35 import java.net.HttpCookie;
36 import java.net.InetAddress;
37 import java.net.UnknownHostException;
38 import java.net.SocketTimeoutException;
39 import java.net.SocketPermission;
40 import java.net.Proxy;
41 import java.net.ProxySelector;
42 import java.net.URI;
43 import java.net.InetSocketAddress;
44 import java.net.CookieHandler;
45 import java.net.ResponseCache;
46 import java.net.CacheResponse;
47 import java.net.SecureCacheResponse;
48 import java.net.CacheRequest;
49 import java.net.URLPermission;
50 import java.net.Authenticator.RequestorType;
51 import java.security.AccessController;
52 import java.security.PrivilegedExceptionAction;
53 import java.security.PrivilegedActionException;
54 import java.io.*;
55 import java.net.*;
56 import java.util.ArrayList;
57 import java.util.Collections;
58 import java.util.Date;
59 import java.util.Map;
60 import java.util.List;
61 import java.util.Locale;
62 import java.util.StringTokenizer;
63 import java.util.Iterator;
64 import java.util.HashSet;
65 import java.util.HashMap;
66 import java.util.Set;
67 import java.util.StringJoiner;
68 import jdk.internal.misc.JavaNetHttpCookieAccess;
69 import jdk.internal.misc.SharedSecrets;
70 import sun.net.*;
71 import sun.net.www.*;
72 import sun.net.www.http.HttpClient;
73 import sun.net.www.http.PosterOutputStream;
74 import sun.net.www.http.ChunkedInputStream;
75 import sun.net.www.http.ChunkedOutputStream;
76 import sun.util.logging.PlatformLogger;
77 import java.text.SimpleDateFormat;
78 import java.util.TimeZone;
79 import java.net.MalformedURLException;
80 import java.nio.ByteBuffer;
81 import static sun.net.www.protocol.http.AuthScheme.BASIC;
82 import static sun.net.www.protocol.http.AuthScheme.DIGEST;
83 import static sun.net.www.protocol.http.AuthScheme.NTLM;
84 import static sun.net.www.protocol.http.AuthScheme.NEGOTIATE;
85 import static sun.net.www.protocol.http.AuthScheme.KERBEROS;
86 import static sun.net.www.protocol.http.AuthScheme.UNKNOWN;
87
88 /**
89 * A class to represent an HTTP connection to a remote object.
90 */
91
92
93 public class HttpURLConnection extends java.net.HttpURLConnection {
94
95 static String HTTP_CONNECT = "CONNECT";
96
97 static final String version;
98 public static final String userAgent;
99
100 /* max # of allowed re-directs */
101 static final int defaultmaxRedirects = 20;
102 static final int maxRedirects;
103
104 /* Not all servers support the (Proxy)-Authentication-Info headers.
105 * By default, we don't require them to be sent
106 */
188 "Connection", /* close is allowed */
189 "Content-Length",
190 //"Cookie",
191 //"Cookie2",
192 "Content-Transfer-Encoding",
193 //"Date",
194 //"Expect",
195 "Host",
196 "Keep-Alive",
197 "Origin",
198 // "Referer",
199 // "TE",
200 "Trailer",
201 "Transfer-Encoding",
202 "Upgrade",
203 //"User-Agent",
204 "Via"
205 };
206
207 static {
208 maxRedirects = java.security.AccessController.doPrivileged(
209 new sun.security.action.GetIntegerAction(
210 "http.maxRedirects", defaultmaxRedirects)).intValue();
211 version = java.security.AccessController.doPrivileged(
212 new sun.security.action.GetPropertyAction("java.version"));
213 String agent = java.security.AccessController.doPrivileged(
214 new sun.security.action.GetPropertyAction("http.agent"));
215 if (agent == null) {
216 agent = "Java/"+version;
217 } else {
218 agent = agent + " Java/"+version;
219 }
220 userAgent = agent;
221 validateProxy = java.security.AccessController.doPrivileged(
222 new sun.security.action.GetBooleanAction(
223 "http.auth.digest.validateProxy")).booleanValue();
224 validateServer = java.security.AccessController.doPrivileged(
225 new sun.security.action.GetBooleanAction(
226 "http.auth.digest.validateServer")).booleanValue();
227
228 enableESBuffer = java.security.AccessController.doPrivileged(
229 new sun.security.action.GetBooleanAction(
230 "sun.net.http.errorstream.enableBuffering")).booleanValue();
231 timeout4ESBuffer = java.security.AccessController.doPrivileged(
232 new sun.security.action.GetIntegerAction(
233 "sun.net.http.errorstream.timeout", 300)).intValue();
234 if (timeout4ESBuffer <= 0) {
235 timeout4ESBuffer = 300; // use the default
236 }
237
238 bufSize4ES = java.security.AccessController.doPrivileged(
239 new sun.security.action.GetIntegerAction(
240 "sun.net.http.errorstream.bufferSize", 4096)).intValue();
241 if (bufSize4ES <= 0) {
242 bufSize4ES = 4096; // use the default
243 }
244
245 allowRestrictedHeaders = java.security.AccessController.doPrivileged(
246 new sun.security.action.GetBooleanAction(
247 "sun.net.http.allowRestrictedHeaders")).booleanValue();
248 if (!allowRestrictedHeaders) {
249 restrictedHeaderSet = new HashSet<>(restrictedHeaders.length);
250 for (int i=0; i < restrictedHeaders.length; i++) {
251 restrictedHeaderSet.add(restrictedHeaders[i].toLowerCase());
252 }
253 } else {
254 restrictedHeaderSet = null;
255 }
256 }
257
258 static final String httpVersion = "HTTP/1.1";
259 static final String acceptString =
260 "text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2";
261
262 // the following http request headers should NOT have their values
263 // returned for security reasons.
264 private static final String[] EXCLUDE_HEADERS = {
265 "Proxy-Authorization",
266 "Authorization"
267 };
|
35 import java.net.HttpCookie;
36 import java.net.InetAddress;
37 import java.net.UnknownHostException;
38 import java.net.SocketTimeoutException;
39 import java.net.SocketPermission;
40 import java.net.Proxy;
41 import java.net.ProxySelector;
42 import java.net.URI;
43 import java.net.InetSocketAddress;
44 import java.net.CookieHandler;
45 import java.net.ResponseCache;
46 import java.net.CacheResponse;
47 import java.net.SecureCacheResponse;
48 import java.net.CacheRequest;
49 import java.net.URLPermission;
50 import java.net.Authenticator.RequestorType;
51 import java.security.AccessController;
52 import java.security.PrivilegedExceptionAction;
53 import java.security.PrivilegedActionException;
54 import java.io.*;
55 import java.util.ArrayList;
56 import java.util.Collections;
57 import java.util.Date;
58 import java.util.Map;
59 import java.util.List;
60 import java.util.Locale;
61 import java.util.StringTokenizer;
62 import java.util.Iterator;
63 import java.util.HashSet;
64 import java.util.HashMap;
65 import java.util.Set;
66 import java.util.StringJoiner;
67 import jdk.internal.misc.JavaNetHttpCookieAccess;
68 import jdk.internal.misc.SharedSecrets;
69 import sun.net.*;
70 import sun.net.www.*;
71 import sun.net.www.http.HttpClient;
72 import sun.net.www.http.PosterOutputStream;
73 import sun.net.www.http.ChunkedInputStream;
74 import sun.net.www.http.ChunkedOutputStream;
75 import sun.util.logging.PlatformLogger;
76 import java.text.SimpleDateFormat;
77 import java.util.TimeZone;
78 import java.net.MalformedURLException;
79 import java.nio.ByteBuffer;
80 import java.util.Properties;
81 import static sun.net.www.protocol.http.AuthScheme.BASIC;
82 import static sun.net.www.protocol.http.AuthScheme.DIGEST;
83 import static sun.net.www.protocol.http.AuthScheme.NTLM;
84 import static sun.net.www.protocol.http.AuthScheme.NEGOTIATE;
85 import static sun.net.www.protocol.http.AuthScheme.KERBEROS;
86 import static sun.net.www.protocol.http.AuthScheme.UNKNOWN;
87 import sun.security.action.GetIntegerAction;
88 import sun.security.action.GetPropertyAction;
89
90 /**
91 * A class to represent an HTTP connection to a remote object.
92 */
93
94
95 public class HttpURLConnection extends java.net.HttpURLConnection {
96
97 static String HTTP_CONNECT = "CONNECT";
98
99 static final String version;
100 public static final String userAgent;
101
102 /* max # of allowed re-directs */
103 static final int defaultmaxRedirects = 20;
104 static final int maxRedirects;
105
106 /* Not all servers support the (Proxy)-Authentication-Info headers.
107 * By default, we don't require them to be sent
108 */
190 "Connection", /* close is allowed */
191 "Content-Length",
192 //"Cookie",
193 //"Cookie2",
194 "Content-Transfer-Encoding",
195 //"Date",
196 //"Expect",
197 "Host",
198 "Keep-Alive",
199 "Origin",
200 // "Referer",
201 // "TE",
202 "Trailer",
203 "Transfer-Encoding",
204 "Upgrade",
205 //"User-Agent",
206 "Via"
207 };
208
209 static {
210 Properties props = GetPropertyAction.getProperties();
211 maxRedirects = GetIntegerAction.getProperty("http.maxRedirects",
212 defaultmaxRedirects);
213 version = props.getProperty("java.version");
214 String agent = props.getProperty("http.agent");
215 if (agent == null) {
216 agent = "Java/"+version;
217 } else {
218 agent = agent + " Java/"+version;
219 }
220 userAgent = agent;
221 validateProxy = Boolean.parseBoolean(
222 props.getProperty("http.auth.digest.validateProxy"));
223 validateServer = Boolean.parseBoolean(
224 props.getProperty("http.auth.digest.validateServer"));
225
226 enableESBuffer = Boolean.parseBoolean(
227 props.getProperty("sun.net.http.errorstream.enableBuffering"));
228 timeout4ESBuffer = GetIntegerAction
229 .getProperty("sun.net.http.errorstream.timeout", 300);
230 if (timeout4ESBuffer <= 0) {
231 timeout4ESBuffer = 300; // use the default
232 }
233
234 bufSize4ES = GetIntegerAction
235 .getProperty("sun.net.http.errorstream.bufferSize", 4096);
236 if (bufSize4ES <= 0) {
237 bufSize4ES = 4096; // use the default
238 }
239
240 allowRestrictedHeaders = Boolean.parseBoolean(
241 props.getProperty("sun.net.http.allowRestrictedHeaders"));
242 if (!allowRestrictedHeaders) {
243 restrictedHeaderSet = new HashSet<>(restrictedHeaders.length);
244 for (int i=0; i < restrictedHeaders.length; i++) {
245 restrictedHeaderSet.add(restrictedHeaders[i].toLowerCase());
246 }
247 } else {
248 restrictedHeaderSet = null;
249 }
250 }
251
252 static final String httpVersion = "HTTP/1.1";
253 static final String acceptString =
254 "text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2";
255
256 // the following http request headers should NOT have their values
257 // returned for security reasons.
258 private static final String[] EXCLUDE_HEADERS = {
259 "Proxy-Authorization",
260 "Authorization"
261 };
|