Ticket #22596: HttpClient.diff

File HttpClient.diff, 2.8 KB (added by hhtznr, 2 years ago)

  • src/org/openstreetmap/josm/tools/HttpClient.java 

    diff --git a/src/org/openstreetmap/josm/tools/HttpClient.java b/src/org/openstreetmap/josm/tools/HttpClient.java
index 1b5993270..09cd4d336 100644
    a b import java.io.IOException;  
    88import java.io.InputStream;
    99import java.net.CookieHandler;
    1010import java.net.CookieManager;
     11import java.net.CookiePolicy;
    1112import java.net.HttpURLConnection;
    1213import java.net.MalformedURLException;
    1314import java.net.URL;
    public abstract class HttpClient {  
    8384
    8485    static {
    8586        try {
    86             CookieHandler.setDefault(new CookieManager());
     87            CookieHandler.setDefault(new CookieManager(null, CookiePolicy.ACCEPT_ALL));
    8788        } catch (SecurityException e) {
    8889            Logging.log(Logging.LEVEL_ERROR, "Unable to set default cookie handler", e);
    8990        }
    public abstract class HttpClient {  
    132133     * @since 9179
    133134     */
    134135    public final Response connect(ProgressMonitor progressMonitor) throws IOException {
     136        return connect(null, null, null);
     137    }
     138
     139    /**
     140     * Opens the HTTP connection.
     141     * @param progressMonitor progress monitor
     142     * @param authRedirectLocation The location where we will be redirected for authentication
     143     * @param authRequestProperty The authorization header to set when being redirected to the auth location
     144     * @return HTTP response
     145     * @throws IOException if any I/O error occurs
     146     * @since 9179
     147     */
     148    public final Response connect(ProgressMonitor progressMonitor, String authRedirectLocation, String authRequestProperty) throws IOException {
    135149        if (progressMonitor == null) {
    136150            progressMonitor = NullProgressMonitor.INSTANCE;
    137151        }
    public abstract class HttpClient {  
    183197                    url = new URL(url, redirectLocation);
    184198                    maxRedirects--;
    185199                    logRequest(tr("Download redirected to ''{0}''", redirectLocation));
     200                    if (authRedirectLocation != null && authRequestProperty != null && redirectLocation.startsWith(authRedirectLocation)) {
     201                        setHeader("Authorization", authRequestProperty);
     202                    }
    186203                    // Fix JOSM #21935: Avoid leaking `Authorization` header on redirects.
    187                     if (!Objects.equals(oldUrl.getHost(), this.url.getHost()) && this.getRequestHeader("Authorization") != null) {
     204                    else if (!Objects.equals(oldUrl.getHost(), this.url.getHost()) && this.getRequestHeader("Authorization") != null) {
    188205                        logRequest(tr("Download redirected to different host (''{0}'' -> ''{1}''), removing authorization headers",
    189206                                oldUrl.getHost(), url.getHost()));
    190207                        this.headers.remove("Authorization");