachedResponse.getBody(); |
|
1015 |
} |
|
1016 |
} |
|
1017 |
} catch (IOException ioex) { |
|
1018 |
// ignore and commence normal connection |
|
1019 |
} |
|
1020 |
if (cachedHeaders != null && cachedInputStream != null) { |
|
1021 |
connected = true; |
|
1022 |
return; |
|
1023 |
} else { |
|
1024 |
cachedResponse = null; |
|
1025 |
} |
|
1026 |
} |
|
1027 |
try { |
|
1028 |
/* Try to open connections using the following scheme, |
|
1029 |
* return on the first one that's successful: |
|
1030 |
* 1) if (instProxy != null) |
|
1031 |
* connect to instProxy; raise exception if failed |
|
1032 |
* 2) else use system default ProxySelector |
|
1033 |
* 3) is 2) fails, make direct connection |
|
1034 |
*/ |
|
1035 |
||
1036 |
if (instProxy == null) { // no instance Proxy is set |
|
1037 |
/** |
|
1038 |
* Do we have to use a proxy? |
|
1039 |
*/ |
|
51 | 1040 |
ProxySelector sel = |
2 | 1041 |
java.security.AccessController.doPrivileged( |
51 | 1042 |
new java.security.PrivilegedAction<ProxySelector>() { |
1043 |
public ProxySelector run() { |
|
2 | 1044 |
return ProxySelector.getDefault(); |
1045 |
} |
|
1046 |
}); |
|
1047 |
if (sel != null) { |
|
1048 |
URI uri = sun.net.www.ParseUtil.toURI(url); |
|
18178
ee71c923891d
8016747: Replace deprecated PlatformLogger isLoggable(int) with isLoggable(Level)
chegar
parents:
17952
diff
changeset
|
1049 |
if (logger.isLoggable(PlatformLogger.Level.FINEST)) { |
3866
34cd368bd2dd
6882384: Update http protocol handler to use PlatformLogger
chegar
parents:
3859
diff
changeset
|
1050 |
logger.finest("ProxySelector Request for " + uri); |
3059
2975ff687a6b
6811297: Add more logging to HTTP protocol handler
jccollet
parents:
2942
diff
changeset
|
1051 |
} |
2 | 1052 |
Iterator<Proxy> it = sel.select(uri).iterator(); |
3059
2975ff687a6b
6811297: Add more logging to HTTP protocol handler
jccollet
parents:
2942
diff
changeset
|
1053 |
Proxy p; |
2 | 1054 |
while (it.hasNext()) { |
1055 |
p = it.next(); |
|
1056 |
try { |
|
1057 |
if (!failedOnce) { |
|
1058 |
http = getNewHttpClient(url, p, connectTimeout); |
|
1059 |
http.setReadTimeout(readTimeout); |
|
1060 |
} else { |
|
1061 |
// make sure to construct new connection if first |
|
1062 |
// attempt failed |
|
1063 |
http = getNewHttpClient(url, p, connectTimeout, false); |
|
1064 |
http.setReadTimeout(readTimeout); |
|
1065 |
} |
|
18178
ee71c923891d
8016747: Replace deprecated PlatformLogger isLoggable(int) with isLoggable(Level)
chegar
parents:
17952
diff
changeset
|
1066 |
if (logger.isLoggable(PlatformLogger.Level.FINEST)) { |
3059
2975ff687a6b
6811297: Add more logging to HTTP protocol handler
jccollet
parents:
2942
diff
changeset
|
1067 |
if (p != null) { |
3866
34cd368bd2dd
6882384: Update http protocol handler to use PlatformLogger
chegar
parents:
3859
diff
changeset
|
1068 |
logger.finest("Proxy used: " + p.toString()); |
3059
2975ff687a6b
6811297: Add more logging to HTTP protocol handler
jccollet
parents:
2942
diff
changeset
|
1069 |
} |
2975ff687a6b
6811297: Add more logging to HTTP protocol handler
jccollet
parents:
2942
diff
changeset
|
1070 |
} |
2 | 1071 |
break; |
1072 |
} catch (IOException ioex) { |
|
1073 |
if (p != Proxy.NO_PROXY) { |
|
1074 |
sel.connectFailed(uri, p.address(), ioex); |
|
1075 |
if (!it.hasNext()) { |
|
1076 |
// fallback to direct connection |
|
1077 |
http = getNewHttpClient(url, null, connectTimeout, false); |
|
1078 |
http.setReadTimeout(readTimeout); |
|
1079 |
break; |
|
1080 |
} |
|
1081 |
} else { |
|
1082 |
throw ioex; |
|
1083 |
} |
|
1084 |
continue; |
|
1085 |
} |
|
1086 |
} |
|
1087 |
} else { |
|
1088 |
// No proxy selector, create http client with no proxy |
|
1089 |
if (!failedOnce) { |
|
1090 |
http = getNewHttpClient(url, null, connectTimeout); |
|
1091 |
http.setReadTimeout(readTimeout); |
|
1092 |
} else { |
|
1093 |
// make sure to construct new connection if first |
|
1094 |
// attempt failed |
|
1095 |
http = getNewHttpClient(url, null, connectTimeout, false); |
|
1096 |
http.setReadTimeout(readTimeout); |
|
1097 |
} |
|
1098 |
} |
|
1099 |
} else { |
|
1100 |
if (!failedOnce) { |
|
1101 |
http = getNewHttpClient(url, instProxy, connectTimeout); |
|
1102 |
http.setReadTimeout(readTimeout); |
|
1103 |
} else { |
|
1104 |
// make sure to construct new connection if first |
|
1105 |
// attempt failed |
|
1106 |
http = getNewHttpClient(url, instProxy, connectTimeout, false); |
|
1107 |
http.setReadTimeout(readTimeout); |
|
1108 |
} |
|
1109 |
} |
|
1110 |
||
1111 |
ps = (PrintStream)http.getOutputStream(); |
|
1112 |
} catch (IOException e) { |
|
1113 |
throw e; |
|
1114 |
} |
|
1115 |
// constructor to HTTP client calls openserver |
|
1116 |
connected = true; |
|
1117 |
} |
|
1118 |
||
1119 |
// subclass HttpsClient will overwrite & return an instance of HttpsClient |
|
1120 |
protected HttpClient getNewHttpClient(URL url, Proxy p, int connectTimeout) |
|
1121 |
throws IOException { |
|
14007
2fde9d6d874a
7199862: Make sure that a connection is still alive when retrieved from KeepAliveCache in certain cases
robm
parents:
11839
diff
changeset
|
1122 |
return HttpClient.New(url, p, connectTimeout, this); |
2 | 1123 |
} |
1124 |
||
1125 |
// subclass HttpsClient will overwrite & return an instance of HttpsClient |
|
1126 |
protected HttpClient getNewHttpClient(URL url, Proxy p, |
|
1127 |
int connectTimeout, boolean useCache) |
|
1128 |
throws IOException { |
|
14007
2fde9d6d874a
7199862: Make sure that a connection is still alive when retrieved from KeepAliveCache in certain cases
robm
parents:
11839
diff
changeset
|
1129 |
return HttpClient.New(url, p, connectTimeout, useCache, this); |
2 | 1130 |
} |
1131 |
||
2928
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1132 |
private void expect100Continue() throws IOException { |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1133 |
// Expect: 100-Continue was set, so check the return code for |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1134 |
// Acceptance |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1135 |
int oldTimeout = http.getReadTimeout(); |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1136 |
boolean enforceTimeOut = false; |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1137 |
boolean timedOut = false; |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1138 |
if (oldTimeout <= 0) { |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1139 |
// 5s read timeout in case the server doesn't understand |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1140 |
// Expect: 100-Continue |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1141 |
http.setReadTimeout(5000); |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1142 |
enforceTimeOut = true; |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1143 |
} |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1144 |
|
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1145 |
try { |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1146 |
http.parseHTTP(responses, pi, this); |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1147 |
} catch (SocketTimeoutException se) { |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1148 |
if (!enforceTimeOut) { |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1149 |
throw se; |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1150 |
} |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1151 |
timedOut = true; |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1152 |
http.setIgnoreContinue(true); |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1153 |
} |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1154 |
if (!timedOut) { |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1155 |
// Can't use getResponseCode() yet |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1156 |
String resp = responses.getValue(0); |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1157 |
// Parse the response which is of the form: |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1158 |
// HTTP/1.1 417 Expectation Failed |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1159 |
// HTTP/1.1 100 Continue |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1160 |
if (resp != null && resp.startsWith("HTTP/")) { |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1161 |
String[] sa = resp.split("\\s+"); |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1162 |
responseCode = -1; |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1163 |
try { |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1164 |
// Response code is 2nd token on the line |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1165 |
if (sa.length > 1) |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1166 |
responseCode = Integer.parseInt(sa[1]); |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1167 |
} catch (NumberFormatException numberFormatException) { |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1168 |
} |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1169 |
} |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1170 |
if (responseCode != 100) { |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1171 |
throw new ProtocolException("Server rejected operation"); |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1172 |
} |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1173 |
} |
7022
1066bfde0f5e
6993490: SocketTimeoutException on HTTP keep-alive connections
chegar
parents:
6879
diff
changeset
|
1174 |
|
1066bfde0f5e
6993490: SocketTimeoutException on HTTP keep-alive connections
chegar
parents:
6879
diff
changeset
|
1175 |
http.setReadTimeout(oldTimeout); |
1066bfde0f5e
6993490: SocketTimeoutException on HTTP keep-alive connections
chegar
parents:
6879
diff
changeset
|
1176 |
|
2928
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1177 |
responseCode = -1; |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1178 |
responses.reset(); |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1179 |
// Proceed |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1180 |
} |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1181 |
|
2 | 1182 |
/* |
1183 |
* Allowable input/output sequences: |
|
18541
a974731db859
7157360: HttpURLConnection: HTTP method DELETE doesn't support output
arieber
parents:
18178
diff
changeset
|
1184 |
* [interpreted as request entity] |
2 | 1185 |
* - get output, [write output,] get input, [read input] |
1186 |
* - get output, [write output] |
|
1187 |
* [interpreted as GET] |
|
1188 |
* - get input, [read input] |
|
1189 |
* Disallowed: |
|
1190 |
* - get input, [read input,] get output, [write output] |
|
1191 |
*/ |
|
1192 |
||
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
1193 |
@Override |
2 | 1194 |
public synchronized OutputStream getOutputStream() throws IOException { |
17473
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1195 |
connecting = true; |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1196 |
SocketPermission p = URLtoSocketPermission(this.url); |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1197 |
|
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1198 |
if (p != null) { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1199 |
try { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1200 |
return AccessController.doPrivileged( |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1201 |
new PrivilegedExceptionAction<OutputStream>() { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1202 |
public OutputStream run() throws IOException { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1203 |
return getOutputStream0(); |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1204 |
} |
20787
ab071ce90368
8014719: HttpClient/ProxyTest.java failing with IAE HttpURLPermission.parseURI
michaelm
parents:
18577
diff
changeset
|
1205 |
}, null, p |
17473
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1206 |
); |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1207 |
} catch (PrivilegedActionException e) { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1208 |
throw (IOException) e.getException(); |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1209 |
} |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1210 |
} else { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1211 |
return getOutputStream0(); |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1212 |
} |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1213 |
} |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1214 |
|
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1215 |
private synchronized OutputStream getOutputStream0() throws IOException { |
2 | 1216 |
try { |
1217 |
if (!doOutput) { |
|
1218 |
throw new ProtocolException("cannot write to a URLConnection" |
|
1219 |
+ " if doOutput=false - call setDoOutput(true)"); |
|
1220 |
} |
|
1221 |
||
1222 |
if (method.equals("GET")) { |
|
1223 |
method = "POST"; // Backward compatibility |
|
1224 |
} |
|
18541
a974731db859
7157360: HttpURLConnection: HTTP method DELETE doesn't support output
arieber
parents:
18178
diff
changeset
|
1225 |
if ("TRACE".equals(method) && "http".equals(url.getProtocol())) { |
a974731db859
7157360: HttpURLConnection: HTTP method DELETE doesn't support output
arieber
parents:
18178
diff
changeset
|
1226 |
throw new ProtocolException("HTTP method TRACE" + |
2 | 1227 |
" doesn't support output"); |
1228 |
} |
|
1229 |
||
1230 |
// if there's already an input stream open, throw an exception |
|
1231 |
if (inputStream != null) { |
|
1232 |
throw new ProtocolException("Cannot write output after reading input."); |
|
1233 |
} |
|
1234 |
||
1235 |
if (!checkReuseConnection()) |
|
1236 |
connect(); |
|
1237 |
||
2928
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1238 |
boolean expectContinue = false; |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1239 |
String expects = requests.findValue("Expect"); |
17485
feb8cd6a4c7d
8012625: Incorrect handling of HTTP/1.1 " Expect: 100-continue " in HttpURLConnection
michaelm
parents:
17473
diff
changeset
|
1240 |
if ("100-Continue".equalsIgnoreCase(expects) && streaming()) { |
2928
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1241 |
http.setIgnoreContinue(false); |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1242 |
expectContinue = true; |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1243 |
} |
2 | 1244 |
|
1245 |
if (streaming() && strOutputStream == null) { |
|
1246 |
writeRequests(); |
|
1247 |
} |
|
2928
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1248 |
|
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1249 |
if (expectContinue) { |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1250 |
expect100Continue(); |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1251 |
} |
2 | 1252 |
ps = (PrintStream)http.getOutputStream(); |
1253 |
if (streaming()) { |
|
1254 |
if (strOutputStream == null) { |
|
1576
b697b141012d
6755625: Add HttpURLConnection.setFixedLengthStreamingMode(long)
chegar
parents:
715
diff
changeset
|
1255 |
if (chunkLength != -1) { /* chunked */ |
b697b141012d
6755625: Add HttpURLConnection.setFixedLengthStreamingMode(long)
chegar
parents:
715
diff
changeset
|
1256 |
strOutputStream = new StreamingOutputStream( |
b697b141012d
6755625: Add HttpURLConnection.setFixedLengthStreamingMode(long)
chegar
parents:
715
diff
changeset
|
1257 |
new ChunkedOutputStream(ps, chunkLength), -1L); |
b697b141012d
6755625: Add HttpURLConnection.setFixedLengthStreamingMode(long)
chegar
parents:
715
diff
changeset
|
1258 |
} else { /* must be fixed content length */ |
b697b141012d
6755625: Add HttpURLConnection.setFixedLengthStreamingMode(long)
chegar
parents:
715
diff
changeset
|
1259 |
long length = 0L; |
b697b141012d
6755625: Add HttpURLConnection.setFixedLengthStreamingMode(long)
chegar
parents:
715
diff
changeset
|
1260 |
if (fixedContentLengthLong != -1) { |
b697b141012d
6755625: Add HttpURLConnection.setFixedLengthStreamingMode(long)
chegar
parents:
715
diff
changeset
|
1261 |
length = fixedContentLengthLong; |
b697b141012d
6755625: Add HttpURLConnection.setFixedLengthStreamingMode(long)
chegar
parents:
715
diff
changeset
|
1262 |
} else if (fixedContentLength != -1) { |
b697b141012d
6755625: Add HttpURLConnection.setFixedLengthStreamingMode(long)
chegar
parents:
715
diff
changeset
|
1263 |
length = fixedContentLength; |
b697b141012d
6755625: Add HttpURLConnection.setFixedLengthStreamingMode(long)
chegar
parents:
715
diff
changeset
|
1264 |
} |
b697b141012d
6755625: Add HttpURLConnection.setFixedLengthStreamingMode(long)
chegar
parents:
715
diff
changeset
|
1265 |
strOutputStream = new StreamingOutputStream(ps, length); |
2 | 1266 |
} |
1267 |
} |
|
1268 |
return strOutputStream; |
|
1269 |
} else { |
|
1270 |
if (poster == null) { |
|
1271 |
poster = new PosterOutputStream(); |
|
1272 |
} |
|
1273 |
return poster; |
|
1274 |
} |
|
1275 |
} catch (RuntimeException e) { |
|
1276 |
disconnectInternal(); |
|
1277 |
throw e; |
|
2928
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1278 |
} catch (ProtocolException e) { |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1279 |
// Save the response code which may have been set while enforcing |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1280 |
// the 100-continue. disconnectInternal() forces it to -1 |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1281 |
int i = responseCode; |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1282 |
disconnectInternal(); |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1283 |
responseCode = i; |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
1284 |
throw e; |
2 | 1285 |
} catch (IOException e) { |
1286 |
disconnectInternal(); |
|
1287 |
throw e; |
|
1288 |
} |
|
1289 |
} |
|
1290 |
||
14007
2fde9d6d874a
7199862: Make sure that a connection is still alive when retrieved from KeepAliveCache in certain cases
robm
parents:
11839
diff
changeset
|
1291 |
public boolean streaming () { |
1576
b697b141012d
6755625: Add HttpURLConnection.setFixedLengthStreamingMode(long)
chegar
parents:
715
diff
changeset
|
1292 |
return (fixedContentLength != -1) || (fixedContentLengthLong != -1) || |
b697b141012d
6755625: Add HttpURLConnection.setFixedLengthStreamingMode(long)
chegar
parents:
715
diff
changeset
|
1293 |
(chunkLength != -1); |
2 | 1294 |
} |
1295 |
||
1296 |
/* |
|
1297 |
* get applicable cookies based on the uri and request headers |
|
1298 |
* add them to the existing request headers |
|
1299 |
*/ |
|
1300 |
private void setCookieHeader() throws IOException { |
|
1301 |
if (cookieHandler != null) { |
|
1302 |
// we only want to capture the user defined Cookies once, as |
|
1303 |
// they cannot be changed by user code after we are connected, |
|
1304 |
// only internally. |
|
6876
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
1305 |
synchronized (this) { |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
1306 |
if (setUserCookies) { |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
1307 |
int k = requests.getKey("Cookie"); |
6879 | 1308 |
if (k != -1) |
6876
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
1309 |
userCookies = requests.getValue(k); |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
1310 |
k = requests.getKey("Cookie2"); |
6879 | 1311 |
if (k != -1) |
6876
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
1312 |
userCookies2 = requests.getValue(k); |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
1313 |
setUserCookies = false; |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
1314 |
} |
2 | 1315 |
} |
1316 |
||
1317 |
// remove old Cookie header before setting new one. |
|
1318 |
requests.remove("Cookie"); |
|
6876
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
1319 |
requests.remove("Cookie2"); |
2 | 1320 |
|
1321 |
URI uri = ParseUtil.toURI(url); |
|
1322 |
if (uri != null) { |
|
18178
ee71c923891d
8016747: Replace deprecated PlatformLogger isLoggable(int) with isLoggable(Level)
chegar
parents:
17952
diff
changeset
|
1323 |
if (logger.isLoggable(PlatformLogger.Level.FINEST)) { |
3866
34cd368bd2dd
6882384: Update http protocol handler to use PlatformLogger
chegar
parents:
3859
diff
changeset
|
1324 |
logger.finest("CookieHandler request for " + uri); |
3059
2975ff687a6b
6811297: Add more logging to HTTP protocol handler
jccollet
parents:
2942
diff
changeset
|
1325 |
} |
51 | 1326 |
Map<String, List<String>> cookies |
1327 |
= cookieHandler.get( |
|
1328 |
uri, requests.getHeaders(EXCLUDE_HEADERS)); |
|
2 | 1329 |
if (!cookies.isEmpty()) { |
18178
ee71c923891d
8016747: Replace deprecated PlatformLogger isLoggable(int) with isLoggable(Level)
chegar
parents:
17952
diff
changeset
|
1330 |
if (logger.isLoggable(PlatformLogger.Level.FINEST)) { |
3866
34cd368bd2dd
6882384: Update http protocol handler to use PlatformLogger
chegar
parents:
3859
diff
changeset
|
1331 |
logger.finest("Cookies retrieved: " + cookies.toString()); |
3059
2975ff687a6b
6811297: Add more logging to HTTP protocol handler
jccollet
parents:
2942
diff
changeset
|
1332 |
} |
51 | 1333 |
for (Map.Entry<String, List<String>> entry : |
1334 |
cookies.entrySet()) { |
|
1335 |
String key = entry.getKey(); |
|
2 | 1336 |
// ignore all entries that don't have "Cookie" |
1337 |
// or "Cookie2" as keys |
|
1338 |
if (!"Cookie".equalsIgnoreCase(key) && |
|
1339 |
!"Cookie2".equalsIgnoreCase(key)) { |
|
1340 |
continue; |
|
1341 |
} |
|
51 | 1342 |
List<String> l = entry.getValue(); |
2 | 1343 |
if (l != null && !l.isEmpty()) { |
1344 |
StringBuilder cookieValue = new StringBuilder(); |
|
51 | 1345 |
for (String value : l) { |
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
1346 |
cookieValue.append(value).append("; "); |
2 | 1347 |
} |
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
1348 |
// strip off the trailing '; ' |
2 | 1349 |
try { |
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
1350 |
requests.add(key, cookieValue.substring(0, cookieValue.length() - 2)); |
2 | 1351 |
} catch (StringIndexOutOfBoundsException ignored) { |
1352 |
// no-op |
|
1353 |
} |
|
1354 |
} |
|
1355 |
} |
|
1356 |
} |
|
1357 |
} |
|
1358 |
if (userCookies != null) { |
|
1359 |
int k; |
|
1360 |
if ((k = requests.getKey("Cookie")) != -1) |
|
1361 |
requests.set("Cookie", requests.getValue(k) + ";" + userCookies); |
|
1362 |
else |
|
1363 |
requests.set("Cookie", userCookies); |
|
1364 |
} |
|
6876
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
1365 |
if (userCookies2 != null) { |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
1366 |
int k; |
6877 | 1367 |
if ((k = requests.getKey("Cookie2")) != -1) |
6876
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
1368 |
requests.set("Cookie2", requests.getValue(k) + ";" + userCookies2); |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
1369 |
else |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
1370 |
requests.set("Cookie2", userCookies2); |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
1371 |
} |
2 | 1372 |
|
1373 |
} // end of getting cookies |
|
1374 |
} |
|
1375 |
||
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
1376 |
@Override |
17473
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1377 |
public synchronized InputStream getInputStream() throws IOException { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1378 |
connecting = true; |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1379 |
SocketPermission p = URLtoSocketPermission(this.url); |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1380 |
|
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1381 |
if (p != null) { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1382 |
try { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1383 |
return AccessController.doPrivileged( |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1384 |
new PrivilegedExceptionAction<InputStream>() { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1385 |
public InputStream run() throws IOException { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1386 |
return getInputStream0(); |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1387 |
} |
20787
ab071ce90368
8014719: HttpClient/ProxyTest.java failing with IAE HttpURLPermission.parseURI
michaelm
parents:
18577
diff
changeset
|
1388 |
}, null, p |
17473
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1389 |
); |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1390 |
} catch (PrivilegedActionException e) { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1391 |
throw (IOException) e.getException(); |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1392 |
} |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1393 |
} else { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1394 |
return getInputStream0(); |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1395 |
} |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1396 |
} |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1397 |
|
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
1398 |
@SuppressWarnings("empty-statement") |
17473
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
1399 |
private synchronized InputStream getInputStream0() throws IOException { |
2 | 1400 |
|
1401 |
if (!doInput) { |
|
1402 |
throw new ProtocolException("Cannot read from URLConnection" |
|
1403 |
+ " if doInput=false (call setDoInput(true))"); |
|
1404 |
} |
|
1405 |
||
1406 |
if (rememberedException != null) { |
|
1407 |
if (rememberedException instanceof RuntimeException) |
|
1408 |
throw new RuntimeException(rememberedException); |
|
1409 |
else { |
|
1410 |
throw getChainedException((IOException)rememberedException); |
|
1411 |
} |
|
1412 |
} |
|
1413 |
||
1414 |
if (inputStream != null) { |
|
1415 |
return inputStream; |
|
1416 |
} |
|
1417 |
||
1418 |
if (streaming() ) { |
|
1419 |
if (strOutputStream == null) { |
|
1420 |
getOutputStream(); |
|
1421 |
} |
|
1422 |
/* make sure stream is closed */ |
|
1423 |
strOutputStream.close (); |
|
1424 |
if (!strOutputStream.writtenOK()) { |
|
1425 |
throw new IOException ("Incomplete output stream"); |
|
1426 |
} |
|
1427 |
} |
|
1428 |
||
1429 |
int redirects = 0; |
|
1430 |
int respCode = 0; |
|
1431 |
long cl = -1; |
|
1432 |
AuthenticationInfo serverAuthentication = null; |
|
1433 |
AuthenticationInfo proxyAuthentication = null; |
|
1434 |
AuthenticationHeader srvHdr = null; |
|
1435 |
||
1436 |
/** |
|
1437 |
* Failed Negotiate |
|
1438 |
* |
|
1439 |
* In some cases, the Negotiate auth is supported for the |
|
1440 |
* remote host but the negotiate process still fails (For |
|
1441 |
* example, if the web page is located on a backend server |
|
1442 |
* and delegation is needed but fails). The authentication |
|
1443 |
* process will start again, and we need to detect this |
|
1444 |
* kind of failure and do proper fallback (say, to NTLM). |
|
1445 |
* |
|
1446 |
* In order to achieve this, the inNegotiate flag is set |
|
1447 |
* when the first negotiate challenge is met (and reset |
|
1448 |
* if authentication is finished). If a fresh new negotiate |
|
1449 |
* challenge (no parameter) is found while inNegotiate is |
|
1450 |
* set, we know there's a failed auth attempt recently. |
|
1451 |
* Here we'll ignore the header line so that fallback |
|
1452 |
* can be practiced. |
|
1453 |
* |
|
1454 |
* inNegotiateProxy is for proxy authentication. |
|
1455 |
*/ |
|
1456 |
boolean inNegotiate = false; |
|
1457 |
boolean inNegotiateProxy = false; |
|
1458 |
||
1459 |
// If the user has set either of these headers then do not remove them |
|
1460 |
isUserServerAuth = requests.getKey("Authorization") != -1; |
|
1461 |
isUserProxyAuth = requests.getKey("Proxy-Authorization") != -1; |
|
1462 |
||
1463 |
try { |
|
1464 |
do { |
|
1465 |
if (!checkReuseConnection()) |
|
1466 |
connect(); |
|
1467 |
||
1468 |
if (cachedInputStream != null) { |
|
1469 |
return cachedInputStream; |
|
1470 |
} |
|
1471 |
||
1472 |
// Check if URL should be metered |
|
1473 |
boolean meteredInput = ProgressMonitor.getDefault().shouldMeterInput(url, method); |
|
1474 |
||
1475 |
if (meteredInput) { |
|
1476 |
pi = new ProgressSource(url, method); |
|
1477 |
pi.beginTracking(); |
|
1478 |
} |
|
1479 |
||
1480 |
/* REMIND: This exists to fix the HttpsURLConnection subclass. |
|
1481 |
* Hotjava needs to run on JDK1.1FCS. Do proper fix once a |
|
1482 |
* proper solution for SSL can be found. |
|
1483 |
*/ |
|
1484 |
ps = (PrintStream)http.getOutputStream(); |
|
1485 |
||
1486 |
if (!streaming()) { |
|
1487 |
writeRequests(); |
|
1488 |
} |
|
1489 |
http.parseHTTP(responses, pi, this); |
|
18178
ee71c923891d
8016747: Replace deprecated PlatformLogger isLoggable(int) with isLoggable(Level)
chegar
parents:
17952
diff
changeset
|
1490 |
if (logger.isLoggable(PlatformLogger.Level.FINE)) { |
3866
34cd368bd2dd
6882384: Update http protocol handler to use PlatformLogger
chegar
parents:
3859
diff
changeset
|
1491 |
logger.fine(responses.toString()); |
2 | 1492 |
} |
14766 | 1493 |
|
1494 |
boolean b1 = responses.filterNTLMResponses("WWW-Authenticate"); |
|
1495 |
boolean b2 = responses.filterNTLMResponses("Proxy-Authenticate"); |
|
1496 |
if (b1 || b2) { |
|
18178
ee71c923891d
8016747: Replace deprecated PlatformLogger isLoggable(int) with isLoggable(Level)
chegar
parents:
17952
diff
changeset
|
1497 |
if (logger.isLoggable(PlatformLogger.Level.FINE)) { |
14766 | 1498 |
logger.fine(">>>> Headers are filtered"); |
1499 |
logger.fine(responses.toString()); |
|
1500 |
} |
|
1501 |
} |
|
1502 |
||
2 | 1503 |
inputStream = http.getInputStream(); |
1504 |
||
1505 |
respCode = getResponseCode(); |
|
4047
f5dcf30f9206
6886436: Lightwight HTTP Container (com.sun.* package) is unstable
michaelm
parents:
3952
diff
changeset
|
1506 |
if (respCode == -1) { |
f5dcf30f9206
6886436: Lightwight HTTP Container (com.sun.* package) is unstable
michaelm
parents:
3952
diff
changeset
|
1507 |
disconnectInternal(); |
f5dcf30f9206
6886436: Lightwight HTTP Container (com.sun.* package) is unstable
michaelm
parents:
3952
diff
changeset
|
1508 |
throw new IOException ("Invalid Http response"); |
f5dcf30f9206
6886436: Lightwight HTTP Container (com.sun.* package) is unstable
michaelm
parents:
3952
diff
changeset
|
1509 |
} |
2 | 1510 |
if (respCode == HTTP_PROXY_AUTH) { |
1511 |
if (streaming()) { |
|
1512 |
disconnectInternal(); |
|
1513 |
throw new HttpRetryException ( |
|
1514 |
RETRY_MSG1, HTTP_PROXY_AUTH); |
|
1515 |
} |
|
1516 |
||
1517 |
// Read comments labeled "Failed Negotiate" for details. |
|
1518 |
boolean dontUseNegotiate = false; |
|
10596
39b3a979e600
7090158: Networking Libraries don't build with javac -Werror
chegar
parents:
10136
diff
changeset
|
1519 |
Iterator<String> iter = responses.multiValueIterator("Proxy-Authenticate"); |
2 | 1520 |
while (iter.hasNext()) { |
10596
39b3a979e600
7090158: Networking Libraries don't build with javac -Werror
chegar
parents:
10136
diff
changeset
|
1521 |
String value = iter.next().trim(); |
2 | 1522 |
if (value.equalsIgnoreCase("Negotiate") || |
1523 |
value.equalsIgnoreCase("Kerberos")) { |
|
1524 |
if (!inNegotiateProxy) { |
|
1525 |
inNegotiateProxy = true; |
|
1526 |
} else { |
|
1527 |
dontUseNegotiate = true; |
|
1528 |
doingNTLMp2ndStage = false; |
|
1529 |
proxyAuthentication = null; |
|
1530 |
} |
|
1531 |
break; |
|
1532 |
} |
|
1533 |
} |
|
1534 |
||
1535 |
// changes: add a 3rd parameter to the constructor of |
|
1536 |
// AuthenticationHeader, so that NegotiateAuthentication. |
|
1537 |
// isSupported can be tested. |
|
1538 |
// The other 2 appearances of "new AuthenticationHeader" is |
|
1539 |
// altered in similar ways. |
|
1540 |
||
1541 |
AuthenticationHeader authhdr = new AuthenticationHeader ( |
|
1542 |
"Proxy-Authenticate", responses, |
|
2942
37d9baeb7518
6578647: Undefined requesting URL in java.net.Authenticator.getPasswordAuthentication()
weijun
parents:
2928
diff
changeset
|
1543 |
new HttpCallerInfo(url, http.getProxyHostUsed(), |
37d9baeb7518
6578647: Undefined requesting URL in java.net.Authenticator.getPasswordAuthentication()
weijun
parents:
2928
diff
changeset
|
1544 |
http.getProxyPortUsed()), |
37d9baeb7518
6578647: Undefined requesting URL in java.net.Authenticator.getPasswordAuthentication()
weijun
parents:
2928
diff
changeset
|
1545 |
dontUseNegotiate |
2 | 1546 |
); |
1547 |
||
1548 |
if (!doingNTLMp2ndStage) { |
|
1549 |
proxyAuthentication = |
|
1550 |
resetProxyAuthentication(proxyAuthentication, authhdr); |
|
1551 |
if (proxyAuthentication != null) { |
|
1552 |
redirects++; |
|
1553 |
disconnectInternal(); |
|
1554 |
continue; |
|
1555 |
} |
|
1556 |
} else { |
|
1557 |
/* in this case, only one header field will be present */ |
|
1558 |
String raw = responses.findValue ("Proxy-Authenticate"); |
|
1559 |
reset (); |
|
1560 |
if (!proxyAuthentication.setHeaders(this, |
|
1561 |
authhdr.headerParser(), raw)) { |
|
1562 |
disconnectInternal(); |
|
1563 |
throw new IOException ("Authentication failure"); |
|
1564 |
} |
|
1565 |
if (serverAuthentication != null && srvHdr != null && |
|
1566 |
!serverAuthentication.setHeaders(this, |
|
1567 |
srvHdr.headerParser(), raw)) { |
|
1568 |
disconnectInternal (); |
|
1569 |
throw new IOException ("Authentication failure"); |
|
1570 |
} |
|
3061 | 1571 |
authObj = null; |
2 | 1572 |
doingNTLMp2ndStage = false; |
1573 |
continue; |
|
1574 |
} |
|
5161 | 1575 |
} else { |
1576 |
inNegotiateProxy = false; |
|
1577 |
doingNTLMp2ndStage = false; |
|
1578 |
if (!isUserProxyAuth) |
|
1579 |
requests.remove("Proxy-Authorization"); |
|
2 | 1580 |
} |
1581 |
||
1582 |
// cache proxy authentication info |
|
1583 |
if (proxyAuthentication != null) { |
|
1584 |
// cache auth info on success, domain header not relevant. |
|
1585 |
proxyAuthentication.addToCache(); |
|
1586 |
} |
|
1587 |
||
1588 |
if (respCode == HTTP_UNAUTHORIZED) { |
|
1589 |
if (streaming()) { |
|
1590 |
disconnectInternal(); |
|
1591 |
throw new HttpRetryException ( |
|
1592 |
RETRY_MSG2, HTTP_UNAUTHORIZED); |
|
1593 |
} |
|
1594 |
||
1595 |
// Read comments labeled "Failed Negotiate" for details. |
|
1596 |
boolean dontUseNegotiate = false; |
|
10596
39b3a979e600
7090158: Networking Libraries don't build with javac -Werror
chegar
parents:
10136
diff
changeset
|
1597 |
Iterator<String> iter = responses.multiValueIterator("WWW-Authenticate"); |
2 | 1598 |
while (iter.hasNext()) { |
10596
39b3a979e600
7090158: Networking Libraries don't build with javac -Werror
chegar
parents:
10136
diff
changeset
|
1599 |
String value = iter.next().trim(); |
2 | 1600 |
if (value.equalsIgnoreCase("Negotiate") || |
1601 |
value.equalsIgnoreCase("Kerberos")) { |
|
1602 |
if (!inNegotiate) { |
|
1603 |
inNegotiate = true; |
|
1604 |
} else { |
|
1605 |
dontUseNegotiate = true; |
|
1606 |
doingNTLM2ndStage = false; |
|
1607 |
serverAuthentication = null; |
|
1608 |
} |
|
1609 |
break; |
|
1610 |
} |
|
1611 |
} |
|
1612 |
||
1613 |
srvHdr = new AuthenticationHeader ( |
|
1614 |
"WWW-Authenticate", responses, |
|
2942
37d9baeb7518
6578647: Undefined requesting URL in java.net.Authenticator.getPasswordAuthentication()
weijun
parents:
2928
diff
changeset
|
1615 |
new HttpCallerInfo(url), |
37d9baeb7518
6578647: Undefined requesting URL in java.net.Authenticator.getPasswordAuthentication()
weijun
parents:
2928
diff
changeset
|
1616 |
dontUseNegotiate |
2 | 1617 |
); |
1618 |
||
1619 |
String raw = srvHdr.raw(); |
|
1620 |
if (!doingNTLM2ndStage) { |
|
1621 |
if ((serverAuthentication != null)&& |
|
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
1622 |
serverAuthentication.getAuthScheme() != NTLM) { |
2 | 1623 |
if (serverAuthentication.isAuthorizationStale (raw)) { |
1624 |
/* we can retry with the current credentials */ |
|
5161 | 1625 |
disconnectWeb(); |
2 | 1626 |
redirects++; |
1627 |
requests.set(serverAuthentication.getHeaderName(), |
|
1628 |
serverAuthentication.getHeaderValue(url, method)); |
|
1629 |
currentServerCredentials = serverAuthentication; |
|
1630 |
setCookieHeader(); |
|
1631 |
continue; |
|
1632 |
} else { |
|
1633 |
serverAuthentication.removeFromCache(); |
|
1634 |
} |
|
1635 |
} |
|
1636 |
serverAuthentication = getServerAuthentication(srvHdr); |
|
1637 |
currentServerCredentials = serverAuthentication; |
|
1638 |
||
1639 |
if (serverAuthentication != null) { |
|
5161 | 1640 |
disconnectWeb(); |
2 | 1641 |
redirects++; // don't let things loop ad nauseum |
1642 |
setCookieHeader(); |
|
1643 |
continue; |
|
1644 |
} |
|
1645 |
} else { |
|
1646 |
reset (); |
|
1647 |
/* header not used for ntlm */ |
|
1648 |
if (!serverAuthentication.setHeaders(this, null, raw)) { |
|
5161 | 1649 |
disconnectWeb(); |
2 | 1650 |
throw new IOException ("Authentication failure"); |
1651 |
} |
|
1652 |
doingNTLM2ndStage = false; |
|
3061 | 1653 |
authObj = null; |
2 | 1654 |
setCookieHeader(); |
1655 |
continue; |
|
1656 |
} |
|
1657 |
} |
|
1658 |
// cache server authentication info |
|
1659 |
if (serverAuthentication != null) { |
|
1660 |
// cache auth info on success |
|
1661 |
if (!(serverAuthentication instanceof DigestAuthentication) || |
|
1662 |
(domain == null)) { |
|
1663 |
if (serverAuthentication instanceof BasicAuthentication) { |
|
1664 |
// check if the path is shorter than the existing entry |
|
1665 |
String npath = AuthenticationInfo.reducePath (url.getPath()); |
|
1666 |
String opath = serverAuthentication.path; |
|
1667 |
if (!opath.startsWith (npath) || npath.length() >= opath.length()) { |
|
1668 |
/* npath is longer, there must be a common root */ |
|
1669 |
npath = BasicAuthentication.getRootPath (opath, npath); |
|
1670 |
} |
|
1671 |
// remove the entry and create a new one |
|
1672 |
BasicAuthentication a = |
|
1673 |
(BasicAuthentication) serverAuthentication.clone(); |
|
1674 |
serverAuthentication.removeFromCache(); |
|
1675 |
a.path = npath; |
|
1676 |
serverAuthentication = a; |
|
1677 |
} |
|
1678 |
serverAuthentication.addToCache(); |
|
1679 |
} else { |
|
1680 |
// what we cache is based on the domain list in the request |
|
1681 |
DigestAuthentication srv = (DigestAuthentication) |
|
1682 |
serverAuthentication; |
|
1683 |
StringTokenizer tok = new StringTokenizer (domain," "); |
|
1684 |
String realm = srv.realm; |
|
1685 |
PasswordAuthentication pw = srv.pw; |
|
1686 |
digestparams = srv.params; |
|
1687 |
while (tok.hasMoreTokens()) { |
|
1688 |
String path = tok.nextToken(); |
|
1689 |
try { |
|
1690 |
/* path could be an abs_path or a complete URI */ |
|
1691 |
URL u = new URL (url, path); |
|
1692 |
DigestAuthentication d = new DigestAuthentication ( |
|
1693 |
false, u, realm, "Digest", pw, digestparams); |
|
1694 |
d.addToCache (); |
|
1695 |
} catch (Exception e) {} |
|
1696 |
} |
|
1697 |
} |
|
1698 |
} |
|
1699 |
||
1700 |
// some flags should be reset to its initialized form so that |
|
1701 |
// even after a redirect the necessary checks can still be |
|
1702 |
// preformed. |
|
1703 |
inNegotiate = false; |
|
1704 |
inNegotiateProxy = false; |
|
1705 |
||
1706 |
//serverAuthentication = null; |
|
1707 |
doingNTLMp2ndStage = false; |
|
1708 |
doingNTLM2ndStage = false; |
|
1709 |
if (!isUserServerAuth) |
|
1710 |
requests.remove("Authorization"); |
|
1711 |
if (!isUserProxyAuth) |
|
1712 |
requests.remove("Proxy-Authorization"); |
|
1713 |
||
1714 |
if (respCode == HTTP_OK) { |
|
1715 |
checkResponseCredentials (false); |
|
1716 |
} else { |
|
1717 |
needToCheck = false; |
|
1718 |
} |
|
1719 |
||
1720 |
// a flag need to clean |
|
1721 |
needToCheck = true; |
|
1722 |
||
1723 |
if (followRedirect()) { |
|
1724 |
/* if we should follow a redirect, then the followRedirects() |
|
1725 |
* method will disconnect() and re-connect us to the new |
|
1726 |
* location |
|
1727 |
*/ |
|
1728 |
redirects++; |
|
1729 |
||
1730 |
// redirecting HTTP response may have set cookie, so |
|
1731 |
// need to re-generate request header |
|
1732 |
setCookieHeader(); |
|
1733 |
||
1734 |
continue; |
|
1735 |
} |
|
1736 |
||
1737 |
try { |
|
1738 |
cl = Long.parseLong(responses.findValue("content-length")); |
|
1739 |
} catch (Exception exc) { }; |
|
1740 |
||
1741 |
if (method.equals("HEAD") || cl == 0 || |
|
1742 |
respCode == HTTP_NOT_MODIFIED || |
|
1743 |
respCode == HTTP_NO_CONTENT) { |
|
1744 |
||
1745 |
if (pi != null) { |
|
1746 |
pi.finishTracking(); |
|
1747 |
pi = null; |
|
1748 |
} |
|
1749 |
http.finished(); |
|
1750 |
http = null; |
|
1751 |
inputStream = new EmptyInputStream(); |
|
1752 |
connected = false; |
|
1753 |
} |
|
1754 |
||
1755 |
if (respCode == 200 || respCode == 203 || respCode == 206 || |
|
1756 |
respCode == 300 || respCode == 301 || respCode == 410) { |
|
11839
53065c5f535d
7133367: ResponseCache.put should not be called when setUseCaches(false)
chegar
parents:
11528
diff
changeset
|
1757 |
if (cacheHandler != null && getUseCaches()) { |
2 | 1758 |
// give cache a chance to save response in cache |
1759 |
URI uri = ParseUtil.toURI(url); |
|
1760 |
if (uri != null) { |
|
1761 |
URLConnection uconn = this; |
|
1762 |
if ("https".equalsIgnoreCase(uri.getScheme())) { |
|
1763 |
try { |
|
1764 |
// use reflection to get to the public |
|
1765 |
// HttpsURLConnection instance saved in |
|
1766 |
// DelegateHttpsURLConnection |
|
1767 |
uconn = (URLConnection)this.getClass().getField("httpsURLConnection").get(this); |
|
10596
39b3a979e600
7090158: Networking Libraries don't build with javac -Werror
chegar
parents:
10136
diff
changeset
|
1768 |
} catch (IllegalAccessException | |
39b3a979e600
7090158: Networking Libraries don't build with javac -Werror
chegar
parents:
10136
diff
changeset
|
1769 |
NoSuchFieldException e) { |
2 | 1770 |
// ignored; use 'this' |
1771 |
} |
|
1772 |
} |
|
1773 |
CacheRequest cacheRequest = |
|
1774 |
cacheHandler.put(uri, uconn); |
|
1775 |
if (cacheRequest != null && http != null) { |
|
1776 |
http.setCacheRequest(cacheRequest); |
|
1777 |
inputStream = new HttpInputStream(inputStream, cacheRequest); |
|
1778 |
} |
|
1779 |
} |
|
1780 |
} |
|
1781 |
} |
|
1782 |
||
1783 |
if (!(inputStream instanceof HttpInputStream)) { |
|
1784 |
inputStream = new HttpInputStream(inputStream); |
|
1785 |
} |
|
1786 |
||
1787 |
if (respCode >= 400) { |
|
1788 |
if (respCode == 404 || respCode == 410) { |
|
1789 |
throw new FileNotFoundException(url.toString()); |
|
1790 |
} else { |
|
1791 |
throw new java.io.IOException("Server returned HTTP" + |
|
1792 |
" response code: " + respCode + " for URL: " + |
|
1793 |
url.toString()); |
|
1794 |
} |
|
1795 |
} |
|
1796 |
poster = null; |
|
1797 |
strOutputStream = null; |
|
1798 |
return inputStream; |
|
1799 |
} while (redirects < maxRedirects); |
|
1800 |
||
1801 |
throw new ProtocolException("Server redirected too many " + |
|
1802 |
" times ("+ redirects + ")"); |
|
1803 |
} catch (RuntimeException e) { |
|
1804 |
disconnectInternal(); |
|
1805 |
rememberedException = e; |
|
1806 |
throw e; |
|
1807 |
} catch (IOException e) { |
|
1808 |
rememberedException = e; |
|
1809 |
||
1810 |
// buffer the error stream if bytes < 4k |
|
1811 |
// and it can be buffered within 1 second |
|
1812 |
String te = responses.findValue("Transfer-Encoding"); |
|
1813 |
if (http != null && http.isKeepingAlive() && enableESBuffer && |
|
1814 |
(cl > 0 || (te != null && te.equalsIgnoreCase("chunked")))) { |
|
1815 |
errorStream = ErrorStream.getErrorStream(inputStream, cl, http); |
|
1816 |
} |
|
1817 |
throw e; |
|
1818 |
} finally { |
|
5199
98b1778f0fd1
6648001: Cancelling HTTP authentication causes subsequent deadlocks
chegar
parents:
5161
diff
changeset
|
1819 |
if (proxyAuthKey != null) { |
98b1778f0fd1
6648001: Cancelling HTTP authentication causes subsequent deadlocks
chegar
parents:
5161
diff
changeset
|
1820 |
AuthenticationInfo.endAuthRequest(proxyAuthKey); |
2 | 1821 |
} |
5199
98b1778f0fd1
6648001: Cancelling HTTP authentication causes subsequent deadlocks
chegar
parents:
5161
diff
changeset
|
1822 |
if (serverAuthKey != null) { |
98b1778f0fd1
6648001: Cancelling HTTP authentication causes subsequent deadlocks
chegar
parents:
5161
diff
changeset
|
1823 |
AuthenticationInfo.endAuthRequest(serverAuthKey); |
2 | 1824 |
} |
1825 |
} |
|
1826 |
} |
|
1827 |
||
1828 |
/* |
|
1829 |
* Creates a chained exception that has the same type as |
|
1830 |
* original exception and with the same message. Right now, |
|
1831 |
* there is no convenient APIs for doing so. |
|
1832 |
*/ |
|
51 | 1833 |
private IOException getChainedException(final IOException rememberedException) { |
2 | 1834 |
try { |
51 | 1835 |
final Object[] args = { rememberedException.getMessage() }; |
1836 |
IOException chainedException = |
|
1837 |
java.security.AccessController.doPrivileged( |
|
1838 |
new java.security.PrivilegedExceptionAction<IOException>() { |
|
1839 |
public IOException run() throws Exception { |
|
1840 |
return (IOException) |
|
1841 |
rememberedException.getClass() |
|
10701
2c8dde454979
7090499: missing rawtypes warnings in anonymous inner class
chegar
parents:
10596
diff
changeset
|
1842 |
.getConstructor(new Class<?>[] { String.class }) |
51 | 1843 |
.newInstance(args); |
2 | 1844 |
} |
1845 |
}); |
|
51 | 1846 |
chainedException.initCause(rememberedException); |
2 | 1847 |
return chainedException; |
1848 |
} catch (Exception ignored) { |
|
1849 |
return rememberedException; |
|
1850 |
} |
|
1851 |
} |
|
1852 |
||
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
1853 |
@Override |
2 | 1854 |
public InputStream getErrorStream() { |
1855 |
if (connected && responseCode >= 400) { |
|
1856 |
// Client Error 4xx and Server Error 5xx |
|
1857 |
if (errorStream != null) { |
|
1858 |
return errorStream; |
|
1859 |
} else if (inputStream != null) { |
|
1860 |
return inputStream; |
|
1861 |
} |
|
1862 |
} |
|
1863 |
return null; |
|
1864 |
} |
|
1865 |
||
1866 |
/** |
|
1867 |
* set or reset proxy authentication info in request headers |
|
1868 |
* after receiving a 407 error. In the case of NTLM however, |
|
1869 |
* receiving a 407 is normal and we just skip the stale check |
|
1870 |
* because ntlm does not support this feature. |
|
1871 |
*/ |
|
1872 |
private AuthenticationInfo |
|
4150
74dfe4a968c6
6890349: Fix #6870935 in jdk7/pit/b74 caused HttpClinet's check for "proxy capture" attack by-passed.
michaelm
parents:
4047
diff
changeset
|
1873 |
resetProxyAuthentication(AuthenticationInfo proxyAuthentication, AuthenticationHeader auth) throws IOException { |
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
1874 |
if ((proxyAuthentication != null )&& |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
1875 |
proxyAuthentication.getAuthScheme() != NTLM) { |
2 | 1876 |
String raw = auth.raw(); |
1877 |
if (proxyAuthentication.isAuthorizationStale (raw)) { |
|
1878 |
/* we can retry with the current credentials */ |
|
479
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
1879 |
String value; |
3952
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
1880 |
if (proxyAuthentication instanceof DigestAuthentication) { |
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
1881 |
DigestAuthentication digestProxy = (DigestAuthentication) |
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
1882 |
proxyAuthentication; |
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
1883 |
if (tunnelState() == TunnelState.SETUP) { |
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
1884 |
value = digestProxy.getHeaderValue(connectRequestURI(url), HTTP_CONNECT); |
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
1885 |
} else { |
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
1886 |
value = digestProxy.getHeaderValue(getRequestURI(), method); |
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
1887 |
} |
479
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
1888 |
} else { |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
1889 |
value = proxyAuthentication.getHeaderValue(url, method); |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
1890 |
} |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
1891 |
requests.set(proxyAuthentication.getHeaderName(), value); |
2 | 1892 |
currentProxyCredentials = proxyAuthentication; |
479
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
1893 |
return proxyAuthentication; |
2 | 1894 |
} else { |
1895 |
proxyAuthentication.removeFromCache(); |
|
1896 |
} |
|
1897 |
} |
|
1898 |
proxyAuthentication = getHttpProxyAuthentication(auth); |
|
1899 |
currentProxyCredentials = proxyAuthentication; |
|
1900 |
return proxyAuthentication; |
|
1901 |
} |
|
1902 |
||
1903 |
/** |
|
479
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
1904 |
* Returns the tunnel state. |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
1905 |
* |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
1906 |
* @return the state |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
1907 |
*/ |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
1908 |
TunnelState tunnelState() { |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
1909 |
return tunnelState; |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
1910 |
} |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
1911 |
|
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
1912 |
/** |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
1913 |
* Set the tunneling status. |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
1914 |
* |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
1915 |
* @param the state |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
1916 |
*/ |
14008
b572c1f3a7ad
7199219: Proxy-Connection headers set incorrectly when a HttpClient is retrieved from the Keep Alive Cache
robm
parents:
14007
diff
changeset
|
1917 |
public void setTunnelState(TunnelState tunnelState) { |
479
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
1918 |
this.tunnelState = tunnelState; |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
1919 |
} |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
1920 |
|
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
1921 |
/** |
2 | 1922 |
* establish a tunnel through proxy server |
1923 |
*/ |
|
1924 |
public synchronized void doTunneling() throws IOException { |
|
1925 |
int retryTunnel = 0; |
|
1926 |
String statusLine = ""; |
|
1927 |
int respCode = 0; |
|
1928 |
AuthenticationInfo proxyAuthentication = null; |
|
1929 |
String proxyHost = null; |
|
1930 |
int proxyPort = -1; |
|
1931 |
||
1932 |
// save current requests so that they can be restored after tunnel is setup. |
|
1933 |
MessageHeader savedRequests = requests; |
|
1934 |
requests = new MessageHeader(); |
|
1935 |
||
1936 |
// Read comments labeled "Failed Negotiate" for details. |
|
1937 |
boolean inNegotiateProxy = false; |
|
1938 |
||
1939 |
try { |
|
479
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
1940 |
/* Actively setting up a tunnel */ |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
1941 |
setTunnelState(TunnelState.SETUP); |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
1942 |
|
2 | 1943 |
do { |
1944 |
if (!checkReuseConnection()) { |
|
1945 |
proxiedConnect(url, proxyHost, proxyPort, false); |
|
1946 |
} |
|
1947 |
// send the "CONNECT" request to establish a tunnel |
|
1948 |
// through proxy server |
|
1949 |
sendCONNECTRequest(); |
|
1950 |
responses.reset(); |
|
1951 |
||
1952 |
// There is no need to track progress in HTTP Tunneling, |
|
1953 |
// so ProgressSource is null. |
|
1954 |
http.parseHTTP(responses, null, this); |
|
1955 |
||
478
5adf3e3f1ff3
6659779: HttpURLConnections logger should log tunnel requests
chegar
parents:
94
diff
changeset
|
1956 |
/* Log the response to the CONNECT */ |
18178
ee71c923891d
8016747: Replace deprecated PlatformLogger isLoggable(int) with isLoggable(Level)
chegar
parents:
17952
diff
changeset
|
1957 |
if (logger.isLoggable(PlatformLogger.Level.FINE)) { |
3866
34cd368bd2dd
6882384: Update http protocol handler to use PlatformLogger
chegar
parents:
3859
diff
changeset
|
1958 |
logger.fine(responses.toString()); |
3059
2975ff687a6b
6811297: Add more logging to HTTP protocol handler
jccollet
parents:
2942
diff
changeset
|
1959 |
} |
478
5adf3e3f1ff3
6659779: HttpURLConnections logger should log tunnel requests
chegar
parents:
94
diff
changeset
|
1960 |
|
14766 | 1961 |
if (responses.filterNTLMResponses("Proxy-Authenticate")) { |
18178
ee71c923891d
8016747: Replace deprecated PlatformLogger isLoggable(int) with isLoggable(Level)
chegar
parents:
17952
diff
changeset
|
1962 |
if (logger.isLoggable(PlatformLogger.Level.FINE)) { |
14766 | 1963 |
logger.fine(">>>> Headers are filtered"); |
1964 |
logger.fine(responses.toString()); |
|
1965 |
} |
|
1966 |
} |
|
1967 |
||
2 | 1968 |
statusLine = responses.getValue(0); |
1969 |
StringTokenizer st = new StringTokenizer(statusLine); |
|
1970 |
st.nextToken(); |
|
1971 |
respCode = Integer.parseInt(st.nextToken().trim()); |
|
1972 |
if (respCode == HTTP_PROXY_AUTH) { |
|
1973 |
// Read comments labeled "Failed Negotiate" for details. |
|
1974 |
boolean dontUseNegotiate = false; |
|
10596
39b3a979e600
7090158: Networking Libraries don't build with javac -Werror
chegar
parents:
10136
diff
changeset
|
1975 |
Iterator<String> iter = responses.multiValueIterator("Proxy-Authenticate"); |
2 | 1976 |
while (iter.hasNext()) { |
10596
39b3a979e600
7090158: Networking Libraries don't build with javac -Werror
chegar
parents:
10136
diff
changeset
|
1977 |
String value = iter.next().trim(); |
2 | 1978 |
if (value.equalsIgnoreCase("Negotiate") || |
1979 |
value.equalsIgnoreCase("Kerberos")) { |
|
1980 |
if (!inNegotiateProxy) { |
|
1981 |
inNegotiateProxy = true; |
|
1982 |
} else { |
|
1983 |
dontUseNegotiate = true; |
|
1984 |
doingNTLMp2ndStage = false; |
|
1985 |
proxyAuthentication = null; |
|
1986 |
} |
|
1987 |
break; |
|
1988 |
} |
|
1989 |
} |
|
1990 |
||
1991 |
AuthenticationHeader authhdr = new AuthenticationHeader ( |
|
1992 |
"Proxy-Authenticate", responses, |
|
2942
37d9baeb7518
6578647: Undefined requesting URL in java.net.Authenticator.getPasswordAuthentication()
weijun
parents:
2928
diff
changeset
|
1993 |
new HttpCallerInfo(url, http.getProxyHostUsed(), |
37d9baeb7518
6578647: Undefined requesting URL in java.net.Authenticator.getPasswordAuthentication()
weijun
parents:
2928
diff
changeset
|
1994 |
http.getProxyPortUsed()), |
37d9baeb7518
6578647: Undefined requesting URL in java.net.Authenticator.getPasswordAuthentication()
weijun
parents:
2928
diff
changeset
|
1995 |
dontUseNegotiate |
2 | 1996 |
); |
1997 |
if (!doingNTLMp2ndStage) { |
|
1998 |
proxyAuthentication = |
|
1999 |
resetProxyAuthentication(proxyAuthentication, authhdr); |
|
2000 |
if (proxyAuthentication != null) { |
|
2001 |
proxyHost = http.getProxyHostUsed(); |
|
2002 |
proxyPort = http.getProxyPortUsed(); |
|
2003 |
disconnectInternal(); |
|
2004 |
retryTunnel++; |
|
2005 |
continue; |
|
2006 |
} |
|
2007 |
} else { |
|
2008 |
String raw = responses.findValue ("Proxy-Authenticate"); |
|
2009 |
reset (); |
|
2010 |
if (!proxyAuthentication.setHeaders(this, |
|
2011 |
authhdr.headerParser(), raw)) { |
|
2012 |
disconnectInternal(); |
|
2013 |
throw new IOException ("Authentication failure"); |
|
2014 |
} |
|
3061 | 2015 |
authObj = null; |
2 | 2016 |
doingNTLMp2ndStage = false; |
2017 |
continue; |
|
2018 |
} |
|
2019 |
} |
|
2020 |
// cache proxy authentication info |
|
2021 |
if (proxyAuthentication != null) { |
|
2022 |
// cache auth info on success, domain header not relevant. |
|
2023 |
proxyAuthentication.addToCache(); |
|
2024 |
} |
|
2025 |
||
2026 |
if (respCode == HTTP_OK) { |
|
479
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
2027 |
setTunnelState(TunnelState.TUNNELING); |
2 | 2028 |
break; |
2029 |
} |
|
2030 |
// we don't know how to deal with other response code |
|
2031 |
// so disconnect and report error |
|
2032 |
disconnectInternal(); |
|
479
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
2033 |
setTunnelState(TunnelState.NONE); |
2 | 2034 |
break; |
2035 |
} while (retryTunnel < maxRedirects); |
|
2036 |
||
2037 |
if (retryTunnel >= maxRedirects || (respCode != HTTP_OK)) { |
|
2038 |
throw new IOException("Unable to tunnel through proxy."+ |
|
2039 |
" Proxy returns \"" + |
|
2040 |
statusLine + "\""); |
|
2041 |
} |
|
2042 |
} finally { |
|
5199
98b1778f0fd1
6648001: Cancelling HTTP authentication causes subsequent deadlocks
chegar
parents:
5161
diff
changeset
|
2043 |
if (proxyAuthKey != null) { |
98b1778f0fd1
6648001: Cancelling HTTP authentication causes subsequent deadlocks
chegar
parents:
5161
diff
changeset
|
2044 |
AuthenticationInfo.endAuthRequest(proxyAuthKey); |
2 | 2045 |
} |
2046 |
} |
|
2047 |
||
2048 |
// restore original request headers |
|
2049 |
requests = savedRequests; |
|
2050 |
||
2051 |
// reset responses |
|
2052 |
responses.reset(); |
|
2053 |
} |
|
2054 |
||
479
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
2055 |
static String connectRequestURI(URL url) { |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
2056 |
String host = url.getHost(); |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
2057 |
int port = url.getPort(); |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
2058 |
port = port != -1 ? port : url.getDefaultPort(); |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
2059 |
|
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
2060 |
return host + ":" + port; |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
2061 |
} |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
2062 |
|
2 | 2063 |
/** |
2064 |
* send a CONNECT request for establishing a tunnel to proxy server |
|
2065 |
*/ |
|
2066 |
private void sendCONNECTRequest() throws IOException { |
|
2067 |
int port = url.getPort(); |
|
2068 |
||
10136
af9631156b25
6670868: StackOverFlow with bad authenticated Proxy tunnels
chegar
parents:
9035
diff
changeset
|
2069 |
requests.set(0, HTTP_CONNECT + " " + connectRequestURI(url) |
2 | 2070 |
+ " " + httpVersion, null); |
2071 |
requests.setIfNotSet("User-Agent", userAgent); |
|
2072 |
||
2073 |
String host = url.getHost(); |
|
2074 |
if (port != -1 && port != url.getDefaultPort()) { |
|
2075 |
host += ":" + String.valueOf(port); |
|
2076 |
} |
|
2077 |
requests.setIfNotSet("Host", host); |
|
2078 |
||
2079 |
// Not really necessary for a tunnel, but can't hurt |
|
2080 |
requests.setIfNotSet("Accept", acceptString); |
|
2081 |
||
6292
9da761dff0c7
6973030: NTLM proxy authentication fails with https
chegar
parents:
5979
diff
changeset
|
2082 |
if (http.getHttpKeepAliveSet()) { |
9da761dff0c7
6973030: NTLM proxy authentication fails with https
chegar
parents:
5979
diff
changeset
|
2083 |
requests.setIfNotSet("Proxy-Connection", "keep-alive"); |
9da761dff0c7
6973030: NTLM proxy authentication fails with https
chegar
parents:
5979
diff
changeset
|
2084 |
} |
9da761dff0c7
6973030: NTLM proxy authentication fails with https
chegar
parents:
5979
diff
changeset
|
2085 |
|
2 | 2086 |
setPreemptiveProxyAuthentication(requests); |
478
5adf3e3f1ff3
6659779: HttpURLConnections logger should log tunnel requests
chegar
parents:
94
diff
changeset
|
2087 |
|
5adf3e3f1ff3
6659779: HttpURLConnections logger should log tunnel requests
chegar
parents:
94
diff
changeset
|
2088 |
/* Log the CONNECT request */ |
18178
ee71c923891d
8016747: Replace deprecated PlatformLogger isLoggable(int) with isLoggable(Level)
chegar
parents:
17952
diff
changeset
|
2089 |
if (logger.isLoggable(PlatformLogger.Level.FINE)) { |
3866
34cd368bd2dd
6882384: Update http protocol handler to use PlatformLogger
chegar
parents:
3859
diff
changeset
|
2090 |
logger.fine(requests.toString()); |
3059
2975ff687a6b
6811297: Add more logging to HTTP protocol handler
jccollet
parents:
2942
diff
changeset
|
2091 |
} |
478
5adf3e3f1ff3
6659779: HttpURLConnections logger should log tunnel requests
chegar
parents:
94
diff
changeset
|
2092 |
|
2 | 2093 |
http.writeRequests(requests, null); |
2094 |
} |
|
2095 |
||
2096 |
/** |
|
2097 |
* Sets pre-emptive proxy authentication in header |
|
2098 |
*/ |
|
4150
74dfe4a968c6
6890349: Fix #6870935 in jdk7/pit/b74 caused HttpClinet's check for "proxy capture" attack by-passed.
michaelm
parents:
4047
diff
changeset
|
2099 |
private void setPreemptiveProxyAuthentication(MessageHeader requests) throws IOException { |
2 | 2100 |
AuthenticationInfo pauth |
2101 |
= AuthenticationInfo.getProxyAuth(http.getProxyHostUsed(), |
|
2102 |
http.getProxyPortUsed()); |
|
2103 |
if (pauth != null && pauth.supportsPreemptiveAuthorization()) { |
|
479
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
2104 |
String value; |
3952
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2105 |
if (pauth instanceof DigestAuthentication) { |
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2106 |
DigestAuthentication digestProxy = (DigestAuthentication) pauth; |
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2107 |
if (tunnelState() == TunnelState.SETUP) { |
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2108 |
value = digestProxy |
479
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
2109 |
.getHeaderValue(connectRequestURI(url), HTTP_CONNECT); |
3952
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2110 |
} else { |
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2111 |
value = digestProxy.getHeaderValue(getRequestURI(), method); |
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2112 |
} |
479
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
2113 |
} else { |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
2114 |
value = pauth.getHeaderValue(url, method); |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
2115 |
} |
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
2116 |
|
2 | 2117 |
// Sets "Proxy-authorization" |
479
c6ddcfc7ff4d
6687282: URLConnection for HTTPS connection through Proxy w/ Digest Authentication gives 400 Bad Request
chegar
parents:
478
diff
changeset
|
2118 |
requests.set(pauth.getHeaderName(), value); |
2 | 2119 |
currentProxyCredentials = pauth; |
2120 |
} |
|
2121 |
} |
|
2122 |
||
2123 |
/** |
|
2124 |
* Gets the authentication for an HTTP proxy, and applies it to |
|
2125 |
* the connection. |
|
2126 |
*/ |
|
10596
39b3a979e600
7090158: Networking Libraries don't build with javac -Werror
chegar
parents:
10136
diff
changeset
|
2127 |
@SuppressWarnings("fallthrough") |
2 | 2128 |
private AuthenticationInfo getHttpProxyAuthentication (AuthenticationHeader authhdr) { |
2129 |
/* get authorization from authenticator */ |
|
2130 |
AuthenticationInfo ret = null; |
|
2131 |
String raw = authhdr.raw(); |
|
2132 |
String host = http.getProxyHostUsed(); |
|
2133 |
int port = http.getProxyPortUsed(); |
|
2134 |
if (host != null && authhdr.isPresent()) { |
|
2135 |
HeaderParser p = authhdr.headerParser(); |
|
2136 |
String realm = p.findValue("realm"); |
|
2137 |
String scheme = authhdr.scheme(); |
|
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2138 |
AuthScheme authScheme = UNKNOWN; |
2 | 2139 |
if ("basic".equalsIgnoreCase(scheme)) { |
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2140 |
authScheme = BASIC; |
2 | 2141 |
} else if ("digest".equalsIgnoreCase(scheme)) { |
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2142 |
authScheme = DIGEST; |
2 | 2143 |
} else if ("ntlm".equalsIgnoreCase(scheme)) { |
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2144 |
authScheme = NTLM; |
2 | 2145 |
doingNTLMp2ndStage = true; |
2146 |
} else if ("Kerberos".equalsIgnoreCase(scheme)) { |
|
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2147 |
authScheme = KERBEROS; |
2 | 2148 |
doingNTLMp2ndStage = true; |
2149 |
} else if ("Negotiate".equalsIgnoreCase(scheme)) { |
|
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2150 |
authScheme = NEGOTIATE; |
2 | 2151 |
doingNTLMp2ndStage = true; |
2152 |
} |
|
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2153 |
|
2 | 2154 |
if (realm == null) |
2155 |
realm = ""; |
|
5199
98b1778f0fd1
6648001: Cancelling HTTP authentication causes subsequent deadlocks
chegar
parents:
5161
diff
changeset
|
2156 |
proxyAuthKey = AuthenticationInfo.getProxyAuthKey(host, port, realm, authScheme); |
98b1778f0fd1
6648001: Cancelling HTTP authentication causes subsequent deadlocks
chegar
parents:
5161
diff
changeset
|
2157 |
ret = AuthenticationInfo.getProxyAuth(proxyAuthKey); |
2 | 2158 |
if (ret == null) { |
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2159 |
switch (authScheme) { |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2160 |
case BASIC: |
2 | 2161 |
InetAddress addr = null; |
2162 |
try { |
|
2163 |
final String finalHost = host; |
|
51 | 2164 |
addr = java.security.AccessController.doPrivileged( |
2165 |
new java.security.PrivilegedExceptionAction<InetAddress>() { |
|
2166 |
public InetAddress run() |
|
2 | 2167 |
throws java.net.UnknownHostException { |
2168 |
return InetAddress.getByName(finalHost); |
|
2169 |
} |
|
2170 |
}); |
|
2171 |
} catch (java.security.PrivilegedActionException ignored) { |
|
2172 |
// User will have an unknown host. |
|
2173 |
} |
|
2174 |
PasswordAuthentication a = |
|
2175 |
privilegedRequestPasswordAuthentication( |
|
2176 |
host, addr, port, "http", |
|
2177 |
realm, scheme, url, RequestorType.PROXY); |
|
2178 |
if (a != null) { |
|
2179 |
ret = new BasicAuthentication(true, host, port, realm, a); |
|
2180 |
} |
|
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2181 |
break; |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2182 |
case DIGEST: |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2183 |
a = privilegedRequestPasswordAuthentication( |
2 | 2184 |
host, null, port, url.getProtocol(), |
2185 |
realm, scheme, url, RequestorType.PROXY); |
|
2186 |
if (a != null) { |
|
2187 |
DigestAuthentication.Parameters params = |
|
2188 |
new DigestAuthentication.Parameters(); |
|
2189 |
ret = new DigestAuthentication(true, host, port, realm, |
|
2190 |
scheme, a, params); |
|
2191 |
} |
|
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2192 |
break; |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2193 |
case NTLM: |
10596
39b3a979e600
7090158: Networking Libraries don't build with javac -Werror
chegar
parents:
10136
diff
changeset
|
2194 |
if (NTLMAuthenticationProxy.supported) { |
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2195 |
/* tryTransparentNTLMProxy will always be true the first |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2196 |
* time around, but verify that the platform supports it |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2197 |
* otherwise don't try. */ |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2198 |
if (tryTransparentNTLMProxy) { |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2199 |
tryTransparentNTLMProxy = |
10596
39b3a979e600
7090158: Networking Libraries don't build with javac -Werror
chegar
parents:
10136
diff
changeset
|
2200 |
NTLMAuthenticationProxy.supportsTransparentAuth; |
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2201 |
} |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2202 |
a = null; |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2203 |
if (tryTransparentNTLMProxy) { |
3866
34cd368bd2dd
6882384: Update http protocol handler to use PlatformLogger
chegar
parents:
3859
diff
changeset
|
2204 |
logger.finest("Trying Transparent NTLM authentication"); |
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2205 |
} else { |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2206 |
a = privilegedRequestPasswordAuthentication( |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2207 |
host, null, port, url.getProtocol(), |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2208 |
"", scheme, url, RequestorType.PROXY); |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2209 |
} |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2210 |
/* If we are not trying transparent authentication then |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2211 |
* we need to have a PasswordAuthentication instance. For |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2212 |
* transparent authentication (Windows only) the username |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2213 |
* and password will be picked up from the current logged |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2214 |
* on users credentials. |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2215 |
*/ |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2216 |
if (tryTransparentNTLMProxy || |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2217 |
(!tryTransparentNTLMProxy && a != null)) { |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2218 |
ret = NTLMAuthenticationProxy.proxy.create(true, host, port, a); |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2219 |
} |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2220 |
|
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2221 |
/* set to false so that we do not try again */ |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2222 |
tryTransparentNTLMProxy = false; |
2 | 2223 |
} |
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2224 |
break; |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2225 |
case NEGOTIATE: |
2942
37d9baeb7518
6578647: Undefined requesting URL in java.net.Authenticator.getPasswordAuthentication()
weijun
parents:
2928
diff
changeset
|
2226 |
ret = new NegotiateAuthentication(new HttpCallerInfo(authhdr.getHttpCallerInfo(), "Negotiate")); |
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2227 |
break; |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2228 |
case KERBEROS: |
2942
37d9baeb7518
6578647: Undefined requesting URL in java.net.Authenticator.getPasswordAuthentication()
weijun
parents:
2928
diff
changeset
|
2229 |
ret = new NegotiateAuthentication(new HttpCallerInfo(authhdr.getHttpCallerInfo(), "Kerberos")); |
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2230 |
break; |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2231 |
case UNKNOWN: |
18178
ee71c923891d
8016747: Replace deprecated PlatformLogger isLoggable(int) with isLoggable(Level)
chegar
parents:
17952
diff
changeset
|
2232 |
if (logger.isLoggable(PlatformLogger.Level.FINEST)) { |
16839
d0f2e97b7359
8010297: Missing isLoggable() checks in logging code
anthony
parents:
16007
diff
changeset
|
2233 |
logger.finest("Unknown/Unsupported authentication scheme: " + scheme); |
d0f2e97b7359
8010297: Missing isLoggable() checks in logging code
anthony
parents:
16007
diff
changeset
|
2234 |
} |
10596
39b3a979e600
7090158: Networking Libraries don't build with javac -Werror
chegar
parents:
10136
diff
changeset
|
2235 |
/*fall through*/ |
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2236 |
default: |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2237 |
throw new AssertionError("should not reach here"); |
2 | 2238 |
} |
2239 |
} |
|
2240 |
// For backwards compatibility, we also try defaultAuth |
|
2241 |
// REMIND: Get rid of this for JDK2.0. |
|
2242 |
||
2243 |
if (ret == null && defaultAuth != null |
|
2244 |
&& defaultAuth.schemeSupported(scheme)) { |
|
2245 |
try { |
|
2246 |
URL u = new URL("http", host, port, "/"); |
|
2247 |
String a = defaultAuth.authString(u, scheme, realm); |
|
2248 |
if (a != null) { |
|
2249 |
ret = new BasicAuthentication (true, host, port, realm, a); |
|
2250 |
// not in cache by default - cache on success |
|
2251 |
} |
|
2252 |
} catch (java.net.MalformedURLException ignored) { |
|
2253 |
} |
|
2254 |
} |
|
2255 |
if (ret != null) { |
|
2256 |
if (!ret.setHeaders(this, p, raw)) { |
|
2257 |
ret = null; |
|
2258 |
} |
|
2259 |
} |
|
2260 |
} |
|
18178
ee71c923891d
8016747: Replace deprecated PlatformLogger isLoggable(int) with isLoggable(Level)
chegar
parents:
17952
diff
changeset
|
2261 |
if (logger.isLoggable(PlatformLogger.Level.FINER)) { |
3866
34cd368bd2dd
6882384: Update http protocol handler to use PlatformLogger
chegar
parents:
3859
diff
changeset
|
2262 |
logger.finer("Proxy Authentication for " + authhdr.toString() +" returned " + (ret != null ? ret.toString() : "null")); |
3059
2975ff687a6b
6811297: Add more logging to HTTP protocol handler
jccollet
parents:
2942
diff
changeset
|
2263 |
} |
2 | 2264 |
return ret; |
2265 |
} |
|
2266 |
||
2267 |
/** |
|
2268 |
* Gets the authentication for an HTTP server, and applies it to |
|
2269 |
* the connection. |
|
2270 |
* @param authHdr the AuthenticationHeader which tells what auth scheme is |
|
21278 | 2271 |
* preferred. |
2 | 2272 |
*/ |
10596
39b3a979e600
7090158: Networking Libraries don't build with javac -Werror
chegar
parents:
10136
diff
changeset
|
2273 |
@SuppressWarnings("fallthrough") |
2 | 2274 |
private AuthenticationInfo getServerAuthentication (AuthenticationHeader authhdr) { |
2275 |
/* get authorization from authenticator */ |
|
2276 |
AuthenticationInfo ret = null; |
|
2277 |
String raw = authhdr.raw(); |
|
2278 |
/* When we get an NTLM auth from cache, don't set any special headers */ |
|
2279 |
if (authhdr.isPresent()) { |
|
2280 |
HeaderParser p = authhdr.headerParser(); |
|
2281 |
String realm = p.findValue("realm"); |
|
2282 |
String scheme = authhdr.scheme(); |
|
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2283 |
AuthScheme authScheme = UNKNOWN; |
2 | 2284 |
if ("basic".equalsIgnoreCase(scheme)) { |
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2285 |
authScheme = BASIC; |
2 | 2286 |
} else if ("digest".equalsIgnoreCase(scheme)) { |
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2287 |
authScheme = DIGEST; |
2 | 2288 |
} else if ("ntlm".equalsIgnoreCase(scheme)) { |
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2289 |
authScheme = NTLM; |
2 | 2290 |
doingNTLM2ndStage = true; |
2291 |
} else if ("Kerberos".equalsIgnoreCase(scheme)) { |
|
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2292 |
authScheme = KERBEROS; |
2 | 2293 |
doingNTLM2ndStage = true; |
2294 |
} else if ("Negotiate".equalsIgnoreCase(scheme)) { |
|
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2295 |
authScheme = NEGOTIATE; |
2 | 2296 |
doingNTLM2ndStage = true; |
2297 |
} |
|
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2298 |
|
2 | 2299 |
domain = p.findValue ("domain"); |
2300 |
if (realm == null) |
|
2301 |
realm = ""; |
|
5199
98b1778f0fd1
6648001: Cancelling HTTP authentication causes subsequent deadlocks
chegar
parents:
5161
diff
changeset
|
2302 |
serverAuthKey = AuthenticationInfo.getServerAuthKey(url, realm, authScheme); |
98b1778f0fd1
6648001: Cancelling HTTP authentication causes subsequent deadlocks
chegar
parents:
5161
diff
changeset
|
2303 |
ret = AuthenticationInfo.getServerAuth(serverAuthKey); |
2 | 2304 |
InetAddress addr = null; |
2305 |
if (ret == null) { |
|
2306 |
try { |
|
2307 |
addr = InetAddress.getByName(url.getHost()); |
|
2308 |
} catch (java.net.UnknownHostException ignored) { |
|
2309 |
// User will have addr = null |
|
2310 |
} |
|
2311 |
} |
|
2312 |
// replacing -1 with default port for a protocol |
|
2313 |
int port = url.getPort(); |
|
2314 |
if (port == -1) { |
|
2315 |
port = url.getDefaultPort(); |
|
2316 |
} |
|
2317 |
if (ret == null) { |
|
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2318 |
switch(authScheme) { |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2319 |
case KERBEROS: |
2942
37d9baeb7518
6578647: Undefined requesting URL in java.net.Authenticator.getPasswordAuthentication()
weijun
parents:
2928
diff
changeset
|
2320 |
ret = new NegotiateAuthentication(new HttpCallerInfo(authhdr.getHttpCallerInfo(), "Kerberos")); |
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2321 |
break; |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2322 |
case NEGOTIATE: |
2942
37d9baeb7518
6578647: Undefined requesting URL in java.net.Authenticator.getPasswordAuthentication()
weijun
parents:
2928
diff
changeset
|
2323 |
ret = new NegotiateAuthentication(new HttpCallerInfo(authhdr.getHttpCallerInfo(), "Negotiate")); |
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2324 |
break; |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2325 |
case BASIC: |
2 | 2326 |
PasswordAuthentication a = |
2327 |
privilegedRequestPasswordAuthentication( |
|
2328 |
url.getHost(), addr, port, url.getProtocol(), |
|
2329 |
realm, scheme, url, RequestorType.SERVER); |
|
2330 |
if (a != null) { |
|
2331 |
ret = new BasicAuthentication(false, url, realm, a); |
|
2332 |
} |
|
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2333 |
break; |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2334 |
case DIGEST: |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2335 |
a = privilegedRequestPasswordAuthentication( |
2 | 2336 |
url.getHost(), addr, port, url.getProtocol(), |
2337 |
realm, scheme, url, RequestorType.SERVER); |
|
2338 |
if (a != null) { |
|
2339 |
digestparams = new DigestAuthentication.Parameters(); |
|
2340 |
ret = new DigestAuthentication(false, url, realm, scheme, a, digestparams); |
|
2341 |
} |
|
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2342 |
break; |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2343 |
case NTLM: |
10596
39b3a979e600
7090158: Networking Libraries don't build with javac -Werror
chegar
parents:
10136
diff
changeset
|
2344 |
if (NTLMAuthenticationProxy.supported) { |
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2345 |
URL url1; |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2346 |
try { |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2347 |
url1 = new URL (url, "/"); /* truncate the path */ |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2348 |
} catch (Exception e) { |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2349 |
url1 = url; |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2350 |
} |
2 | 2351 |
|
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2352 |
/* tryTransparentNTLMServer will always be true the first |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2353 |
* time around, but verify that the platform supports it |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2354 |
* otherwise don't try. */ |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2355 |
if (tryTransparentNTLMServer) { |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2356 |
tryTransparentNTLMServer = |
10596
39b3a979e600
7090158: Networking Libraries don't build with javac -Werror
chegar
parents:
10136
diff
changeset
|
2357 |
NTLMAuthenticationProxy.supportsTransparentAuth; |
8815
9a3f042d307e
6997851: Create NTLM AuthenticationCallBack class to avoid NTLM info leakage on client side
chegar
parents:
7022
diff
changeset
|
2358 |
/* If the platform supports transparent authentication |
9a3f042d307e
6997851: Create NTLM AuthenticationCallBack class to avoid NTLM info leakage on client side
chegar
parents:
7022
diff
changeset
|
2359 |
* then check if we are in a secure environment |
9a3f042d307e
6997851: Create NTLM AuthenticationCallBack class to avoid NTLM info leakage on client side
chegar
parents:
7022
diff
changeset
|
2360 |
* whether, or not, we should try transparent authentication.*/ |
9a3f042d307e
6997851: Create NTLM AuthenticationCallBack class to avoid NTLM info leakage on client side
chegar
parents:
7022
diff
changeset
|
2361 |
if (tryTransparentNTLMServer) { |
9a3f042d307e
6997851: Create NTLM AuthenticationCallBack class to avoid NTLM info leakage on client side
chegar
parents:
7022
diff
changeset
|
2362 |
tryTransparentNTLMServer = |
10596
39b3a979e600
7090158: Networking Libraries don't build with javac -Werror
chegar
parents:
10136
diff
changeset
|
2363 |
NTLMAuthenticationProxy.isTrustedSite(url); |
8815
9a3f042d307e
6997851: Create NTLM AuthenticationCallBack class to avoid NTLM info leakage on client side
chegar
parents:
7022
diff
changeset
|
2364 |
} |
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2365 |
} |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2366 |
a = null; |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2367 |
if (tryTransparentNTLMServer) { |
3866
34cd368bd2dd
6882384: Update http protocol handler to use PlatformLogger
chegar
parents:
3859
diff
changeset
|
2368 |
logger.finest("Trying Transparent NTLM authentication"); |
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2369 |
} else { |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2370 |
a = privilegedRequestPasswordAuthentication( |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2371 |
url.getHost(), addr, port, url.getProtocol(), |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2372 |
"", scheme, url, RequestorType.SERVER); |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2373 |
} |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2374 |
|
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2375 |
/* If we are not trying transparent authentication then |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2376 |
* we need to have a PasswordAuthentication instance. For |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2377 |
* transparent authentication (Windows only) the username |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2378 |
* and password will be picked up from the current logged |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2379 |
* on users credentials. |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2380 |
*/ |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2381 |
if (tryTransparentNTLMServer || |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2382 |
(!tryTransparentNTLMServer && a != null)) { |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2383 |
ret = NTLMAuthenticationProxy.proxy.create(false, url1, a); |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2384 |
} |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2385 |
|
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2386 |
/* set to false so that we do not try again */ |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2387 |
tryTransparentNTLMServer = false; |
2 | 2388 |
} |
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2389 |
break; |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2390 |
case UNKNOWN: |
18178
ee71c923891d
8016747: Replace deprecated PlatformLogger isLoggable(int) with isLoggable(Level)
chegar
parents:
17952
diff
changeset
|
2391 |
if (logger.isLoggable(PlatformLogger.Level.FINEST)) { |
16839
d0f2e97b7359
8010297: Missing isLoggable() checks in logging code
anthony
parents:
16007
diff
changeset
|
2392 |
logger.finest("Unknown/Unsupported authentication scheme: " + scheme); |
d0f2e97b7359
8010297: Missing isLoggable() checks in logging code
anthony
parents:
16007
diff
changeset
|
2393 |
} |
10596
39b3a979e600
7090158: Networking Libraries don't build with javac -Werror
chegar
parents:
10136
diff
changeset
|
2394 |
/*fall through*/ |
3859
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2395 |
default: |
8b82336dedb3
6882594: Remove static dependancy on NTLM authentication
chegar
parents:
3465
diff
changeset
|
2396 |
throw new AssertionError("should not reach here"); |
2 | 2397 |
} |
2398 |
} |
|
2399 |
||
2400 |
// For backwards compatibility, we also try defaultAuth |
|
2401 |
// REMIND: Get rid of this for JDK2.0. |
|
2402 |
||
2403 |
if (ret == null && defaultAuth != null |
|
2404 |
&& defaultAuth.schemeSupported(scheme)) { |
|
2405 |
String a = defaultAuth.authString(url, scheme, realm); |
|
2406 |
if (a != null) { |
|
2407 |
ret = new BasicAuthentication (false, url, realm, a); |
|
2408 |
// not in cache by default - cache on success |
|
2409 |
} |
|
2410 |
} |
|
2411 |
||
2412 |
if (ret != null ) { |
|
2413 |
if (!ret.setHeaders(this, p, raw)) { |
|
2414 |
ret = null; |
|
2415 |
} |
|
2416 |
} |
|
2417 |
} |
|
18178
ee71c923891d
8016747: Replace deprecated PlatformLogger isLoggable(int) with isLoggable(Level)
chegar
parents:
17952
diff
changeset
|
2418 |
if (logger.isLoggable(PlatformLogger.Level.FINER)) { |
3866
34cd368bd2dd
6882384: Update http protocol handler to use PlatformLogger
chegar
parents:
3859
diff
changeset
|
2419 |
logger.finer("Server Authentication for " + authhdr.toString() +" returned " + (ret != null ? ret.toString() : "null")); |
3059
2975ff687a6b
6811297: Add more logging to HTTP protocol handler
jccollet
parents:
2942
diff
changeset
|
2420 |
} |
2 | 2421 |
return ret; |
2422 |
} |
|
2423 |
||
2424 |
/* inclose will be true if called from close(), in which case we |
|
2425 |
* force the call to check because this is the last chance to do so. |
|
2426 |
* If not in close(), then the authentication info could arrive in a trailer |
|
2427 |
* field, which we have not read yet. |
|
2428 |
*/ |
|
2429 |
private void checkResponseCredentials (boolean inClose) throws IOException { |
|
2430 |
try { |
|
2431 |
if (!needToCheck) |
|
2432 |
return; |
|
3952
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2433 |
if ((validateProxy && currentProxyCredentials != null) && |
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2434 |
(currentProxyCredentials instanceof DigestAuthentication)) { |
2 | 2435 |
String raw = responses.findValue ("Proxy-Authentication-Info"); |
2436 |
if (inClose || (raw != null)) { |
|
3952
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2437 |
DigestAuthentication da = (DigestAuthentication) |
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2438 |
currentProxyCredentials; |
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2439 |
da.checkResponse (raw, method, getRequestURI()); |
2 | 2440 |
currentProxyCredentials = null; |
2441 |
} |
|
2442 |
} |
|
3952
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2443 |
if ((validateServer && currentServerCredentials != null) && |
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2444 |
(currentServerCredentials instanceof DigestAuthentication)) { |
2 | 2445 |
String raw = responses.findValue ("Authentication-Info"); |
2446 |
if (inClose || (raw != null)) { |
|
3952
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2447 |
DigestAuthentication da = (DigestAuthentication) |
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2448 |
currentServerCredentials; |
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2449 |
da.checkResponse (raw, method, url); |
2 | 2450 |
currentServerCredentials = null; |
2451 |
} |
|
2452 |
} |
|
2453 |
if ((currentServerCredentials==null) && (currentProxyCredentials == null)) { |
|
2454 |
needToCheck = false; |
|
2455 |
} |
|
2456 |
} catch (IOException e) { |
|
2457 |
disconnectInternal(); |
|
2458 |
connected = false; |
|
2459 |
throw e; |
|
2460 |
} |
|
2461 |
} |
|
2462 |
||
3952
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2463 |
/* The request URI used in the request line for this request. |
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2464 |
* Also, needed for digest authentication |
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2465 |
*/ |
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2466 |
|
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2467 |
String requestURI = null; |
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2468 |
|
4150
74dfe4a968c6
6890349: Fix #6870935 in jdk7/pit/b74 caused HttpClinet's check for "proxy capture" attack by-passed.
michaelm
parents:
4047
diff
changeset
|
2469 |
String getRequestURI() throws IOException { |
3952
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2470 |
if (requestURI == null) { |
4150
74dfe4a968c6
6890349: Fix #6870935 in jdk7/pit/b74 caused HttpClinet's check for "proxy capture" attack by-passed.
michaelm
parents:
4047
diff
changeset
|
2471 |
requestURI = http.getURLFile(); |
3952
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2472 |
} |
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2473 |
return requestURI; |
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2474 |
} |
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2475 |
|
2 | 2476 |
/* Tells us whether to follow a redirect. If so, it |
2477 |
* closes the connection (break any keep-alive) and |
|
2478 |
* resets the url, re-connects, and resets the request |
|
2479 |
* property. |
|
2480 |
*/ |
|
2481 |
private boolean followRedirect() throws IOException { |
|
2482 |
if (!getInstanceFollowRedirects()) { |
|
2483 |
return false; |
|
2484 |
} |
|
2485 |
||
17473
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2486 |
final int stat = getResponseCode(); |
2 | 2487 |
if (stat < 300 || stat > 307 || stat == 306 |
2488 |
|| stat == HTTP_NOT_MODIFIED) { |
|
2489 |
return false; |
|
2490 |
} |
|
17473
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2491 |
final String loc = getHeaderField("Location"); |
2 | 2492 |
if (loc == null) { |
2493 |
/* this should be present - if not, we have no choice |
|
2494 |
* but to go forward w/ the response we got |
|
2495 |
*/ |
|
2496 |
return false; |
|
2497 |
} |
|
17473
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2498 |
|
2 | 2499 |
URL locUrl; |
2500 |
try { |
|
2501 |
locUrl = new URL(loc); |
|
2502 |
if (!url.getProtocol().equalsIgnoreCase(locUrl.getProtocol())) { |
|
2503 |
return false; |
|
2504 |
} |
|
2505 |
||
2506 |
} catch (MalformedURLException mue) { |
|
2507 |
// treat loc as a relative URI to conform to popular browsers |
|
2508 |
locUrl = new URL(url, loc); |
|
2509 |
} |
|
17473
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2510 |
|
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2511 |
final URL locUrl0 = locUrl; |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2512 |
socketPermission = null; // force recalculation |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2513 |
SocketPermission p = URLtoSocketPermission(locUrl); |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2514 |
|
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2515 |
if (p != null) { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2516 |
try { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2517 |
return AccessController.doPrivileged( |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2518 |
new PrivilegedExceptionAction<Boolean>() { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2519 |
public Boolean run() throws IOException { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2520 |
return followRedirect0(loc, stat, locUrl0); |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2521 |
} |
20787
ab071ce90368
8014719: HttpClient/ProxyTest.java failing with IAE HttpURLPermission.parseURI
michaelm
parents:
18577
diff
changeset
|
2522 |
}, null, p |
17473
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2523 |
); |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2524 |
} catch (PrivilegedActionException e) { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2525 |
throw (IOException) e.getException(); |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2526 |
} |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2527 |
} else { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2528 |
// run without additional permission |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2529 |
return followRedirect0(loc, stat, locUrl); |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2530 |
} |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2531 |
} |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2532 |
|
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2533 |
/* Tells us whether to follow a redirect. If so, it |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2534 |
* closes the connection (break any keep-alive) and |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2535 |
* resets the url, re-connects, and resets the request |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2536 |
* property. |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2537 |
*/ |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2538 |
private boolean followRedirect0(String loc, int stat, URL locUrl) |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2539 |
throws IOException |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2540 |
{ |
2 | 2541 |
disconnectInternal(); |
2542 |
if (streaming()) { |
|
2543 |
throw new HttpRetryException (RETRY_MSG3, stat, loc); |
|
2544 |
} |
|
18178
ee71c923891d
8016747: Replace deprecated PlatformLogger isLoggable(int) with isLoggable(Level)
chegar
parents:
17952
diff
changeset
|
2545 |
if (logger.isLoggable(PlatformLogger.Level.FINE)) { |
3866
34cd368bd2dd
6882384: Update http protocol handler to use PlatformLogger
chegar
parents:
3859
diff
changeset
|
2546 |
logger.fine("Redirected from " + url + " to " + locUrl); |
3059
2975ff687a6b
6811297: Add more logging to HTTP protocol handler
jccollet
parents:
2942
diff
changeset
|
2547 |
} |
2 | 2548 |
|
2549 |
// clear out old response headers!!!! |
|
2550 |
responses = new MessageHeader(); |
|
2551 |
if (stat == HTTP_USE_PROXY) { |
|
2552 |
/* This means we must re-request the resource through the |
|
2553 |
* proxy denoted in the "Location:" field of the response. |
|
2554 |
* Judging by the spec, the string in the Location header |
|
2555 |
* _should_ denote a URL - let's hope for "http://my.proxy.org" |
|
2556 |
* Make a new HttpClient to the proxy, using HttpClient's |
|
2557 |
* Instance-specific proxy fields, but note we're still fetching |
|
2558 |
* the same URL. |
|
2559 |
*/ |
|
2560 |
String proxyHost = locUrl.getHost(); |
|
2561 |
int proxyPort = locUrl.getPort(); |
|
2562 |
||
2563 |
SecurityManager security = System.getSecurityManager(); |
|
2564 |
if (security != null) { |
|
2565 |
security.checkConnect(proxyHost, proxyPort); |
|
2566 |
} |
|
2567 |
||
2568 |
setProxiedClient (url, proxyHost, proxyPort); |
|
3952
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2569 |
requests.set(0, method + " " + getRequestURI()+" " + |
2 | 2570 |
httpVersion, null); |
2571 |
connected = true; |
|
2572 |
} else { |
|
2573 |
// maintain previous headers, just change the name |
|
2574 |
// of the file we're getting |
|
2575 |
url = locUrl; |
|
3952
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2576 |
requestURI = null; // force it to be recalculated |
2 | 2577 |
if (method.equals("POST") && !Boolean.getBoolean("http.strictPostRedirect") && (stat!=307)) { |
2578 |
/* The HTTP/1.1 spec says that a redirect from a POST |
|
2579 |
* *should not* be immediately turned into a GET, and |
|
2580 |
* that some HTTP/1.0 clients incorrectly did this. |
|
2581 |
* Correct behavior redirects a POST to another POST. |
|
2582 |
* Unfortunately, since most browsers have this incorrect |
|
2583 |
* behavior, the web works this way now. Typical usage |
|
2584 |
* seems to be: |
|
2585 |
* POST a login code or passwd to a web page. |
|
2586 |
* after validation, the server redirects to another |
|
2587 |
* (welcome) page |
|
2588 |
* The second request is (erroneously) expected to be GET |
|
2589 |
* |
|
2590 |
* We will do the incorrect thing (POST-->GET) by default. |
|
2591 |
* We will provide the capability to do the "right" thing |
|
2592 |
* (POST-->POST) by a system property, "http.strictPostRedirect=true" |
|
2593 |
*/ |
|
2594 |
||
2595 |
requests = new MessageHeader(); |
|
2596 |
setRequests = false; |
|
2597 |
setRequestMethod("GET"); |
|
2598 |
poster = null; |
|
2599 |
if (!checkReuseConnection()) |
|
2600 |
connect(); |
|
2601 |
} else { |
|
2602 |
if (!checkReuseConnection()) |
|
2603 |
connect(); |
|
2604 |
/* Even after a connect() call, http variable still can be |
|
2605 |
* null, if a ResponseCache has been installed and it returns |
|
2606 |
* a non-null CacheResponse instance. So check nullity before using it. |
|
2607 |
* |
|
2608 |
* And further, if http is null, there's no need to do anything |
|
2609 |
* about request headers because successive http session will use |
|
2610 |
* cachedInputStream/cachedHeaders anyway, which is returned by |
|
2611 |
* CacheResponse. |
|
2612 |
*/ |
|
2613 |
if (http != null) { |
|
3952
dc329398de30
6870935: DIGEST proxy authentication fails to connect to URLs with no trailing slash
michaelm
parents:
3866
diff
changeset
|
2614 |
requests.set(0, method + " " + getRequestURI()+" " + |
2 | 2615 |
httpVersion, null); |
2616 |
int port = url.getPort(); |
|
2617 |
String host = url.getHost(); |
|
2618 |
if (port != -1 && port != url.getDefaultPort()) { |
|
2619 |
host += ":" + String.valueOf(port); |
|
2620 |
} |
|
2621 |
requests.set("Host", host); |
|
2622 |
} |
|
2623 |
} |
|
2624 |
} |
|
2625 |
return true; |
|
2626 |
} |
|
2627 |
||
2628 |
/* dummy byte buffer for reading off socket prior to closing */ |
|
2629 |
byte[] cdata = new byte [128]; |
|
2630 |
||
2631 |
/** |
|
2632 |
* Reset (without disconnecting the TCP conn) in order to do another transaction with this instance |
|
2633 |
*/ |
|
2634 |
private void reset() throws IOException { |
|
2635 |
http.reuse = true; |
|
2636 |
/* must save before calling close */ |
|
2637 |
reuseClient = http; |
|
2638 |
InputStream is = http.getInputStream(); |
|
2639 |
if (!method.equals("HEAD")) { |
|
2640 |
try { |
|
2641 |
/* we want to read the rest of the response without using the |
|
2642 |
* hurry mechanism, because that would close the connection |
|
2643 |
* if everything is not available immediately |
|
2644 |
*/ |
|
2645 |
if ((is instanceof ChunkedInputStream) || |
|
2646 |
(is instanceof MeteredStream)) { |
|
2647 |
/* reading until eof will not block */ |
|
2648 |
while (is.read (cdata) > 0) {} |
|
2649 |
} else { |
|
2650 |
/* raw stream, which will block on read, so only read |
|
2651 |
* the expected number of bytes, probably 0 |
|
2652 |
*/ |
|
3059
2975ff687a6b
6811297: Add more logging to HTTP protocol handler
jccollet
parents:
2942
diff
changeset
|
2653 |
long cl = 0; |
2975ff687a6b
6811297: Add more logging to HTTP protocol handler
jccollet
parents:
2942
diff
changeset
|
2654 |
int n = 0; |
2975ff687a6b
6811297: Add more logging to HTTP protocol handler
jccollet
parents:
2942
diff
changeset
|
2655 |
String cls = responses.findValue ("Content-Length"); |
2975ff687a6b
6811297: Add more logging to HTTP protocol handler
jccollet
parents:
2942
diff
changeset
|
2656 |
if (cls != null) { |
2975ff687a6b
6811297: Add more logging to HTTP protocol handler
jccollet
parents:
2942
diff
changeset
|
2657 |
try { |
2975ff687a6b
6811297: Add more logging to HTTP protocol handler
jccollet
parents:
2942
diff
changeset
|
2658 |
cl = Long.parseLong (cls); |
2975ff687a6b
6811297: Add more logging to HTTP protocol handler
jccollet
parents:
2942
diff
changeset
|
2659 |
} catch (NumberFormatException e) { |
2975ff687a6b
6811297: Add more logging to HTTP protocol handler
jccollet
parents:
2942
diff
changeset
|
2660 |
cl = 0; |
2975ff687a6b
6811297: Add more logging to HTTP protocol handler
jccollet
parents:
2942
diff
changeset
|
2661 |
} |
2975ff687a6b
6811297: Add more logging to HTTP protocol handler
jccollet
parents:
2942
diff
changeset
|
2662 |
} |
2975ff687a6b
6811297: Add more logging to HTTP protocol handler
jccollet
parents:
2942
diff
changeset
|
2663 |
for (long i=0; i<cl; ) { |
2 | 2664 |
if ((n = is.read (cdata)) == -1) { |
2665 |
break; |
|
2666 |
} else { |
|
2667 |
i+= n; |
|
2668 |
} |
|
2669 |
} |
|
2670 |
} |
|
2671 |
} catch (IOException e) { |
|
2672 |
http.reuse = false; |
|
2673 |
reuseClient = null; |
|
2674 |
disconnectInternal(); |
|
2675 |
return; |
|
2676 |
} |
|
2677 |
try { |
|
2678 |
if (is instanceof MeteredStream) { |
|
2679 |
is.close(); |
|
2680 |
} |
|
2681 |
} catch (IOException e) { } |
|
2682 |
} |
|
2683 |
responseCode = -1; |
|
2684 |
responses = new MessageHeader(); |
|
2685 |
connected = false; |
|
2686 |
} |
|
2687 |
||
2688 |
/** |
|
5161 | 2689 |
* Disconnect from the web server at the first 401 error. Do not |
2690 |
* disconnect when using a proxy, a good proxy should have already |
|
2691 |
* closed the connection to the web server. |
|
2692 |
*/ |
|
2693 |
private void disconnectWeb() throws IOException { |
|
5979
26b9b2b1b37b
6954525: Testcase failure java/net/Authenticator/B4769350.java
chegar
parents:
5506
diff
changeset
|
2694 |
if (usingProxy() && http.isKeepingAlive()) { |
5161 | 2695 |
responseCode = -1; |
2696 |
// clean up, particularly, skip the content part |
|
2697 |
// of a 401 error response |
|
2698 |
reset(); |
|
2699 |
} else { |
|
2700 |
disconnectInternal(); |
|
2701 |
} |
|
2702 |
} |
|
2703 |
||
2704 |
/** |
|
2 | 2705 |
* Disconnect from the server (for internal use) |
2706 |
*/ |
|
2707 |
private void disconnectInternal() { |
|
2708 |
responseCode = -1; |
|
78
65353d0d0e31
6660405: HttpURLConnection returns the wrong InputStream
jccollet
parents:
74
diff
changeset
|
2709 |
inputStream = null; |
2 | 2710 |
if (pi != null) { |
2711 |
pi.finishTracking(); |
|
2712 |
pi = null; |
|
2713 |
} |
|
2714 |
if (http != null) { |
|
2715 |
http.closeServer(); |
|
2716 |
http = null; |
|
2717 |
connected = false; |
|
2718 |
} |
|
2719 |
} |
|
2720 |
||
2721 |
/** |
|
2722 |
* Disconnect from the server (public API) |
|
2723 |
*/ |
|
2724 |
public void disconnect() { |
|
2725 |
||
2726 |
responseCode = -1; |
|
2727 |
if (pi != null) { |
|
2728 |
pi.finishTracking(); |
|
2729 |
pi = null; |
|
2730 |
} |
|
2731 |
||
2732 |
if (http != null) { |
|
2733 |
/* |
|
2734 |
* If we have an input stream this means we received a response |
|
2735 |
* from the server. That stream may have been read to EOF and |
|
2736 |
* dependening on the stream type may already be closed or the |
|
2737 |
* the http client may be returned to the keep-alive cache. |
|
2738 |
* If the http client has been returned to the keep-alive cache |
|
2739 |
* it may be closed (idle timeout) or may be allocated to |
|
2740 |
* another request. |
|
2741 |
* |
|
2742 |
* In other to avoid timing issues we close the input stream |
|
2743 |
* which will either close the underlying connection or return |
|
2744 |
* the client to the cache. If there's a possibility that the |
|
2745 |
* client has been returned to the cache (ie: stream is a keep |
|
2746 |
* alive stream or a chunked input stream) then we remove an |
|
2747 |
* idle connection to the server. Note that this approach |
|
2748 |
* can be considered an approximation in that we may close a |
|
2749 |
* different idle connection to that used by the request. |
|
2750 |
* Additionally it's possible that we close two connections |
|
2751 |
* - the first becuase it wasn't an EOF (and couldn't be |
|
2752 |
* hurried) - the second, another idle connection to the |
|
2753 |
* same server. The is okay because "disconnect" is an |
|
2754 |
* indication that the application doesn't intend to access |
|
2755 |
* this http server for a while. |
|
2756 |
*/ |
|
2757 |
||
2758 |
if (inputStream != null) { |
|
2759 |
HttpClient hc = http; |
|
2760 |
||
2761 |
// un-synchronized |
|
2762 |
boolean ka = hc.isKeepingAlive(); |
|
2763 |
||
2764 |
try { |
|
2765 |
inputStream.close(); |
|
2766 |
} catch (IOException ioe) { } |
|
2767 |
||
2768 |
// if the connection is persistent it may have been closed |
|
2769 |
// or returned to the keep-alive cache. If it's been returned |
|
2770 |
// to the keep-alive cache then we would like to close it |
|
2771 |
// but it may have been allocated |
|
2772 |
||
2773 |
if (ka) { |
|
2774 |
hc.closeIdleConnection(); |
|
2775 |
} |
|
2776 |
||
2777 |
||
2778 |
} else { |
|
2779 |
// We are deliberatly being disconnected so HttpClient |
|
2780 |
// should not try to resend the request no matter what stage |
|
2781 |
// of the connection we are in. |
|
2782 |
http.setDoNotRetry(true); |
|
2783 |
||
2784 |
http.closeServer(); |
|
2785 |
} |
|
2786 |
||
2787 |
// poster = null; |
|
2788 |
http = null; |
|
2789 |
connected = false; |
|
2790 |
} |
|
2791 |
cachedInputStream = null; |
|
2792 |
if (cachedHeaders != null) { |
|
2793 |
cachedHeaders.reset(); |
|
2794 |
} |
|
2795 |
} |
|
2796 |
||
2797 |
public boolean usingProxy() { |
|
2798 |
if (http != null) { |
|
2799 |
return (http.getProxyHostUsed() != null); |
|
2800 |
} |
|
2801 |
return false; |
|
2802 |
} |
|
2803 |
||
11284
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2804 |
// constant strings represent set-cookie header names |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2805 |
private final static String SET_COOKIE = "set-cookie"; |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2806 |
private final static String SET_COOKIE2 = "set-cookie2"; |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2807 |
|
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2808 |
/** |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2809 |
* Returns a filtered version of the given headers value. |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2810 |
* |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2811 |
* Note: The implementation currently only filters out HttpOnly cookies |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2812 |
* from Set-Cookie and Set-Cookie2 headers. |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2813 |
*/ |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2814 |
private String filterHeaderField(String name, String value) { |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2815 |
if (value == null) |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2816 |
return null; |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2817 |
|
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2818 |
if (SET_COOKIE.equalsIgnoreCase(name) || |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2819 |
SET_COOKIE2.equalsIgnoreCase(name)) { |
18577
f76979ce4bc4
8015799: HttpURLConnection.getHeaderFields() throws IllegalArgumentException
jzavgren
parents:
18541
diff
changeset
|
2820 |
|
11284
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2821 |
// Filtering only if there is a cookie handler. [Assumption: the |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2822 |
// cookie handler will store/retrieve the HttpOnly cookies] |
18577
f76979ce4bc4
8015799: HttpURLConnection.getHeaderFields() throws IllegalArgumentException
jzavgren
parents:
18541
diff
changeset
|
2823 |
if (cookieHandler == null || value.length() == 0) |
11284
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2824 |
return value; |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2825 |
|
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2826 |
sun.misc.JavaNetHttpCookieAccess access = |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2827 |
sun.misc.SharedSecrets.getJavaNetHttpCookieAccess(); |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2828 |
StringBuilder retValue = new StringBuilder(); |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2829 |
List<HttpCookie> cookies = access.parse(value); |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2830 |
boolean multipleCookies = false; |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2831 |
for (HttpCookie cookie : cookies) { |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2832 |
// skip HttpOnly cookies |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2833 |
if (cookie.isHttpOnly()) |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2834 |
continue; |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2835 |
if (multipleCookies) |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2836 |
retValue.append(','); // RFC 2965, comma separated |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2837 |
retValue.append(access.header(cookie)); |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2838 |
multipleCookies = true; |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2839 |
} |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2840 |
|
16007
cf20f016fa94
8007315: HttpURLConnection.filterHeaderField method returns null where empty string is expected
coffeys
parents:
14766
diff
changeset
|
2841 |
return retValue.length() == 0 ? "" : retValue.toString(); |
11284
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2842 |
} |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2843 |
|
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2844 |
return value; |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2845 |
} |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2846 |
|
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2847 |
// Cache the filtered response headers so that they don't need |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2848 |
// to be generated for every getHeaderFields() call. |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2849 |
private Map<String, List<String>> filteredHeaders; // null |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2850 |
|
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2851 |
private Map<String, List<String>> getFilteredHeaderFields() { |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2852 |
if (filteredHeaders != null) |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2853 |
return filteredHeaders; |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2854 |
|
11518
7e720dd82e9e
7128648: HttpURLConnection.getHeaderFields should return an unmodifiable Map
chegar
parents:
11284
diff
changeset
|
2855 |
Map<String, List<String>> headers, tmpMap = new HashMap<>(); |
11284
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2856 |
|
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2857 |
if (cachedHeaders != null) |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2858 |
headers = cachedHeaders.getHeaders(); |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2859 |
else |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2860 |
headers = responses.getHeaders(); |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2861 |
|
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2862 |
for (Map.Entry<String, List<String>> e: headers.entrySet()) { |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2863 |
String key = e.getKey(); |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2864 |
List<String> values = e.getValue(), filteredVals = new ArrayList<>(); |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2865 |
for (String value : values) { |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2866 |
String fVal = filterHeaderField(key, value); |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2867 |
if (fVal != null) |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2868 |
filteredVals.add(fVal); |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2869 |
} |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2870 |
if (!filteredVals.isEmpty()) |
11518
7e720dd82e9e
7128648: HttpURLConnection.getHeaderFields should return an unmodifiable Map
chegar
parents:
11284
diff
changeset
|
2871 |
tmpMap.put(key, Collections.unmodifiableList(filteredVals)); |
11284
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2872 |
} |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2873 |
|
11518
7e720dd82e9e
7128648: HttpURLConnection.getHeaderFields should return an unmodifiable Map
chegar
parents:
11284
diff
changeset
|
2874 |
return filteredHeaders = Collections.unmodifiableMap(tmpMap); |
11284
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2875 |
} |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2876 |
|
2 | 2877 |
/** |
2878 |
* Gets a header field by name. Returns null if not known. |
|
2879 |
* @param name the name of the header field |
|
2880 |
*/ |
|
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
2881 |
@Override |
2 | 2882 |
public String getHeaderField(String name) { |
2883 |
try { |
|
2884 |
getInputStream(); |
|
2885 |
} catch (IOException e) {} |
|
2886 |
||
2887 |
if (cachedHeaders != null) { |
|
11284
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2888 |
return filterHeaderField(name, cachedHeaders.findValue(name)); |
2 | 2889 |
} |
2890 |
||
11284
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2891 |
return filterHeaderField(name, responses.findValue(name)); |
2 | 2892 |
} |
2893 |
||
2894 |
/** |
|
2895 |
* Returns an unmodifiable Map of the header fields. |
|
2896 |
* The Map keys are Strings that represent the |
|
2897 |
* response-header field names. Each Map value is an |
|
2898 |
* unmodifiable List of Strings that represents |
|
2899 |
* the corresponding field values. |
|
2900 |
* |
|
2901 |
* @return a Map of header fields |
|
2902 |
* @since 1.4 |
|
2903 |
*/ |
|
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
2904 |
@Override |
51 | 2905 |
public Map<String, List<String>> getHeaderFields() { |
2 | 2906 |
try { |
2907 |
getInputStream(); |
|
2908 |
} catch (IOException e) {} |
|
2909 |
||
11284
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2910 |
return getFilteredHeaderFields(); |
2 | 2911 |
} |
2912 |
||
2913 |
/** |
|
2914 |
* Gets a header field by index. Returns null if not known. |
|
2915 |
* @param n the index of the header field |
|
2916 |
*/ |
|
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
2917 |
@Override |
2 | 2918 |
public String getHeaderField(int n) { |
2919 |
try { |
|
2920 |
getInputStream(); |
|
2921 |
} catch (IOException e) {} |
|
2922 |
||
2923 |
if (cachedHeaders != null) { |
|
11284
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2924 |
return filterHeaderField(cachedHeaders.getKey(n), |
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2925 |
cachedHeaders.getValue(n)); |
2 | 2926 |
} |
11284
2750cfd2352c
7095980: Ensure HttpURLConnection (and supporting APIs) don't expose HttpOnly cookies
chegar
parents:
10701
diff
changeset
|
2927 |
return filterHeaderField(responses.getKey(n), responses.getValue(n)); |
2 | 2928 |
} |
2929 |
||
2930 |
/** |
|
2931 |
* Gets a header field by index. Returns null if not known. |
|
2932 |
* @param n the index of the header field |
|
2933 |
*/ |
|
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
2934 |
@Override |
2 | 2935 |
public String getHeaderFieldKey(int n) { |
2936 |
try { |
|
2937 |
getInputStream(); |
|
2938 |
} catch (IOException e) {} |
|
2939 |
||
2940 |
if (cachedHeaders != null) { |
|
2941 |
return cachedHeaders.getKey(n); |
|
2942 |
} |
|
2943 |
||
2944 |
return responses.getKey(n); |
|
2945 |
} |
|
2946 |
||
2947 |
/** |
|
2948 |
* Sets request property. If a property with the key already |
|
2949 |
* exists, overwrite its value with the new value. |
|
2950 |
* @param value the value to be set |
|
2951 |
*/ |
|
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
2952 |
@Override |
17473
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2953 |
public synchronized void setRequestProperty(String key, String value) { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2954 |
if (connected || connecting) |
2 | 2955 |
throw new IllegalStateException("Already connected"); |
2956 |
if (key == null) |
|
2957 |
throw new NullPointerException ("key is null"); |
|
2958 |
||
6876
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
2959 |
if (isExternalMessageHeaderAllowed(key, value)) { |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
2960 |
requests.set(key, value); |
17473
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2961 |
if (!key.equalsIgnoreCase("Content-Type")) { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2962 |
userHeaders.set(key, value); |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2963 |
} |
6876
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
2964 |
} |
2 | 2965 |
} |
2966 |
||
17473
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2967 |
MessageHeader getUserSetHeaders() { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2968 |
return userHeaders; |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2969 |
} |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2970 |
|
2 | 2971 |
/** |
2972 |
* Adds a general request property specified by a |
|
2973 |
* key-value pair. This method will not overwrite |
|
2974 |
* existing values associated with the same key. |
|
2975 |
* |
|
2976 |
* @param key the keyword by which the request is known |
|
2977 |
* (e.g., "<code>accept</code>"). |
|
2978 |
* @param value the value associated with it. |
|
2979 |
* @see #getRequestProperties(java.lang.String) |
|
2980 |
* @since 1.4 |
|
2981 |
*/ |
|
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
2982 |
@Override |
17473
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2983 |
public synchronized void addRequestProperty(String key, String value) { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2984 |
if (connected || connecting) |
2 | 2985 |
throw new IllegalStateException("Already connected"); |
2986 |
if (key == null) |
|
2987 |
throw new NullPointerException ("key is null"); |
|
2988 |
||
6876
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
2989 |
if (isExternalMessageHeaderAllowed(key, value)) { |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
2990 |
requests.add(key, value); |
17473
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2991 |
if (!key.equalsIgnoreCase("Content-Type")) { |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2992 |
userHeaders.add(key, value); |
35cd9b3a98ff
8010464: Evolve java networking same origin policy
michaelm
parents:
16839
diff
changeset
|
2993 |
} |
6876
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
2994 |
} |
2 | 2995 |
} |
2996 |
||
2997 |
// |
|
2998 |
// Set a property for authentication. This can safely disregard |
|
2999 |
// the connected test. |
|
3000 |
// |
|
4157
558590fb3b49
6893238: Move NTLM and SPNEGO implementations into separate packages
chegar
parents:
4047
diff
changeset
|
3001 |
public void setAuthenticationProperty(String key, String value) { |
2 | 3002 |
checkMessageHeader(key, value); |
3003 |
requests.set(key, value); |
|
3004 |
} |
|
3005 |
||
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
3006 |
@Override |
6876
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3007 |
public synchronized String getRequestProperty (String key) { |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3008 |
if (key == null) { |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3009 |
return null; |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3010 |
} |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3011 |
|
2 | 3012 |
// don't return headers containing security sensitive information |
6876
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3013 |
for (int i=0; i < EXCLUDE_HEADERS.length; i++) { |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3014 |
if (key.equalsIgnoreCase(EXCLUDE_HEADERS[i])) { |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3015 |
return null; |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3016 |
} |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3017 |
} |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3018 |
if (!setUserCookies) { |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3019 |
if (key.equalsIgnoreCase("Cookie")) { |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3020 |
return userCookies; |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3021 |
} |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3022 |
if (key.equalsIgnoreCase("Cookie2")) { |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3023 |
return userCookies2; |
2 | 3024 |
} |
3025 |
} |
|
3026 |
return requests.findValue(key); |
|
3027 |
} |
|
3028 |
||
3029 |
/** |
|
3030 |
* Returns an unmodifiable Map of general request |
|
3031 |
* properties for this connection. The Map keys |
|
3032 |
* are Strings that represent the request-header |
|
3033 |
* field names. Each Map value is a unmodifiable List |
|
3034 |
* of Strings that represents the corresponding |
|
3035 |
* field values. |
|
3036 |
* |
|
3037 |
* @return a Map of the general request properties for this connection. |
|
3038 |
* @throws IllegalStateException if already connected |
|
3039 |
* @since 1.4 |
|
3040 |
*/ |
|
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
3041 |
@Override |
6876
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3042 |
public synchronized Map<String, List<String>> getRequestProperties() { |
2 | 3043 |
if (connected) |
3044 |
throw new IllegalStateException("Already connected"); |
|
3045 |
||
3046 |
// exclude headers containing security-sensitive info |
|
6876
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3047 |
if (setUserCookies) { |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3048 |
return requests.getHeaders(EXCLUDE_HEADERS); |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3049 |
} |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3050 |
/* |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3051 |
* The cookies in the requests message headers may have |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3052 |
* been modified. Use the saved user cookies instead. |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3053 |
*/ |
10596
39b3a979e600
7090158: Networking Libraries don't build with javac -Werror
chegar
parents:
10136
diff
changeset
|
3054 |
Map<String, List<String>> userCookiesMap = null; |
6876
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3055 |
if (userCookies != null || userCookies2 != null) { |
10596
39b3a979e600
7090158: Networking Libraries don't build with javac -Werror
chegar
parents:
10136
diff
changeset
|
3056 |
userCookiesMap = new HashMap<>(); |
6876
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3057 |
if (userCookies != null) { |
10596
39b3a979e600
7090158: Networking Libraries don't build with javac -Werror
chegar
parents:
10136
diff
changeset
|
3058 |
userCookiesMap.put("Cookie", Arrays.asList(userCookies)); |
6876
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3059 |
} |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3060 |
if (userCookies2 != null) { |
10596
39b3a979e600
7090158: Networking Libraries don't build with javac -Werror
chegar
parents:
10136
diff
changeset
|
3061 |
userCookiesMap.put("Cookie2", Arrays.asList(userCookies2)); |
6876
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3062 |
} |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3063 |
} |
13fdbd146659
6980004: limit HTTP request cookie headers in HttpURLConnection
michaelm
parents:
6873
diff
changeset
|
3064 |
return requests.filterAndAddHeaders(EXCLUDE_HEADERS2, userCookiesMap); |
2 | 3065 |
} |
3066 |
||
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
3067 |
@Override |
2 | 3068 |
public void setConnectTimeout(int timeout) { |
3069 |
if (timeout < 0) |
|
3070 |
throw new IllegalArgumentException("timeouts can't be negative"); |
|
3071 |
connectTimeout = timeout; |
|
3072 |
} |
|
3073 |
||
3074 |
||
3075 |
/** |
|
3076 |
* Returns setting for connect timeout. |
|
3077 |
* <p> |
|
3078 |
* 0 return implies that the option is disabled |
|
3079 |
* (i.e., timeout of infinity). |
|
3080 |
* |
|
3081 |
* @return an <code>int</code> that indicates the connect timeout |
|
3082 |
* value in milliseconds |
|
3083 |
* @see java.net.URLConnection#setConnectTimeout(int) |
|
3084 |
* @see java.net.URLConnection#connect() |
|
3085 |
* @since 1.5 |
|
3086 |
*/ |
|
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
3087 |
@Override |
2 | 3088 |
public int getConnectTimeout() { |
3089 |
return (connectTimeout < 0 ? 0 : connectTimeout); |
|
3090 |
} |
|
3091 |
||
3092 |
/** |
|
3093 |
* Sets the read timeout to a specified timeout, in |
|
3094 |
* milliseconds. A non-zero value specifies the timeout when |
|
3095 |
* reading from Input stream when a connection is established to a |
|
3096 |
* resource. If the timeout expires before there is data available |
|
3097 |
* for read, a java.net.SocketTimeoutException is raised. A |
|
3098 |
* timeout of zero is interpreted as an infinite timeout. |
|
3099 |
* |
|
3100 |
* <p> Some non-standard implementation of this method ignores the |
|
3101 |
* specified timeout. To see the read timeout set, please call |
|
3102 |
* getReadTimeout(). |
|
3103 |
* |
|
3104 |
* @param timeout an <code>int</code> that specifies the timeout |
|
3105 |
* value to be used in milliseconds |
|
3106 |
* @throws IllegalArgumentException if the timeout parameter is negative |
|
3107 |
* |
|
3108 |
* @see java.net.URLConnectiongetReadTimeout() |
|
3109 |
* @see java.io.InputStream#read() |
|
3110 |
* @since 1.5 |
|
3111 |
*/ |
|
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
3112 |
@Override |
2 | 3113 |
public void setReadTimeout(int timeout) { |
3114 |
if (timeout < 0) |
|
3115 |
throw new IllegalArgumentException("timeouts can't be negative"); |
|
3116 |
readTimeout = timeout; |
|
3117 |
} |
|
3118 |
||
3119 |
/** |
|
3120 |
* Returns setting for read timeout. 0 return implies that the |
|
3121 |
* option is disabled (i.e., timeout of infinity). |
|
3122 |
* |
|
3123 |
* @return an <code>int</code> that indicates the read timeout |
|
3124 |
* value in milliseconds |
|
3125 |
* |
|
3126 |
* @see java.net.URLConnection#setReadTimeout(int) |
|
3127 |
* @see java.io.InputStream#read() |
|
3128 |
* @since 1.5 |
|
3129 |
*/ |
|
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
3130 |
@Override |
2 | 3131 |
public int getReadTimeout() { |
3132 |
return readTimeout < 0 ? 0 : readTimeout; |
|
3133 |
} |
|
3134 |
||
11528
638ca25aec87
7129083: CookieManager does not store cookies if url is read before setting cookie manager
chegar
parents:
11518
diff
changeset
|
3135 |
public CookieHandler getCookieHandler() { |
638ca25aec87
7129083: CookieManager does not store cookies if url is read before setting cookie manager
chegar
parents:
11518
diff
changeset
|
3136 |
return cookieHandler; |
638ca25aec87
7129083: CookieManager does not store cookies if url is read before setting cookie manager
chegar
parents:
11518
diff
changeset
|
3137 |
} |
638ca25aec87
7129083: CookieManager does not store cookies if url is read before setting cookie manager
chegar
parents:
11518
diff
changeset
|
3138 |
|
2 | 3139 |
String getMethod() { |
3140 |
return method; |
|
3141 |
} |
|
3142 |
||
51 | 3143 |
private MessageHeader mapToMessageHeader(Map<String, List<String>> map) { |
2 | 3144 |
MessageHeader headers = new MessageHeader(); |
3145 |
if (map == null || map.isEmpty()) { |
|
3146 |
return headers; |
|
3147 |
} |
|
51 | 3148 |
for (Map.Entry<String, List<String>> entry : map.entrySet()) { |
3149 |
String key = entry.getKey(); |
|
3150 |
List<String> values = entry.getValue(); |
|
3151 |
for (String value : values) { |
|
2 | 3152 |
if (key == null) { |
3153 |
headers.prepend(key, value); |
|
3154 |
} else { |
|
3155 |
headers.add(key, value); |
|
3156 |
} |
|
3157 |
} |
|
3158 |
} |
|
3159 |
return headers; |
|
3160 |
} |
|
3161 |
||
3162 |
/* The purpose of this wrapper is just to capture the close() call |
|
3163 |
* so we can check authentication information that may have |
|
3164 |
* arrived in a Trailer field |
|
3165 |
*/ |
|
3166 |
class HttpInputStream extends FilterInputStream { |
|
3167 |
private CacheRequest cacheRequest; |
|
3168 |
private OutputStream outputStream; |
|
3169 |
private boolean marked = false; |
|
3170 |
private int inCache = 0; |
|
3171 |
private int markCount = 0; |
|
17952
a5f2fb0e7457
8011719: Properties.loadFromXML fails with a chunked HTTP connection
chegar
parents:
17485
diff
changeset
|
3172 |
private boolean closed; // false |
2 | 3173 |
|
3174 |
public HttpInputStream (InputStream is) { |
|
3175 |
super (is); |
|
3176 |
this.cacheRequest = null; |
|
3177 |
this.outputStream = null; |
|
3178 |
} |
|
3179 |
||
3180 |
public HttpInputStream (InputStream is, CacheRequest cacheRequest) { |
|
3181 |
super (is); |
|
3182 |
this.cacheRequest = cacheRequest; |
|
3183 |
try { |
|
3184 |
this.outputStream = cacheRequest.getBody(); |
|
3185 |
} catch (IOException ioex) { |
|
3186 |
this.cacheRequest.abort(); |
|
3187 |
this.cacheRequest = null; |
|
3188 |
this.outputStream = null; |
|
3189 |
} |
|
3190 |
} |
|
3191 |
||
3192 |
/** |
|
3193 |
* Marks the current position in this input stream. A subsequent |
|
3194 |
* call to the <code>reset</code> method repositions this stream at |
|
3195 |
* the last marked position so that subsequent reads re-read the same |
|
3196 |
* bytes. |
|
3197 |
* <p> |
|
3198 |
* The <code>readlimit</code> argument tells this input stream to |
|
3199 |
* allow that many bytes to be read before the mark position gets |
|
3200 |
* invalidated. |
|
3201 |
* <p> |
|
3202 |
* This method simply performs <code>in.mark(readlimit)</code>. |
|
3203 |
* |
|
3204 |
* @param readlimit the maximum limit of bytes that can be read before |
|
3205 |
* the mark position becomes invalid. |
|
3206 |
* @see java.io.FilterInputStream#in |
|
3207 |
* @see java.io.FilterInputStream#reset() |
|
3208 |
*/ |
|
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
3209 |
@Override |
2 | 3210 |
public synchronized void mark(int readlimit) { |
3211 |
super.mark(readlimit); |
|
3212 |
if (cacheRequest != null) { |
|
3213 |
marked = true; |
|
3214 |
markCount = 0; |
|
3215 |
} |
|
3216 |
} |
|
3217 |
||
3218 |
/** |
|
3219 |
* Repositions this stream to the position at the time the |
|
3220 |
* <code>mark</code> method was last called on this input stream. |
|
3221 |
* <p> |
|
3222 |
* This method |
|
3223 |
* simply performs <code>in.reset()</code>. |
|
3224 |
* <p> |
|
3225 |
* Stream marks are intended to be used in |
|
3226 |
* situations where you need to read ahead a little to see what's in |
|
3227 |
* the stream. Often this is most easily done by invoking some |
|
3228 |
* general parser. If the stream is of the type handled by the |
|
3229 |
* parse, it just chugs along happily. If the stream is not of |
|
3230 |
* that type, the parser should toss an exception when it fails. |
|
3231 |
* If this happens within readlimit bytes, it allows the outer |
|
3232 |
* code to reset the stream and try another parser. |
|
3233 |
* |
|
3234 |
* @exception IOException if the stream has not been marked or if the |
|
3235 |
* mark has been invalidated. |
|
3236 |
* @see java.io.FilterInputStream#in |
|
3237 |
* @see java.io.FilterInputStream#mark(int) |
|
3238 |
*/ |
|
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
3239 |
@Override |
2 | 3240 |
public synchronized void reset() throws IOException { |
3241 |
super.reset(); |
|
3242 |
if (cacheRequest != null) { |
|
3243 |
marked = false; |
|
3244 |
inCache += markCount; |
|
3245 |
} |
|
3246 |
} |
|
3247 |
||
17952
a5f2fb0e7457
8011719: Properties.loadFromXML fails with a chunked HTTP connection
chegar
parents:
17485
diff
changeset
|
3248 |
private void ensureOpen() throws IOException { |
a5f2fb0e7457
8011719: Properties.loadFromXML fails with a chunked HTTP connection
chegar
parents:
17485
diff
changeset
|
3249 |
if (closed) |
a5f2fb0e7457
8011719: Properties.loadFromXML fails with a chunked HTTP connection
chegar
parents:
17485
diff
changeset
|
3250 |
throw new IOException("stream is closed"); |
a5f2fb0e7457
8011719: Properties.loadFromXML fails with a chunked HTTP connection
chegar
parents:
17485
diff
changeset
|
3251 |
} |
a5f2fb0e7457
8011719: Properties.loadFromXML fails with a chunked HTTP connection
chegar
parents:
17485
diff
changeset
|
3252 |
|
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
3253 |
@Override |
2 | 3254 |
public int read() throws IOException { |
17952
a5f2fb0e7457
8011719: Properties.loadFromXML fails with a chunked HTTP connection
chegar
parents:
17485
diff
changeset
|
3255 |
ensureOpen(); |
2 | 3256 |
try { |
3257 |
byte[] b = new byte[1]; |
|
3258 |
int ret = read(b); |
|
3259 |
return (ret == -1? ret : (b[0] & 0x00FF)); |
|
3260 |
} catch (IOException ioex) { |
|
3261 |
if (cacheRequest != null) { |
|
3262 |
cacheRequest.abort(); |
|
3263 |
} |
|
3264 |
throw ioex; |
|
3265 |
} |
|
3266 |
} |
|
3267 |
||
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
3268 |
@Override |
2 | 3269 |
public int read(byte[] b) throws IOException { |
3270 |
return read(b, 0, b.length); |
|
3271 |
} |
|
3272 |
||
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
3273 |
@Override |
2 | 3274 |
public int read(byte[] b, int off, int len) throws IOException { |
17952
a5f2fb0e7457
8011719: Properties.loadFromXML fails with a chunked HTTP connection
chegar
parents:
17485
diff
changeset
|
3275 |
ensureOpen(); |
2 | 3276 |
try { |
3277 |
int newLen = super.read(b, off, len); |
|
3278 |
int nWrite; |
|
3279 |
// write to cache |
|
3280 |
if (inCache > 0) { |
|
3281 |
if (inCache >= newLen) { |
|
3282 |
inCache -= newLen; |
|
3283 |
nWrite = 0; |
|
3284 |
} else { |
|
3285 |
nWrite = newLen - inCache; |
|
3286 |
inCache = 0; |
|
3287 |
} |
|
3288 |
} else { |
|
3289 |
nWrite = newLen; |
|
3290 |
} |
|
3291 |
if (nWrite > 0 && outputStream != null) |
|
3292 |
outputStream.write(b, off + (newLen-nWrite), nWrite); |
|
3293 |
if (marked) { |
|
3294 |
markCount += newLen; |
|
3295 |
} |
|
3296 |
return newLen; |
|
3297 |
} catch (IOException ioex) { |
|
3298 |
if (cacheRequest != null) { |
|
3299 |
cacheRequest.abort(); |
|
3300 |
} |
|
3301 |
throw ioex; |
|
3302 |
} |
|
3303 |
} |
|
3304 |
||
6685
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3305 |
/* skip() calls read() in order to ensure that entire response gets |
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3306 |
* cached. same implementation as InputStream.skip */ |
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3307 |
|
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3308 |
private byte[] skipBuffer; |
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3309 |
private static final int SKIP_BUFFER_SIZE = 8096; |
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3310 |
|
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3311 |
@Override |
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3312 |
public long skip (long n) throws IOException { |
17952
a5f2fb0e7457
8011719: Properties.loadFromXML fails with a chunked HTTP connection
chegar
parents:
17485
diff
changeset
|
3313 |
ensureOpen(); |
6685
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3314 |
long remaining = n; |
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3315 |
int nr; |
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3316 |
if (skipBuffer == null) |
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3317 |
skipBuffer = new byte[SKIP_BUFFER_SIZE]; |
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3318 |
|
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3319 |
byte[] localSkipBuffer = skipBuffer; |
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3320 |
|
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3321 |
if (n <= 0) { |
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3322 |
return 0; |
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3323 |
} |
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3324 |
|
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3325 |
while (remaining > 0) { |
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3326 |
nr = read(localSkipBuffer, 0, |
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3327 |
(int) Math.min(SKIP_BUFFER_SIZE, remaining)); |
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3328 |
if (nr < 0) { |
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3329 |
break; |
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3330 |
} |
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3331 |
remaining -= nr; |
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3332 |
} |
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3333 |
|
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3334 |
return n - remaining; |
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3335 |
} |
36f070045e17
6550798: Using InputStream.skip with ResponseCache will cause partial data to be cached
michaelm
parents:
6673
diff
changeset
|
3336 |
|
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
3337 |
@Override |
2 | 3338 |
public void close () throws IOException { |
17952
a5f2fb0e7457
8011719: Properties.loadFromXML fails with a chunked HTTP connection
chegar
parents:
17485
diff
changeset
|
3339 |
if (closed) |
a5f2fb0e7457
8011719: Properties.loadFromXML fails with a chunked HTTP connection
chegar
parents:
17485
diff
changeset
|
3340 |
return; |
a5f2fb0e7457
8011719: Properties.loadFromXML fails with a chunked HTTP connection
chegar
parents:
17485
diff
changeset
|
3341 |
|
2 | 3342 |
try { |
3343 |
if (outputStream != null) { |
|
3344 |
if (read() != -1) { |
|
3345 |
cacheRequest.abort(); |
|
3346 |
} else { |
|
3347 |
outputStream.close(); |
|
3348 |
} |
|
3349 |
} |
|
3350 |
super.close (); |
|
3351 |
} catch (IOException ioex) { |
|
3352 |
if (cacheRequest != null) { |
|
3353 |
cacheRequest.abort(); |
|
3354 |
} |
|
3355 |
throw ioex; |
|
3356 |
} finally { |
|
17952
a5f2fb0e7457
8011719: Properties.loadFromXML fails with a chunked HTTP connection
chegar
parents:
17485
diff
changeset
|
3357 |
closed = true; |
2 | 3358 |
HttpURLConnection.this.http = null; |
3359 |
checkResponseCredentials (true); |
|
3360 |
} |
|
3361 |
} |
|
3362 |
} |
|
3363 |
||
3364 |
class StreamingOutputStream extends FilterOutputStream { |
|
3365 |
||
1576
b697b141012d
6755625: Add HttpURLConnection.setFixedLengthStreamingMode(long)
chegar
parents:
715
diff
changeset
|
3366 |
long expected; |
b697b141012d
6755625: Add HttpURLConnection.setFixedLengthStreamingMode(long)
chegar
parents:
715
diff
changeset
|
3367 |
long written; |
2 | 3368 |
boolean closed; |
3369 |
boolean error; |
|
3370 |
IOException errorExcp; |
|
3371 |
||
3372 |
/** |
|
3373 |
* expectedLength == -1 if the stream is chunked |
|
3374 |
* expectedLength > 0 if the stream is fixed content-length |
|
3375 |
* In the 2nd case, we make sure the expected number of |
|
3376 |
* of bytes are actually written |
|
3377 |
*/ |
|
1576
b697b141012d
6755625: Add HttpURLConnection.setFixedLengthStreamingMode(long)
chegar
parents:
715
diff
changeset
|
3378 |
StreamingOutputStream (OutputStream os, long expectedLength) { |
2 | 3379 |
super (os); |
3380 |
expected = expectedLength; |
|
1576
b697b141012d
6755625: Add HttpURLConnection.setFixedLengthStreamingMode(long)
chegar
parents:
715
diff
changeset
|
3381 |
written = 0L; |
2 | 3382 |
closed = false; |
3383 |
error = false; |
|
3384 |
} |
|
3385 |
||
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
3386 |
@Override |
2 | 3387 |
public void write (int b) throws IOException { |
3388 |
checkError(); |
|
3389 |
written ++; |
|
1576
b697b141012d
6755625: Add HttpURLConnection.setFixedLengthStreamingMode(long)
chegar
parents:
715
diff
changeset
|
3390 |
if (expected != -1L && written > expected) { |
2 | 3391 |
throw new IOException ("too many bytes written"); |
3392 |
} |
|
3393 |
out.write (b); |
|
3394 |
} |
|
3395 |
||
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
3396 |
@Override |
2 | 3397 |
public void write (byte[] b) throws IOException { |
3398 |
write (b, 0, b.length); |
|
3399 |
} |
|
3400 |
||
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
3401 |
@Override |
2 | 3402 |
public void write (byte[] b, int off, int len) throws IOException { |
3403 |
checkError(); |
|
3404 |
written += len; |
|
1576
b697b141012d
6755625: Add HttpURLConnection.setFixedLengthStreamingMode(long)
chegar
parents:
715
diff
changeset
|
3405 |
if (expected != -1L && written > expected) { |
2 | 3406 |
out.close (); |
3407 |
throw new IOException ("too many bytes written"); |
|
3408 |
} |
|
3409 |
out.write (b, off, len); |
|
3410 |
} |
|
3411 |
||
3412 |
void checkError () throws IOException { |
|
3413 |
if (closed) { |
|
3414 |
throw new IOException ("Stream is closed"); |
|
3415 |
} |
|
3416 |
if (error) { |
|
3417 |
throw errorExcp; |
|
3418 |
} |
|
3419 |
if (((PrintStream)out).checkError()) { |
|
3420 |
throw new IOException("Error writing request body to server"); |
|
3421 |
} |
|
3422 |
} |
|
3423 |
||
3424 |
/* this is called to check that all the bytes |
|
3425 |
* that were supposed to be written were written |
|
3426 |
* and that the stream is now closed(). |
|
3427 |
*/ |
|
3428 |
boolean writtenOK () { |
|
3429 |
return closed && ! error; |
|
3430 |
} |
|
3431 |
||
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
3432 |
@Override |
2 | 3433 |
public void close () throws IOException { |
3434 |
if (closed) { |
|
3435 |
return; |
|
3436 |
} |
|
3437 |
closed = true; |
|
1576
b697b141012d
6755625: Add HttpURLConnection.setFixedLengthStreamingMode(long)
chegar
parents:
715
diff
changeset
|
3438 |
if (expected != -1L) { |
2 | 3439 |
/* not chunked */ |
3440 |
if (written != expected) { |
|
3441 |
error = true; |
|
3442 |
errorExcp = new IOException ("insufficient data written"); |
|
3443 |
out.close (); |
|
3444 |
throw errorExcp; |
|
3445 |
} |
|
3446 |
super.flush(); /* can't close the socket */ |
|
3447 |
} else { |
|
3448 |
/* chunked */ |
|
3449 |
super.close (); /* force final chunk to be written */ |
|
3450 |
/* trailing \r\n */ |
|
3451 |
OutputStream o = http.getOutputStream(); |
|
3452 |
o.write ('\r'); |
|
3453 |
o.write ('\n'); |
|
3454 |
o.flush(); |
|
3455 |
} |
|
3456 |
} |
|
3457 |
} |
|
3458 |
||
3459 |
||
3460 |
static class ErrorStream extends InputStream { |
|
3461 |
ByteBuffer buffer; |
|
3462 |
InputStream is; |
|
3463 |
||
3464 |
private ErrorStream(ByteBuffer buf) { |
|
3465 |
buffer = buf; |
|
3466 |
is = null; |
|
3467 |
} |
|
3468 |
||
3469 |
private ErrorStream(ByteBuffer buf, InputStream is) { |
|
3470 |
buffer = buf; |
|
3471 |
this.is = is; |
|
3472 |
} |
|
3473 |
||
3474 |
// when this method is called, it's either the case that cl > 0, or |
|
3475 |
// if chunk-encoded, cl = -1; in other words, cl can't be 0 |
|
3476 |
public static InputStream getErrorStream(InputStream is, long cl, HttpClient http) { |
|
3477 |
||
3478 |
// cl can't be 0; this following is here for extra precaution |
|
3479 |
if (cl == 0) { |
|
3480 |
return null; |
|
3481 |
} |
|
3482 |
||
3483 |
try { |
|
3484 |
// set SO_TIMEOUT to 1/5th of the total timeout |
|
3485 |
// remember the old timeout value so that we can restore it |
|
2928
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
3486 |
int oldTimeout = http.getReadTimeout(); |
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
3487 |
http.setReadTimeout(timeout4ESBuffer/5); |
2 | 3488 |
|
3489 |
long expected = 0; |
|
3490 |
boolean isChunked = false; |
|
3491 |
// the chunked case |
|
3492 |
if (cl < 0) { |
|
3493 |
expected = bufSize4ES; |
|
3494 |
isChunked = true; |
|
3495 |
} else { |
|
3496 |
expected = cl; |
|
3497 |
} |
|
3498 |
if (expected <= bufSize4ES) { |
|
3499 |
int exp = (int) expected; |
|
3500 |
byte[] buffer = new byte[exp]; |
|
3501 |
int count = 0, time = 0, len = 0; |
|
3502 |
do { |
|
3503 |
try { |
|
3504 |
len = is.read(buffer, count, |
|
3505 |
buffer.length - count); |
|
3506 |
if (len < 0) { |
|
3507 |
if (isChunked) { |
|
3508 |
// chunked ended |
|
3509 |
// if chunked ended prematurely, |
|
3510 |
// an IOException would be thrown |
|
3511 |
break; |
|
3512 |
} |
|
3513 |
// the server sends less than cl bytes of data |
|
3514 |
throw new IOException("the server closes"+ |
|
3515 |
" before sending "+cl+ |
|
3516 |
" bytes of data"); |
|
3517 |
} |
|
3518 |
count += len; |
|
3519 |
} catch (SocketTimeoutException ex) { |
|
3520 |
time += timeout4ESBuffer/5; |
|
3521 |
} |
|
3522 |
} while (count < exp && time < timeout4ESBuffer); |
|
3523 |
||
3524 |
// reset SO_TIMEOUT to old value |
|
2928
80b0b6c2d527
6726695: HttpURLConnection shoul support 'Expect: 100-contimue' headers for PUT
jccollet
parents:
1576
diff
changeset
|
3525 |
http.setReadTimeout(oldTimeout); |
2 | 3526 |
|
3527 |
// if count < cl at this point, we will not try to reuse |
|
3528 |
// the connection |
|
3529 |
if (count == 0) { |
|
3530 |
// since we haven't read anything, |
|
3531 |
// we will return the underlying |
|
3532 |
// inputstream back to the application |
|
3533 |
return null; |
|
3534 |
} else if ((count == expected && !(isChunked)) || (isChunked && len <0)) { |
|
3535 |
// put the connection into keep-alive cache |
|
3536 |
// the inputstream will try to do the right thing |
|
3537 |
is.close(); |
|
3538 |
return new ErrorStream(ByteBuffer.wrap(buffer, 0, count)); |
|
3539 |
} else { |
|
3540 |
// we read part of the response body |
|
3541 |
return new ErrorStream( |
|
3542 |
ByteBuffer.wrap(buffer, 0, count), is); |
|
3543 |
} |
|
3544 |
} |
|
3545 |
return null; |
|
3546 |
} catch (IOException ioex) { |
|
3547 |
// ioex.printStackTrace(); |
|
3548 |
return null; |
|
3549 |
} |
|
3550 |
} |
|
3551 |
||
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
3552 |
@Override |
2 | 3553 |
public int available() throws IOException { |
3554 |
if (is == null) { |
|
3555 |
return buffer.remaining(); |
|
3556 |
} else { |
|
3557 |
return buffer.remaining()+is.available(); |
|
3558 |
} |
|
3559 |
} |
|
3560 |
||
3561 |
public int read() throws IOException { |
|
3562 |
byte[] b = new byte[1]; |
|
3563 |
int ret = read(b); |
|
3564 |
return (ret == -1? ret : (b[0] & 0x00FF)); |
|
3565 |
} |
|
3566 |
||
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
3567 |
@Override |
2 | 3568 |
public int read(byte[] b) throws IOException { |
3569 |
return read(b, 0, b.length); |
|
3570 |
} |
|
3571 |
||
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
3572 |
@Override |
2 | 3573 |
public int read(byte[] b, int off, int len) throws IOException { |
3574 |
int rem = buffer.remaining(); |
|
3575 |
if (rem > 0) { |
|
3576 |
int ret = rem < len? rem : len; |
|
3577 |
buffer.get(b, off, ret); |
|
3578 |
return ret; |
|
3579 |
} else { |
|
3580 |
if (is == null) { |
|
3581 |
return -1; |
|
3582 |
} else { |
|
3583 |
return is.read(b, off, len); |
|
3584 |
} |
|
3585 |
} |
|
3586 |
} |
|
3587 |
||
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
3588 |
@Override |
2 | 3589 |
public void close() throws IOException { |
3590 |
buffer = null; |
|
3591 |
if (is != null) { |
|
3592 |
is.close(); |
|
3593 |
} |
|
3594 |
} |
|
3595 |
} |
|
3596 |
} |
|
3597 |
||
3598 |
/** An input stream that just returns EOF. This is for |
|
3599 |
* HTTP URLConnections that are KeepAlive && use the |
|
3600 |
* HEAD method - i.e., stream not dead, but nothing to be read. |
|
3601 |
*/ |
|
3602 |
||
3603 |
class EmptyInputStream extends InputStream { |
|
3604 |
||
74
068494063b1b
6641309: Wrong Cookie separator used in HttpURLConnection
jccollet
parents:
2
diff
changeset
|
3605 |
@Override |
2 | 3606 |
public int available() { |
3607 |
return 0; |
|
3608 |
} |
|
3609 |
||
3610 |
public int read() { |
|
3611 |
return -1; |
|
3612 |
} |
|
3613 |
} |