- From: Yves Lafon via cvs-syncmail <cvsmail@w3.org>
- Date: Sat, 14 May 2011 18:13:27 +0000
- To: www-validator-cvs@w3.org
Update of /sources/public/2002/css-validator/org/w3c/css/util
In directory hutz:/tmp/cvs-serv12763/org/w3c/css/util
Modified Files:
HTTPURL.java
Log Message:
moved SSL verifier to the right class, make it per-instance instead of static, add support for temporary redirect
Index: HTTPURL.java
===================================================================
RCS file: /sources/public/2002/css-validator/org/w3c/css/util/HTTPURL.java,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -d -r1.22 -r1.23
--- HTTPURL.java 15 Feb 2009 18:23:48 -0000 1.22
+++ HTTPURL.java 14 May 2011 18:13:25 -0000 1.23
@@ -8,6 +8,16 @@
*/
package org.w3c.css.util;
+import org.apache.velocity.io.UnicodeInputStream;
+import org.w3c.www.mime.MimeType;
+import org.w3c.www.mime.MimeTypeFormatException;
+
+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSession;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
@@ -16,14 +26,8 @@
import java.net.ProtocolException;
import java.net.URL;
import java.net.URLConnection;
-
import java.util.zip.GZIPInputStream;
-import org.w3c.www.mime.MimeType;
-import org.w3c.www.mime.MimeTypeFormatException;
-
-import org.apache.velocity.io.UnicodeInputStream;
-
/**
* @version $Revision$
* @author Philippe Le Hegaret
@@ -154,6 +158,39 @@
return getConnection(url, count, null);
}
+
+ private static void setSSLVerifier(HttpsURLConnection uConn) {
+ TrustManager[] trustAllCerts = new TrustManager[] {
+ new X509TrustManager() {
+ public java.security.cert.X509Certificate[] getAcceptedIssuers() {
+ return null;
+ }
+ public void checkClientTrusted(
+ java.security.cert.X509Certificate[] certs, String authType) {
+ }
+ public void checkServerTrusted(
+ java.security.cert.X509Certificate[] certs, String authType) {
+ }
+ }
+ };
+
+ // Install the all-trusting trust manager
+ try {
+ SSLContext sc = SSLContext.getInstance("SSL");
+ sc.init(null, trustAllCerts, new java.security.SecureRandom());
+ uConn.setSSLSocketFactory(sc.getSocketFactory());
+ } catch (Exception e) {
+ }
+
+ // Step 2: hostname verifier
+ HostnameVerifier hv = new HostnameVerifier() {
+ public boolean verify(String urlHostName, SSLSession session) {
+ return true;
+ }
+ };
+ uConn.setHostnameVerifier(hv);
+ }
+
private static URLConnection getConnection(URL url, int count,
ApplContext ac)
throws IOException
@@ -165,16 +202,12 @@
if (Util.servlet) {
String protocol = url.getProtocol();
- if (! (
- ("https".equalsIgnoreCase(protocol)) || ("http".equalsIgnoreCase(protocol))
- ) ) {
+ if (!(("https".equalsIgnoreCase(protocol)) || ("http".equalsIgnoreCase(protocol)))) {
System.err.println( "[WARNING] : someone is trying to get the file: "
+ url );
throw new FileNotFoundException("import " + url +
": Operation not permitted");
}
-
-
}
URLConnection urlC = url.openConnection();
@@ -214,6 +247,11 @@
if (urlC instanceof HttpURLConnection) {
HttpURLConnection httpURL = (HttpURLConnection) urlC;
int status;
+
+ httpURL.setInstanceFollowRedirects(false);
+ if (urlC instanceof HttpsURLConnection) {
+ setSSLVerifier((HttpsURLConnection) urlC);
+ }
try {
status = httpURL.getResponseCode();
} catch (FileNotFoundException e) {
@@ -228,6 +266,7 @@
break;
case HttpURLConnection.HTTP_MOVED_PERM:
case HttpURLConnection.HTTP_MOVED_TEMP:
+ case 307:
try {
URL u = getURL(httpURL.getHeaderField("Location"));
return getConnection(u, count+1, ac);
Received on Saturday, 14 May 2011 18:13:29 UTC