HttpURLConnection c = URL.openConnection(); c.setRequestProperty() 不起作用

Posted

技术标签:

【中文标题】HttpURLConnection c = URL.openConnection(); c.setRequestProperty() 不起作用【英文标题】:HttpURLConnection c = URL.openConnection(); c.setRequestProperty() Doesn't work 【发布时间】:2011-07-03 16:20:42 【问题描述】:

这里的代码是一个普通的Java应用程序而不是一个android应用程序,这是为了将C2DM消息发送到具有auth_key的开发者YOUR_REGISTRATION_STRING的设备,问题描述如下

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLEncoder;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSession;


public class C2DMSendMessage 
    private final static String AUTH = "authentication";

    private static final String UPDATE_CLIENT_AUTH = "Update-Client-Auth";

    public static final String PARAM_REGISTRATION_ID = "registration_id";

    public static final String PARAM_DELAY_WHILE_IDLE = "delay_while_idle";

    public static final String PARAM_COLLAPSE_KEY = "collapse_key";

    private static final String UTF8 = "UTF-8";

    // Registration is currently hardcoded
    private final static String YOUR_REGISTRATION_STRING = "APA91bGf8gkFMn_sBP_hosSAiqUmmLwOdIqVSQKbbqXv2WSADQ51gbixInAGUk1U_vDIcz7izVaq6tvu8KXGsiQ7BIKy_7f04id00SUms8h3YGxbsKd6Jjg";

    public static void main(String[] args) throws Exception 
        HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() 

            @Override
            public boolean verify(String arg0, SSLSession arg1) 
                // TODO Auto-generated method stub
                return true;
            
        );
        String auth_key = "DQAAAA4BAADAb7BDi6KY9pj11ERiY0R1TaEynLK6AtSPxzzIeCih_VDyWLhEJCvmkXjh6gRAsGpLb0wtAGmWIK9CjsBMT3upjnZ86tRYnvfOknkN45ORk29AsR2he-JEo1Y4eVcUutoPnBbIX2kzoEeY2ULYXyOQix7oWSWb4CJS3XYrb7qcmQxMv3yiIAF8kO0Sav7-NspCSI3tV3lISrz_BWqSCVGHWxT6KZ_PZwjH7442CpMfZhOYxsgDanQod8EypHjHmNQK_txWwFeiFj66jsi90BpyPKvUX_ZUbOmSKVZP3gBcKrK9iSnJrSUpLuEN46NGRzl2uBg9I9V-wJuFBgG1aBXqA1oWFdkEewxwXapuVqR1-g";
        // Send a sync message to this Android device.
        StringBuilder postDataBuilder = new StringBuilder();
        postDataBuilder.append(PARAM_REGISTRATION_ID).append("=")
                .append(YOUR_REGISTRATION_STRING);

        // if (delayWhileIdle) 
        // postDataBuilder.append("&").append(PARAM_DELAY_WHILE_IDLE)
        // .append("=1");
        // 
        postDataBuilder.append("&").append(PARAM_COLLAPSE_KEY).append("=")
                .append("0");

        postDataBuilder.append("&").append("data.payload").append("=")
                .append(URLEncoder.encode("Lars war hier", UTF8));

        byte[] postData = postDataBuilder.toString().getBytes(UTF8);

        // Hit the dm URL.

        URL url = new URL("https://android.clients.google.com/c2dm/send");

        HttpURLConnection conn = (HttpURLConnection) url.openConnection();
        conn.setDoOutput(true);
        conn.setUseCaches(false);
        conn.setRequestMethod("POST");
        conn.setRequestProperty("Content-Type",
                "application/x-www-form-urlencoded;charset=UTF-8");
        conn.setRequestProperty("Content-Length",
                Integer.toString(postData.length));
        conn.setRequestProperty("Authorization", "GoogleLogin auth="
                + auth_key);
        System.out.println(conn.getRequestProperties());
        OutputStream out = conn.getOutputStream();
        out.write(postData);
        out.close();

        int responseCode = conn.getResponseCode();

        System.out.println(String.valueOf(responseCode));
        // Validate the response code

        if (responseCode == 401 || responseCode == 403) 
            // The token is too old - return false to retry later, will
            // fetch the token
            // from DB. This happens if the password is changed or token
            // expires. Either admin
            // is updating the token, or Update-Client-Auth was received by
            // another server,
            // and next retry will get the good one from database.
            System.out.println("Unauthorized - need token");
        

        // Check for updated token header
        String updatedAuthToken = conn.getHeaderField(UPDATE_CLIENT_AUTH);
        if (updatedAuthToken != null && !auth_key.equals(updatedAuthToken)) 
            System.out.println("Got updated auth token from datamessaging servers: "
                            + updatedAuthToken);
        

        String responseLine = new BufferedReader(new InputStreamReader(
                conn.getInputStream())).readLine();

        // NOTE: You *MUST* use exponential backoff if you receive a 503
        // response code.
        // Since App Engine's task queue mechanism automatically does this
        // for tasks that
        // return non-success error codes, this is not explicitly
        // implemented here.
        // If we weren't using App Engine, we'd need to manually implement
        // this.
        if (responseLine == null || responseLine.equals("")) 
            System.out.println("Got " + responseCode
                    + " response from Google AC2DM endpoint.");
            throw new IOException(
                    "Got empty response from Google AC2DM endpoint.");
        

        String[] responseParts = responseLine.split("=", 2);
        if (responseParts.length != 2) 
            System.out.println("Invalid message from google: " + responseCode
                    + " " + responseLine);
            throw new IOException("Invalid response from Google "
                    + responseCode + " " + responseLine);
        

        if (responseParts[0].equals("id")) 
            System.out.println("Successfully sent data message to device: "
                    + responseLine);
        

        if (responseParts[0].equals("Error")) 
            String err = responseParts[1];
            System.out.println("Got error response from Google datamessaging endpoint: "
                            + err);
            // No retry.
            throw new IOException(err);
        
    

在上面的代码中,我正在尝试发送 C2DM 消息,但这无关紧要

URL url = new URL("https://android.clients.google.com/c2dm/send");

HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setDoOutput(true);
conn.setUseCaches(false);
conn.setRequestMethod("POST");
conn.setRequestProperty("Content-Type","application/x-www-form-urlencoded;charset=UTF-8");
conn.setRequestProperty("Content-Length",Integer.toString(postData.length));
conn.setRequestProperty("Authorization", "GoogleLogin auth="+ auth_key);
System.out.println(conn.getRequestProperties());

在我重复的部分中,我试图设置其中 3 个请求属性,但只有 1 个到达 conn 中的哈希图 这是输出:

Content-Type=[application/x-www-form-urlencoded;charset=UTF-8]

我不明白如果这些代码独立运行,代码如何运行 并且不能作为更大代码的一部分工作

我也试过 addRequestProperty

提前致谢

【问题讨论】:

【参考方案1】:

不要在请求属性中设置 Content-Length,而是使用 setFixedLengthStreamingMode(postData.length);

根据HttpUrlConnection 的来源,Content-Length 是一个“受限标头”:

146       /*
147        * Restrict setting of request headers through the public api
148        * consistent with javascript XMLHttpRequest2 with a few
149        * exceptions. Disallowed headers are silently ignored for
150        * backwards compatibility reasons rather than throwing a
151        * SecurityException. For example, some applets set the
152        * Host header since old JREs did not implement HTTP 1.1.
153        * Additionally, any header starting with Sec- is
154        * disallowed.
155        *
156        * The following headers are allowed for historical reasons:
157        *
158        * Accept-Charset, Accept-Encoding, Cookie, Cookie2, Date,
159        * Referer, TE, User-Agent, headers beginning with Proxy-.
160        *
161        * The following headers are allowed in a limited form:
162        *
163        * Connection: close
164        *
165        * See http://www.w3.org/TR/XMLHttpRequest2.
166        */
167       private static final boolean allowRestrictedHeaders;
168       private static final Set<String> restrictedHeaderSet;
169       private static final String[] restrictedHeaders = 
170           /* Restricted by XMLHttpRequest2 */
171           //"Accept-Charset",
172           //"Accept-Encoding",
173           "Access-Control-Request-Headers",
174           "Access-Control-Request-Method",
175           "Connection", /* close is allowed */
176           "Content-Length",
177           //"Cookie",
178           //"Cookie2",
179           "Content-Transfer-Encoding",
180           //"Date",
181           //"Expect",
182           "Host",
183           "Keep-Alive",
184           "Origin",
185           // "Referer",
186           // "TE",
187           "Trailer",
188           "Transfer-Encoding",
189           "Upgrade",
190           //"User-Agent",
191           "Via"
192       ;

因此,设置 Content-Length 将被忽略。

出于安全考虑,授权被阻止返回:

249       // the following http request headers should NOT have their values
250       // returned for security reasons.
251       private static final String[] EXCLUDE_HEADERS = 
252               "Proxy-Authorization",
253               "Authorization"
254       ;
255   
256       // also exclude system cookies when any might be set
257       private static final String[] EXCLUDE_HEADERS2= 
258               "Proxy-Authorization",
259               "Authorization",
260               "Cookie",
261               "Cookie2"
262       ;

所以即使设置了授权标头,查询标头时也不会取回。

【讨论】:

我将内容长度行替换为 conn.setFixedLengthStreamingMode(postdata.length);仍然输出是请求属性:Content-Type=[application/x-www-form-urlencoded;charset=UTF-8] 从未在请求​​属性中输入授权:/,请注意,我也尝试不设置长度 如您所见,我正在使用我的代码 import java.net.HttpURLConnection;不是太阳 httpurl,日食只是不会使用太阳一个 HttpURLConnection 不允许您设置内容长度,并且不会报告给您。授权被明确排除在属性映射中返回。我已经更新并扩展了我的原始答案以包含更多的 cmets。 “sun httpurl”是使用 Java 虚拟机时 HttpURLConnection 的实现委托类。如果您进入 Eclipse 中的 setRequestProperty 方法,它最终会到达这个实现委托。我就是这样找到答案的。 我不知道为什么,但是我的代码不起作用,并且在 *** 上发布的另一个代码也不起作用,我将尝试其他替代方案,但就我而言你的回答是正确的谢谢【参考方案2】:

内容长度是自动设置的。你不能直接自己设置。但是,您可以在设置固定长度流模式时传递正确的长度。

【讨论】:

方法 setFixedLengthStreamingMode 用于此目的。来自 JavaDoc:“当预先知道内容长度时,此方法用于启用 HTTP 请求正文的流式传输,而无需内部缓冲。” 我删除了它,但授权仍然没有真正进入请求属性 再一次,您将无法将其读回...出于安全原因,java 运行时中的实现会限制该标头。使用协议嗅探器(例如 Fiddler)检查您的流量。您应该会在流量中看到 Authorization 标头。【参考方案3】:

我遇到了同样的问题,你可以在你的代码中添加这行来解决它。

System.setProperty("sun.net.http.allowRestrictedHeaders", "true");

https://***.com/a/41841662/15201439

【讨论】:

以上是关于HttpURLConnection c = URL.openConnection(); c.setRequestProperty() 不起作用的主要内容,如果未能解决你的问题,请参考以下文章

Android之HttpURLConnection

HttpURLConnection超时设置

Url,HTTPUrlConnection

HttpURLConnection的使用步骤

网络传输---HttpURLConnection

Android、HttpURLConnection、PUT 和 Authenticator