// Copyright 2002 Adam Megacz, see the COPYING file for licensing [GPL]package org.xwt;
+package org.xwt;
import java.net.*;
import java.io.*;
public HTTP(String url) throws MalformedURLException, IOException { this(url, false); }
public HTTP(String url, boolean skipResolveCheck) throws MalformedURLException, IOException {
- if (url.startsWith("https:")) { url = "http" + url.substring(5); ssl = true; }
- if (!url.startsWith("http:")) throw new HTTPException("HTTP only supports http/https urls");
- this.url = new URL(url);
+ if (url.startsWith("https:")) {
+ this.url = new URL("http" + url.substring(5));
+ ssl = true;
+ } else if (!url.startsWith("http:")) {
+ throw new HTTPException("HTTP only supports http/https urls");
+ } else {
+ this.url = new URL(url);
+ }
+ if (!skipResolveCheck) resolveAndCheckIfFirewalled(this.url.getHost());
port = this.url.getPort();
path = this.url.getFile();
if (port == -1) port = ssl ? 443 : 80;
host = this.url.getHost();
if (Log.on) Log.log(this, "creating HTTP object for connection to " + host + ":" + port);
- addHeader("Host", host); // host header is always sent verbatim
- if (!skipResolveCheck) host = resolveAndCheckIfFirewalled(host); // might have to use the strict IP if behind a proxy
+ init();
+ }
+ /** this method initializes the HTTP object, resetting if needed (in case of a reconnect) */
+ public void init() throws IOException {
+ headers = "";
+ sock = null;
+ in = null;
+ out = null;
+ addHeader("Host", host);
ProxyInfo pi = Platform.detectProxy();
if (sock == null && pi != null && pi.proxyAutoConfigFunction != null) sock = attemptPAC(pi.proxyAutoConfigFunction);
if (sock == null && pi != null && ssl && pi.httpsProxyHost != null) sock = attemptHttpProxy(pi.httpsProxyHost, pi.httpsProxyPort);
if (sock == null && pi != null && pi.httpProxyHost != null) sock = attemptHttpProxy(pi.httpProxyHost, pi.httpProxyPort);
if (sock == null && pi != null && pi.socksProxyHost != null) sock = attemptSocksProxy(pi.socksProxyHost, pi.socksProxyPort);
if (sock == null) sock = attemptDirect();
- if (sock == null) throw new HTTPException("all socket creation attempts have failed");
- sock.setTcpNoDelay(true);
+ if (sock == null) throw new HTTPException("unable to contact host " + host);
}
-
// Safeguarded DNS Resolver ///////////////////////////////////////////////////////////////////////////
/**
* resolves the hostname and returns it as a string in the form "x.y.z.w", except for the special case "xmlrpc.xwt.org".
* @throws HTTPException if the host falls within a firewalled netblock
*/
- private String resolveAndCheckIfFirewalled(String host) throws HTTPException {
+ private void resolveAndCheckIfFirewalled(String host) throws HTTPException {
// special case
- if (host.equals("xmlrpc.xwt.org")) return host;
+ if (host.equals("xmlrpc.xwt.org")) return;
// cached
- if (resolvedHosts.get(host) != null) return (String)resolvedHosts.get(host);
+ if (resolvedHosts.get(host) != null) return;
if (Log.on) Log.log(this, " resolveAndCheckIfFirewalled: resolving " + host);
+ // if all scripts are trustworthy (local FS), continue
+ if (Main.originAddr == null) return;
+
// resolve using DNS
try {
InetAddress addr = InetAddress.getByName(host);
(quadbyte[0] == 192 && quadbyte[1] == 168) ||
(quadbyte[0] == 172 && (quadbyte[1] & 0xF0) == 16)) && !addr.equals(Main.originAddr))
throw new HTTPException("security violation: " + host + " [" + addr.getHostAddress() + "] is in a firewalled netblock");
- return addr.getHostAddress();
+ return;
} catch (UnknownHostException uhe) { }
// resolve using xmlrpc.xwt.org
Object ret = new XMLRPC("http://xmlrpc.xwt.org/RPC2/", "dns.resolve").call(new Object[] { host });
if (ret == null || !(ret instanceof String)) throw new Exception(" xmlrpc.xwt.org returned non-String: " + ret);
resolvedHosts.put(host, ret);
- return (String)ret;
+ return;
} catch (Throwable e) {
throw new HTTPException("exception while attempting to use xmlrpc.xwt.org to resolve " + host + ": " + e);
}
if (!ssl) {
path = "http://" + host + ":" + port + path;
} else {
- if (Log.on) Log.log(this, "attempting to create HTTP proxied socket using proxy " + proxyHost + ":" + proxyPort);
PrintWriter pw = new PrintWriter(new OutputStreamWriter(sock.getOutputStream()));
BufferedReader br = new BufferedReader(new InputStreamReader(sock.getInputStream()));
- pw.print("CONNECT " + host + ":" + port + " HTTP/1.0\r\n\r\n");
+ pw.print("CONNECT " + host + ":" + port + " HTTP/1.1\r\n\r\n");
+ pw.flush();
String s = br.readLine();
if (s.charAt(9) != '2') throw new HTTPException("proxy refused CONNECT method: \"" + s + "\"");
while (br.readLine().length() > 0) { };
out = sock.getOutputStream();
PrintWriter pw = new PrintWriter(new OutputStreamWriter(out));
pw.print("POST " + path + " HTTP/1.0\r\n");
- pw.print("Host: " + host + "\r\n");
pw.print("User-Agent: XWT\r\n");
pw.print("Content-length: " + contentLength + "\r\n");
pw.print(headers);
+ if (ProxyAuthorization.authorization != null) pw.print("Proxy-Authorization: " + ProxyAuthorization.authorization + "\r\n");
if (contentType != null) pw.print("Content-Type: " + contentType + "\r\n");
pw.print("\r\n");
+
+ // FIXME: check for HTTP "ok, go ahead" here, in case we need proxy authorization this can happen if the xwar is
+ // on the local disk and the first HTTP request is through an auth-requiring proxy
+
pw.flush();
return out;
}
public InputStream getInputStream() throws IOException {
+
if (in != null) return in;
if (out != null) {
out.flush();
} else {
PrintWriter pw = new PrintWriter(new OutputStreamWriter(sock.getOutputStream()));
pw.print("GET " + path + " HTTP/1.0\r\n");
- pw.print("Host: " + host + "\r\n");
pw.print("User-Agent: XWT\r\n");
pw.print(headers);
+ System.out.print(headers);
+ if (ProxyAuthorization.authorization != null) pw.print("Proxy-Authorization: " + ProxyAuthorization.authorization + "\r\n");
pw.print("\r\n");
pw.flush();
}
in = new BufferedInputStream(sock.getInputStream());
// we can't use a BufferedReader directly on the input stream,
- // since it will buffer beyond the end of the headers
+ // since it will buffer past the end of the headers
byte[] buf = new byte[4096];
int buflen = 0;
while(true) {
String s = headerReader.readLine();
if (!s.startsWith("HTTP/")) throw new HTTPException("Expected reply to start with \"HTTP/\"");
String reply = s.substring(s.indexOf(' ') + 1);
- if (!reply.startsWith("2")) throw new HTTPException("HTTP Error: " + reply);
- while((s = headerReader.readLine()) != null) {
- if (s.length() > 15 && s.substring(0, 15).equalsIgnoreCase("content-length: "))
- contentLength = Integer.parseInt(s.substring(15));
+
+ if (reply.startsWith("407")) {
+ if (Log.on) Log.log(this, "Proxy Auth Required: HTTP " + reply);
+ String realm = "";
+ String style = "Basic";
+
+ while((s = headerReader.readLine()) != null)
+ if (s.startsWith("Proxy-Authenticate:")) {
+ s = s.substring(19);
+ while(s.charAt(0) == ' ') s = s.substring(1);
+ style = s.substring(0, s.indexOf(' '));
+ s = s.substring(s.indexOf(' '));
+ s = s.substring(s.indexOf("realm"));
+ s = s.substring(s.indexOf('\"') + 1);
+ s = s.substring(0, s.indexOf('\"'));
+ realm = s;
+ }
+
+ ProxyAuthorization.getPassword(realm, style, sock.getInetAddress().getHostAddress(), ProxyAuthorization.authorization);
+
+ // reset and re-try
+ init();
+ return getInputStream();
+
+ } else if (!reply.startsWith("2")) {
+ throw new HTTPException("HTTP Error: " + reply);
}
+ while((s = headerReader.readLine()) != null)
+ if (s.length() > 15 && s.substring(0, 16).equalsIgnoreCase("content-length: "))
+ contentLength = Integer.parseInt(s.substring(16));
+
return in;
}
/** the PAC script */
public Function proxyAutoConfigFunction = null;
+ // this method has been disabled because it was causing problems -- some domains are set up so that *.foo.com resolves
+ // to a single IP, for any value of *. If the client's home domain is foo.com, then xwt-proxy-httpHost will resolve erroneously.
public static ProxyInfo detectProxyViaManual() {
- try {
- // continue iff one of the two resolves
- try { InetAddress.getByName("xwt-proxy-httpHost"); }
- catch (UnknownHostException e) { InetAddress.getByName("xwt-proxy-socksHost"); }
-
- if (Log.on) Log.log(Platform.class, "using xwt-proxy-* configuration");
- ProxyInfo ret = new ProxyInfo();
- try {
- ret.httpProxyHost = InetAddress.getByName("xwt-proxy-httpHost").getHostAddress();
- byte[] quadbyte = InetAddress.getByName("xwt-proxy-httpPort").getAddress();
- ret.httpProxyPort = ((quadbyte[1] & 0xff) * 10000) + ((quadbyte[2] & 0xff) * 100) + (quadbyte[3] & 0xff);
- } catch (UnknownHostException e) { }
- try {
- ret.httpsProxyHost = InetAddress.getByName("xwt-proxy-httpsHost").getHostAddress();
- byte[] quadbyte = InetAddress.getByName("xwt-proxy-httpsPort").getAddress();
- ret.httpsProxyPort = ((quadbyte[1] & 0xff) * 10000) + ((quadbyte[2] & 0xff) * 100) + (quadbyte[3] & 0xff);
- } catch (UnknownHostException e) { }
- try {
- ret.socksProxyHost = InetAddress.getByName("xwt-proxy-socksHost").getHostAddress();
- byte[] quadbyte = InetAddress.getByName("xwt-proxy-socksPort").getAddress();
- ret.socksProxyPort = ((quadbyte[1] & 0xff) * 10000) + ((quadbyte[2] & 0xff) * 100) + (quadbyte[3] & 0xff);
- } catch (UnknownHostException e) { }
- return ret;
- } catch (UnknownHostException e) {
- if (Log.on) Log.log(Platform.class, "xwt-proxy-* detection failed due to: " + e);
- return null;
+ ProxyInfo ret = new ProxyInfo();
+
+ ret.httpProxyHost = Platform.getEnv("http_proxy");
+ if (ret.httpProxyHost != null) {
+ if (ret.httpProxyHost.startsWith("http://")) ret.httpProxyHost = ret.httpProxyHost.substring(7);
+ if (ret.httpProxyHost.endsWith("/")) ret.httpProxyHost = ret.httpProxyHost.substring(0, ret.httpProxyHost.length() - 1);
+ if (ret.httpProxyHost.indexOf(':') != -1) {
+ ret.httpProxyPort = Integer.parseInt(ret.httpProxyHost.substring(ret.httpProxyHost.indexOf(':') + 1));
+ ret.httpProxyHost = ret.httpProxyHost.substring(0, ret.httpProxyHost.indexOf(':'));
+ } else {
+ ret.httpProxyPort = 80;
+ }
+ }
+
+ ret.httpsProxyHost = Platform.getEnv("https_proxy");
+ if (ret.httpsProxyHost != null) {
+ if (ret.httpsProxyHost.startsWith("https://")) ret.httpsProxyHost = ret.httpsProxyHost.substring(7);
+ if (ret.httpsProxyHost.endsWith("/")) ret.httpsProxyHost = ret.httpsProxyHost.substring(0, ret.httpsProxyHost.length() - 1);
+ if (ret.httpsProxyHost.indexOf(':') != -1) {
+ ret.httpsProxyPort = Integer.parseInt(ret.httpsProxyHost.substring(ret.httpsProxyHost.indexOf(':') + 1));
+ ret.httpsProxyHost = ret.httpsProxyHost.substring(0, ret.httpsProxyHost.indexOf(':'));
+ } else {
+ ret.httpsProxyPort = 80;
+ }
+ }
+
+ ret.socksProxyHost = Platform.getEnv("socks_proxy");
+ if (ret.socksProxyHost != null) {
+ if (ret.socksProxyHost.startsWith("socks://")) ret.socksProxyHost = ret.socksProxyHost.substring(7);
+ if (ret.socksProxyHost.endsWith("/")) ret.socksProxyHost = ret.socksProxyHost.substring(0, ret.socksProxyHost.length() - 1);
+ if (ret.socksProxyHost.indexOf(':') != -1) {
+ ret.socksProxyPort = Integer.parseInt(ret.socksProxyHost.substring(ret.socksProxyHost.indexOf(':') + 1));
+ ret.socksProxyHost = ret.socksProxyHost.substring(0, ret.socksProxyHost.indexOf(':'));
+ } else {
+ ret.socksProxyPort = 80;
+ }
+ }
+
+ String noproxy = Platform.getEnv("no_proxy");
+ if (noproxy != null) {
+ StringTokenizer st = new StringTokenizer(noproxy, ",");
+ ret.excluded = new String[st.countTokens()];
+ for(int i=0; st.hasMoreTokens(); i++) ret.excluded[i] = st.nextToken();
}
+
+ if (ret.httpProxyHost == null && ret.socksProxyHost == null) return null;
+ return ret;
}
// FIXME: search up from default domain
String s = null;
String script = "";
while((s = br.readLine()) != null) script += s + "\n";
- if (Log.on) Log.log(HTTP.ProxyInfo.class, "successfully retrieved WPAD PAC:");
- if (Log.on) Log.log(HTTP.ProxyInfo.class, script);
+ if (Log.on) Log.log(ProxyInfo.class, "successfully retrieved WPAD PAC:");
+ if (Log.on) Log.log(ProxyInfo.class, script);
+
+ // MS CARP hack
+ Vector carpHosts = new Vector();
+ for(int i=0; i<script.length(); i++)
+ if (script.regionMatches(i, "new Node(", 0, 9)) {
+ String host = script.substring(i + 10, script.indexOf('\"', i + 11));
+ if (Log.on) Log.log(ProxyInfo.class, "Detected MS Proxy Server CARP Script, Host=" + host);
+ carpHosts.addElement(host);
+ }
+ if (carpHosts.size() > 0) {
+ script = "function FindProxyForURL(url, host) {\nreturn \"";
+ for(int i=0; i<carpHosts.size(); i++)
+ script += "PROXY " + carpHosts.elementAt(i) + "; ";
+ script += "\";\n}";
+ if (Log.on) Log.log(ProxyInfo.class, "DeCARPed PAC script:");
+ if (Log.on) Log.log(ProxyInfo.class, script);
+ }
+
Script scr = cx.compileReader(proxyAutoConfigRootScope, new StringReader(script), "PAC script at " + url, 0, null);
scr.exec(cx, proxyAutoConfigRootScope);
return (Function)proxyAutoConfigRootScope.get("FindProxyForURL", null);
else if (name.equals("dnsDomainIs")) return dnsDomainIs;
else if (name.equals("localHostOrDomainIs")) return localHostOrDomainIs;
else if (name.equals("isResolvable")) return isResolvable;
+ else if (name.equals("isInNet")) return isInNet;
else if (name.equals("dnsResolve")) return dnsResolve;
else if (name.equals("myIpAddress")) return myIpAddress;
else if (name.equals("dnsDomainLevels")) return dnsDomainLevels;
private static final JSFunction isInNet = new JSFunction() {
public Object call(Context cx, Scriptable thisObj, Scriptable ctorObj, Object[] args) throws JavaScriptException {
- // FIXME
- return null;
+ if (args.length != 3) return Boolean.FALSE;
+ try {
+ byte[] host = InetAddress.getByName(args[0].toString()).getAddress();
+ byte[] net = InetAddress.getByName(args[1].toString()).getAddress();
+ byte[] mask = InetAddress.getByName(args[2].toString()).getAddress();
+ return ((host[0] & mask[0]) == net[0] &&
+ (host[1] & mask[1]) == net[1] &&
+ (host[2] & mask[2]) == net[2] &&
+ (host[3] & mask[3]) == net[3]) ?
+ Boolean.TRUE : Boolean.FALSE;
+ } catch (Exception e) {
+ throw new JavaScriptException("exception in isInNet(): " + e);
+ }
}
};
}
};
- // FIXME: test this!
private static boolean match(String[] arr, String s, int index) {
if (index == arr.length) return true;
for(int i=0; i<s.length(); i++) {
}
};
+ public static String[] days = { "SUN", "MON", "TUE", "WED", "THU", "FRI", "SAT" };
+
private static final JSFunction weekdayRange = new JSFunction() {
public Object call(Context cx, Scriptable thisObj, Scriptable ctorObj, Object[] args) throws JavaScriptException {
- throw new JavaScriptException("XWT does not support weekdayRange() in PAC scripts");
- /*
TimeZone tz = (args.length < 3 || args[2] == null || !args[2].equals("GMT")) ? TimeZone.getTimeZone("UTC") : TimeZone.getDefault();
- Calendar c = new Calendar();
+ Calendar c = new GregorianCalendar();
c.setTimeZone(tz);
c.setTime(new Date());
Date d = c.getTime();
- if (args.length == 1) return
- */
+ int day = d.getDay();
+
+ String d1s = args[0].toString().toUpperCase();
+ int d1 = 0, d2 = 0;
+ for(int i=0; i<days.length; i++) if (days[i].equals(d1s)) d1 = i;
+
+ if (args.length == 1)
+ return d1 == day ? Boolean.TRUE : Boolean.FALSE;
+
+ String d2s = args[1].toString().toUpperCase();
+ for(int i=0; i<days.length; i++) if (days[i].equals(d2s)) d2 = i;
+
+ return
+ ((d1 <= d2 && day >= d1 && day <= d2) ||
+ (d1 > d2 && (day >= d1 || day <= d2))) ?
+ Boolean.TRUE : Boolean.FALSE;
}
};
}
+ // ProxyAuthorization ///////////////////////////////////////////////////////////////////////////////////
+
+ public static class ProxyAuthorization {
+
+ static public String authorization = null;
+ static public Semaphore waitingForUser = new Semaphore();
+
+ // FIXME: Digest and NTLM
+ public static synchronized void getPassword(final String realm, final String style, final String proxyIP, String oldAuth) {
+
+ // this handles cases where multiple threads hit the proxy auth at the same time -- all but one will block on the
+ // synchronized keyword. If 'authorization' changed while the thread was blocked, it means that the user entered
+ // a password, so we should reattempt authorization.
+
+ if (authorization != oldAuth) return;
+ if (Log.on) Log.log(ProxyAuthorization.class, "displaying proxy authorization dialog");
+ MessageQueue.add(new Message() {
+ public void perform() {
+ Box b = new Box("org.xwt.builtin.proxy_authorization", null);
+ b.put("realm", realm);
+ b.put("proxyIP", proxyIP);
+ }
+ });
+
+ waitingForUser.block();
+ if (Log.on) Log.log(ProxyAuthorization.class, "got proxy authorization info; re-attempting connection");
+
+ }
+ }
+
}