Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8343434

Update net.properties and java.net.http module-info.java after 8326949

XMLWordPrintable

    • Icon: CSR CSR
    • Resolution: Approved
    • Icon: P4 P4
    • 24
    • core-libs
    • None
    • behavioral
    • minimal
    • Doc update to previus approved CSR
    • System or security property
    • JDK

      Summary

      JDK-8326949 changed the behavior of the java.net.http HTTP client. This included a CSR to update relevant specification. Two locations were missed and this CSR aims to rectify that.

      Problem

      As above

      Solution

      Update the net.properties and module-info.java for java.net.http. In both cases, the following sentence is removed.

      'This includes the "Authorization" header when the relevant HttpClient has an authenticator set.'

      Specification

      diff --git a/src/java.base/share/conf/net.properties b/src/java.base/share/conf/net.properties
index 2aa9a9630be..9245226e166 100644
--- a/src/java.base/share/conf/net.properties
+++ b/src/java.base/share/conf/net.properties
@@ -104,9 +104,7 @@ jdk.http.auth.tunneling.disabledSchemes=Basic
 # to be used in real deployments. Protocol errors or other undefined behavior is likely
 # to occur when using them. The property is not set by default.
 # Note also, that there may be other headers that are restricted from being set
-# depending on the context. This includes the "Authorization" header when the
-# relevant HttpClient has an authenticator set. These restrictions cannot be
-# overridden by this property.
+# depending on the context. These restrictions cannot be overridden by this property.
 #
 # jdk.httpclient.allowRestrictedHeaders=host
 #
diff --git a/src/java.net.http/share/classes/module-info.java b/src/java.net.http/share/classes/module-info.java
index c95d80657b8..5bd49792e38 100644
--- a/src/java.net.http/share/classes/module-info.java
+++ b/src/java.net.http/share/classes/module-info.java
@@ -45,9 +45,7 @@
  * and whitespace is ignored. Note that this property is intended for testing and not for
  * real-world deployments. Protocol errors or other undefined behavior are likely to occur
  * when using this property. There may be other headers that are restricted from being set
- * depending on the context. This includes the "Authorization" header when the relevant
- * HttpClient has an authenticator set. These restrictions cannot be overridden by this
- * property.
+ * depending on the context. These restrictions cannot be overridden by this property.
  * </li>
  * <li><p><b>{@systemProperty jdk.httpclient.bufsize}</b> (default: 16384 bytes or 16 kB)<br>
  * The size to use for internal allocated buffers in bytes.

            michaelm Michael McMahon
            michaelm Michael McMahon
            Daniel Fuchs
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: