Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8343434

Update net.properties and java.net.http module-info.java after 8326949

XMLWordPrintable

    • Icon: CSR CSR
    • Resolution: Approved
    • Icon: P4 P4
    • 24
    • core-libs
    • None
    • behavioral
    • minimal
    • Doc update to previus approved CSR
    • System or security property
    • JDK

      Summary

      JDK-8326949 changed the behavior of the java.net.http HTTP client. This included a CSR to update relevant specification. Two locations were missed and this CSR aims to rectify that.

      Problem

      As above

      Solution

      Update the net.properties and module-info.java for java.net.http. In both cases, the following sentence is removed.

      'This includes the "Authorization" header when the relevant HttpClient has an authenticator set.'

      Specification

      diff --git a/src/java.base/share/conf/net.properties b/src/java.base/share/conf/net.properties
      index 2aa9a9630be..9245226e166 100644
      --- a/src/java.base/share/conf/net.properties
      +++ b/src/java.base/share/conf/net.properties
      @@ -104,9 +104,7 @@ jdk.http.auth.tunneling.disabledSchemes=Basic
       # to be used in real deployments. Protocol errors or other undefined behavior is likely
       # to occur when using them. The property is not set by default.
       # Note also, that there may be other headers that are restricted from being set
      -# depending on the context. This includes the "Authorization" header when the
      -# relevant HttpClient has an authenticator set. These restrictions cannot be
      -# overridden by this property.
      +# depending on the context. These restrictions cannot be overridden by this property.
       #
       # jdk.httpclient.allowRestrictedHeaders=host
       #
      diff --git a/src/java.net.http/share/classes/module-info.java b/src/java.net.http/share/classes/module-info.java
      index c95d80657b8..5bd49792e38 100644
      --- a/src/java.net.http/share/classes/module-info.java
      +++ b/src/java.net.http/share/classes/module-info.java
      @@ -45,9 +45,7 @@
        * and whitespace is ignored. Note that this property is intended for testing and not for
        * real-world deployments. Protocol errors or other undefined behavior are likely to occur
        * when using this property. There may be other headers that are restricted from being set
      - * depending on the context. This includes the "Authorization" header when the relevant
      - * HttpClient has an authenticator set. These restrictions cannot be overridden by this
      - * property.
      + * depending on the context. These restrictions cannot be overridden by this property.
        * </li>
        * <li><p><b>{@systemProperty jdk.httpclient.bufsize}</b> (default: 16384 bytes or 16 kB)<br>
        * The size to use for internal allocated buffers in bytes.
      

            michaelm Michael McMahon
            michaelm Michael McMahon
            Daniel Fuchs
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: