1 /* 2 * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package java.net; 27 28 import java.io.InputStream; 29 import java.io.IOException; 30 import java.security.Permission; 31 import java.util.Date; 32 33 // Android-changed: top-level documentation substantially changed/rewritten. 34 /** 35 * A URLConnection with support for HTTP-specific features. See 36 * <A HREF="http://www.w3.org/pub/WWW/Protocols/"> the spec </A> for 37 * details. 38 * <p> 39 * 40 * <p>Uses of this class follow a pattern: 41 * <ol> 42 * <li>Obtain a new {@code HttpURLConnection} by calling {@link 43 * URL#openConnection() URL.openConnection()} and casting the result to 44 * {@code HttpURLConnection}. 45 * <li>Prepare the request. The primary property of a request is its URI. 46 * Request headers may also include metadata such as credentials, preferred 47 * content types, and session cookies. 48 * <li>Optionally upload a request body. Instances must be configured with 49 * {@link #setDoOutput(boolean) setDoOutput(true)} if they include a 50 * request body. Transmit data by writing to the stream returned by {@link 51 * #getOutputStream()}. 52 * <li>Read the response. Response headers typically include metadata such as 53 * the response body's content type and length, modified dates and session 54 * cookies. The response body may be read from the stream returned by {@link 55 * #getInputStream()}. If the response has no body, that method returns an 56 * empty stream. 57 * <li>Disconnect. Once the response body has been read, the {@code 58 * HttpURLConnection} should be closed by calling {@link #disconnect()}. 59 * Disconnecting releases the resources held by a connection so they may 60 * be closed or reused. 61 * </ol> 62 * 63 * <p>For example, to retrieve the webpage at {@code http://www.android.com/}: 64 * <pre> {@code 65 * URL url = new URL("http://www.android.com/"); 66 * HttpURLConnection urlConnection = (HttpURLConnection) url.openConnection(); 67 * try { 68 * InputStream in = new BufferedInputStream(urlConnection.getInputStream()); 69 * readStream(in); 70 * } finally { 71 * urlConnection.disconnect(); 72 * } 73 * }</pre> 74 * 75 * <h3>Secure Communication with HTTPS</h3> 76 * Calling {@link URL#openConnection()} on a URL with the "https" 77 * scheme will return an {@code HttpsURLConnection}, which allows for 78 * overriding the default {@link javax.net.ssl.HostnameVerifier 79 * HostnameVerifier} and {@link javax.net.ssl.SSLSocketFactory 80 * SSLSocketFactory}. An application-supplied {@code SSLSocketFactory} 81 * created from an {@link javax.net.ssl.SSLContext SSLContext} can 82 * provide a custom {@link javax.net.ssl.X509TrustManager 83 * X509TrustManager} for verifying certificate chains and a custom 84 * {@link javax.net.ssl.X509KeyManager X509KeyManager} for supplying 85 * client certificates. See {@link javax.net.ssl.HttpsURLConnection 86 * HttpsURLConnection} for more details. 87 * 88 * <h3>Response Handling</h3> 89 * {@code HttpURLConnection} will follow up to five HTTP redirects. It will 90 * follow redirects from one origin server to another. This implementation 91 * doesn't follow redirects from HTTPS to HTTP or vice versa. 92 * 93 * <p>If the HTTP response indicates that an error occurred, {@link 94 * #getInputStream()} will throw an {@link IOException}. Use {@link 95 * #getErrorStream()} to read the error response. The headers can be read in 96 * the normal way using {@link #getHeaderFields()}, 97 * 98 * <h3>Posting Content</h3> 99 * To upload data to a web server, configure the connection for output using 100 * {@link #setDoOutput(boolean) setDoOutput(true)}. 101 * 102 * <p>For best performance, you should call either {@link 103 * #setFixedLengthStreamingMode(int)} when the body length is known in advance, 104 * or {@link #setChunkedStreamingMode(int)} when it is not. Otherwise {@code 105 * HttpURLConnection} will be forced to buffer the complete request body in 106 * memory before it is transmitted, wasting (and possibly exhausting) heap and 107 * increasing latency. 108 * 109 * <p>For example, to perform an upload: <pre> {@code 110 * HttpURLConnection urlConnection = (HttpURLConnection) url.openConnection(); 111 * try { 112 * urlConnection.setDoOutput(true); 113 * urlConnection.setChunkedStreamingMode(0); 114 * 115 * OutputStream out = new BufferedOutputStream(urlConnection.getOutputStream()); 116 * writeStream(out); 117 * 118 * InputStream in = new BufferedInputStream(urlConnection.getInputStream()); 119 * readStream(in); 120 * } finally { 121 * urlConnection.disconnect(); 122 * } 123 * }</pre> 124 * 125 * <h3>Performance</h3> 126 * The input and output streams returned by this class are <strong>not 127 * buffered</strong>. Most callers should wrap the returned streams with {@link 128 * java.io.BufferedInputStream BufferedInputStream} or {@link 129 * java.io.BufferedOutputStream BufferedOutputStream}. Callers that do only bulk 130 * reads or writes may omit buffering. 131 * 132 * <p>When transferring large amounts of data to or from a server, use streams 133 * to limit how much data is in memory at once. Unless you need the entire 134 * body to be in memory at once, process it as a stream (rather than storing 135 * the complete body as a single byte array or string). 136 * 137 * <p>To reduce latency, this class may reuse the same underlying {@code Socket} 138 * for multiple request/response pairs. As a result, HTTP connections may be 139 * held open longer than necessary. Calls to {@link #disconnect()} may return 140 * the socket to a pool of connected sockets. 141 * 142 * <p>By default, this implementation of {@code HttpURLConnection} requests that 143 * servers use gzip compression and it automatically decompresses the data for 144 * callers of {@link #getInputStream()}. The Content-Encoding and Content-Length 145 * response headers are cleared in this case. Gzip compression can be disabled by 146 * setting the acceptable encodings in the request header: <pre> {@code 147 * urlConnection.setRequestProperty("Accept-Encoding", "identity"); 148 * }</pre> 149 * 150 * <p>Setting the Accept-Encoding request header explicitly disables automatic 151 * decompression and leaves the response headers intact; callers must handle 152 * decompression as needed, according to the Content-Encoding header of the 153 * response. 154 * 155 * <p>{@link #getContentLength()} returns the number of bytes transmitted and 156 * cannot be used to predict how many bytes can be read from 157 * {@link #getInputStream()} for compressed streams. Instead, read that stream 158 * until it is exhausted, i.e. when {@link InputStream#read} returns -1. 159 * 160 * <h3>Handling Network Sign-On</h3> 161 * Some Wi-Fi networks block Internet access until the user clicks through a 162 * sign-on page. Such sign-on pages are typically presented by using HTTP 163 * redirects. You can use {@link #getURL()} to test if your connection has been 164 * unexpectedly redirected. This check is not valid until <strong>after</strong> 165 * the response headers have been received, which you can trigger by calling 166 * {@link #getHeaderFields()} or {@link #getInputStream()}. For example, to 167 * check that a response was not redirected to an unexpected host: 168 * <pre> {@code 169 * HttpURLConnection urlConnection = (HttpURLConnection) url.openConnection(); 170 * try { 171 * InputStream in = new BufferedInputStream(urlConnection.getInputStream()); 172 * if (!url.getHost().equals(urlConnection.getURL().getHost())) { 173 * // we were redirected! Kick the user out to the browser to sign on? 174 * } 175 * ... 176 * } finally { 177 * urlConnection.disconnect(); 178 * } 179 * }</pre> 180 * 181 * <h3>HTTP Authentication</h3> 182 * {@code HttpURLConnection} supports <a 183 * href="http://www.ietf.org/rfc/rfc2617">HTTP basic authentication</a>. Use 184 * {@link Authenticator} to set the VM-wide authentication handler: 185 * <pre> {@code 186 * Authenticator.setDefault(new Authenticator() { 187 * protected PasswordAuthentication getPasswordAuthentication() { 188 * return new PasswordAuthentication(username, password.toCharArray()); 189 * } 190 * }); 191 * }</pre> 192 * Unless paired with HTTPS, this is <strong>not</strong> a secure mechanism for 193 * user authentication. In particular, the username, password, request and 194 * response are all transmitted over the network without encryption. 195 * 196 * <h3>Sessions with Cookies</h3> 197 * To establish and maintain a potentially long-lived session between client 198 * and server, {@code HttpURLConnection} includes an extensible cookie manager. 199 * Enable VM-wide cookie management using {@link CookieHandler} and {@link 200 * CookieManager}: <pre> {@code 201 * CookieManager cookieManager = new CookieManager(); 202 * CookieHandler.setDefault(cookieManager); 203 * }</pre> 204 * By default, {@code CookieManager} accepts cookies from the <a 205 * href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec1.html">origin 206 * server</a> only. Two other policies are included: {@link 207 * CookiePolicy#ACCEPT_ALL} and {@link CookiePolicy#ACCEPT_NONE}. Implement 208 * {@link CookiePolicy} to define a custom policy. 209 * 210 * <p>The default {@code CookieManager} keeps all accepted cookies in memory. It 211 * will forget these cookies when the VM exits. Implement {@link CookieStore} to 212 * define a custom cookie store. 213 * 214 * <p>In addition to the cookies set by HTTP responses, you may set cookies 215 * programmatically. To be included in HTTP request headers, cookies must have 216 * the domain and path properties set. 217 * 218 * <p>By default, new instances of {@code HttpCookie} work only with servers 219 * that support <a href="http://www.ietf.org/rfc/rfc2965.txt">RFC 2965</a> 220 * cookies. Many web servers support only the older specification, <a 221 * href="http://www.ietf.org/rfc/rfc2109.txt">RFC 2109</a>. For compatibility 222 * with the most web servers, set the cookie version to 0. 223 * 224 * <p>For example, to receive {@code www.twitter.com} in French: <pre> {@code 225 * HttpCookie cookie = new HttpCookie("lang", "fr"); 226 * cookie.setDomain("twitter.com"); 227 * cookie.setPath("/"); 228 * cookie.setVersion(0); 229 * cookieManager.getCookieStore().add(new URI("http://twitter.com/"), cookie); 230 * }</pre> 231 * 232 * <h3>HTTP Methods</h3> 233 * <p>{@code HttpURLConnection} uses the {@code GET} method by default. It will 234 * use {@code POST} if {@link #setDoOutput setDoOutput(true)} has been called. 235 * Other HTTP methods ({@code OPTIONS}, {@code HEAD}, {@code PUT}, {@code 236 * DELETE} and {@code TRACE}) can be used with {@link #setRequestMethod}. 237 * 238 * <h3>Proxies</h3> 239 * By default, this class will connect directly to the <a 240 * href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec1.html">origin 241 * server</a>. It can also connect via an {@link Proxy.Type#HTTP HTTP} or {@link 242 * Proxy.Type#SOCKS SOCKS} proxy. To use a proxy, use {@link 243 * URL#openConnection(Proxy) URL.openConnection(Proxy)} when creating the 244 * connection. 245 * 246 * <h3>IPv6 Support</h3> 247 * <p>This class includes transparent support for IPv6. For hosts with both IPv4 248 * and IPv6 addresses, it will attempt to connect to each of a host's addresses 249 * until a connection is established. 250 * 251 * <h3>Response Caching</h3> 252 * Android 4.0 (Ice Cream Sandwich, API level 15) includes a response cache. See 253 * {@code android.net.http.HttpResponseCache} for instructions on enabling HTTP 254 * caching in your application. 255 * 256 * <h3>Avoiding Bugs In Earlier Releases</h3> 257 * Prior to Android 2.2 (Froyo), this class had some frustrating bugs. In 258 * particular, calling {@code close()} on a readable {@code InputStream} could 259 * <a href="http://code.google.com/p/android/issues/detail?id=2939">poison the 260 * connection pool</a>. Work around this by disabling connection pooling: 261 * <pre> {@code 262 * private void disableConnectionReuseIfNecessary() { 263 * // Work around pre-Froyo bugs in HTTP connection reuse. 264 * if (Integer.parseInt(Build.VERSION.SDK) < Build.VERSION_CODES.FROYO) { 265 * System.setProperty("http.keepAlive", "false"); 266 * } 267 * }}</pre> 268 * 269 * <p>Each instance of {@code HttpURLConnection} may be used for one 270 * request/response pair. Instances of this class are not thread safe. 271 * 272 * @see java.net.HttpURLConnection#disconnect() 273 * @since JDK1.1 274 */ 275 abstract public class HttpURLConnection extends URLConnection { 276 /* instance variables */ 277 278 /** 279 * The HTTP method (GET,POST,PUT,etc.). 280 */ 281 protected String method = "GET"; 282 283 /** 284 * The chunk-length when using chunked encoding streaming mode for output. 285 * A value of {@code -1} means chunked encoding is disabled for output. 286 * @since 1.5 287 */ 288 protected int chunkLength = -1; 289 290 /** 291 * The fixed content-length when using fixed-length streaming mode. 292 * A value of {@code -1} means fixed-length streaming mode is disabled 293 * for output. 294 * 295 * <P> <B>NOTE:</B> {@link #fixedContentLengthLong} is recommended instead 296 * of this field, as it allows larger content lengths to be set. 297 * 298 * @since 1.5 299 */ 300 protected int fixedContentLength = -1; 301 302 /** 303 * The fixed content-length when using fixed-length streaming mode. 304 * A value of {@code -1} means fixed-length streaming mode is disabled 305 * for output. 306 * 307 * @since 1.7 308 */ 309 protected long fixedContentLengthLong = -1; 310 311 /** 312 * Returns the key for the {@code n}<sup>th</sup> header field. 313 * Some implementations may treat the {@code 0}<sup>th</sup> 314 * header field as special, i.e. as the status line returned by the HTTP 315 * server. In this case, {@link #getHeaderField(int) getHeaderField(0)} returns the status 316 * line, but {@code getHeaderFieldKey(0)} returns null. 317 * 318 * @param n an index, where {@code n >=0}. 319 * @return the key for the {@code n}<sup>th</sup> header field, 320 * or {@code null} if the key does not exist. 321 */ getHeaderFieldKey(int n)322 public String getHeaderFieldKey (int n) { 323 return null; 324 } 325 326 /** 327 * This method is used to enable streaming of a HTTP request body 328 * without internal buffering, when the content length is known in 329 * advance. 330 * <p> 331 * An exception will be thrown if the application 332 * attempts to write more data than the indicated 333 * content-length, or if the application closes the OutputStream 334 * before writing the indicated amount. 335 * <p> 336 * When output streaming is enabled, authentication 337 * and redirection cannot be handled automatically. 338 * A HttpRetryException will be thrown when reading 339 * the response if authentication or redirection are required. 340 * This exception can be queried for the details of the error. 341 * <p> 342 * This method must be called before the URLConnection is connected. 343 * <p> 344 * <B>NOTE:</B> {@link #setFixedLengthStreamingMode(long)} is recommended 345 * instead of this method as it allows larger content lengths to be set. 346 * 347 * @param contentLength The number of bytes which will be written 348 * to the OutputStream. 349 * 350 * @throws IllegalStateException if URLConnection is already connected 351 * or if a different streaming mode is already enabled. 352 * 353 * @throws IllegalArgumentException if a content length less than 354 * zero is specified. 355 * 356 * @see #setChunkedStreamingMode(int) 357 * @since 1.5 358 */ setFixedLengthStreamingMode(int contentLength)359 public void setFixedLengthStreamingMode (int contentLength) { 360 if (connected) { 361 throw new IllegalStateException ("Already connected"); 362 } 363 if (chunkLength != -1) { 364 throw new IllegalStateException ("Chunked encoding streaming mode set"); 365 } 366 if (contentLength < 0) { 367 throw new IllegalArgumentException ("invalid content length"); 368 } 369 fixedContentLength = contentLength; 370 } 371 372 /** 373 * This method is used to enable streaming of a HTTP request body 374 * without internal buffering, when the content length is known in 375 * advance. 376 * 377 * <P> An exception will be thrown if the application attempts to write 378 * more data than the indicated content-length, or if the application 379 * closes the OutputStream before writing the indicated amount. 380 * 381 * <P> When output streaming is enabled, authentication and redirection 382 * cannot be handled automatically. A {@linkplain HttpRetryException} will 383 * be thrown when reading the response if authentication or redirection 384 * are required. This exception can be queried for the details of the 385 * error. 386 * 387 * <P> This method must be called before the URLConnection is connected. 388 * 389 * <P> The content length set by invoking this method takes precedence 390 * over any value set by {@link #setFixedLengthStreamingMode(int)}. 391 * 392 * @param contentLength 393 * The number of bytes which will be written to the OutputStream. 394 * 395 * @throws IllegalStateException 396 * if URLConnection is already connected or if a different 397 * streaming mode is already enabled. 398 * 399 * @throws IllegalArgumentException 400 * if a content length less than zero is specified. 401 * 402 * @since 1.7 403 */ setFixedLengthStreamingMode(long contentLength)404 public void setFixedLengthStreamingMode(long contentLength) { 405 if (connected) { 406 throw new IllegalStateException("Already connected"); 407 } 408 if (chunkLength != -1) { 409 throw new IllegalStateException( 410 "Chunked encoding streaming mode set"); 411 } 412 if (contentLength < 0) { 413 throw new IllegalArgumentException("invalid content length"); 414 } 415 fixedContentLengthLong = contentLength; 416 } 417 418 /* Default chunk size (including chunk header) if not specified; 419 * we want to keep this in sync with the one defined in 420 * sun.net.www.http.ChunkedOutputStream 421 */ 422 private static final int DEFAULT_CHUNK_SIZE = 4096; 423 424 /** 425 * This method is used to enable streaming of a HTTP request body 426 * without internal buffering, when the content length is <b>not</b> 427 * known in advance. In this mode, chunked transfer encoding 428 * is used to send the request body. Note, not all HTTP servers 429 * support this mode. 430 * <p> 431 * When output streaming is enabled, authentication 432 * and redirection cannot be handled automatically. 433 * A HttpRetryException will be thrown when reading 434 * the response if authentication or redirection are required. 435 * This exception can be queried for the details of the error. 436 * <p> 437 * This method must be called before the URLConnection is connected. 438 * 439 * @param chunklen The number of bytes to write in each chunk. 440 * If chunklen is less than or equal to zero, a default 441 * value will be used. 442 * 443 * @throws IllegalStateException if URLConnection is already connected 444 * or if a different streaming mode is already enabled. 445 * 446 * @see #setFixedLengthStreamingMode(int) 447 * @since 1.5 448 */ setChunkedStreamingMode(int chunklen)449 public void setChunkedStreamingMode (int chunklen) { 450 if (connected) { 451 throw new IllegalStateException ("Can't set streaming mode: already connected"); 452 } 453 if (fixedContentLength != -1 || fixedContentLengthLong != -1) { 454 throw new IllegalStateException ("Fixed length streaming mode set"); 455 } 456 chunkLength = chunklen <=0? DEFAULT_CHUNK_SIZE : chunklen; 457 } 458 459 /** 460 * Returns the value for the {@code n}<sup>th</sup> header field. 461 * Some implementations may treat the {@code 0}<sup>th</sup> 462 * header field as special, i.e. as the status line returned by the HTTP 463 * server. 464 * <p> 465 * This method can be used in conjunction with the 466 * {@link #getHeaderFieldKey getHeaderFieldKey} method to iterate through all 467 * the headers in the message. 468 * 469 * @param n an index, where {@code n>=0}. 470 * @return the value of the {@code n}<sup>th</sup> header field, 471 * or {@code null} if the value does not exist. 472 * @see java.net.HttpURLConnection#getHeaderFieldKey(int) 473 */ getHeaderField(int n)474 public String getHeaderField(int n) { 475 return null; 476 } 477 478 /** 479 * An {@code int} representing the three digit HTTP Status-Code. 480 * <ul> 481 * <li> 1xx: Informational 482 * <li> 2xx: Success 483 * <li> 3xx: Redirection 484 * <li> 4xx: Client Error 485 * <li> 5xx: Server Error 486 * </ul> 487 */ 488 protected int responseCode = -1; 489 490 /** 491 * The HTTP response message. 492 */ 493 protected String responseMessage = null; 494 495 /* static variables */ 496 497 /* do we automatically follow redirects? The default is true. */ 498 private static boolean followRedirects = true; 499 500 /** 501 * If {@code true}, the protocol will automatically follow redirects. 502 * If {@code false}, the protocol will not automatically follow 503 * redirects. 504 * <p> 505 * This field is set by the {@code setInstanceFollowRedirects} 506 * method. Its value is returned by the {@code getInstanceFollowRedirects} 507 * method. 508 * <p> 509 * Its default value is based on the value of the static followRedirects 510 * at HttpURLConnection construction time. 511 * 512 * @see java.net.HttpURLConnection#setInstanceFollowRedirects(boolean) 513 * @see java.net.HttpURLConnection#getInstanceFollowRedirects() 514 * @see java.net.HttpURLConnection#setFollowRedirects(boolean) 515 */ 516 protected boolean instanceFollowRedirects = followRedirects; 517 518 /* valid HTTP methods */ 519 private static final String[] methods = { 520 "GET", "POST", "HEAD", "OPTIONS", "PUT", "DELETE", "TRACE" 521 }; 522 523 /** 524 * Constructor for the HttpURLConnection. 525 * @param u the URL 526 */ HttpURLConnection(URL u)527 protected HttpURLConnection (URL u) { 528 super(u); 529 } 530 531 /** 532 * Sets whether HTTP redirects (requests with response code 3xx) should 533 * be automatically followed by this class. True by default. Applets 534 * cannot change this variable. 535 * <p> 536 * If there is a security manager, this method first calls 537 * the security manager's {@code checkSetFactory} method 538 * to ensure the operation is allowed. 539 * This could result in a SecurityException. 540 * 541 * @param set a {@code boolean} indicating whether or not 542 * to follow HTTP redirects. 543 * @exception SecurityException if a security manager exists and its 544 * {@code checkSetFactory} method doesn't 545 * allow the operation. 546 * @see SecurityManager#checkSetFactory 547 * @see #getFollowRedirects() 548 */ setFollowRedirects(boolean set)549 public static void setFollowRedirects(boolean set) { 550 SecurityManager sec = System.getSecurityManager(); 551 if (sec != null) { 552 // seems to be the best check here... 553 sec.checkSetFactory(); 554 } 555 followRedirects = set; 556 } 557 558 /** 559 * Returns a {@code boolean} indicating 560 * whether or not HTTP redirects (3xx) should 561 * be automatically followed. 562 * 563 * @return {@code true} if HTTP redirects should 564 * be automatically followed, {@code false} if not. 565 * @see #setFollowRedirects(boolean) 566 */ getFollowRedirects()567 public static boolean getFollowRedirects() { 568 return followRedirects; 569 } 570 571 /** 572 * Sets whether HTTP redirects (requests with response code 3xx) should 573 * be automatically followed by this {@code HttpURLConnection} 574 * instance. 575 * <p> 576 * The default value comes from followRedirects, which defaults to 577 * true. 578 * 579 * @param followRedirects a {@code boolean} indicating 580 * whether or not to follow HTTP redirects. 581 * 582 * @see java.net.HttpURLConnection#instanceFollowRedirects 583 * @see #getInstanceFollowRedirects 584 * @since 1.3 585 */ setInstanceFollowRedirects(boolean followRedirects)586 public void setInstanceFollowRedirects(boolean followRedirects) { 587 instanceFollowRedirects = followRedirects; 588 } 589 590 /** 591 * Returns the value of this {@code HttpURLConnection}'s 592 * {@code instanceFollowRedirects} field. 593 * 594 * @return the value of this {@code HttpURLConnection}'s 595 * {@code instanceFollowRedirects} field. 596 * @see java.net.HttpURLConnection#instanceFollowRedirects 597 * @see #setInstanceFollowRedirects(boolean) 598 * @since 1.3 599 */ getInstanceFollowRedirects()600 public boolean getInstanceFollowRedirects() { 601 return instanceFollowRedirects; 602 } 603 604 /** 605 * Set the method for the URL request, one of: 606 * <UL> 607 * <LI>GET 608 * <LI>POST 609 * <LI>HEAD 610 * <LI>OPTIONS 611 * <LI>PUT 612 * <LI>DELETE 613 * <LI>TRACE 614 * </UL> are legal, subject to protocol restrictions. The default 615 * method is GET. 616 * 617 * @param method the HTTP method 618 * @exception ProtocolException if the method cannot be reset or if 619 * the requested method isn't valid for HTTP. 620 * @exception SecurityException if a security manager is set and the 621 * method is "TRACE", but the "allowHttpTrace" 622 * NetPermission is not granted. 623 * @see #getRequestMethod() 624 */ setRequestMethod(String method)625 public void setRequestMethod(String method) throws ProtocolException { 626 if (connected) { 627 throw new ProtocolException("Can't reset method: already connected"); 628 } 629 // This restriction will prevent people from using this class to 630 // experiment w/ new HTTP methods using java. But it should 631 // be placed for security - the request String could be 632 // arbitrarily long. 633 634 for (int i = 0; i < methods.length; i++) { 635 if (methods[i].equals(method)) { 636 if (method.equals("TRACE")) { 637 SecurityManager s = System.getSecurityManager(); 638 if (s != null) { 639 s.checkPermission(new NetPermission("allowHttpTrace")); 640 } 641 } 642 this.method = method; 643 return; 644 } 645 } 646 throw new ProtocolException("Invalid HTTP method: " + method); 647 } 648 649 /** 650 * Get the request method. 651 * @return the HTTP request method 652 * @see #setRequestMethod(java.lang.String) 653 */ getRequestMethod()654 public String getRequestMethod() { 655 return method; 656 } 657 658 /** 659 * Gets the status code from an HTTP response message. 660 * For example, in the case of the following status lines: 661 * <PRE> 662 * HTTP/1.0 200 OK 663 * HTTP/1.0 401 Unauthorized 664 * </PRE> 665 * It will return 200 and 401 respectively. 666 * Returns -1 if no code can be discerned 667 * from the response (i.e., the response is not valid HTTP). 668 * @throws IOException if an error occurred connecting to the server. 669 * @return the HTTP Status-Code, or -1 670 */ getResponseCode()671 public int getResponseCode() throws IOException { 672 /* 673 * We're got the response code already 674 */ 675 if (responseCode != -1) { 676 return responseCode; 677 } 678 679 /* 680 * Ensure that we have connected to the server. Record 681 * exception as we need to re-throw it if there isn't 682 * a status line. 683 */ 684 Exception exc = null; 685 try { 686 getInputStream(); 687 } catch (Exception e) { 688 exc = e; 689 } 690 691 /* 692 * If we can't a status-line then re-throw any exception 693 * that getInputStream threw. 694 */ 695 String statusLine = getHeaderField(0); 696 if (statusLine == null) { 697 if (exc != null) { 698 if (exc instanceof RuntimeException) 699 throw (RuntimeException)exc; 700 else 701 throw (IOException)exc; 702 } 703 return -1; 704 } 705 706 /* 707 * Examine the status-line - should be formatted as per 708 * section 6.1 of RFC 2616 :- 709 * 710 * Status-Line = HTTP-Version SP Status-Code SP Reason-Phrase 711 * 712 * If status line can't be parsed return -1. 713 */ 714 if (statusLine.startsWith("HTTP/1.")) { 715 int codePos = statusLine.indexOf(' '); 716 if (codePos > 0) { 717 718 int phrasePos = statusLine.indexOf(' ', codePos+1); 719 if (phrasePos > 0 && phrasePos < statusLine.length()) { 720 responseMessage = statusLine.substring(phrasePos+1); 721 } 722 723 // deviation from RFC 2616 - don't reject status line 724 // if SP Reason-Phrase is not included. 725 if (phrasePos < 0) 726 phrasePos = statusLine.length(); 727 728 try { 729 responseCode = Integer.parseInt 730 (statusLine.substring(codePos+1, phrasePos)); 731 return responseCode; 732 } catch (NumberFormatException e) { } 733 } 734 } 735 return -1; 736 } 737 738 /** 739 * Gets the HTTP response message, if any, returned along with the 740 * response code from a server. From responses like: 741 * <PRE> 742 * HTTP/1.0 200 OK 743 * HTTP/1.0 404 Not Found 744 * </PRE> 745 * Extracts the Strings "OK" and "Not Found" respectively. 746 * Returns null if none could be discerned from the responses 747 * (the result was not valid HTTP). 748 * @throws IOException if an error occurred connecting to the server. 749 * @return the HTTP response message, or {@code null} 750 */ getResponseMessage()751 public String getResponseMessage() throws IOException { 752 getResponseCode(); 753 return responseMessage; 754 } 755 756 @SuppressWarnings("deprecation") getHeaderFieldDate(String name, long Default)757 public long getHeaderFieldDate(String name, long Default) { 758 String dateString = getHeaderField(name); 759 try { 760 if (dateString.indexOf("GMT") == -1) { 761 dateString = dateString+" GMT"; 762 } 763 return Date.parse(dateString); 764 } catch (Exception e) { 765 } 766 return Default; 767 } 768 769 770 /** 771 * Indicates that other requests to the server 772 * are unlikely in the near future. Calling disconnect() 773 * should not imply that this HttpURLConnection 774 * instance can be reused for other requests. 775 */ disconnect()776 public abstract void disconnect(); 777 778 /** 779 * Indicates if the connection is going through a proxy. 780 * @return a boolean indicating if the connection is 781 * using a proxy. 782 */ usingProxy()783 public abstract boolean usingProxy(); 784 785 /** 786 * Returns a {@link SocketPermission} object representing the 787 * permission necessary to connect to the destination host and port. 788 * 789 * @exception IOException if an error occurs while computing 790 * the permission. 791 * 792 * @return a {@code SocketPermission} object representing the 793 * permission necessary to connect to the destination 794 * host and port. 795 */ getPermission()796 public Permission getPermission() throws IOException { 797 int port = url.getPort(); 798 port = port < 0 ? 80 : port; 799 String host = url.getHost() + ":" + port; 800 Permission permission = new SocketPermission(host, "connect"); 801 return permission; 802 } 803 804 /** 805 * Returns the error stream if the connection failed 806 * but the server sent useful data nonetheless. The 807 * typical example is when an HTTP server responds 808 * with a 404, which will cause a FileNotFoundException 809 * to be thrown in connect, but the server sent an HTML 810 * help page with suggestions as to what to do. 811 * 812 * <p>This method will not cause a connection to be initiated. If 813 * the connection was not connected, or if the server did not have 814 * an error while connecting or if the server had an error but 815 * no error data was sent, this method will return null. This is 816 * the default. 817 * 818 * @return an error stream if any, null if there have been no 819 * errors, the connection is not connected or the server sent no 820 * useful data. 821 */ 822 public InputStream getErrorStream() { 823 return null; 824 } 825 826 /** 827 * The response codes for HTTP, as of version 1.1. 828 */ 829 830 // REMIND: do we want all these?? 831 // Others not here that we do want?? 832 833 /* 2XX: generally "OK" */ 834 835 /** 836 * HTTP Status-Code 200: OK. 837 */ 838 public static final int HTTP_OK = 200; 839 840 /** 841 * HTTP Status-Code 201: Created. 842 */ 843 public static final int HTTP_CREATED = 201; 844 845 /** 846 * HTTP Status-Code 202: Accepted. 847 */ 848 public static final int HTTP_ACCEPTED = 202; 849 850 /** 851 * HTTP Status-Code 203: Non-Authoritative Information. 852 */ 853 public static final int HTTP_NOT_AUTHORITATIVE = 203; 854 855 /** 856 * HTTP Status-Code 204: No Content. 857 */ 858 public static final int HTTP_NO_CONTENT = 204; 859 860 /** 861 * HTTP Status-Code 205: Reset Content. 862 */ 863 public static final int HTTP_RESET = 205; 864 865 /** 866 * HTTP Status-Code 206: Partial Content. 867 */ 868 public static final int HTTP_PARTIAL = 206; 869 870 /* 3XX: relocation/redirect */ 871 872 /** 873 * HTTP Status-Code 300: Multiple Choices. 874 */ 875 public static final int HTTP_MULT_CHOICE = 300; 876 877 /** 878 * HTTP Status-Code 301: Moved Permanently. 879 */ 880 public static final int HTTP_MOVED_PERM = 301; 881 882 /** 883 * HTTP Status-Code 302: Temporary Redirect. 884 */ 885 public static final int HTTP_MOVED_TEMP = 302; 886 887 /** 888 * HTTP Status-Code 303: See Other. 889 */ 890 public static final int HTTP_SEE_OTHER = 303; 891 892 /** 893 * HTTP Status-Code 304: Not Modified. 894 */ 895 public static final int HTTP_NOT_MODIFIED = 304; 896 897 /** 898 * HTTP Status-Code 305: Use Proxy. 899 */ 900 public static final int HTTP_USE_PROXY = 305; 901 902 /* 4XX: client error */ 903 904 /** 905 * HTTP Status-Code 400: Bad Request. 906 */ 907 public static final int HTTP_BAD_REQUEST = 400; 908 909 /** 910 * HTTP Status-Code 401: Unauthorized. 911 */ 912 public static final int HTTP_UNAUTHORIZED = 401; 913 914 /** 915 * HTTP Status-Code 402: Payment Required. 916 */ 917 public static final int HTTP_PAYMENT_REQUIRED = 402; 918 919 /** 920 * HTTP Status-Code 403: Forbidden. 921 */ 922 public static final int HTTP_FORBIDDEN = 403; 923 924 /** 925 * HTTP Status-Code 404: Not Found. 926 */ 927 public static final int HTTP_NOT_FOUND = 404; 928 929 /** 930 * HTTP Status-Code 405: Method Not Allowed. 931 */ 932 public static final int HTTP_BAD_METHOD = 405; 933 934 /** 935 * HTTP Status-Code 406: Not Acceptable. 936 */ 937 public static final int HTTP_NOT_ACCEPTABLE = 406; 938 939 /** 940 * HTTP Status-Code 407: Proxy Authentication Required. 941 */ 942 public static final int HTTP_PROXY_AUTH = 407; 943 944 /** 945 * HTTP Status-Code 408: Request Time-Out. 946 */ 947 public static final int HTTP_CLIENT_TIMEOUT = 408; 948 949 /** 950 * HTTP Status-Code 409: Conflict. 951 */ 952 public static final int HTTP_CONFLICT = 409; 953 954 /** 955 * HTTP Status-Code 410: Gone. 956 */ 957 public static final int HTTP_GONE = 410; 958 959 /** 960 * HTTP Status-Code 411: Length Required. 961 */ 962 public static final int HTTP_LENGTH_REQUIRED = 411; 963 964 /** 965 * HTTP Status-Code 412: Precondition Failed. 966 */ 967 public static final int HTTP_PRECON_FAILED = 412; 968 969 /** 970 * HTTP Status-Code 413: Request Entity Too Large. 971 */ 972 public static final int HTTP_ENTITY_TOO_LARGE = 413; 973 974 /** 975 * HTTP Status-Code 414: Request-URI Too Large. 976 */ 977 public static final int HTTP_REQ_TOO_LONG = 414; 978 979 /** 980 * HTTP Status-Code 415: Unsupported Media Type. 981 */ 982 public static final int HTTP_UNSUPPORTED_TYPE = 415; 983 984 /* 5XX: server error */ 985 986 /** 987 * HTTP Status-Code 500: Internal Server Error. 988 * @deprecated it is misplaced and shouldn't have existed. 989 */ 990 @Deprecated 991 public static final int HTTP_SERVER_ERROR = 500; 992 993 /** 994 * HTTP Status-Code 500: Internal Server Error. 995 */ 996 public static final int HTTP_INTERNAL_ERROR = 500; 997 998 /** 999 * HTTP Status-Code 501: Not Implemented. 1000 */ 1001 public static final int HTTP_NOT_IMPLEMENTED = 501; 1002 1003 /** 1004 * HTTP Status-Code 502: Bad Gateway. 1005 */ 1006 public static final int HTTP_BAD_GATEWAY = 502; 1007 1008 /** 1009 * HTTP Status-Code 503: Service Unavailable. 1010 */ 1011 public static final int HTTP_UNAVAILABLE = 503; 1012 1013 /** 1014 * HTTP Status-Code 504: Gateway Timeout. 1015 */ 1016 public static final int HTTP_GATEWAY_TIMEOUT = 504; 1017 1018 /** 1019 * HTTP Status-Code 505: HTTP Version Not Supported. 1020 */ 1021 public static final int HTTP_VERSION = 505; 1022 1023 } 1024