equal
deleted
inserted
replaced
583 assert acc != null; |
583 assert acc != null; |
584 sm.checkPermission(p, acc); |
584 sm.checkPermission(p, acc); |
585 } catch (SecurityException e) { |
585 } catch (SecurityException e) { |
586 return e; |
586 return e; |
587 } |
587 } |
|
588 String hostHeader = userHeaders.firstValue("Host").orElse(null); |
|
589 if (hostHeader != null && !hostHeader.equalsIgnoreCase(u.getHost())) { |
|
590 // user has set a Host header different to request URI |
|
591 // must check that for URLPermission also |
|
592 URI u1 = replaceHostInURI(u, hostHeader); |
|
593 URLPermission p1 = permissionForServer(u1, method, userHeaders.map()); |
|
594 try { |
|
595 assert acc != null; |
|
596 sm.checkPermission(p1, acc); |
|
597 } catch (SecurityException e) { |
|
598 return e; |
|
599 } |
|
600 } |
588 ProxySelector ps = client.proxySelector(); |
601 ProxySelector ps = client.proxySelector(); |
589 if (ps != null) { |
602 if (ps != null) { |
590 if (!method.equals("CONNECT")) { |
603 if (!method.equals("CONNECT")) { |
591 // a non-tunneling HTTP proxy. Need to check access |
604 // a non-tunneling HTTP proxy. Need to check access |
592 URLPermission proxyPerm = permissionForProxy(request.proxy()); |
605 URLPermission proxyPerm = permissionForProxy(request.proxy()); |
600 } |
613 } |
601 } |
614 } |
602 return null; |
615 return null; |
603 } |
616 } |
604 |
617 |
|
618 private static URI replaceHostInURI(URI u, String hostPort) { |
|
619 StringBuilder sb = new StringBuilder(); |
|
620 sb.append(u.getScheme()) |
|
621 .append("://") |
|
622 .append(hostPort) |
|
623 .append(u.getRawPath()); |
|
624 return URI.create(sb.toString()); |
|
625 } |
|
626 |
605 HttpClient.Version version() { |
627 HttpClient.Version version() { |
606 return multi.version(); |
628 return multi.version(); |
607 } |
629 } |
608 |
630 |
609 String dbgString() { |
631 String dbgString() { |