1 /*
2 * Copyright (c) 1995, 2013, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
47 import java.net.SecureCacheResponse;
48 import java.net.CacheRequest;
49 import java.net.URLPermission;
50 import java.net.Authenticator.RequestorType;
51 import java.security.AccessController;
52 import java.security.PrivilegedExceptionAction;
53 import java.security.PrivilegedActionException;
54 import java.io.*;
55 import java.net.*;
56 import java.util.ArrayList;
57 import java.util.Collections;
58 import java.util.Date;
59 import java.util.Map;
60 import java.util.List;
61 import java.util.Locale;
62 import java.util.StringTokenizer;
63 import java.util.Iterator;
64 import java.util.HashSet;
65 import java.util.HashMap;
66 import java.util.Set;
67 import sun.net.*;
68 import sun.net.www.*;
69 import sun.net.www.http.HttpClient;
70 import sun.net.www.http.PosterOutputStream;
71 import sun.net.www.http.ChunkedInputStream;
72 import sun.net.www.http.ChunkedOutputStream;
73 import sun.util.logging.PlatformLogger;
74 import java.text.SimpleDateFormat;
75 import java.util.TimeZone;
76 import java.net.MalformedURLException;
77 import java.nio.ByteBuffer;
78 import static sun.net.www.protocol.http.AuthScheme.BASIC;
79 import static sun.net.www.protocol.http.AuthScheme.DIGEST;
80 import static sun.net.www.protocol.http.AuthScheme.NTLM;
81 import static sun.net.www.protocol.http.AuthScheme.NEGOTIATE;
82 import static sun.net.www.protocol.http.AuthScheme.KERBEROS;
83 import static sun.net.www.protocol.http.AuthScheme.UNKNOWN;
84
85 /**
86 * A class to represent an HTTP connection to a remote object.
1369 logger.finest("CookieHandler request for " + uri);
1370 }
1371 Map<String, List<String>> cookies
1372 = cookieHandler.get(
1373 uri, requests.getHeaders(EXCLUDE_HEADERS));
1374 if (!cookies.isEmpty()) {
1375 if (logger.isLoggable(PlatformLogger.Level.FINEST)) {
1376 logger.finest("Cookies retrieved: " + cookies.toString());
1377 }
1378 for (Map.Entry<String, List<String>> entry :
1379 cookies.entrySet()) {
1380 String key = entry.getKey();
1381 // ignore all entries that don't have "Cookie"
1382 // or "Cookie2" as keys
1383 if (!"Cookie".equalsIgnoreCase(key) &&
1384 !"Cookie2".equalsIgnoreCase(key)) {
1385 continue;
1386 }
1387 List<String> l = entry.getValue();
1388 if (l != null && !l.isEmpty()) {
1389 StringBuilder cookieValue = new StringBuilder();
1390 for (String value : l) {
1391 cookieValue.append(value).append("; ");
1392 }
1393 // strip off the trailing '; '
1394 try {
1395 requests.add(key, cookieValue.substring(0, cookieValue.length() - 2));
1396 } catch (StringIndexOutOfBoundsException ignored) {
1397 // no-op
1398 }
1399 }
1400 }
1401 }
1402 }
1403 if (userCookies != null) {
1404 int k;
1405 if ((k = requests.getKey("Cookie")) != -1)
1406 requests.set("Cookie", requests.getValue(k) + ";" + userCookies);
1407 else
1408 requests.set("Cookie", userCookies);
1409 }
1410 if (userCookies2 != null) {
1411 int k;
1412 if ((k = requests.getKey("Cookie2")) != -1)
1413 requests.set("Cookie2", requests.getValue(k) + ";" + userCookies2);
1414 else
1415 requests.set("Cookie2", userCookies2);
1416 }
1417
1418 } // end of getting cookies
2853 /**
2854 * Returns a filtered version of the given headers value.
2855 *
2856 * Note: The implementation currently only filters out HttpOnly cookies
2857 * from Set-Cookie and Set-Cookie2 headers.
2858 */
2859 private String filterHeaderField(String name, String value) {
2860 if (value == null)
2861 return null;
2862
2863 if (SET_COOKIE.equalsIgnoreCase(name) ||
2864 SET_COOKIE2.equalsIgnoreCase(name)) {
2865
2866 // Filtering only if there is a cookie handler. [Assumption: the
2867 // cookie handler will store/retrieve the HttpOnly cookies]
2868 if (cookieHandler == null || value.length() == 0)
2869 return value;
2870
2871 sun.misc.JavaNetHttpCookieAccess access =
2872 sun.misc.SharedSecrets.getJavaNetHttpCookieAccess();
2873 StringBuilder retValue = new StringBuilder();
2874 List<HttpCookie> cookies = access.parse(value);
2875 boolean multipleCookies = false;
2876 for (HttpCookie cookie : cookies) {
2877 // skip HttpOnly cookies
2878 if (cookie.isHttpOnly())
2879 continue;
2880 if (multipleCookies)
2881 retValue.append(','); // RFC 2965, comma separated
2882 retValue.append(access.header(cookie));
2883 multipleCookies = true;
2884 }
2885
2886 return retValue.length() == 0 ? "" : retValue.toString();
2887 }
2888
2889 return value;
2890 }
2891
2892 // Cache the filtered response headers so that they don't need
2893 // to be generated for every getHeaderFields() call.
2894 private Map<String, List<String>> filteredHeaders; // null
2895
2896 private Map<String, List<String>> getFilteredHeaderFields() {
2897 if (filteredHeaders != null)
2898 return filteredHeaders;
2899
2900 Map<String, List<String>> headers, tmpMap = new HashMap<>();
2901
2902 if (cachedHeaders != null)
2903 headers = cachedHeaders.getHeaders();
2904 else
2905 headers = responses.getHeaders();
2906
|
1 /*
2 * Copyright (c) 1995, 2014, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
47 import java.net.SecureCacheResponse;
48 import java.net.CacheRequest;
49 import java.net.URLPermission;
50 import java.net.Authenticator.RequestorType;
51 import java.security.AccessController;
52 import java.security.PrivilegedExceptionAction;
53 import java.security.PrivilegedActionException;
54 import java.io.*;
55 import java.net.*;
56 import java.util.ArrayList;
57 import java.util.Collections;
58 import java.util.Date;
59 import java.util.Map;
60 import java.util.List;
61 import java.util.Locale;
62 import java.util.StringTokenizer;
63 import java.util.Iterator;
64 import java.util.HashSet;
65 import java.util.HashMap;
66 import java.util.Set;
67 import java.util.StringJoiner;
68 import sun.net.*;
69 import sun.net.www.*;
70 import sun.net.www.http.HttpClient;
71 import sun.net.www.http.PosterOutputStream;
72 import sun.net.www.http.ChunkedInputStream;
73 import sun.net.www.http.ChunkedOutputStream;
74 import sun.util.logging.PlatformLogger;
75 import java.text.SimpleDateFormat;
76 import java.util.TimeZone;
77 import java.net.MalformedURLException;
78 import java.nio.ByteBuffer;
79 import static sun.net.www.protocol.http.AuthScheme.BASIC;
80 import static sun.net.www.protocol.http.AuthScheme.DIGEST;
81 import static sun.net.www.protocol.http.AuthScheme.NTLM;
82 import static sun.net.www.protocol.http.AuthScheme.NEGOTIATE;
83 import static sun.net.www.protocol.http.AuthScheme.KERBEROS;
84 import static sun.net.www.protocol.http.AuthScheme.UNKNOWN;
85
86 /**
87 * A class to represent an HTTP connection to a remote object.
1370 logger.finest("CookieHandler request for " + uri);
1371 }
1372 Map<String, List<String>> cookies
1373 = cookieHandler.get(
1374 uri, requests.getHeaders(EXCLUDE_HEADERS));
1375 if (!cookies.isEmpty()) {
1376 if (logger.isLoggable(PlatformLogger.Level.FINEST)) {
1377 logger.finest("Cookies retrieved: " + cookies.toString());
1378 }
1379 for (Map.Entry<String, List<String>> entry :
1380 cookies.entrySet()) {
1381 String key = entry.getKey();
1382 // ignore all entries that don't have "Cookie"
1383 // or "Cookie2" as keys
1384 if (!"Cookie".equalsIgnoreCase(key) &&
1385 !"Cookie2".equalsIgnoreCase(key)) {
1386 continue;
1387 }
1388 List<String> l = entry.getValue();
1389 if (l != null && !l.isEmpty()) {
1390 StringJoiner cookieValue = new StringJoiner("; ");
1391 for (String value : l) {
1392 cookieValue.add(value);
1393 }
1394 requests.add(key, cookieValue.toString());
1395 }
1396 }
1397 }
1398 }
1399 if (userCookies != null) {
1400 int k;
1401 if ((k = requests.getKey("Cookie")) != -1)
1402 requests.set("Cookie", requests.getValue(k) + ";" + userCookies);
1403 else
1404 requests.set("Cookie", userCookies);
1405 }
1406 if (userCookies2 != null) {
1407 int k;
1408 if ((k = requests.getKey("Cookie2")) != -1)
1409 requests.set("Cookie2", requests.getValue(k) + ";" + userCookies2);
1410 else
1411 requests.set("Cookie2", userCookies2);
1412 }
1413
1414 } // end of getting cookies
2849 /**
2850 * Returns a filtered version of the given headers value.
2851 *
2852 * Note: The implementation currently only filters out HttpOnly cookies
2853 * from Set-Cookie and Set-Cookie2 headers.
2854 */
2855 private String filterHeaderField(String name, String value) {
2856 if (value == null)
2857 return null;
2858
2859 if (SET_COOKIE.equalsIgnoreCase(name) ||
2860 SET_COOKIE2.equalsIgnoreCase(name)) {
2861
2862 // Filtering only if there is a cookie handler. [Assumption: the
2863 // cookie handler will store/retrieve the HttpOnly cookies]
2864 if (cookieHandler == null || value.length() == 0)
2865 return value;
2866
2867 sun.misc.JavaNetHttpCookieAccess access =
2868 sun.misc.SharedSecrets.getJavaNetHttpCookieAccess();
2869 StringJoiner retValue = new StringJoiner(","); // RFC 2965, comma separated
2870 List<HttpCookie> cookies = access.parse(value);
2871 for (HttpCookie cookie : cookies) {
2872 // skip HttpOnly cookies
2873 if (! cookie.isHttpOnly())
2874 retValue.add(access.header(cookie));
2875 }
2876 return retValue.toString();
2877 }
2878
2879 return value;
2880 }
2881
2882 // Cache the filtered response headers so that they don't need
2883 // to be generated for every getHeaderFields() call.
2884 private Map<String, List<String>> filteredHeaders; // null
2885
2886 private Map<String, List<String>> getFilteredHeaderFields() {
2887 if (filteredHeaders != null)
2888 return filteredHeaders;
2889
2890 Map<String, List<String>> headers, tmpMap = new HashMap<>();
2891
2892 if (cachedHeaders != null)
2893 headers = cachedHeaders.getHeaders();
2894 else
2895 headers = responses.getHeaders();
2896
|