P3
JRE 1.4:
all platforms
test case at:
/net/celebrity.east/scratch/https/MyURL.java (attached in this bug report too)
"java -Dhttps.proxyHost=comanche.sfbay.sun.com -Dhttps.proxyPort=80 MyURL workaround" works
but
"java -Dhttps.proxyHost=comanche.sfbay.sun.com -Dhttps.proxyPort=80 MyURL"
Exception in thread "main" java.util.NoSuchElementException
at java.util.StringTokenizer.nextToken(StringTokenizer.java:232)
at sun.net.www.protocol.http.HttpURLConnection.doTunneling(HttpURLConnection.java:762)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(DashoA6275)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(DashoA6275)
at MyURL.main(MyURL.java:42)
Explanation:
This work around is needed because Merlin does not always include Host request-header field in the Http request. But according to rfc2616-sec14.23,
(http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html)
all Internet-based HTTP/1.1 servers MUST respond with a 400 (Bad Request) status code to any HTTP/1.1 request message which lacks a Host header field.
So without this workaround, it will fail when we do https + proxy auth, since we sent a request without the host request-header field and the http 1.1 proxy auth server will reply with 400 bad request instead of 407 proxy auth required.
In HttpURLConnection.java, method sendCONNECTRequest, we didn't ensure "Host" header is in the request b4 sending it out. This causes the problem.
I believe we should make sure the host request header is set before sending out all http 1.1 request.
/**
* send a CONNECT request for establishing a tunnel to proxy server
*/
private void sendCONNECTRequest() throws IOException {
requests.prepend("CONNECT " + url.getHost() + ":" +
( url.getPort()== -1? handler.getDefaultPort() :
url.getPort()) +
" " + httpVersion, null);
requests.setIfNotSet("User-Agent", userAgent);
setPreemptiveProxyAuthentication(requests);
http.writeRequests(requests, null);
// remove CONNECT header
requests.set(0, null, null);
}
all platforms
test case at:
/net/celebrity.east/scratch/https/MyURL.java (attached in this bug report too)
"java -Dhttps.proxyHost=comanche.sfbay.sun.com -Dhttps.proxyPort=80 MyURL workaround" works
but
"java -Dhttps.proxyHost=comanche.sfbay.sun.com -Dhttps.proxyPort=80 MyURL"
Exception in thread "main" java.util.NoSuchElementException
at java.util.StringTokenizer.nextToken(StringTokenizer.java:232)
at sun.net.www.protocol.http.HttpURLConnection.doTunneling(HttpURLConnection.java:762)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(DashoA6275)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(DashoA6275)
at MyURL.main(MyURL.java:42)
Explanation:
This work around is needed because Merlin does not always include Host request-header field in the Http request. But according to rfc2616-sec14.23,
(http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html)
all Internet-based HTTP/1.1 servers MUST respond with a 400 (Bad Request) status code to any HTTP/1.1 request message which lacks a Host header field.
So without this workaround, it will fail when we do https + proxy auth, since we sent a request without the host request-header field and the http 1.1 proxy auth server will reply with 400 bad request instead of 407 proxy auth required.
In HttpURLConnection.java, method sendCONNECTRequest, we didn't ensure "Host" header is in the request b4 sending it out. This causes the problem.
I believe we should make sure the host request header is set before sending out all http 1.1 request.
/**
* send a CONNECT request for establishing a tunnel to proxy server
*/
private void sendCONNECTRequest() throws IOException {
requests.prepend("CONNECT " + url.getHost() + ":" +
( url.getPort()== -1? handler.getDefaultPort() :
url.getPort()) +
" " + httpVersion, null);
requests.setIfNotSet("User-Agent", userAgent);
setPreemptiveProxyAuthentication(requests);
http.writeRequests(requests, null);
// remove CONNECT header
requests.set(0, null, null);
}