hc-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ol...@apache.org
Subject svn commit: r1074473 - in /httpcomponents/httpclient/trunk: RELEASE_NOTES.txt httpclient/src/main/java/org/apache/http/client/protocol/RequestProxyAuthentication.java
Date Fri, 25 Feb 2011 11:19:24 GMT
Author: olegk
Date: Fri Feb 25 11:19:23 2011
New Revision: 1074473

URL: http://svn.apache.org/viewvc?rev=1074473&view=rev
Log:
HTTPCLIENT-1061: Proxy-Authorization header gets sent to the target host when tunneling requests
through a proxy that requires authentication

Modified:
    httpcomponents/httpclient/trunk/RELEASE_NOTES.txt
    httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/client/protocol/RequestProxyAuthentication.java

Modified: httpcomponents/httpclient/trunk/RELEASE_NOTES.txt
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/RELEASE_NOTES.txt?rev=1074473&r1=1074472&r2=1074473&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/RELEASE_NOTES.txt (original)
+++ httpcomponents/httpclient/trunk/RELEASE_NOTES.txt Fri Feb 25 11:19:23 2011
@@ -1,5 +1,9 @@
 Changes since 4.1
 
+* [HTTPCLIENT-1061] Fixed critical bug causing Proxy-Authorization header to be sent to the
target
+  host when tunneling requests through a proxy server that requires authentication.
+  Contributed by Oleg Kalnichevski <olegk at apache.org>
+
 * [HTTPCLIENT-1056] Fixed bug causing the RequestAuthCache protocol interceptor to generate
   an invalid AuthScope instance when looking up user credentials for preemptive authentication.

   Contributed by Oleg Kalnichevski <olegk at apache.org>

Modified: httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/client/protocol/RequestProxyAuthentication.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/client/protocol/RequestProxyAuthentication.java?rev=1074473&r1=1074472&r2=1074473&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/client/protocol/RequestProxyAuthentication.java
(original)
+++ httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/client/protocol/RequestProxyAuthentication.java
Fri Feb 25 11:19:23 2011
@@ -43,6 +43,9 @@ import org.apache.http.auth.AuthState;
 import org.apache.http.auth.AuthenticationException;
 import org.apache.http.auth.ContextAwareAuthScheme;
 import org.apache.http.auth.Credentials;
+import org.apache.http.conn.HttpRoutedConnection;
+import org.apache.http.conn.routing.HttpRoute;
+import org.apache.http.protocol.ExecutionContext;
 import org.apache.http.protocol.HttpContext;
 
 /**
@@ -74,6 +77,13 @@ public class RequestProxyAuthentication 
             return;
         }
 
+        HttpRoutedConnection conn = (HttpRoutedConnection) context.getAttribute(
+                ExecutionContext.HTTP_CONNECTION);
+        HttpRoute route = conn.getRoute();
+        if (route.isTunnelled()) {
+            return;
+        }
+
         // Obtain authentication state
         AuthState authState = (AuthState) context.getAttribute(
                 ClientContext.PROXY_AUTH_STATE);



Mime
View raw message