diff options
author | Stefan Bodewig <bodewig@apache.org> | 2021-12-23 18:33:16 +0100 |
---|---|---|
committer | Stefan Bodewig <bodewig@apache.org> | 2021-12-23 18:33:16 +0100 |
commit | 748ad7f1fd4724fbc11c4dd9ae343c41740e9360 (patch) | |
tree | 668ec8abd2931bd4e2886165b7e32ab6f4300b01 | |
parent | 0f110eac27c17cf3bdbcfee77bc5b9b4aead9f4e (diff) | |
download | ant-748ad7f1fd4724fbc11c4dd9ae343c41740e9360.tar.gz |
Allow ant:get task to disable authentication on redirect.
see #173
-rw-r--r-- | WHATSNEW | 9 | ||||
-rw-r--r-- | manual/Tasks/get.html | 6 | ||||
-rw-r--r-- | src/main/org/apache/tools/ant/taskdefs/Get.java | 20 |
3 files changed, 32 insertions, 3 deletions
@@ -1,6 +1,15 @@ Changes from Ant 1.9.16 TO Ant 1.9.17 ===================================== +Changes that could break older environments: +-------------------------------------------- + +* <get> has a new attribute authenticateOnRedirect that can be used to + prevent Ant from sending the configured credentials when following a + redirect. It is false by default, which means builds that rely on + credentials being used on the redirected URI may break. + Github Pull Request #173 + Fixed bugs: ----------- diff --git a/manual/Tasks/get.html b/manual/Tasks/get.html index a2c9b7e59..0ca90657b 100644 --- a/manual/Tasks/get.html +++ b/manual/Tasks/get.html @@ -98,6 +98,12 @@ plain text' authentication is used. This is only secure over an HTTPS link. <td align="center" valign="top">if username is set</td> </tr> <tr> + <td>authenticateOnRedirect</td> + <td>Whether the credentials should also be sent to the new location when a redirect is followed.<br/> + <em>since Ant 1.9.17</em></td> + <td>No; default is <q>false</q></td> + </tr> + <tr> <td valign="top">maxtime</td> <td valign="top">Maximum time in seconds a single download may take, otherwise it will be interrupted and treated like a download diff --git a/src/main/org/apache/tools/ant/taskdefs/Get.java b/src/main/org/apache/tools/ant/taskdefs/Get.java index 1d4ba4f83..a939a70e6 100644 --- a/src/main/org/apache/tools/ant/taskdefs/Get.java +++ b/src/main/org/apache/tools/ant/taskdefs/Get.java @@ -78,6 +78,7 @@ public class Get extends Task { private boolean ignoreErrors = false; private String uname = null; private String pword = null; + private boolean authenticateOnRedirect = false; private long maxTime = 0; private int numberRetries = NUMBER_RETRIES; private boolean skipExisting = false; @@ -403,6 +404,16 @@ public class Get extends Task { } /** + * If true, credentials are set when following a redirect to a new location. + * + * @param v "true" to enable sending the credentials on redirect; "false" otherwise + * @since Ant 1.9.17 + */ + public void setAuthenticateOnRedirect(final boolean v) { + this.authenticateOnRedirect = v; + } + + /** * The time in seconds the download is allowed to take before * being terminated. * @@ -649,7 +660,7 @@ public class Get extends Task { private boolean get() throws IOException, BuildException { - connection = openConnection(source); + connection = openConnection(source, uname, pword); if (connection == null) { return false; @@ -699,7 +710,8 @@ public class Get extends Task { return true; } - private URLConnection openConnection(final URL aSource) throws IOException { + private URLConnection openConnection(final URL aSource, final String uname, + final String pword) throws IOException { // set up the URL connection final URLConnection connection = aSource.openConnection(); @@ -753,7 +765,9 @@ public class Get extends Task { if (!redirectionAllowed(aSource, newURL)) { return null; } - return openConnection(newURL); + return openConnection(newURL, + authenticateOnRedirect ? uname : null, + authenticateOnRedirect ? pword : null); } // next test for a 304 result (HTTP only) final long lastModified = httpConnection.getLastModified(); |