1 /*
2  * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4  *
5  * This code is free software; you can redistribute it and/or modify it
6  * under the terms of the GNU General Public License version 2 only, as
7  * published by the Free Software Foundation.  Oracle designates this
8  * particular file as subject to the "Classpath" exception as provided
9  * by Oracle in the LICENSE file that accompanied this code.
10  *
11  * This code is distributed in the hope that it will be useful, but WITHOUT
12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14  * version 2 for more details (a copy is included in the LICENSE file that
15  * accompanied this code).
16  *
17  * You should have received a copy of the GNU General Public License version
18  * 2 along with this work; if not, write to the Free Software Foundation,
19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20  *
21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22  * or visit www.oracle.com if you need additional information or have any
23  * questions.
24  */
25 
26 package java.net;
27 
28 import java.io.InputStream;
29 import java.io.IOException;
30 import java.security.Permission;
31 import java.util.Date;
32 
33 // Android-changed: top-level documentation substantially changed/rewritten.
34 /**
35  * A URLConnection with support for HTTP-specific features. See
36  * <A HREF="http://www.w3.org/pub/WWW/Protocols/"> the spec </A> for
37  * details.
38  * <p>
39  *
40  * <p>Uses of this class follow a pattern:
41  * <ol>
42  *   <li>Obtain a new {@code HttpURLConnection} by calling {@link
43  *       URL#openConnection() URL.openConnection()} and casting the result to
44  *       {@code HttpURLConnection}.
45  *   <li>Prepare the request. The primary property of a request is its URI.
46  *       Request headers may also include metadata such as credentials, preferred
47  *       content types, and session cookies.
48  *   <li>Optionally upload a request body. Instances must be configured with
49  *       {@link #setDoOutput(boolean) setDoOutput(true)} if they include a
50  *       request body. Transmit data by writing to the stream returned by {@link
51  *       #getOutputStream()}.
52  *   <li>Read the response. Response headers typically include metadata such as
53  *       the response body's content type and length, modified dates and session
54  *       cookies. The response body may be read from the stream returned by {@link
55  *       #getInputStream()}. If the response has no body, that method returns an
56  *       empty stream.
57  *   <li>Disconnect. Once the response body has been read, the {@code
58  *       HttpURLConnection} should be closed by calling {@link #disconnect()}.
59  *       Disconnecting releases the resources held by a connection so they may
60  *       be closed or reused.
61  * </ol>
62  *
63  * <p>For example, to retrieve the webpage at {@code http://www.android.com/}:
64  * <pre>   {@code
65  *   URL url = new URL("http://www.android.com/");
66  *   HttpURLConnection urlConnection = (HttpURLConnection) url.openConnection();
67  *   try {
68  *     InputStream in = new BufferedInputStream(urlConnection.getInputStream());
69  *     readStream(in);
70  *   } finally {
71  *     urlConnection.disconnect();
72  *   }
73  * }</pre>
74  *
75  * <h3>Secure Communication with HTTPS</h3>
76  * Calling {@link URL#openConnection()} on a URL with the "https"
77  * scheme will return an {@code HttpsURLConnection}, which allows for
78  * overriding the default {@link javax.net.ssl.HostnameVerifier
79  * HostnameVerifier} and {@link javax.net.ssl.SSLSocketFactory
80  * SSLSocketFactory}. An application-supplied {@code SSLSocketFactory}
81  * created from an {@link javax.net.ssl.SSLContext SSLContext} can
82  * provide a custom {@link javax.net.ssl.X509TrustManager
83  * X509TrustManager} for verifying certificate chains and a custom
84  * {@link javax.net.ssl.X509KeyManager X509KeyManager} for supplying
85  * client certificates. See {@link javax.net.ssl.HttpsURLConnection
86  * HttpsURLConnection} for more details.
87  *
88  * <h3>Response Handling</h3>
89  * {@code HttpURLConnection} will follow up to five HTTP redirects. It will
90  * follow redirects from one origin server to another. This implementation
91  * doesn't follow redirects from HTTPS to HTTP or vice versa.
92  *
93  * <p>If the HTTP response indicates that an error occurred, {@link
94  * #getInputStream()} will throw an {@link IOException}. Use {@link
95  * #getErrorStream()} to read the error response. The headers can be read in
96  * the normal way using {@link #getHeaderFields()},
97  *
98  * <h3>Posting Content</h3>
99  * To upload data to a web server, configure the connection for output using
100  * {@link #setDoOutput(boolean) setDoOutput(true)}.
101  *
102  * <p>For best performance, you should call either {@link
103  * #setFixedLengthStreamingMode(int)} when the body length is known in advance,
104  * or {@link #setChunkedStreamingMode(int)} when it is not. Otherwise {@code
105  * HttpURLConnection} will be forced to buffer the complete request body in
106  * memory before it is transmitted, wasting (and possibly exhausting) heap and
107  * increasing latency.
108  *
109  * <p>For example, to perform an upload: <pre>   {@code
110  *   HttpURLConnection urlConnection = (HttpURLConnection) url.openConnection();
111  *   try {
112  *     urlConnection.setDoOutput(true);
113  *     urlConnection.setChunkedStreamingMode(0);
114  *
115  *     OutputStream out = new BufferedOutputStream(urlConnection.getOutputStream());
116  *     writeStream(out);
117  *
118  *     InputStream in = new BufferedInputStream(urlConnection.getInputStream());
119  *     readStream(in);
120  *   } finally {
121  *     urlConnection.disconnect();
122  *   }
123  * }</pre>
124  *
125  * <h3>Performance</h3>
126  * The input and output streams returned by this class are <strong>not
127  * buffered</strong>. Most callers should wrap the returned streams with {@link
128  * java.io.BufferedInputStream BufferedInputStream} or {@link
129  * java.io.BufferedOutputStream BufferedOutputStream}. Callers that do only bulk
130  * reads or writes may omit buffering.
131  *
132  * <p>When transferring large amounts of data to or from a server, use streams
133  * to limit how much data is in memory at once. Unless you need the entire
134  * body to be in memory at once, process it as a stream (rather than storing
135  * the complete body as a single byte array or string).
136  *
137  * <p>To reduce latency, this class may reuse the same underlying {@code Socket}
138  * for multiple request/response pairs. As a result, HTTP connections may be
139  * held open longer than necessary. Calls to {@link #disconnect()} may return
140  * the socket to a pool of connected sockets.
141  *
142  * <p>By default, this implementation of {@code HttpURLConnection} requests that
143  * servers use gzip compression and it automatically decompresses the data for
144  * callers of {@link #getInputStream()}. The Content-Encoding and Content-Length
145  * response headers are cleared in this case. Gzip compression can be disabled by
146  * setting the acceptable encodings in the request header: <pre>   {@code
147  *   urlConnection.setRequestProperty("Accept-Encoding", "identity");
148  * }</pre>
149  *
150  * <p>Setting the Accept-Encoding request header explicitly disables automatic
151  * decompression and leaves the response headers intact; callers must handle
152  * decompression as needed, according to the Content-Encoding header of the
153  * response.
154  *
155  * <p>{@link #getContentLength()} returns the number of bytes transmitted and
156  * cannot be used to predict how many bytes can be read from
157  * {@link #getInputStream()} for compressed streams. Instead, read that stream
158  * until it is exhausted, i.e. when {@link InputStream#read} returns -1.
159  *
160  * <h3>Handling Network Sign-On</h3>
161  * Some Wi-Fi networks block Internet access until the user clicks through a
162  * sign-on page. Such sign-on pages are typically presented by using HTTP
163  * redirects. You can use {@link #getURL()} to test if your connection has been
164  * unexpectedly redirected. This check is not valid until <strong>after</strong>
165  * the response headers have been received, which you can trigger by calling
166  * {@link #getHeaderFields()} or {@link #getInputStream()}. For example, to
167  * check that a response was not redirected to an unexpected host:
168  * <pre>   {@code
169  *   HttpURLConnection urlConnection = (HttpURLConnection) url.openConnection();
170  *   try {
171  *     InputStream in = new BufferedInputStream(urlConnection.getInputStream());
172  *     if (!url.getHost().equals(urlConnection.getURL().getHost())) {
173  *       // we were redirected! Kick the user out to the browser to sign on?
174  *     }
175  *     ...
176  *   } finally {
177  *     urlConnection.disconnect();
178  *   }
179  * }</pre>
180  *
181  * <h3>HTTP Authentication</h3>
182  * {@code HttpURLConnection} supports <a
183  * href="http://www.ietf.org/rfc/rfc2617">HTTP basic authentication</a>. Use
184  * {@link Authenticator} to set the VM-wide authentication handler:
185  * <pre>   {@code
186  *   Authenticator.setDefault(new Authenticator() {
187  *     protected PasswordAuthentication getPasswordAuthentication() {
188  *       return new PasswordAuthentication(username, password.toCharArray());
189  *     }
190  *   });
191  * }</pre>
192  * Unless paired with HTTPS, this is <strong>not</strong> a secure mechanism for
193  * user authentication. In particular, the username, password, request and
194  * response are all transmitted over the network without encryption.
195  *
196  * <h3>Sessions with Cookies</h3>
197  * To establish and maintain a potentially long-lived session between client
198  * and server, {@code HttpURLConnection} includes an extensible cookie manager.
199  * Enable VM-wide cookie management using {@link CookieHandler} and {@link
200  * CookieManager}: <pre>   {@code
201  *   CookieManager cookieManager = new CookieManager();
202  *   CookieHandler.setDefault(cookieManager);
203  * }</pre>
204  * By default, {@code CookieManager} accepts cookies from the <a
205  * href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec1.html">origin
206  * server</a> only. Two other policies are included: {@link
207  * CookiePolicy#ACCEPT_ALL} and {@link CookiePolicy#ACCEPT_NONE}. Implement
208  * {@link CookiePolicy} to define a custom policy.
209  *
210  * <p>The default {@code CookieManager} keeps all accepted cookies in memory. It
211  * will forget these cookies when the VM exits. Implement {@link CookieStore} to
212  * define a custom cookie store.
213  *
214  * <p>In addition to the cookies set by HTTP responses, you may set cookies
215  * programmatically. To be included in HTTP request headers, cookies must have
216  * the domain and path properties set.
217  *
218  * <p>By default, new instances of {@code HttpCookie} work only with servers
219  * that support <a href="http://www.ietf.org/rfc/rfc2965.txt">RFC 2965</a>
220  * cookies. Many web servers support only the older specification, <a
221  * href="http://www.ietf.org/rfc/rfc2109.txt">RFC 2109</a>. For compatibility
222  * with the most web servers, set the cookie version to 0.
223  *
224  * <p>For example, to receive {@code www.twitter.com} in French: <pre>   {@code
225  *   HttpCookie cookie = new HttpCookie("lang", "fr");
226  *   cookie.setDomain("twitter.com");
227  *   cookie.setPath("/");
228  *   cookie.setVersion(0);
229  *   cookieManager.getCookieStore().add(new URI("http://twitter.com/"), cookie);
230  * }</pre>
231  *
232  * <h3>HTTP Methods</h3>
233  * <p>{@code HttpURLConnection} uses the {@code GET} method by default. It will
234  * use {@code POST} if {@link #setDoOutput setDoOutput(true)} has been called.
235  * Other HTTP methods ({@code OPTIONS}, {@code HEAD}, {@code PUT}, {@code
236  * DELETE} and {@code TRACE}) can be used with {@link #setRequestMethod}.
237  *
238  * <h3>Proxies</h3>
239  * By default, this class will connect directly to the <a
240  * href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec1.html">origin
241  * server</a>. It can also connect via an {@link Proxy.Type#HTTP HTTP} or {@link
242  * Proxy.Type#SOCKS SOCKS} proxy. To use a proxy, use {@link
243  * URL#openConnection(Proxy) URL.openConnection(Proxy)} when creating the
244  * connection.
245  *
246  * <h3>IPv6 Support</h3>
247  * <p>This class includes transparent support for IPv6. For hosts with both IPv4
248  * and IPv6 addresses, it will attempt to connect to each of a host's addresses
249  * until a connection is established.
250  *
251  * <h3>Response Caching</h3>
252  * Android 4.0 (Ice Cream Sandwich, API level 15) includes a response cache. See
253  * {@code android.net.http.HttpResponseCache} for instructions on enabling HTTP
254  * caching in your application.
255  *
256  * <h3>Avoiding Bugs In Earlier Releases</h3>
257  * Prior to Android 2.2 (Froyo), this class had some frustrating bugs. In
258  * particular, calling {@code close()} on a readable {@code InputStream} could
259  * <a href="http://code.google.com/p/android/issues/detail?id=2939">poison the
260  * connection pool</a>. Work around this by disabling connection pooling:
261  * <pre>   {@code
262  * private void disableConnectionReuseIfNecessary() {
263  *   // Work around pre-Froyo bugs in HTTP connection reuse.
264  *   if (Integer.parseInt(Build.VERSION.SDK) < Build.VERSION_CODES.FROYO) {
265  *     System.setProperty("http.keepAlive", "false");
266  *   }
267  * }}</pre>
268  *
269  * <p>Each instance of {@code HttpURLConnection} may be used for one
270  * request/response pair. Instances of this class are not thread safe.
271  *
272  * @see     java.net.HttpURLConnection#disconnect()
273  * @since JDK1.1
274  */
275 abstract public class HttpURLConnection extends URLConnection {
276     /* instance variables */
277 
278     /**
279      * The HTTP method (GET,POST,PUT,etc.).
280      */
281     protected String method = "GET";
282 
283     /**
284      * The chunk-length when using chunked encoding streaming mode for output.
285      * A value of {@code -1} means chunked encoding is disabled for output.
286      * @since 1.5
287      */
288     protected int chunkLength = -1;
289 
290     /**
291      * The fixed content-length when using fixed-length streaming mode.
292      * A value of {@code -1} means fixed-length streaming mode is disabled
293      * for output.
294      *
295      * <P> <B>NOTE:</B> {@link #fixedContentLengthLong} is recommended instead
296      * of this field, as it allows larger content lengths to be set.
297      *
298      * @since 1.5
299      */
300     protected int fixedContentLength = -1;
301 
302     /**
303      * The fixed content-length when using fixed-length streaming mode.
304      * A value of {@code -1} means fixed-length streaming mode is disabled
305      * for output.
306      *
307      * @since 1.7
308      */
309     protected long fixedContentLengthLong = -1;
310 
311     /**
312      * Returns the key for the {@code n}<sup>th</sup> header field.
313      * Some implementations may treat the {@code 0}<sup>th</sup>
314      * header field as special, i.e. as the status line returned by the HTTP
315      * server. In this case, {@link #getHeaderField(int) getHeaderField(0)} returns the status
316      * line, but {@code getHeaderFieldKey(0)} returns null.
317      *
318      * @param   n   an index, where {@code n >=0}.
319      * @return  the key for the {@code n}<sup>th</sup> header field,
320      *          or {@code null} if the key does not exist.
321      */
getHeaderFieldKey(int n)322     public String getHeaderFieldKey (int n) {
323         return null;
324     }
325 
326     /**
327      * This method is used to enable streaming of a HTTP request body
328      * without internal buffering, when the content length is known in
329      * advance.
330      * <p>
331      * An exception will be thrown if the application
332      * attempts to write more data than the indicated
333      * content-length, or if the application closes the OutputStream
334      * before writing the indicated amount.
335      * <p>
336      * When output streaming is enabled, authentication
337      * and redirection cannot be handled automatically.
338      * A HttpRetryException will be thrown when reading
339      * the response if authentication or redirection are required.
340      * This exception can be queried for the details of the error.
341      * <p>
342      * This method must be called before the URLConnection is connected.
343      * <p>
344      * <B>NOTE:</B> {@link #setFixedLengthStreamingMode(long)} is recommended
345      * instead of this method as it allows larger content lengths to be set.
346      *
347      * @param   contentLength The number of bytes which will be written
348      *          to the OutputStream.
349      *
350      * @throws  IllegalStateException if URLConnection is already connected
351      *          or if a different streaming mode is already enabled.
352      *
353      * @throws  IllegalArgumentException if a content length less than
354      *          zero is specified.
355      *
356      * @see     #setChunkedStreamingMode(int)
357      * @since 1.5
358      */
setFixedLengthStreamingMode(int contentLength)359     public void setFixedLengthStreamingMode (int contentLength) {
360         if (connected) {
361             throw new IllegalStateException ("Already connected");
362         }
363         if (chunkLength != -1) {
364             throw new IllegalStateException ("Chunked encoding streaming mode set");
365         }
366         if (contentLength < 0) {
367             throw new IllegalArgumentException ("invalid content length");
368         }
369         fixedContentLength = contentLength;
370     }
371 
372     /**
373      * This method is used to enable streaming of a HTTP request body
374      * without internal buffering, when the content length is known in
375      * advance.
376      *
377      * <P> An exception will be thrown if the application attempts to write
378      * more data than the indicated content-length, or if the application
379      * closes the OutputStream before writing the indicated amount.
380      *
381      * <P> When output streaming is enabled, authentication and redirection
382      * cannot be handled automatically. A {@linkplain HttpRetryException} will
383      * be thrown when reading the response if authentication or redirection
384      * are required. This exception can be queried for the details of the
385      * error.
386      *
387      * <P> This method must be called before the URLConnection is connected.
388      *
389      * <P> The content length set by invoking this method takes precedence
390      * over any value set by {@link #setFixedLengthStreamingMode(int)}.
391      *
392      * @param  contentLength
393      *         The number of bytes which will be written to the OutputStream.
394      *
395      * @throws  IllegalStateException
396      *          if URLConnection is already connected or if a different
397      *          streaming mode is already enabled.
398      *
399      * @throws  IllegalArgumentException
400      *          if a content length less than zero is specified.
401      *
402      * @since 1.7
403      */
setFixedLengthStreamingMode(long contentLength)404     public void setFixedLengthStreamingMode(long contentLength) {
405         if (connected) {
406             throw new IllegalStateException("Already connected");
407         }
408         if (chunkLength != -1) {
409             throw new IllegalStateException(
410                 "Chunked encoding streaming mode set");
411         }
412         if (contentLength < 0) {
413             throw new IllegalArgumentException("invalid content length");
414         }
415         fixedContentLengthLong = contentLength;
416     }
417 
418     /* Default chunk size (including chunk header) if not specified;
419      * we want to keep this in sync with the one defined in
420      * sun.net.www.http.ChunkedOutputStream
421      */
422     private static final int DEFAULT_CHUNK_SIZE = 4096;
423 
424     /**
425      * This method is used to enable streaming of a HTTP request body
426      * without internal buffering, when the content length is <b>not</b>
427      * known in advance. In this mode, chunked transfer encoding
428      * is used to send the request body. Note, not all HTTP servers
429      * support this mode.
430      * <p>
431      * When output streaming is enabled, authentication
432      * and redirection cannot be handled automatically.
433      * A HttpRetryException will be thrown when reading
434      * the response if authentication or redirection are required.
435      * This exception can be queried for the details of the error.
436      * <p>
437      * This method must be called before the URLConnection is connected.
438      *
439      * @param   chunklen The number of bytes to write in each chunk.
440      *          If chunklen is less than or equal to zero, a default
441      *          value will be used.
442      *
443      * @throws  IllegalStateException if URLConnection is already connected
444      *          or if a different streaming mode is already enabled.
445      *
446      * @see     #setFixedLengthStreamingMode(int)
447      * @since 1.5
448      */
setChunkedStreamingMode(int chunklen)449     public void setChunkedStreamingMode (int chunklen) {
450         if (connected) {
451             throw new IllegalStateException ("Can't set streaming mode: already connected");
452         }
453         if (fixedContentLength != -1 || fixedContentLengthLong != -1) {
454             throw new IllegalStateException ("Fixed length streaming mode set");
455         }
456         chunkLength = chunklen <=0? DEFAULT_CHUNK_SIZE : chunklen;
457     }
458 
459     /**
460      * Returns the value for the {@code n}<sup>th</sup> header field.
461      * Some implementations may treat the {@code 0}<sup>th</sup>
462      * header field as special, i.e. as the status line returned by the HTTP
463      * server.
464      * <p>
465      * This method can be used in conjunction with the
466      * {@link #getHeaderFieldKey getHeaderFieldKey} method to iterate through all
467      * the headers in the message.
468      *
469      * @param   n   an index, where {@code n>=0}.
470      * @return  the value of the {@code n}<sup>th</sup> header field,
471      *          or {@code null} if the value does not exist.
472      * @see     java.net.HttpURLConnection#getHeaderFieldKey(int)
473      */
getHeaderField(int n)474     public String getHeaderField(int n) {
475         return null;
476     }
477 
478     /**
479      * An {@code int} representing the three digit HTTP Status-Code.
480      * <ul>
481      * <li> 1xx: Informational
482      * <li> 2xx: Success
483      * <li> 3xx: Redirection
484      * <li> 4xx: Client Error
485      * <li> 5xx: Server Error
486      * </ul>
487      */
488     protected int responseCode = -1;
489 
490     /**
491      * The HTTP response message.
492      */
493     protected String responseMessage = null;
494 
495     /* static variables */
496 
497     /* do we automatically follow redirects? The default is true. */
498     private static boolean followRedirects = true;
499 
500     /**
501      * If {@code true}, the protocol will automatically follow redirects.
502      * If {@code false}, the protocol will not automatically follow
503      * redirects.
504      * <p>
505      * This field is set by the {@code setInstanceFollowRedirects}
506      * method. Its value is returned by the {@code getInstanceFollowRedirects}
507      * method.
508      * <p>
509      * Its default value is based on the value of the static followRedirects
510      * at HttpURLConnection construction time.
511      *
512      * @see     java.net.HttpURLConnection#setInstanceFollowRedirects(boolean)
513      * @see     java.net.HttpURLConnection#getInstanceFollowRedirects()
514      * @see     java.net.HttpURLConnection#setFollowRedirects(boolean)
515      */
516     protected boolean instanceFollowRedirects = followRedirects;
517 
518     /* valid HTTP methods */
519     private static final String[] methods = {
520         "GET", "POST", "HEAD", "OPTIONS", "PUT", "DELETE", "TRACE"
521     };
522 
523     /**
524      * Constructor for the HttpURLConnection.
525      * @param u the URL
526      */
HttpURLConnection(URL u)527     protected HttpURLConnection (URL u) {
528         super(u);
529     }
530 
531     /**
532      * Sets whether HTTP redirects  (requests with response code 3xx) should
533      * be automatically followed by this class.  True by default.  Applets
534      * cannot change this variable.
535      * <p>
536      * If there is a security manager, this method first calls
537      * the security manager's {@code checkSetFactory} method
538      * to ensure the operation is allowed.
539      * This could result in a SecurityException.
540      *
541      * @param set a {@code boolean} indicating whether or not
542      * to follow HTTP redirects.
543      * @exception  SecurityException  if a security manager exists and its
544      *             {@code checkSetFactory} method doesn't
545      *             allow the operation.
546      * @see        SecurityManager#checkSetFactory
547      * @see #getFollowRedirects()
548      */
setFollowRedirects(boolean set)549     public static void setFollowRedirects(boolean set) {
550         SecurityManager sec = System.getSecurityManager();
551         if (sec != null) {
552             // seems to be the best check here...
553             sec.checkSetFactory();
554         }
555         followRedirects = set;
556     }
557 
558     /**
559      * Returns a {@code boolean} indicating
560      * whether or not HTTP redirects (3xx) should
561      * be automatically followed.
562      *
563      * @return {@code true} if HTTP redirects should
564      * be automatically followed, {@code false} if not.
565      * @see #setFollowRedirects(boolean)
566      */
getFollowRedirects()567     public static boolean getFollowRedirects() {
568         return followRedirects;
569     }
570 
571     /**
572      * Sets whether HTTP redirects (requests with response code 3xx) should
573      * be automatically followed by this {@code HttpURLConnection}
574      * instance.
575      * <p>
576      * The default value comes from followRedirects, which defaults to
577      * true.
578      *
579      * @param followRedirects a {@code boolean} indicating
580      * whether or not to follow HTTP redirects.
581      *
582      * @see    java.net.HttpURLConnection#instanceFollowRedirects
583      * @see #getInstanceFollowRedirects
584      * @since 1.3
585      */
setInstanceFollowRedirects(boolean followRedirects)586      public void setInstanceFollowRedirects(boolean followRedirects) {
587         instanceFollowRedirects = followRedirects;
588      }
589 
590      /**
591      * Returns the value of this {@code HttpURLConnection}'s
592      * {@code instanceFollowRedirects} field.
593      *
594      * @return  the value of this {@code HttpURLConnection}'s
595      *          {@code instanceFollowRedirects} field.
596      * @see     java.net.HttpURLConnection#instanceFollowRedirects
597      * @see #setInstanceFollowRedirects(boolean)
598      * @since 1.3
599      */
getInstanceFollowRedirects()600      public boolean getInstanceFollowRedirects() {
601          return instanceFollowRedirects;
602      }
603 
604     /**
605      * Set the method for the URL request, one of:
606      * <UL>
607      *  <LI>GET
608      *  <LI>POST
609      *  <LI>HEAD
610      *  <LI>OPTIONS
611      *  <LI>PUT
612      *  <LI>DELETE
613      *  <LI>TRACE
614      * </UL> are legal, subject to protocol restrictions.  The default
615      * method is GET.
616      *
617      * @param method the HTTP method
618      * @exception ProtocolException if the method cannot be reset or if
619      *              the requested method isn't valid for HTTP.
620      * @exception SecurityException if a security manager is set and the
621      *              method is "TRACE", but the "allowHttpTrace"
622      *              NetPermission is not granted.
623      * @see #getRequestMethod()
624      */
setRequestMethod(String method)625     public void setRequestMethod(String method) throws ProtocolException {
626         if (connected) {
627             throw new ProtocolException("Can't reset method: already connected");
628         }
629         // This restriction will prevent people from using this class to
630         // experiment w/ new HTTP methods using java.  But it should
631         // be placed for security - the request String could be
632         // arbitrarily long.
633 
634         for (int i = 0; i < methods.length; i++) {
635             if (methods[i].equals(method)) {
636                 if (method.equals("TRACE")) {
637                     SecurityManager s = System.getSecurityManager();
638                     if (s != null) {
639                         s.checkPermission(new NetPermission("allowHttpTrace"));
640                     }
641                 }
642                 this.method = method;
643                 return;
644             }
645         }
646         throw new ProtocolException("Invalid HTTP method: " + method);
647     }
648 
649     /**
650      * Get the request method.
651      * @return the HTTP request method
652      * @see #setRequestMethod(java.lang.String)
653      */
getRequestMethod()654     public String getRequestMethod() {
655         return method;
656     }
657 
658     /**
659      * Gets the status code from an HTTP response message.
660      * For example, in the case of the following status lines:
661      * <PRE>
662      * HTTP/1.0 200 OK
663      * HTTP/1.0 401 Unauthorized
664      * </PRE>
665      * It will return 200 and 401 respectively.
666      * Returns -1 if no code can be discerned
667      * from the response (i.e., the response is not valid HTTP).
668      * @throws IOException if an error occurred connecting to the server.
669      * @return the HTTP Status-Code, or -1
670      */
getResponseCode()671     public int getResponseCode() throws IOException {
672         /*
673          * We're got the response code already
674          */
675         if (responseCode != -1) {
676             return responseCode;
677         }
678 
679         /*
680          * Ensure that we have connected to the server. Record
681          * exception as we need to re-throw it if there isn't
682          * a status line.
683          */
684         Exception exc = null;
685         try {
686             getInputStream();
687         } catch (Exception e) {
688             exc = e;
689         }
690 
691         /*
692          * If we can't a status-line then re-throw any exception
693          * that getInputStream threw.
694          */
695         String statusLine = getHeaderField(0);
696         if (statusLine == null) {
697             if (exc != null) {
698                 if (exc instanceof RuntimeException)
699                     throw (RuntimeException)exc;
700                 else
701                     throw (IOException)exc;
702             }
703             return -1;
704         }
705 
706         /*
707          * Examine the status-line - should be formatted as per
708          * section 6.1 of RFC 2616 :-
709          *
710          * Status-Line = HTTP-Version SP Status-Code SP Reason-Phrase
711          *
712          * If status line can't be parsed return -1.
713          */
714         if (statusLine.startsWith("HTTP/1.")) {
715             int codePos = statusLine.indexOf(' ');
716             if (codePos > 0) {
717 
718                 int phrasePos = statusLine.indexOf(' ', codePos+1);
719                 if (phrasePos > 0 && phrasePos < statusLine.length()) {
720                     responseMessage = statusLine.substring(phrasePos+1);
721                 }
722 
723                 // deviation from RFC 2616 - don't reject status line
724                 // if SP Reason-Phrase is not included.
725                 if (phrasePos < 0)
726                     phrasePos = statusLine.length();
727 
728                 try {
729                     responseCode = Integer.parseInt
730                             (statusLine.substring(codePos+1, phrasePos));
731                     return responseCode;
732                 } catch (NumberFormatException e) { }
733             }
734         }
735         return -1;
736     }
737 
738     /**
739      * Gets the HTTP response message, if any, returned along with the
740      * response code from a server.  From responses like:
741      * <PRE>
742      * HTTP/1.0 200 OK
743      * HTTP/1.0 404 Not Found
744      * </PRE>
745      * Extracts the Strings "OK" and "Not Found" respectively.
746      * Returns null if none could be discerned from the responses
747      * (the result was not valid HTTP).
748      * @throws IOException if an error occurred connecting to the server.
749      * @return the HTTP response message, or {@code null}
750      */
getResponseMessage()751     public String getResponseMessage() throws IOException {
752         getResponseCode();
753         return responseMessage;
754     }
755 
756     @SuppressWarnings("deprecation")
getHeaderFieldDate(String name, long Default)757     public long getHeaderFieldDate(String name, long Default) {
758         String dateString = getHeaderField(name);
759         try {
760             if (dateString.indexOf("GMT") == -1) {
761                 dateString = dateString+" GMT";
762             }
763             return Date.parse(dateString);
764         } catch (Exception e) {
765         }
766         return Default;
767     }
768 
769 
770     /**
771      * Indicates that other requests to the server
772      * are unlikely in the near future. Calling disconnect()
773      * should not imply that this HttpURLConnection
774      * instance can be reused for other requests.
775      */
disconnect()776     public abstract void disconnect();
777 
778     /**
779      * Indicates if the connection is going through a proxy.
780      * @return a boolean indicating if the connection is
781      * using a proxy.
782      */
usingProxy()783     public abstract boolean usingProxy();
784 
785     /**
786      * Returns a {@link SocketPermission} object representing the
787      * permission necessary to connect to the destination host and port.
788      *
789      * @exception IOException if an error occurs while computing
790      *            the permission.
791      *
792      * @return a {@code SocketPermission} object representing the
793      *         permission necessary to connect to the destination
794      *         host and port.
795      */
getPermission()796     public Permission getPermission() throws IOException {
797         int port = url.getPort();
798         port = port < 0 ? 80 : port;
799         String host = url.getHost() + ":" + port;
800         Permission permission = new SocketPermission(host, "connect");
801         return permission;
802     }
803 
804    /**
805     * Returns the error stream if the connection failed
806     * but the server sent useful data nonetheless. The
807     * typical example is when an HTTP server responds
808     * with a 404, which will cause a FileNotFoundException
809     * to be thrown in connect, but the server sent an HTML
810     * help page with suggestions as to what to do.
811     *
812     * <p>This method will not cause a connection to be initiated.  If
813     * the connection was not connected, or if the server did not have
814     * an error while connecting or if the server had an error but
815     * no error data was sent, this method will return null. This is
816     * the default.
817     *
818     * @return an error stream if any, null if there have been no
819     * errors, the connection is not connected or the server sent no
820     * useful data.
821     */
822     public InputStream getErrorStream() {
823         return null;
824     }
825 
826     /**
827      * The response codes for HTTP, as of version 1.1.
828      */
829 
830     // REMIND: do we want all these??
831     // Others not here that we do want??
832 
833     /* 2XX: generally "OK" */
834 
835     /**
836      * HTTP Status-Code 200: OK.
837      */
838     public static final int HTTP_OK = 200;
839 
840     /**
841      * HTTP Status-Code 201: Created.
842      */
843     public static final int HTTP_CREATED = 201;
844 
845     /**
846      * HTTP Status-Code 202: Accepted.
847      */
848     public static final int HTTP_ACCEPTED = 202;
849 
850     /**
851      * HTTP Status-Code 203: Non-Authoritative Information.
852      */
853     public static final int HTTP_NOT_AUTHORITATIVE = 203;
854 
855     /**
856      * HTTP Status-Code 204: No Content.
857      */
858     public static final int HTTP_NO_CONTENT = 204;
859 
860     /**
861      * HTTP Status-Code 205: Reset Content.
862      */
863     public static final int HTTP_RESET = 205;
864 
865     /**
866      * HTTP Status-Code 206: Partial Content.
867      */
868     public static final int HTTP_PARTIAL = 206;
869 
870     /* 3XX: relocation/redirect */
871 
872     /**
873      * HTTP Status-Code 300: Multiple Choices.
874      */
875     public static final int HTTP_MULT_CHOICE = 300;
876 
877     /**
878      * HTTP Status-Code 301: Moved Permanently.
879      */
880     public static final int HTTP_MOVED_PERM = 301;
881 
882     /**
883      * HTTP Status-Code 302: Temporary Redirect.
884      */
885     public static final int HTTP_MOVED_TEMP = 302;
886 
887     /**
888      * HTTP Status-Code 303: See Other.
889      */
890     public static final int HTTP_SEE_OTHER = 303;
891 
892     /**
893      * HTTP Status-Code 304: Not Modified.
894      */
895     public static final int HTTP_NOT_MODIFIED = 304;
896 
897     /**
898      * HTTP Status-Code 305: Use Proxy.
899      */
900     public static final int HTTP_USE_PROXY = 305;
901 
902     /* 4XX: client error */
903 
904     /**
905      * HTTP Status-Code 400: Bad Request.
906      */
907     public static final int HTTP_BAD_REQUEST = 400;
908 
909     /**
910      * HTTP Status-Code 401: Unauthorized.
911      */
912     public static final int HTTP_UNAUTHORIZED = 401;
913 
914     /**
915      * HTTP Status-Code 402: Payment Required.
916      */
917     public static final int HTTP_PAYMENT_REQUIRED = 402;
918 
919     /**
920      * HTTP Status-Code 403: Forbidden.
921      */
922     public static final int HTTP_FORBIDDEN = 403;
923 
924     /**
925      * HTTP Status-Code 404: Not Found.
926      */
927     public static final int HTTP_NOT_FOUND = 404;
928 
929     /**
930      * HTTP Status-Code 405: Method Not Allowed.
931      */
932     public static final int HTTP_BAD_METHOD = 405;
933 
934     /**
935      * HTTP Status-Code 406: Not Acceptable.
936      */
937     public static final int HTTP_NOT_ACCEPTABLE = 406;
938 
939     /**
940      * HTTP Status-Code 407: Proxy Authentication Required.
941      */
942     public static final int HTTP_PROXY_AUTH = 407;
943 
944     /**
945      * HTTP Status-Code 408: Request Time-Out.
946      */
947     public static final int HTTP_CLIENT_TIMEOUT = 408;
948 
949     /**
950      * HTTP Status-Code 409: Conflict.
951      */
952     public static final int HTTP_CONFLICT = 409;
953 
954     /**
955      * HTTP Status-Code 410: Gone.
956      */
957     public static final int HTTP_GONE = 410;
958 
959     /**
960      * HTTP Status-Code 411: Length Required.
961      */
962     public static final int HTTP_LENGTH_REQUIRED = 411;
963 
964     /**
965      * HTTP Status-Code 412: Precondition Failed.
966      */
967     public static final int HTTP_PRECON_FAILED = 412;
968 
969     /**
970      * HTTP Status-Code 413: Request Entity Too Large.
971      */
972     public static final int HTTP_ENTITY_TOO_LARGE = 413;
973 
974     /**
975      * HTTP Status-Code 414: Request-URI Too Large.
976      */
977     public static final int HTTP_REQ_TOO_LONG = 414;
978 
979     /**
980      * HTTP Status-Code 415: Unsupported Media Type.
981      */
982     public static final int HTTP_UNSUPPORTED_TYPE = 415;
983 
984     /* 5XX: server error */
985 
986     /**
987      * HTTP Status-Code 500: Internal Server Error.
988      * @deprecated   it is misplaced and shouldn't have existed.
989      */
990     @Deprecated
991     public static final int HTTP_SERVER_ERROR = 500;
992 
993     /**
994      * HTTP Status-Code 500: Internal Server Error.
995      */
996     public static final int HTTP_INTERNAL_ERROR = 500;
997 
998     /**
999      * HTTP Status-Code 501: Not Implemented.
1000      */
1001     public static final int HTTP_NOT_IMPLEMENTED = 501;
1002 
1003     /**
1004      * HTTP Status-Code 502: Bad Gateway.
1005      */
1006     public static final int HTTP_BAD_GATEWAY = 502;
1007 
1008     /**
1009      * HTTP Status-Code 503: Service Unavailable.
1010      */
1011     public static final int HTTP_UNAVAILABLE = 503;
1012 
1013     /**
1014      * HTTP Status-Code 504: Gateway Timeout.
1015      */
1016     public static final int HTTP_GATEWAY_TIMEOUT = 504;
1017 
1018     /**
1019      * HTTP Status-Code 505: HTTP Version Not Supported.
1020      */
1021     public static final int HTTP_VERSION = 505;
1022 
1023 }
1024