At present, JDK treats HTTP and HTTPS as two separate protocols, with java.net.HttpURLConnection and javax.net.ssl.HttpsURLConnection be the public APIs for accessing the two protocol handlers. However, doing so will prevent automatic and seemless HTTP redirection between these them. 'cause this entails we change the transport layer from a plain socket to a ssl socket and vise versa, in effect, bluring the distinction between the JDK's current two protocol notion, and could lead to issues with security and the JCK specification.
To do it right, we need to:
1. Fold in the https specific functionalities into http handler, both
APIs and implementation needs to be changed.
and
2. Deprecate javax.net.ssl.HttpsURLConnection
See attached example and output result.
To do it right, we need to:
1. Fold in the https specific functionalities into http handler, both
APIs and implementation needs to be changed.
and
2. Deprecate javax.net.ssl.HttpsURLConnection
See attached example and output result.
- relates to
-
JDK-4620571 urlconnection following redirect uses protocol of original request
-
- Resolved
-
-
-
- Closed
-