RFR: 8293590: Some syntax checks performed by URL.openConnection() could be performed earlier, at URL construction [v3]

Alan Bateman alanb at openjdk.org
Fri Oct 7 08:46:31 UTC 2022 

On Thu, 6 Oct 2022 15:10:18 GMT, Daniel Fuchs <dfuchs at openjdk.org> wrote:

>> Many built-in URL Handlers perform additional syntax checking on the URL when `URLStreamHandler::openConnection` / connect is called. In some cases, some of these checks could be also performed earlier, when `URLStreamHandler::parseURL` is called.
>> 
>> This fix proposes to slightly modify the behavior of JDK built-in URL handlers to perform these checks early, and throw `MalformedURLException` earlier, at URL construction time, when that is possible, instead of delaying until `URL::openConnection` or `URLConnection::connect` are called.
>> 
>> Because java.net.URL constructors are already specified to throw `MalformedURLException` in such cases, no API documentation changes are necessary. 
>> 
>> A new JDK specific system property `-Djdk.net.url.delayParsing` or `-Djdk.net.url.delayParsing=true` can be specified on the command line to revert to the previous behavior. By default, the property is not set, and the new behavior is in place. The property can be specified on the java command line if unexpected regressions are observed.
>> 
>> The new property will be documented in release notes, and may be removed in a future release.
>> 
>> CSR: https://bugs.openjdk.org/browse/JDK-8294592
>
> Daniel Fuchs has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains three additional commits since the last revision:
> 
>  - Merge branch 'master' into url-early-parsing-8293590
>  - Merge branch 'master' into url-early-parsing-8293590
>  - 8293590

At a high-level I think this proposal is okay and rejecting nonsense URLs early is the right thing to do. Having MalformedURLException thrown if the "parsed URL fails to comply with the specific syntax of the associated protocol" already sets expectations that the input will be rejected at URL construction time.

As regards the compatibility impact then it should be low. Code that creates a bad URL and opens a connection may not notice the change, except maybe that an exception is thrown in a different place. Code that creates bad URLs but doesn't attempt to open connections may get an exception when they didn't previously but it should be rare and there is a system property to work around the behavior change until the code is fixed to use the correct URL syntax. So overall I think this is okay.

-------------

PR: https://git.openjdk.org/jdk/pull/10534

More information about the net-dev mailing list