W3C home > Mailing lists > Public > www-validator-cvs@w3.org > March 2010

2006/unicorn/src/org/w3c/unicorn/input URIInputParameter.java,1.15,1.16

From: Thomas Gambet via cvs-syncmail <cvsmail@w3.org>
Date: Sun, 21 Mar 2010 22:52:52 +0000
To: www-validator-cvs@w3.org
Message-Id: <E1NtU0q-0001cd-SI@lionel-hutz.w3.org>
Update of /sources/public/2006/unicorn/src/org/w3c/unicorn/input
In directory hutz:/tmp/cvs-serv6203/src/org/w3c/unicorn/input

Modified Files:
	URIInputParameter.java 
Log Message:
deactivates SSL security checks if a resource has an invalid SSL certificate and adds a warning to the user

Index: URIInputParameter.java
===================================================================
RCS file: /sources/public/2006/unicorn/src/org/w3c/unicorn/input/URIInputParameter.java,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -d -r1.15 -r1.16
--- URIInputParameter.java	9 Oct 2009 14:59:38 -0000	1.15
+++ URIInputParameter.java	21 Mar 2010 22:52:50 -0000	1.16
@@ -7,14 +7,21 @@
 import java.net.SocketTimeoutException;
 import java.net.URL;
 import java.net.UnknownHostException;
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
+import java.util.ArrayList;
 import java.util.regex.Pattern;
 
 import javax.activation.MimeType;
 import javax.activation.MimeTypeParseException;
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLException;
+import javax.net.ssl.TrustManager;
 
 import org.w3c.unicorn.contract.EnumInputMethod;
 import org.w3c.unicorn.exceptions.UnicornException;
+import org.w3c.unicorn.request.TrustAllManager;
 import org.w3c.unicorn.util.Message;
 import org.w3c.unicorn.util.Property;
 
@@ -24,6 +31,22 @@
 	
 	private int connectTimeOut;
 	
+	private static SSLContext sc;
+	
+	static {
+		try {
+			sc = SSLContext.getInstance("SSL");
+			sc.init(null, new TrustManager[]{new TrustAllManager()}, new java.security.SecureRandom());
+		} catch (NoSuchAlgorithmException e) {
+			// TODO Auto-generated catch block
+			e.printStackTrace();
+		} catch (KeyManagementException e) {
+			// TODO Auto-generated catch block
+			e.printStackTrace();
+		}
+		
+	}
+	
 	public URIInputParameter(String uri) {
 		this.uri = uri;
 		if (Property.get("DOCUMENT_CONNECT_TIMEOUT") != null)
@@ -33,7 +56,7 @@
 	}
 	
 	@Override
-	public void check() throws UnicornException {
+	public void check(ArrayList<Message> messages) throws UnicornException {
 		URL docUrl = null;
 		try {
 			if (uri == null || uri.equals(""))
@@ -52,9 +75,18 @@
 			docUrl = new URL(uri);
 			if (!docUrl.getProtocol().equals("http") && !docUrl.getProtocol().equals("https"))
 				throw new UnicornException(Message.ERROR, "$message_unsupported_protocol", null, docUrl.getProtocol());
-			HttpURLConnection con = (HttpURLConnection) docUrl.openConnection();
+			
+			HttpsURLConnection con = (HttpsURLConnection) docUrl.openConnection();
 			con.setConnectTimeout(connectTimeOut);
-			con.connect();
+			try {
+				con.connect();
+			} catch (SSLException e) {
+				con.setSSLSocketFactory(sc.getSocketFactory());
+				con.connect();
+				Message message = new Message(Message.WARNING, "$message_ssl_warning", e.getClass() + "\n" + e.getMessage());
+				message.setEvaluateContent(false);
+				messages.add(message);
+			}
 			int responseCode = con.getResponseCode();
 			switch (responseCode) {
 			case HttpURLConnection.HTTP_UNAUTHORIZED:
@@ -72,8 +104,6 @@
 			throw new UnicornException(Message.ERROR, "$message_invalid_mime_type");
 		} catch (UnknownHostException e) { 
 			throw new UnicornException(Message.ERROR, "$message_unknown_host" , null, docUrl.getHost());
-		} catch (SSLException e) {
-			throw new UnicornException(Message.ERROR, "$message_ssl_exception");
 		} catch (ConnectException e) {
 			throw new UnicornException(Message.ERROR, "$message_connect_exception");
 		} catch (SocketTimeoutException e) {
Received on Sunday, 21 March 2010 22:52:54 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 26 April 2012 12:55:19 GMT