227 new sun.security.action.GetBooleanAction(
228 "sun.net.http.errorstream.enableBuffering")).booleanValue();
229 timeout4ESBuffer = java.security.AccessController.doPrivileged(
230 new sun.security.action.GetIntegerAction(
231 "sun.net.http.errorstream.timeout", 300)).intValue();
232 if (timeout4ESBuffer <= 0) {
233 timeout4ESBuffer = 300; // use the default
234 }
235
236 bufSize4ES = java.security.AccessController.doPrivileged(
237 new sun.security.action.GetIntegerAction(
238 "sun.net.http.errorstream.bufferSize", 4096)).intValue();
239 if (bufSize4ES <= 0) {
240 bufSize4ES = 4096; // use the default
241 }
242
243 allowRestrictedHeaders = java.security.AccessController.doPrivileged(
244 new sun.security.action.GetBooleanAction(
245 "sun.net.http.allowRestrictedHeaders")).booleanValue();
246 if (!allowRestrictedHeaders) {
247 restrictedHeaderSet = new HashSet<String>(restrictedHeaders.length);
248 for (int i=0; i < restrictedHeaders.length; i++) {
249 restrictedHeaderSet.add(restrictedHeaders[i].toLowerCase());
250 }
251 } else {
252 restrictedHeaderSet = null;
253 }
254 }
255
256 static final String httpVersion = "HTTP/1.1";
257 static final String acceptString =
258 "text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2";
259
260 // the following http request headers should NOT have their values
261 // returned for security reasons.
262 private static final String[] EXCLUDE_HEADERS = {
263 "Proxy-Authorization",
264 "Authorization"
265 };
266
267 // also exclude system cookies when any might be set
396
397 /* Logging support */
398 private static final PlatformLogger logger =
399 PlatformLogger.getLogger("sun.net.www.protocol.http.HttpURLConnection");
400
401 /*
402 * privileged request password authentication
403 *
404 */
405 private static PasswordAuthentication
406 privilegedRequestPasswordAuthentication(
407 final String host,
408 final InetAddress addr,
409 final int port,
410 final String protocol,
411 final String prompt,
412 final String scheme,
413 final URL url,
414 final RequestorType authType) {
415 return java.security.AccessController.doPrivileged(
416 new java.security.PrivilegedAction<PasswordAuthentication>() {
417 public PasswordAuthentication run() {
418 if (logger.isLoggable(PlatformLogger.Level.FINEST)) {
419 logger.finest("Requesting Authentication: host =" + host + " url = " + url);
420 }
421 PasswordAuthentication pass = Authenticator.requestPasswordAuthentication(
422 host, addr, port, protocol,
423 prompt, scheme, url, authType);
424 if (logger.isLoggable(PlatformLogger.Level.FINEST)) {
425 logger.finest("Authentication returned: " + (pass != null ? pass.toString() : "null"));
426 }
427 return pass;
428 }
429 });
430 }
431
432 private boolean isRestrictedHeader(String key, String value) {
433 if (allowRestrictedHeaders) {
434 return false;
435 }
436
800 that want to use http to fetch urls on their behalf.*/
801 public HttpURLConnection(URL u, Proxy p) {
802 this(u, p, new Handler());
803 }
804
805 protected HttpURLConnection(URL u, Proxy p, Handler handler) {
806 super(u);
807 requests = new MessageHeader();
808 responses = new MessageHeader();
809 userHeaders = new MessageHeader();
810 this.handler = handler;
811 instProxy = p;
812 if (instProxy instanceof sun.net.ApplicationProxy) {
813 /* Application set Proxies should not have access to cookies
814 * in a secure environment unless explicitly allowed. */
815 try {
816 cookieHandler = CookieHandler.getDefault();
817 } catch (SecurityException se) { /* swallow exception */ }
818 } else {
819 cookieHandler = java.security.AccessController.doPrivileged(
820 new java.security.PrivilegedAction<CookieHandler>() {
821 public CookieHandler run() {
822 return CookieHandler.getDefault();
823 }
824 });
825 }
826 cacheHandler = java.security.AccessController.doPrivileged(
827 new java.security.PrivilegedAction<ResponseCache>() {
828 public ResponseCache run() {
829 return ResponseCache.getDefault();
830 }
831 });
832 }
833
834 /**
835 * @deprecated. Use java.net.Authenticator.setDefault() instead.
836 */
837 @Deprecated
838 public static void setDefaultAuthenticator(HttpAuthenticator a) {
839 defaultAuth = a;
840 }
841
842 /**
843 * opens a stream allowing redirects only to the same host.
844 */
845 public static InputStream openConnectionCheckRedirects(URLConnection c)
846 throws IOException
847 {
892
893 //
894 // Same as java.net.URL.hostsEqual
895 //
896 private static boolean hostsEqual(URL u1, URL u2) {
897 final String h1 = u1.getHost();
898 final String h2 = u2.getHost();
899
900 if (h1 == null) {
901 return h2 == null;
902 } else if (h2 == null) {
903 return false;
904 } else if (h1.equalsIgnoreCase(h2)) {
905 return true;
906 }
907 // Have to resolve addresses before comparing, otherwise
908 // names like tachyon and tachyon.eng would compare different
909 final boolean result[] = {false};
910
911 java.security.AccessController.doPrivileged(
912 new java.security.PrivilegedAction<Void>() {
913 public Void run() {
914 try {
915 InetAddress a1 = InetAddress.getByName(h1);
916 InetAddress a2 = InetAddress.getByName(h2);
917 result[0] = a1.equals(a2);
918 } catch(UnknownHostException | SecurityException e) {
919 }
920 return null;
921 }
922 });
923
924 return result[0];
925 }
926
927 // overridden in HTTPS subclass
928
929 public void connect() throws IOException {
930 synchronized (this) {
931 connecting = true;
932 }
937 if (connected) {
938 return true;
939 }
940 if (reuseClient != null) {
941 http = reuseClient;
942 http.setReadTimeout(getReadTimeout());
943 http.reuse = false;
944 reuseClient = null;
945 connected = true;
946 return true;
947 }
948 return false;
949 }
950
951 private String getHostAndPort(URL url) {
952 String host = url.getHost();
953 final String hostarg = host;
954 try {
955 // lookup hostname and use IP address if available
956 host = AccessController.doPrivileged(
957 new PrivilegedExceptionAction<String>() {
958 public String run() throws IOException {
959 InetAddress addr = InetAddress.getByName(hostarg);
960 return addr.getHostAddress();
961 }
962 }
963 );
964 } catch (PrivilegedActionException e) {}
965 int port = url.getPort();
966 if (port == -1) {
967 String scheme = url.getProtocol();
968 if ("http".equals(scheme)) {
969 return host + ":80";
970 } else { // scheme must be https
971 return host + ":443";
972 }
973 }
974 return host + ":" + Integer.toString(port);
975 }
976
977 protected void plainConnect() throws IOException {
978 synchronized (this) {
979 if (connected) {
980 return;
981 }
982 }
983 SocketPermission p = URLtoSocketPermission(this.url);
984 if (p != null) {
985 try {
986 AccessController.doPrivileged(
987 new PrivilegedExceptionAction<Void>() {
988 public Void run() throws IOException {
989 plainConnect0();
990 return null;
991 }
992 }, null, p
993 );
994 } catch (PrivilegedActionException e) {
995 throw (IOException) e.getException();
996 }
997 } else {
998 // run without additional permission
999 plainConnect0();
1000 }
1001 }
1002
1003 /**
1004 * if the caller has a URLPermission for connecting to the
1005 * given URL, then return a SocketPermission which permits
1006 * access to that destination. Return null otherwise. The permission
1007 * is cached in a field (which can only be changed by redirects)
1069 return;
1070 } else {
1071 cachedResponse = null;
1072 }
1073 }
1074 try {
1075 /* Try to open connections using the following scheme,
1076 * return on the first one that's successful:
1077 * 1) if (instProxy != null)
1078 * connect to instProxy; raise exception if failed
1079 * 2) else use system default ProxySelector
1080 * 3) is 2) fails, make direct connection
1081 */
1082
1083 if (instProxy == null) { // no instance Proxy is set
1084 /**
1085 * Do we have to use a proxy?
1086 */
1087 ProxySelector sel =
1088 java.security.AccessController.doPrivileged(
1089 new java.security.PrivilegedAction<ProxySelector>() {
1090 public ProxySelector run() {
1091 return ProxySelector.getDefault();
1092 }
1093 });
1094 if (sel != null) {
1095 URI uri = sun.net.www.ParseUtil.toURI(url);
1096 if (logger.isLoggable(PlatformLogger.Level.FINEST)) {
1097 logger.finest("ProxySelector Request for " + uri);
1098 }
1099 Iterator<Proxy> it = sel.select(uri).iterator();
1100 Proxy p;
1101 while (it.hasNext()) {
1102 p = it.next();
1103 try {
1104 if (!failedOnce) {
1105 http = getNewHttpClient(url, p, connectTimeout);
1106 http.setReadTimeout(readTimeout);
1107 } else {
1108 // make sure to construct new connection if first
1109 // attempt failed
1228
1229 /*
1230 * Allowable input/output sequences:
1231 * [interpreted as request entity]
1232 * - get output, [write output,] get input, [read input]
1233 * - get output, [write output]
1234 * [interpreted as GET]
1235 * - get input, [read input]
1236 * Disallowed:
1237 * - get input, [read input,] get output, [write output]
1238 */
1239
1240 @Override
1241 public synchronized OutputStream getOutputStream() throws IOException {
1242 connecting = true;
1243 SocketPermission p = URLtoSocketPermission(this.url);
1244
1245 if (p != null) {
1246 try {
1247 return AccessController.doPrivileged(
1248 new PrivilegedExceptionAction<OutputStream>() {
1249 public OutputStream run() throws IOException {
1250 return getOutputStream0();
1251 }
1252 }, null, p
1253 );
1254 } catch (PrivilegedActionException e) {
1255 throw (IOException) e.getException();
1256 }
1257 } else {
1258 return getOutputStream0();
1259 }
1260 }
1261
1262 private synchronized OutputStream getOutputStream0() throws IOException {
1263 try {
1264 if (!doOutput) {
1265 throw new ProtocolException("cannot write to a URLConnection"
1266 + " if doOutput=false - call setDoOutput(true)");
1267 }
1268
1406 }
1407 if (userCookies2 != null) {
1408 int k;
1409 if ((k = requests.getKey("Cookie2")) != -1)
1410 requests.set("Cookie2", requests.getValue(k) + ";" + userCookies2);
1411 else
1412 requests.set("Cookie2", userCookies2);
1413 }
1414
1415 } // end of getting cookies
1416 }
1417
1418 @Override
1419 public synchronized InputStream getInputStream() throws IOException {
1420 connecting = true;
1421 SocketPermission p = URLtoSocketPermission(this.url);
1422
1423 if (p != null) {
1424 try {
1425 return AccessController.doPrivileged(
1426 new PrivilegedExceptionAction<InputStream>() {
1427 public InputStream run() throws IOException {
1428 return getInputStream0();
1429 }
1430 }, null, p
1431 );
1432 } catch (PrivilegedActionException e) {
1433 throw (IOException) e.getException();
1434 }
1435 } else {
1436 return getInputStream0();
1437 }
1438 }
1439
1440 @SuppressWarnings("empty-statement")
1441 private synchronized InputStream getInputStream0() throws IOException {
1442
1443 if (!doInput) {
1444 throw new ProtocolException("Cannot read from URLConnection"
1445 + " if doInput=false (call setDoInput(true))");
1446 }
1860 } finally {
1861 if (proxyAuthKey != null) {
1862 AuthenticationInfo.endAuthRequest(proxyAuthKey);
1863 }
1864 if (serverAuthKey != null) {
1865 AuthenticationInfo.endAuthRequest(serverAuthKey);
1866 }
1867 }
1868 }
1869
1870 /*
1871 * Creates a chained exception that has the same type as
1872 * original exception and with the same message. Right now,
1873 * there is no convenient APIs for doing so.
1874 */
1875 private IOException getChainedException(final IOException rememberedException) {
1876 try {
1877 final Object[] args = { rememberedException.getMessage() };
1878 IOException chainedException =
1879 java.security.AccessController.doPrivileged(
1880 new java.security.PrivilegedExceptionAction<IOException>() {
1881 public IOException run() throws Exception {
1882 return (IOException)
1883 rememberedException.getClass()
1884 .getConstructor(new Class<?>[] { String.class })
1885 .newInstance(args);
1886 }
1887 });
1888 chainedException.initCause(rememberedException);
1889 return chainedException;
1890 } catch (Exception ignored) {
1891 return rememberedException;
1892 }
1893 }
1894
1895 @Override
1896 public InputStream getErrorStream() {
1897 if (connected && responseCode >= 400) {
1898 // Client Error 4xx and Server Error 5xx
1899 if (errorStream != null) {
1900 return errorStream;
2187 doingNTLMp2ndStage = true;
2188 } else if ("Kerberos".equalsIgnoreCase(scheme)) {
2189 authScheme = KERBEROS;
2190 doingNTLMp2ndStage = true;
2191 } else if ("Negotiate".equalsIgnoreCase(scheme)) {
2192 authScheme = NEGOTIATE;
2193 doingNTLMp2ndStage = true;
2194 }
2195
2196 if (realm == null)
2197 realm = "";
2198 proxyAuthKey = AuthenticationInfo.getProxyAuthKey(host, port, realm, authScheme);
2199 ret = AuthenticationInfo.getProxyAuth(proxyAuthKey);
2200 if (ret == null) {
2201 switch (authScheme) {
2202 case BASIC:
2203 InetAddress addr = null;
2204 try {
2205 final String finalHost = host;
2206 addr = java.security.AccessController.doPrivileged(
2207 new java.security.PrivilegedExceptionAction<InetAddress>() {
2208 public InetAddress run()
2209 throws java.net.UnknownHostException {
2210 return InetAddress.getByName(finalHost);
2211 }
2212 });
2213 } catch (java.security.PrivilegedActionException ignored) {
2214 // User will have an unknown host.
2215 }
2216 PasswordAuthentication a =
2217 privilegedRequestPasswordAuthentication(
2218 host, addr, port, "http",
2219 realm, scheme, url, RequestorType.PROXY);
2220 if (a != null) {
2221 ret = new BasicAuthentication(true, host, port, realm, a);
2222 }
2223 break;
2224 case DIGEST:
2225 a = privilegedRequestPasswordAuthentication(
2226 host, null, port, url.getProtocol(),
2227 realm, scheme, url, RequestorType.PROXY);
2549
2550 URL locUrl;
2551 try {
2552 locUrl = new URL(loc);
2553 if (!url.getProtocol().equalsIgnoreCase(locUrl.getProtocol())) {
2554 return false;
2555 }
2556
2557 } catch (MalformedURLException mue) {
2558 // treat loc as a relative URI to conform to popular browsers
2559 locUrl = new URL(url, loc);
2560 }
2561
2562 final URL locUrl0 = locUrl;
2563 socketPermission = null; // force recalculation
2564 SocketPermission p = URLtoSocketPermission(locUrl);
2565
2566 if (p != null) {
2567 try {
2568 return AccessController.doPrivileged(
2569 new PrivilegedExceptionAction<Boolean>() {
2570 public Boolean run() throws IOException {
2571 return followRedirect0(loc, stat, locUrl0);
2572 }
2573 }, null, p
2574 );
2575 } catch (PrivilegedActionException e) {
2576 throw (IOException) e.getException();
2577 }
2578 } else {
2579 // run without additional permission
2580 return followRedirect0(loc, stat, locUrl);
2581 }
2582 }
2583
2584 /* Tells us whether to follow a redirect. If so, it
2585 * closes the connection (break any keep-alive) and
2586 * resets the url, re-connects, and resets the request
2587 * property.
2588 */
2589 private boolean followRedirect0(String loc, int stat, URL locUrl)
|
227 new sun.security.action.GetBooleanAction(
228 "sun.net.http.errorstream.enableBuffering")).booleanValue();
229 timeout4ESBuffer = java.security.AccessController.doPrivileged(
230 new sun.security.action.GetIntegerAction(
231 "sun.net.http.errorstream.timeout", 300)).intValue();
232 if (timeout4ESBuffer <= 0) {
233 timeout4ESBuffer = 300; // use the default
234 }
235
236 bufSize4ES = java.security.AccessController.doPrivileged(
237 new sun.security.action.GetIntegerAction(
238 "sun.net.http.errorstream.bufferSize", 4096)).intValue();
239 if (bufSize4ES <= 0) {
240 bufSize4ES = 4096; // use the default
241 }
242
243 allowRestrictedHeaders = java.security.AccessController.doPrivileged(
244 new sun.security.action.GetBooleanAction(
245 "sun.net.http.allowRestrictedHeaders")).booleanValue();
246 if (!allowRestrictedHeaders) {
247 restrictedHeaderSet = new HashSet<>(restrictedHeaders.length);
248 for (int i=0; i < restrictedHeaders.length; i++) {
249 restrictedHeaderSet.add(restrictedHeaders[i].toLowerCase());
250 }
251 } else {
252 restrictedHeaderSet = null;
253 }
254 }
255
256 static final String httpVersion = "HTTP/1.1";
257 static final String acceptString =
258 "text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2";
259
260 // the following http request headers should NOT have their values
261 // returned for security reasons.
262 private static final String[] EXCLUDE_HEADERS = {
263 "Proxy-Authorization",
264 "Authorization"
265 };
266
267 // also exclude system cookies when any might be set
396
397 /* Logging support */
398 private static final PlatformLogger logger =
399 PlatformLogger.getLogger("sun.net.www.protocol.http.HttpURLConnection");
400
401 /*
402 * privileged request password authentication
403 *
404 */
405 private static PasswordAuthentication
406 privilegedRequestPasswordAuthentication(
407 final String host,
408 final InetAddress addr,
409 final int port,
410 final String protocol,
411 final String prompt,
412 final String scheme,
413 final URL url,
414 final RequestorType authType) {
415 return java.security.AccessController.doPrivileged(
416 new java.security.PrivilegedAction<>() {
417 public PasswordAuthentication run() {
418 if (logger.isLoggable(PlatformLogger.Level.FINEST)) {
419 logger.finest("Requesting Authentication: host =" + host + " url = " + url);
420 }
421 PasswordAuthentication pass = Authenticator.requestPasswordAuthentication(
422 host, addr, port, protocol,
423 prompt, scheme, url, authType);
424 if (logger.isLoggable(PlatformLogger.Level.FINEST)) {
425 logger.finest("Authentication returned: " + (pass != null ? pass.toString() : "null"));
426 }
427 return pass;
428 }
429 });
430 }
431
432 private boolean isRestrictedHeader(String key, String value) {
433 if (allowRestrictedHeaders) {
434 return false;
435 }
436
800 that want to use http to fetch urls on their behalf.*/
801 public HttpURLConnection(URL u, Proxy p) {
802 this(u, p, new Handler());
803 }
804
805 protected HttpURLConnection(URL u, Proxy p, Handler handler) {
806 super(u);
807 requests = new MessageHeader();
808 responses = new MessageHeader();
809 userHeaders = new MessageHeader();
810 this.handler = handler;
811 instProxy = p;
812 if (instProxy instanceof sun.net.ApplicationProxy) {
813 /* Application set Proxies should not have access to cookies
814 * in a secure environment unless explicitly allowed. */
815 try {
816 cookieHandler = CookieHandler.getDefault();
817 } catch (SecurityException se) { /* swallow exception */ }
818 } else {
819 cookieHandler = java.security.AccessController.doPrivileged(
820 new java.security.PrivilegedAction<>() {
821 public CookieHandler run() {
822 return CookieHandler.getDefault();
823 }
824 });
825 }
826 cacheHandler = java.security.AccessController.doPrivileged(
827 new java.security.PrivilegedAction<>() {
828 public ResponseCache run() {
829 return ResponseCache.getDefault();
830 }
831 });
832 }
833
834 /**
835 * @deprecated. Use java.net.Authenticator.setDefault() instead.
836 */
837 @Deprecated
838 public static void setDefaultAuthenticator(HttpAuthenticator a) {
839 defaultAuth = a;
840 }
841
842 /**
843 * opens a stream allowing redirects only to the same host.
844 */
845 public static InputStream openConnectionCheckRedirects(URLConnection c)
846 throws IOException
847 {
892
893 //
894 // Same as java.net.URL.hostsEqual
895 //
896 private static boolean hostsEqual(URL u1, URL u2) {
897 final String h1 = u1.getHost();
898 final String h2 = u2.getHost();
899
900 if (h1 == null) {
901 return h2 == null;
902 } else if (h2 == null) {
903 return false;
904 } else if (h1.equalsIgnoreCase(h2)) {
905 return true;
906 }
907 // Have to resolve addresses before comparing, otherwise
908 // names like tachyon and tachyon.eng would compare different
909 final boolean result[] = {false};
910
911 java.security.AccessController.doPrivileged(
912 new java.security.PrivilegedAction<>() {
913 public Void run() {
914 try {
915 InetAddress a1 = InetAddress.getByName(h1);
916 InetAddress a2 = InetAddress.getByName(h2);
917 result[0] = a1.equals(a2);
918 } catch(UnknownHostException | SecurityException e) {
919 }
920 return null;
921 }
922 });
923
924 return result[0];
925 }
926
927 // overridden in HTTPS subclass
928
929 public void connect() throws IOException {
930 synchronized (this) {
931 connecting = true;
932 }
937 if (connected) {
938 return true;
939 }
940 if (reuseClient != null) {
941 http = reuseClient;
942 http.setReadTimeout(getReadTimeout());
943 http.reuse = false;
944 reuseClient = null;
945 connected = true;
946 return true;
947 }
948 return false;
949 }
950
951 private String getHostAndPort(URL url) {
952 String host = url.getHost();
953 final String hostarg = host;
954 try {
955 // lookup hostname and use IP address if available
956 host = AccessController.doPrivileged(
957 new PrivilegedExceptionAction<>() {
958 public String run() throws IOException {
959 InetAddress addr = InetAddress.getByName(hostarg);
960 return addr.getHostAddress();
961 }
962 }
963 );
964 } catch (PrivilegedActionException e) {}
965 int port = url.getPort();
966 if (port == -1) {
967 String scheme = url.getProtocol();
968 if ("http".equals(scheme)) {
969 return host + ":80";
970 } else { // scheme must be https
971 return host + ":443";
972 }
973 }
974 return host + ":" + Integer.toString(port);
975 }
976
977 protected void plainConnect() throws IOException {
978 synchronized (this) {
979 if (connected) {
980 return;
981 }
982 }
983 SocketPermission p = URLtoSocketPermission(this.url);
984 if (p != null) {
985 try {
986 AccessController.doPrivileged(
987 new PrivilegedExceptionAction<>() {
988 public Void run() throws IOException {
989 plainConnect0();
990 return null;
991 }
992 }, null, p
993 );
994 } catch (PrivilegedActionException e) {
995 throw (IOException) e.getException();
996 }
997 } else {
998 // run without additional permission
999 plainConnect0();
1000 }
1001 }
1002
1003 /**
1004 * if the caller has a URLPermission for connecting to the
1005 * given URL, then return a SocketPermission which permits
1006 * access to that destination. Return null otherwise. The permission
1007 * is cached in a field (which can only be changed by redirects)
1069 return;
1070 } else {
1071 cachedResponse = null;
1072 }
1073 }
1074 try {
1075 /* Try to open connections using the following scheme,
1076 * return on the first one that's successful:
1077 * 1) if (instProxy != null)
1078 * connect to instProxy; raise exception if failed
1079 * 2) else use system default ProxySelector
1080 * 3) is 2) fails, make direct connection
1081 */
1082
1083 if (instProxy == null) { // no instance Proxy is set
1084 /**
1085 * Do we have to use a proxy?
1086 */
1087 ProxySelector sel =
1088 java.security.AccessController.doPrivileged(
1089 new java.security.PrivilegedAction<>() {
1090 public ProxySelector run() {
1091 return ProxySelector.getDefault();
1092 }
1093 });
1094 if (sel != null) {
1095 URI uri = sun.net.www.ParseUtil.toURI(url);
1096 if (logger.isLoggable(PlatformLogger.Level.FINEST)) {
1097 logger.finest("ProxySelector Request for " + uri);
1098 }
1099 Iterator<Proxy> it = sel.select(uri).iterator();
1100 Proxy p;
1101 while (it.hasNext()) {
1102 p = it.next();
1103 try {
1104 if (!failedOnce) {
1105 http = getNewHttpClient(url, p, connectTimeout);
1106 http.setReadTimeout(readTimeout);
1107 } else {
1108 // make sure to construct new connection if first
1109 // attempt failed
1228
1229 /*
1230 * Allowable input/output sequences:
1231 * [interpreted as request entity]
1232 * - get output, [write output,] get input, [read input]
1233 * - get output, [write output]
1234 * [interpreted as GET]
1235 * - get input, [read input]
1236 * Disallowed:
1237 * - get input, [read input,] get output, [write output]
1238 */
1239
1240 @Override
1241 public synchronized OutputStream getOutputStream() throws IOException {
1242 connecting = true;
1243 SocketPermission p = URLtoSocketPermission(this.url);
1244
1245 if (p != null) {
1246 try {
1247 return AccessController.doPrivileged(
1248 new PrivilegedExceptionAction<>() {
1249 public OutputStream run() throws IOException {
1250 return getOutputStream0();
1251 }
1252 }, null, p
1253 );
1254 } catch (PrivilegedActionException e) {
1255 throw (IOException) e.getException();
1256 }
1257 } else {
1258 return getOutputStream0();
1259 }
1260 }
1261
1262 private synchronized OutputStream getOutputStream0() throws IOException {
1263 try {
1264 if (!doOutput) {
1265 throw new ProtocolException("cannot write to a URLConnection"
1266 + " if doOutput=false - call setDoOutput(true)");
1267 }
1268
1406 }
1407 if (userCookies2 != null) {
1408 int k;
1409 if ((k = requests.getKey("Cookie2")) != -1)
1410 requests.set("Cookie2", requests.getValue(k) + ";" + userCookies2);
1411 else
1412 requests.set("Cookie2", userCookies2);
1413 }
1414
1415 } // end of getting cookies
1416 }
1417
1418 @Override
1419 public synchronized InputStream getInputStream() throws IOException {
1420 connecting = true;
1421 SocketPermission p = URLtoSocketPermission(this.url);
1422
1423 if (p != null) {
1424 try {
1425 return AccessController.doPrivileged(
1426 new PrivilegedExceptionAction<>() {
1427 public InputStream run() throws IOException {
1428 return getInputStream0();
1429 }
1430 }, null, p
1431 );
1432 } catch (PrivilegedActionException e) {
1433 throw (IOException) e.getException();
1434 }
1435 } else {
1436 return getInputStream0();
1437 }
1438 }
1439
1440 @SuppressWarnings("empty-statement")
1441 private synchronized InputStream getInputStream0() throws IOException {
1442
1443 if (!doInput) {
1444 throw new ProtocolException("Cannot read from URLConnection"
1445 + " if doInput=false (call setDoInput(true))");
1446 }
1860 } finally {
1861 if (proxyAuthKey != null) {
1862 AuthenticationInfo.endAuthRequest(proxyAuthKey);
1863 }
1864 if (serverAuthKey != null) {
1865 AuthenticationInfo.endAuthRequest(serverAuthKey);
1866 }
1867 }
1868 }
1869
1870 /*
1871 * Creates a chained exception that has the same type as
1872 * original exception and with the same message. Right now,
1873 * there is no convenient APIs for doing so.
1874 */
1875 private IOException getChainedException(final IOException rememberedException) {
1876 try {
1877 final Object[] args = { rememberedException.getMessage() };
1878 IOException chainedException =
1879 java.security.AccessController.doPrivileged(
1880 new java.security.PrivilegedExceptionAction<>() {
1881 public IOException run() throws Exception {
1882 return (IOException)
1883 rememberedException.getClass()
1884 .getConstructor(new Class<?>[] { String.class })
1885 .newInstance(args);
1886 }
1887 });
1888 chainedException.initCause(rememberedException);
1889 return chainedException;
1890 } catch (Exception ignored) {
1891 return rememberedException;
1892 }
1893 }
1894
1895 @Override
1896 public InputStream getErrorStream() {
1897 if (connected && responseCode >= 400) {
1898 // Client Error 4xx and Server Error 5xx
1899 if (errorStream != null) {
1900 return errorStream;
2187 doingNTLMp2ndStage = true;
2188 } else if ("Kerberos".equalsIgnoreCase(scheme)) {
2189 authScheme = KERBEROS;
2190 doingNTLMp2ndStage = true;
2191 } else if ("Negotiate".equalsIgnoreCase(scheme)) {
2192 authScheme = NEGOTIATE;
2193 doingNTLMp2ndStage = true;
2194 }
2195
2196 if (realm == null)
2197 realm = "";
2198 proxyAuthKey = AuthenticationInfo.getProxyAuthKey(host, port, realm, authScheme);
2199 ret = AuthenticationInfo.getProxyAuth(proxyAuthKey);
2200 if (ret == null) {
2201 switch (authScheme) {
2202 case BASIC:
2203 InetAddress addr = null;
2204 try {
2205 final String finalHost = host;
2206 addr = java.security.AccessController.doPrivileged(
2207 new java.security.PrivilegedExceptionAction<>() {
2208 public InetAddress run()
2209 throws java.net.UnknownHostException {
2210 return InetAddress.getByName(finalHost);
2211 }
2212 });
2213 } catch (java.security.PrivilegedActionException ignored) {
2214 // User will have an unknown host.
2215 }
2216 PasswordAuthentication a =
2217 privilegedRequestPasswordAuthentication(
2218 host, addr, port, "http",
2219 realm, scheme, url, RequestorType.PROXY);
2220 if (a != null) {
2221 ret = new BasicAuthentication(true, host, port, realm, a);
2222 }
2223 break;
2224 case DIGEST:
2225 a = privilegedRequestPasswordAuthentication(
2226 host, null, port, url.getProtocol(),
2227 realm, scheme, url, RequestorType.PROXY);
2549
2550 URL locUrl;
2551 try {
2552 locUrl = new URL(loc);
2553 if (!url.getProtocol().equalsIgnoreCase(locUrl.getProtocol())) {
2554 return false;
2555 }
2556
2557 } catch (MalformedURLException mue) {
2558 // treat loc as a relative URI to conform to popular browsers
2559 locUrl = new URL(url, loc);
2560 }
2561
2562 final URL locUrl0 = locUrl;
2563 socketPermission = null; // force recalculation
2564 SocketPermission p = URLtoSocketPermission(locUrl);
2565
2566 if (p != null) {
2567 try {
2568 return AccessController.doPrivileged(
2569 new PrivilegedExceptionAction<>() {
2570 public Boolean run() throws IOException {
2571 return followRedirect0(loc, stat, locUrl0);
2572 }
2573 }, null, p
2574 );
2575 } catch (PrivilegedActionException e) {
2576 throw (IOException) e.getException();
2577 }
2578 } else {
2579 // run without additional permission
2580 return followRedirect0(loc, stat, locUrl);
2581 }
2582 }
2583
2584 /* Tells us whether to follow a redirect. If so, it
2585 * closes the connection (break any keep-alive) and
2586 * resets the url, re-connects, and resets the request
2587 * property.
2588 */
2589 private boolean followRedirect0(String loc, int stat, URL locUrl)
|