author | michaelm |
Fri, 05 Oct 2018 08:54:10 +0100 | |
changeset 53328 | dff86e25073f |
parent 52725 | c470f977ade8 |
permissions | -rw-r--r-- |
2 | 1 |
############################################################ |
53328 | 2 |
# Default Networking Configuration File |
2 | 3 |
# |
4 |
# This file may contain default values for the networking system properties. |
|
5 |
# These values are only used when the system properties are not specified |
|
43998 | 6 |
# on the command line or set programmatically. |
2 | 7 |
# For now, only the various proxy settings can be configured here. |
8 |
############################################################ |
|
9 |
||
10 |
# Whether or not the DefaultProxySelector will default to System Proxy |
|
11 |
# settings when they do exist. |
|
12 |
# Set it to 'true' to enable this feature and check for platform |
|
13 |
# specific proxy settings |
|
43998 | 14 |
# Note that the system properties that do explicitly set proxies |
2 | 15 |
# (like http.proxyHost) do take precedence over the system settings |
16 |
# even if java.net.useSystemProxies is set to true. |
|
52725
c470f977ade8
8214014: Remove vestiges of gopher: protocol proxy support
rriggs
parents:
52554
diff
changeset
|
17 |
|
2 | 18 |
java.net.useSystemProxies=false |
19 |
||
20 |
#------------------------------------------------------------------------ |
|
21 |
# Proxy configuration for the various protocol handlers. |
|
22 |
# DO NOT uncomment these lines if you have set java.net.useSystemProxies |
|
23 |
# to true as the protocol specific properties will take precedence over |
|
24 |
# system settings. |
|
25 |
#------------------------------------------------------------------------ |
|
26 |
||
27 |
# HTTP Proxy settings. proxyHost is the name of the proxy server |
|
28 |
# (e.g. proxy.mydomain.com), proxyPort is the port number to use (default |
|
29 |
# value is 80) and nonProxyHosts is a '|' separated list of hostnames which |
|
30 |
# should be accessed directly, ignoring the proxy server (default value is |
|
31 |
# localhost & 127.0.0.1). |
|
32 |
# |
|
33 |
# http.proxyHost= |
|
34 |
# http.proxyPort=80 |
|
3855
653df3a7256d
6737819: sun.misc.net.DefaultProxySelector doesn't use proxy setting to localhost
jccollet
parents:
2
diff
changeset
|
35 |
http.nonProxyHosts=localhost|127.*|[::1] |
2 | 36 |
# |
37 |
# HTTPS Proxy Settings. proxyHost is the name of the proxy server |
|
38 |
# (e.g. proxy.mydomain.com), proxyPort is the port number to use (default |
|
39 |
# value is 443). The HTTPS protocol handlers uses the http nonProxyHosts list. |
|
40 |
# |
|
41 |
# https.proxyHost= |
|
42 |
# https.proxyPort=443 |
|
43 |
# |
|
44 |
# FTP Proxy settings. proxyHost is the name of the proxy server |
|
45 |
# (e.g. proxy.mydomain.com), proxyPort is the port number to use (default |
|
46 |
# value is 80) and nonProxyHosts is a '|' separated list of hostnames which |
|
47 |
# should be accessed directly, ignoring the proxy server (default value is |
|
48 |
# localhost & 127.0.0.1). |
|
49 |
# |
|
50 |
# ftp.proxyHost= |
|
51 |
# ftp.proxyPort=80 |
|
3855
653df3a7256d
6737819: sun.misc.net.DefaultProxySelector doesn't use proxy setting to localhost
jccollet
parents:
2
diff
changeset
|
52 |
ftp.nonProxyHosts=localhost|127.*|[::1] |
2 | 53 |
# |
54 |
# Socks proxy settings. socksProxyHost is the name of the proxy server |
|
55 |
# (e.g. socks.domain.com), socksProxyPort is the port number to use |
|
56 |
# (default value is 1080) |
|
57 |
# |
|
58 |
# socksProxyHost= |
|
59 |
# socksProxyPort=1080 |
|
60 |
# |
|
61 |
# HTTP Keep Alive settings. remainingData is the maximum amount of data |
|
52725
c470f977ade8
8214014: Remove vestiges of gopher: protocol proxy support
rriggs
parents:
52554
diff
changeset
|
62 |
# in kilobytes that will be cleaned off the underlying socket so that it |
c470f977ade8
8214014: Remove vestiges of gopher: protocol proxy support
rriggs
parents:
52554
diff
changeset
|
63 |
# can be reused (default value is 512K), queuedConnections is the maximum |
2 | 64 |
# number of Keep Alive connections to be on the queue for clean up (default |
65 |
# value is 10). |
|
66 |
# http.KeepAlive.remainingData=512 |
|
67 |
# http.KeepAlive.queuedConnections=10 |
|
41579 | 68 |
|
69 |
# Authentication Scheme restrictions for HTTP and HTTPS. |
|
70 |
# |
|
71 |
# In some environments certain authentication schemes may be undesirable |
|
72 |
# when proxying HTTP or HTTPS. For example, "Basic" results in effectively the |
|
73 |
# cleartext transmission of the user's password over the physical network. |
|
74 |
# This section describes the mechanism for disabling authentication schemes |
|
75 |
# based on the scheme name. Disabled schemes will be treated as if they are not |
|
76 |
# supported by the implementation. |
|
77 |
# |
|
78 |
# The 'jdk.http.auth.tunneling.disabledSchemes' property lists the authentication |
|
79 |
# schemes that will be disabled when tunneling HTTPS over a proxy, HTTP CONNECT. |
|
80 |
# The 'jdk.http.auth.proxying.disabledSchemes' property lists the authentication |
|
81 |
# schemes that will be disabled when proxying HTTP. |
|
82 |
# |
|
83 |
# In both cases the property is a comma-separated list of, case-insensitive, |
|
84 |
# authentication scheme names, as defined by their relevant RFCs. An |
|
85 |
# implementation may, but is not required to, support common schemes whose names |
|
86 |
# include: 'Basic', 'Digest', 'NTLM', 'Kerberos', 'Negotiate'. A scheme that |
|
87 |
# is not known, or not supported, by the implementation is ignored. |
|
88 |
# |
|
89 |
# Note: This property is currently used by the JDK Reference implementation. It |
|
90 |
# is not guaranteed to be examined and used by other implementations. |
|
91 |
# |
|
92 |
#jdk.http.auth.proxying.disabledSchemes= |
|
93 |
jdk.http.auth.tunneling.disabledSchemes=Basic |
|
94 |
||
52554
5f1ca46703f9
8213189: Make restricted headers in HTTP Client configurable and remove Date by default
michaelm
parents:
47216
diff
changeset
|
95 |
# |
5f1ca46703f9
8213189: Make restricted headers in HTTP Client configurable and remove Date by default
michaelm
parents:
47216
diff
changeset
|
96 |
# Allow restricted HTTP request headers |
5f1ca46703f9
8213189: Make restricted headers in HTTP Client configurable and remove Date by default
michaelm
parents:
47216
diff
changeset
|
97 |
# |
5f1ca46703f9
8213189: Make restricted headers in HTTP Client configurable and remove Date by default
michaelm
parents:
47216
diff
changeset
|
98 |
# By default, the following request headers are not allowed to be set by user code |
5f1ca46703f9
8213189: Make restricted headers in HTTP Client configurable and remove Date by default
michaelm
parents:
47216
diff
changeset
|
99 |
# in HttpRequests: "connection", "content-length", "expect", "host" and "upgrade". |
5f1ca46703f9
8213189: Make restricted headers in HTTP Client configurable and remove Date by default
michaelm
parents:
47216
diff
changeset
|
100 |
# The 'jdk.httpclient.allowRestrictedHeaders' property allows one or more of these |
52725
c470f977ade8
8214014: Remove vestiges of gopher: protocol proxy support
rriggs
parents:
52554
diff
changeset
|
101 |
# headers to be specified as a comma separated list to override the default restriction. |
c470f977ade8
8214014: Remove vestiges of gopher: protocol proxy support
rriggs
parents:
52554
diff
changeset
|
102 |
# The names are case-insensitive and white-space is ignored (removed before processing |
c470f977ade8
8214014: Remove vestiges of gopher: protocol proxy support
rriggs
parents:
52554
diff
changeset
|
103 |
# the list). Note, this capability is mostly intended for testing and isn't expected |
c470f977ade8
8214014: Remove vestiges of gopher: protocol proxy support
rriggs
parents:
52554
diff
changeset
|
104 |
# to be used in real deployments. Protocol errors or other undefined behavior is likely |
52554
5f1ca46703f9
8213189: Make restricted headers in HTTP Client configurable and remove Date by default
michaelm
parents:
47216
diff
changeset
|
105 |
# to occur when using them. The property is not set by default. |
5f1ca46703f9
8213189: Make restricted headers in HTTP Client configurable and remove Date by default
michaelm
parents:
47216
diff
changeset
|
106 |
# Note also, that there may be other headers that are restricted from being set |
5f1ca46703f9
8213189: Make restricted headers in HTTP Client configurable and remove Date by default
michaelm
parents:
47216
diff
changeset
|
107 |
# depending on the context. This includes the "Authorization" header when the |
5f1ca46703f9
8213189: Make restricted headers in HTTP Client configurable and remove Date by default
michaelm
parents:
47216
diff
changeset
|
108 |
# relevant HttpClient has an authenticator set. These restrictions cannot be |
5f1ca46703f9
8213189: Make restricted headers in HTTP Client configurable and remove Date by default
michaelm
parents:
47216
diff
changeset
|
109 |
# overridden by this property. |
5f1ca46703f9
8213189: Make restricted headers in HTTP Client configurable and remove Date by default
michaelm
parents:
47216
diff
changeset
|
110 |
# |
5f1ca46703f9
8213189: Make restricted headers in HTTP Client configurable and remove Date by default
michaelm
parents:
47216
diff
changeset
|
111 |
# jdk.httpclient.allowRestrictedHeaders=host |
5f1ca46703f9
8213189: Make restricted headers in HTTP Client configurable and remove Date by default
michaelm
parents:
47216
diff
changeset
|
112 |
# |
53328 | 113 |
# |
114 |
# Transparent NTLM HTTP authentication mode on Windows. Transparent authentication |
|
115 |
# can be used for the NTLM scheme, where the security credentials based on the |
|
116 |
# currently logged in user's name and password can be obtained directly from the |
|
117 |
# operating system, without prompting the user. This property has three possible |
|
118 |
# values which regulate the behavior as shown below. Other unrecognized values |
|
119 |
# are handled the same as 'disabled'. Note, that NTLM is not considered to be a |
|
120 |
# strongly secure authentication scheme and care should be taken before enabling |
|
121 |
# this mechanism. |
|
122 |
# |
|
123 |
# Transparent authentication never used. |
|
124 |
#jdk.http.ntlm.transparentAuth=disabled |
|
125 |
# |
|
126 |
# Enabled for all hosts. |
|
127 |
#jdk.http.ntlm.transparentAuth=allHosts |
|
128 |
# |
|
129 |
# Enabled for hosts that are trusted in Windows Internet settings |
|
130 |
#jdk.http.ntlm.transparentAuth=trustedHosts |
|
131 |
# |
|
132 |
jdk.http.ntlm.transparentAuth=disabled |