package java.net; ... publicabstractclassHttpURLConnectionextendsURLConnection { ... /* valid HTTP methods */ privatestaticfinal String[] methods = { "GET", "POST", "HEAD", "OPTIONS", "PUT", "DELETE", "TRACE" }; ... /** * Set the method for the URL request, one of: * <UL> * <LI>GET * <LI>POST * <LI>HEAD * <LI>OPTIONS * <LI>PUT * <LI>DELETE * <LI>TRACE * </UL> are legal, subject to protocol restrictions. The default * method is GET. * * @param method the HTTP method * @throws ProtocolException if the method cannot be reset or if * the requested method isn't valid for HTTP. * @throws SecurityException if a security manager is set and the * method is "TRACE", but the "allowHttpTrace" * NetPermission is not granted. * @see #getRequestMethod() */ publicvoidsetRequestMethod(String method)throws ProtocolException { if (connected) { thrownewProtocolException("Can't reset method: already connected"); } // This restriction will prevent people from using this class to // experiment w/ new HTTP methods using java. But it should // be placed for security - the request String could be // arbitrarily long.
for (inti=0; i < methods.length; i++) { if (methods[i].equals(method)) { if (method.equals("TRACE")) { @SuppressWarnings("removal") SecurityManagers= System.getSecurityManager(); if (s != null) { s.checkPermission(newNetPermission("allowHttpTrace")); } } this.method = method; return; } } thrownewProtocolException("Invalid HTTP method: " + method); }
