這是本文件的舊版!
HttpClient
Introduction
HttpClient是封裝Http Request行為的Library。我用這個Library已經很久了,網路上可以找到不少教學;因此這裡我只記載一些我自己嘗試的東西。
Articles
SSL的Hostname驗證
最近在評估某個功能剛好談到SSL,也講到hostname的驗證,所以好奇試驗一下HttpClient是否有做hostname驗證。我拿臉書URL做測試:
public static void main(String[] args) throws ClientProtocolException, IOException { HttpClient httpclient = null; try { httpclient = new DefaultHttpClient(); HttpGet get = new HttpGet("https://31.13.95.36/"); HttpResponse response = httpclient.execute(get); System.out.println(response.getStatusLine().getStatusCode()); } finally { HttpClientUtil.shutdownHttpClient(httpclient); } }如果是直接用它的domain name會正常;用ip則會出現以下例外,也證明它是有做hostname的驗證的。
Exception in thread "main" javax.net.ssl.SSLException: hostname in certificate didn't match: <31.13.95.36> != <*.facebook.com> at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:228) at org.apache.http.conn.ssl.BrowserCompatHostnameVerifier.verify(BrowserCompatHostnameVerifier.java:54) at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:149) at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:130) at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:397) at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:148) at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:150) at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:121) at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:575) at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:425) at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820) at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754) at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:732) at org.tonylin.stock.dao.DatabaseStockDaoTest.main(DatabaseStockDaoTest.java:56)