Hi,
A question about this issue. Can you explain why the server/proxy is
sending a response body to a HEAD request?
My reading of the RFCs suggests this is not allowed.
Thanks,
Michael
On 12/07/2021 11:54, Alex Kasko wrote:
On Mon, 12 Jul 2021 10:34:54 GMT, Alex Kasko <aka...@openjdk.org> wrote:
When HEAD request is used with a proxy (or a server) that requires NTLM,
authentication fails when server returns large (8kb+) body along with
NTLMSSP_CHALLENGE response.
Proposed fix is to check for ongoing NTLM auth in `reset()` and consume the
response body in this case.
Alternatively the whole check for `HEAD` method in `reset()` can be dropped.
Just for the reference, `reset()` calls during NTLM auth:
server auth:
https://github.com/openjdk/jdk/blob/8973867fb9568a3a527b763c9ce10cebdfb306d0/src/java.base/share/classes/sun/net/www/protocol/http/HttpURLConnection.java#L1849
proxy auth with plain HTTP:
https://github.com/openjdk/jdk/blob/8973867fb9568a3a527b763c9ce10cebdfb306d0/src/java.base/share/classes/sun/net/www/protocol/http/HttpURLConnection.java#L1762
proxy tunnel with HTTPS:
https://github.com/openjdk/jdk/blob/8973867fb9568a3a527b763c9ce10cebdfb306d0/src/java.base/share/classes/sun/net/www/protocol/http/HttpURLConnection.java#L2233
-------------
PR: https://git.openjdk.java.net/jdk/pull/4753
