commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ol...@apache.org
Subject svn commit: r331601 - in /jakarta/commons/proper/httpclient/trunk/src: java/org/apache/commons/httpclient/HttpMethodDirector.java test/org/apache/commons/httpclient/TestProxy.java
Date Mon, 07 Nov 2005 21:32:44 GMT
Author: olegk
Date: Mon Nov  7 13:32:36 2005
New Revision: 331601

URL: http://svn.apache.org/viewcvs?rev=331601&view=rev
Log:
PR #37345 (ProxyCredentials disclosed to remote host)

Contributed by Oleg Kalnichevski
Reviewed by Michael Becke

Modified:
    jakarta/commons/proper/httpclient/trunk/src/java/org/apache/commons/httpclient/HttpMethodDirector.java
    jakarta/commons/proper/httpclient/trunk/src/test/org/apache/commons/httpclient/TestProxy.java

Modified: jakarta/commons/proper/httpclient/trunk/src/java/org/apache/commons/httpclient/HttpMethodDirector.java
URL: http://svn.apache.org/viewcvs/jakarta/commons/proper/httpclient/trunk/src/java/org/apache/commons/httpclient/HttpMethodDirector.java?rev=331601&r1=331600&r2=331601&view=diff
==============================================================================
--- jakarta/commons/proper/httpclient/trunk/src/java/org/apache/commons/httpclient/HttpMethodDirector.java
(original)
+++ jakarta/commons/proper/httpclient/trunk/src/java/org/apache/commons/httpclient/HttpMethodDirector.java
Mon Nov  7 13:32:36 2005
@@ -160,7 +160,7 @@
                         LOG.debug("Preemptively sending default basic credentials");
                         method.getHostAuthState().setPreemptive();
                         method.getHostAuthState().setAuthAttempted(true);
-                        if (this.conn.isProxied()) {
+                        if (this.conn.isProxied() && !this.conn.isSecure()) {
                             method.getProxyAuthState().setPreemptive();
                             method.getProxyAuthState().setAuthAttempted(true);
                         }
@@ -227,7 +227,9 @@
     
     private void authenticate(final HttpMethod method) {
         try {
-            authenticateProxy(method);
+            if (this.conn.isProxied() && !this.conn.isSecure()) {
+                authenticateProxy(method);
+            }
             authenticateHost(method);
         } catch (AuthenticationException e) {
             LOG.error(e.getMessage(), e);

Modified: jakarta/commons/proper/httpclient/trunk/src/test/org/apache/commons/httpclient/TestProxy.java
URL: http://svn.apache.org/viewcvs/jakarta/commons/proper/httpclient/trunk/src/test/org/apache/commons/httpclient/TestProxy.java?rev=331601&r1=331600&r2=331601&view=diff
==============================================================================
--- jakarta/commons/proper/httpclient/trunk/src/test/org/apache/commons/httpclient/TestProxy.java
(original)
+++ jakarta/commons/proper/httpclient/trunk/src/test/org/apache/commons/httpclient/TestProxy.java
Mon Nov  7 13:32:36 2005
@@ -767,6 +767,11 @@
         try {
             this.client.executeMethod(get);
             assertEquals(HttpStatus.SC_OK, get.getStatusCode());
+            if (isUseSSL()) {
+                assertNull(get.getRequestHeader("Proxy-Authorization"));
+            } else {
+                assertNotNull(get.getRequestHeader("Proxy-Authorization"));
+            }
         } finally {
             get.releaseConnection();
         }



---------------------------------------------------------------------
To unsubscribe, e-mail: commons-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-dev-help@jakarta.apache.org


Mime
View raw message