W3C home > Mailing lists > Public > www-validator-cvs@w3.org > June 2010

2002/css-validator/org/w3c/css/css DocumentParser.java,1.4,1.5

From: Yves Lafon via cvs-syncmail <cvsmail@w3.org>
Date: Fri, 18 Jun 2010 16:18:12 +0000
To: www-validator-cvs@w3.org
Message-Id: <E1OPeGi-0005kj-Gn@lionel-hutz.w3.org>
Update of /sources/public/2002/css-validator/org/w3c/css/css
In directory hutz:/tmp/cvs-serv22076/org/w3c/css/css

Modified Files:
	DocumentParser.java 
Log Message:
Contributed by Vajna Miklos, see http://lists.w3.org/Archives/Public/www-validator-css/2010Jun/0000.html - SSL Host verifier fix

Index: DocumentParser.java
===================================================================
RCS file: /sources/public/2002/css-validator/org/w3c/css/css/DocumentParser.java,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -d -r1.4 -r1.5
--- DocumentParser.java	18 Feb 2010 18:02:48 -0000	1.4
+++ DocumentParser.java	18 Jun 2010 16:18:10 -0000	1.5
@@ -17,6 +17,13 @@
 import java.net.URL;
 import java.net.URLConnection;
 
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.SSLSession;
+
 /**
  * @version $Revision$
  */
@@ -77,6 +84,40 @@
 	} else {
 	    URLConnection connection = null;
 
+	    if ("https".equals(urlProtocol)) {
+		    // Step 1: trust manager
+		    // Create a trust manager that does not validate certificate chains
+		    TrustManager[] trustAllCerts = new TrustManager[] {
+			    new X509TrustManager() {
+				    public java.security.cert.X509Certificate[] getAcceptedIssuers() {
+					    return null;
+				    }
+				    public void checkClientTrusted(
+					    java.security.cert.X509Certificate[] certs, String authType) {
+				    }
+				    public void checkServerTrusted(
+						    java.security.cert.X509Certificate[] certs, String authType) {
+					    }
+			    }
+		    };
+
+		    // Install the all-trusting trust manager
+		    try {
+			    SSLContext sc = SSLContext.getInstance("SSL");
+			    sc.init(null, trustAllCerts, new java.security.SecureRandom());
+			    HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
+		    } catch (Exception e) {
+		    }
+
+		    // Step 2: hostname verifier
+		    HostnameVerifier hv = new HostnameVerifier() {
+			    public boolean verify(String urlHostName, SSLSession session) {
+				    return true;
+			    }
+		    };
+		    HttpsURLConnection.setDefaultHostnameVerifier(hv);
+	    }
+
 	    try {
 		boolean isXML = false;
 		String cType;
Received on Friday, 18 June 2010 16:18:15 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 26 April 2012 12:55:21 GMT