Return-Path: Delivered-To: apmail-incubator-amber-dev-archive@minotaur.apache.org Received: (qmail 31751 invoked from network); 11 Jul 2010 11:45:45 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 11 Jul 2010 11:45:45 -0000 Received: (qmail 63106 invoked by uid 500); 11 Jul 2010 11:45:45 -0000 Delivered-To: apmail-incubator-amber-dev-archive@incubator.apache.org Received: (qmail 63068 invoked by uid 500); 11 Jul 2010 11:45:44 -0000 Mailing-List: contact amber-dev-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: amber-dev@incubator.apache.org Delivered-To: mailing list amber-dev@incubator.apache.org Received: (qmail 63060 invoked by uid 99); 11 Jul 2010 11:45:43 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 11 Jul 2010 11:45:43 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of pid@pidster.com designates 74.125.82.43 as permitted sender) Received: from [74.125.82.43] (HELO mail-ww0-f43.google.com) (74.125.82.43) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 11 Jul 2010 11:45:35 +0000 Received: by wwa36 with SMTP id 36so4212578wwa.0 for ; Sun, 11 Jul 2010 04:45:15 -0700 (PDT) Received: by 10.227.138.10 with SMTP id y10mr11303388wbt.52.1278848715153; Sun, 11 Jul 2010 04:45:15 -0700 (PDT) Received: from pipeline.phoenix.net (cpc2-lewi13-2-0-cust269.2-4.cable.virginmedia.com [86.14.119.14]) by mx.google.com with ESMTPS id i25sm22000064wbi.4.2010.07.11.04.45.13 (version=TLSv1/SSLv3 cipher=RC4-MD5); Sun, 11 Jul 2010 04:45:13 -0700 (PDT) Message-ID: <4C39AEB3.9060405@pidster.com> Date: Sun, 11 Jul 2010 12:44:51 +0100 From: Pid Reply-To: pid@pidster.com Organization: Pidster Inc User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-GB; rv:1.9.2.4) Gecko/20100608 Thunderbird/3.1 MIME-Version: 1.0 To: Amber Developers Subject: Re: svn commit: r962827 - /incubator/amber/trunk/spec-api/src/main/java/org/apache/amber/OAuthRequest.java References: <20100710120934.646402388A1C@eris.apache.org> <4C398F5B.7010101@pidster.com> <4C3994B1.1020705@pidster.com> In-Reply-To: X-Enigmail-Version: 1.1.1 OpenPGP: id=62590808 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enig15ED52D99BF38E1D1F8493BE" X-Virus-Checked: Checked by ClamAV on apache.org --------------enig15ED52D99BF38E1D1F8493BE Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 11/07/2010 12:26, Simone Tripodi wrote: > I understand well your point of view. So, a good compromise can be > reached using the URI class; users can use that[1] method to create > urls in a "safety" way. > In the signature part, we need to acces to various URL part (protocol, > host, port) and I wouldn't rewrite a parse at all. Crap, yes, you're right of course. URI is a good solution. WDYT about automatically correcting a plaintext+http request to https? p > WDYT? > Simo >=20 > [1] http://java.sun.com/javase/6/docs/api/java/net/URI.html#create(java= =2Elang.String) >=20 > http://people.apache.org/~simonetripodi/ > http://www.99soft.org/ >=20 >=20 >=20 > On Sun, Jul 11, 2010 at 11:53 AM, Pid wrote: >> On 11/07/2010 10:41, Simone Tripodi wrote: >>>> >>>> I think maybe the requestURL should be a String too - I'm trying to >>>> handle all of the IOExceptions in the HttpConnector. >>>> >>> >>> discouraged. making the requestURL as a proper URL saves to check the= >>> string is a proper URL and we shouldn't reinvent the wheel. >> >> The requestURL is only passed to the HttpConnector, nowhere else. >> >> It will start as a String somewhere in the system, so we have to catch= >> an IOException to create the URL object. >> >> This isn't a case of reinventing the wheel at all, it's a case of >> putting all of the IO operations/checks associated with making the >> request in one place. >> >> I don't see any advantage in doing that try+catch at anywhere before t= he >> IO processing begins. >> >> >> The related issue is whether to validate the request before making it = - >> which will probably be necessary in the case of checking the plaintext= >> method is an HTTPS one. >> >> Leading on from that, if we automatically* upgraded the plaintext >> connection to HTTPS, it would mean recreating the URL object, complete= >> with try+catch etc, rather than a simple String regex. >> >> >> >> >> * Checked via a system property, defaults to 'on' >> >> --------------enig15ED52D99BF38E1D1F8493BE Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.14 (Darwin) iQIcBAEBCgAGBQJMOa7FAAoJEGoM2OGpOvr9hVgQAKDsCEKhWw+esQ/wctpFnqG3 PaViL7bsE4VOKTv8fyNKJQd5tpoFj5FjESll43Zlt0TvT0EzQjTmPERf45CzG5ns NCEAtQXMNhYns1MQ3oh1yLUyKGzeo5E8yKtS96qSSAkZ/Ss/0DzOawTllflBb8sl XeR2PwKgS9ThhAu36o2hGggNQ2OhqP+7oGerzEKKMJ1VfCHFJqhuVK5aPzp0zbnB R1UW2xjY8zrmex2vXhhGPdQGLqOzZ74XADyX+sOlpKai3iv6xSpjpMv1b2W9HyYE Jl5pu62DZJIy9xoR3TPPl87dpN4IcXvylz1GmN7Zr1leiZ4oPKczbU1j/Gc4Rsx5 0IlkDGokilegvJ06ifSW+hW0kQb3a+IwSwNwrz5ZGxETXXvO178Yk/4VFrjkoMLL B2l194cOKtFMXI+LF92EZrZr/sRi8M3BV4c6R+CMI5VqsW9iey2LCM0NLBqv+ZUY eZ2MN66BUoI3IUoAe6MrBGQJfSd0IleHwcBdkkvbp4u9kIXbH0nVQwbE4lRAy1iF tY75w91iisV+CSGfRy5cuRms8lZxZPNFwLci0F4/uQA6QiCUma0EiOS03NLPxf9Q vm7pkTHrr5umHfGXgnWPEnNStuN+U2NE+Nvxpjaj+6J8/xz7/shKcZ200HIMNYAg u2GfGpZTsJneRZuh3Ax1 =iQMo -----END PGP SIGNATURE----- --------------enig15ED52D99BF38E1D1F8493BE--