github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-14 15:53:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

[i444] Support nonProxyHosts parameter in settings.xml

Browse Source
This commit is contained in:
Christian Galsterer
2016-02-08 18:52:14 +01:00
parent d023b2b2ff
commit 5091499563
2 changed files with 43 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
dependency-check-utils/pom.xml
View File

@@ -139,6 +139,10 @@ Copyright (c) 2014 - Jeremy Long. All Rights Reserved.
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>

52
dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/URLConnectionFactory.java
View File

@@ -18,6 +18,8 @@
package org.owasp.dependencycheck.utils;
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import org.apache.commons.lang3.StringUtils;
import java.io.IOException;
import java.net.Authenticator;
import java.net.HttpURLConnection;
@@ -55,7 +57,7 @@ public final class URLConnectionFactory {
final String proxyUrl = Settings.getString(Settings.KEYS.PROXY_SERVER);
try {
if (proxyUrl != null && !skipProxy(url)) {
if (proxyUrl != null && !matchNonProxy(url)) {
final int proxyPort = Settings.getInt(Settings.KEYS.PROXY_PORT);
final SocketAddress address = new InetSocketAddress(proxyUrl, proxyPort);
@@ -97,23 +99,47 @@ public final class URLConnectionFactory {
}
/**
* Checks of for the given URL the proxy shall be used or not checking the nonProxyHosts configuration.
* @param url The URL to check.
* @return If the proxy shall be skip for the given URL or not.
* Check if hostname matches nonProxy settings
*
* @param url the url to connect to
* @return matching result. true: match nonProxy
*/
private static boolean skipProxy(URL url) {
boolean skip = false;
final String nonProxySettings = Settings.getString(Settings.KEYS.PROXY_NON_PROXY_HOSTS);
String[] nonProxyHosts = nonProxySettings.split(",");
for (int i = 0; i < nonProxyHosts.length; i++) {
if (url.getHost().matches(nonProxyHosts[i])) {
skip = true;
break;
private static boolean matchNonProxy(final URL url) {
String host = url.getHost();
// code partially from org.apache.maven.plugins.site.AbstractDeployMojo#getProxyInfo
final String nonProxyHosts = Settings.getString(Settings.KEYS.PROXY_NON_PROXY_HOSTS);
if (null != nonProxyHosts) {
final String[] nonProxies = nonProxyHosts.split( "(,)|(;)|(\\|)" );
for (final String nonProxyHost : nonProxies) {
//if ( StringUtils.contains( nonProxyHost, "*" ) )
if (null != nonProxyHost && nonProxyHost.contains("*")) {
// Handle wildcard at the end, beginning or middle of the nonProxyHost
final int pos = nonProxyHost.indexOf('*');
String nonProxyHostPrefix = nonProxyHost.substring(0, pos);
String nonProxyHostSuffix = nonProxyHost.substring(pos + 1);
// prefix*
if (!StringUtils.isEmpty(nonProxyHostPrefix) && host.startsWith(nonProxyHostPrefix) && StringUtils.isEmpty(nonProxyHostSuffix)) {
return true;
}
// *suffix
if (StringUtils.isEmpty(nonProxyHostPrefix) && !StringUtils.isEmpty(nonProxyHostSuffix) && host.endsWith(nonProxyHostSuffix)) {
return true;
}
// prefix*suffix
if (!StringUtils.isEmpty(nonProxyHostPrefix) && host.startsWith(nonProxyHostPrefix) && !StringUtils.isEmpty(nonProxyHostSuffix) && host.endsWith(nonProxyHostSuffix)) {
return true;
}
}
else if (host.equals(nonProxyHost)) {
return true;
}
}
}
return skip;
return false;
}
/**
* Utility method to create an HttpURLConnection. The use of a proxy here is optional as there may be cases where a proxy is
* configured but we don't want to use it (for example, if there's an internal repository configured)