Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
Java 1.4.7, Java 1.5.2
-
Security Level: Public (Public issues, viewable by everyone)
-
None
Description
- The ResolverDirectHttp class uses the old style proxy configuration via System.setProperty(). This is a VM wide setting and affects other VM users. This can not be fixed in 1.4.x because it depends on jdk 1.4 which doesn't support java.net.Proxy on URLConnection.openConnection().
- The ResolverDirectHttp switches back the old proxy configuration if the resource could successfully fetched but if an exception happens the new proxy will still be set.
- Additionally there is an error when Proxy-Authentication was used. The implementation provides support for Basic Authentication but doesn't set the Authentication type on the header:
Proxy-Authorization: <base64encodedUsernameAndPassword>
but should be
Proxy-Authorization: Basic <base64encodedUsernameAndPassword>