diff --git a/src/share/classes/java/net/HttpURLConnection.java b/src/share/classes/java/net/HttpURLConnection.java
index c6b1ffab6c9414c97214905d9c010e8ab80061f2..0b3e578022c5eba2cdeba11641fe1e83b593577b 100644
--- a/src/share/classes/java/net/HttpURLConnection.java
+++ b/src/share/classes/java/net/HttpURLConnection.java
@@ -399,6 +399,8 @@ abstract public class HttpURLConnection extends URLConnection {
* @param method the HTTP method
* @exception ProtocolException if the method cannot be reset or if
* the requested method isn't valid for HTTP.
+ * @exception SecurityException if a security manager is set and the
+ * "allowHttpTrace" NetPermission is not granted.
* @see #getRequestMethod()
*/
public void setRequestMethod(String method) throws ProtocolException {
@@ -412,6 +414,12 @@ abstract public class HttpURLConnection extends URLConnection {
for (int i = 0; i < methods.length; i++) {
if (methods[i].equals(method)) {
+ if (method.equals("TRACE")) {
+ SecurityManager s = System.getSecurityManager();
+ if (s != null) {
+ s.checkPermission(new NetPermission("allowHttpTrace"));
+ }
+ }
this.method = method;
return;
}
diff --git a/src/share/classes/java/net/NetPermission.java b/src/share/classes/java/net/NetPermission.java
index 5083a40fb3467b02c35db375b05213f9f8f7789b..1cff4a8767677583b3be728a19991a7fe1113346 100644
--- a/src/share/classes/java/net/NetPermission.java
+++ b/src/share/classes/java/net/NetPermission.java
@@ -54,44 +54,23 @@ import java.util.StringTokenizer;
* | What the Permission Allows |
* Risks of Allowing this Permission |
*
- *
- *
- * | setDefaultAuthenticator |
- * The ability to set the
- * way authentication information is retrieved when
- * a proxy or HTTP server asks for authentication |
- * Malicious
- * code can set an authenticator that monitors and steals user
- * authentication input as it retrieves the input from the user. |
- *
- *
- *
- * | requestPasswordAuthentication |
- * The ability
- * to ask the authenticator registered with the system for
- * a password |
- * Malicious code may steal this password. |
- *
- *
*
- * | specifyStreamHandler |
- * The ability
- * to specify a stream handler when constructing a URL |
- * Malicious code may create a URL with resources that it would
-normally not have access to (like file:/foo/fum/), specifying a
-stream handler that gets the actual bytes from someplace it does
-have access to. Thus it might be able to trick the system into
-creating a ProtectionDomain/CodeSource for a class even though
-that class really didn't come from that location. |
- *
+ * allowHttpTrace |
+ * The ability to use the HTTP TRACE method in HttpURLConnection. |
+ * Malicious code using HTTP TRACE could get access to security sensitive
+ * information in the HTTP headers (such as cookies) that it might not
+ * otherwise have access to. |
+ *
*
*
- * | setProxySelector |
- * The ability to set the proxy selector used to make decisions
- * on which proxies to use when making network connections. |
- * Malicious code can set a ProxySelector that directs network
- * traffic to an arbitrary network host. |
- *
+ * getCookieHandler |
+ * The ability to get the cookie handler that processes highly
+ * security sensitive cookie information for an Http session. |
+ * Malicious code can get a cookie handler to obtain access to
+ * highly security sensitive cookie information. Some web servers
+ * use cookies to save user private information such as access
+ * control information, or to track user browsing habit. |
+ *
*
*
* | getProxySelector |
@@ -103,6 +82,22 @@ that class really didn't come from that location.
*
*
*
+ * | getResponseCache |
+ * The ability to get the response cache that provides
+ * access to a local response cache. |
+ * Malicious code getting access to the local response cache
+ * could access security sensitive information. |
+ *
+ *
+ *
+ * | requestPasswordAuthentication |
+ * The ability
+ * to ask the authenticator registered with the system for
+ * a password |
+ * Malicious code may steal this password. |
+ *
+ *
+ *
* | setCookieHandler |
* The ability to set the cookie handler that processes highly
* security sensitive cookie information for an Http session. |
@@ -113,14 +108,22 @@ that class really didn't come from that location.
*
*
*
- * | getCookieHandler |
- * The ability to get the cookie handler that processes highly
- * security sensitive cookie information for an Http session. |
- * Malicious code can get a cookie handler to obtain access to
- * highly security sensitive cookie information. Some web servers
- * use cookies to save user private information such as access
- * control information, or to track user browsing habit. |
- *
+ * setDefaultAuthenticator |
+ * The ability to set the
+ * way authentication information is retrieved when
+ * a proxy or HTTP server asks for authentication |
+ * Malicious
+ * code can set an authenticator that monitors and steals user
+ * authentication input as it retrieves the input from the user. |
+ *
+ *
+ *
+ * | setProxySelector |
+ * The ability to set the proxy selector used to make decisions
+ * on which proxies to use when making network connections. |
+ * Malicious code can set a ProxySelector that directs network
+ * traffic to an arbitrary network host. |
+ *
*
*
* | setResponseCache |
@@ -132,13 +135,16 @@ that class really didn't come from that location.
*
*
*
- * | getResponseCache |
- * The ability to get the response cache that provides
- * access to a local response cache. |
- * Malicious code getting access to the local response cache
- * could access security sensitive information. |
- *
- *
+ * specifyStreamHandler |
+ * The ability
+ * to specify a stream handler when constructing a URL |
+ * Malicious code may create a URL with resources that it would
+normally not have access to (like file:/foo/fum/), specifying a
+stream handler that gets the actual bytes from someplace it does
+have access to. Thus it might be able to trick the system into
+creating a ProtectionDomain/CodeSource for a class even though
+that class really didn't come from that location. |
+ *
*
*
* @see java.security.BasicPermission