Use HTTPS for external links wherever possible

See gh-16318
pull/16695/head
Spring Operator 6 years ago committed by Andy Wilkinson
parent 94633cfd89
commit bbbfee6480

@ -115,7 +115,7 @@ public class CloudFoundryActuatorAutoConfigurationTests {
"cloudFoundrySecurityService");
String cloudControllerUrl = (String) ReflectionTestUtils
.getField(interceptorSecurityService, "cloudControllerUrl");
assertThat(cloudControllerUrl).isEqualTo("http://my-cloud-controller.com");
assertThat(cloudControllerUrl).isEqualTo("https://my-cloud-controller.com");
}
@Test
@ -189,7 +189,7 @@ public class CloudFoundryActuatorAutoConfigurationTests {
private CloudFoundryEndpointHandlerMapping getHandlerMapping() {
EnvironmentTestUtils.addEnvironment(this.context, "VCAP_APPLICATION:---",
"vcap.application.application_id:my-app-id",
"vcap.application.cf_api:http://my-cloud-controller.com");
"vcap.application.cf_api:https://my-cloud-controller.com");
this.context.refresh();
return this.context.getBean("cloudFoundryEndpointHandlerMapping",
CloudFoundryEndpointHandlerMapping.class);

@ -74,7 +74,7 @@ public class CloudFoundrySecurityInterceptorTests {
@Test
public void preHandleWhenRequestIsPreFlightShouldReturnTrue() throws Exception {
this.request.setMethod("OPTIONS");
this.request.addHeader(HttpHeaders.ORIGIN, "http://example.com");
this.request.addHeader(HttpHeaders.ORIGIN, "https://example.com");
this.request.addHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, "GET");
boolean preHandle = this.interceptor.preHandle(this.request, this.response,
this.handlerMethod);

@ -50,12 +50,12 @@ public class CloudFoundrySecurityServiceTests {
@Rule
public ExpectedException thrown = ExpectedException.none();
private static final String CLOUD_CONTROLLER = "http://my-cloud-controller.com";
private static final String CLOUD_CONTROLLER = "https://my-cloud-controller.com";
private static final String CLOUD_CONTROLLER_PERMISSIONS = CLOUD_CONTROLLER
+ "/v2/apps/my-app-id/permissions";
private static final String UAA_URL = "http://my-uaa.com";
private static final String UAA_URL = "https://my-uaa.com";
private CloudFoundrySecurityService securityService;
@ -152,7 +152,7 @@ public class CloudFoundrySecurityServiceTests {
public void fetchTokenKeysWhenSuccessfulShouldReturnListOfKeysFromUAA()
throws Exception {
this.server.expect(requestTo(CLOUD_CONTROLLER + "/info"))
.andRespond(withSuccess("{\"token_endpoint\":\"http://my-uaa.com\"}",
.andRespond(withSuccess("{\"token_endpoint\":\"https://my-uaa.com\"}",
MediaType.APPLICATION_JSON));
String tokenKeyValue = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0m59l2u9iDnMbrXHfqkO\n"

@ -182,7 +182,7 @@ public class TokenValidatorTests {
@Test
public void validateTokenWhenIssuerIsNotValidShouldThrowException() throws Exception {
given(this.securityService.fetchTokenKeys()).willReturn(VALID_KEYS);
given(this.securityService.getUaaUrl()).willReturn("http://other-uaa.com");
given(this.securityService.getUaaUrl()).willReturn("https://other-uaa.com");
String header = "{ \"alg\": \"RS256\", \"kid\": \"valid-key\", \"typ\": \"JWT\", \"scope\": [\"actuator.read\"]}";
String claims = "{ \"exp\": 2147483647, \"iss\": \"http://localhost:8080/uaa/oauth/token\"}";
this.thrown

@ -75,7 +75,7 @@ public abstract class AbstractEndpointHandlerMappingTests {
mapping.setSecurityInterceptor(securityInterceptor);
mapping.afterPropertiesSet();
MockHttpServletRequest request = request("POST", "/a");
request.addHeader("Origin", "http://example.com");
request.addHeader("Origin", "https://example.com");
assertThat(mapping.getHandler(request).getInterceptors().length).isEqualTo(3);
assertThat(mapping.getHandler(request).getInterceptors()[2])
.isEqualTo(securityInterceptor);

@ -56,7 +56,7 @@ public class MultipleResourceServerConfigurationTests {
this.context = new AnnotationConfigWebApplicationContext();
this.context.register(DoubleResourceConfiguration.class);
EnvironmentTestUtils.addEnvironment(this.context,
"security.oauth2.resource.tokenInfoUri:http://example.com",
"security.oauth2.resource.tokenInfoUri:https://example.com",
"security.oauth2.client.clientId=acme");
this.context.refresh();
assertThat(this.context

@ -239,7 +239,7 @@ public class ResourceServerTokenServicesConfigurationTests {
@Test
public void customUserInfoRestTemplateFactory() {
EnvironmentTestUtils.addEnvironment(this.environment,
"security.oauth2.resource.userInfoUri:http://example.com");
"security.oauth2.resource.userInfoUri:https://example.com");
this.context = new SpringApplicationBuilder(
CustomUserInfoRestTemplateFactory.class, ResourceConfiguration.class)
.environment(this.environment).web(false).run();
@ -420,7 +420,7 @@ public class ResourceServerTokenServicesConfigurationTests {
@Bean
public TokenStore tokenStore() {
return new JwkTokenStore("http://my.key-set.uri");
return new JwkTokenStore("https://my.key-set.uri");
}
}

@ -312,7 +312,7 @@ option : AWS Elastic Beanstalk.
==== AWS Elastic Beanstalk
As described in the official http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/create_deploy_Java.html[Elastic
As described in the official https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/create_deploy_Java.html[Elastic
Beanstalk Java guide], there are two main options to deploy a Java application; You can
either use the "`Tomcat Platform`" or the "`Java SE platform`".
@ -356,7 +356,7 @@ binaries instead, add the following to your `.elasticbeanstalk/config.yml` file:
====== Reduce costs by setting the environment type
By default an Elastic Beanstalk environment is load balanced. The load balancer has a cost
perspective, to avoid it, set the environment type to "`Single instance`" as described
http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/environments-create-wizard.html#environments-create-wizard-capacity[in the Amazon documentation].
https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/environments-create-wizard.html#environments-create-wizard-capacity[in the Amazon documentation].
Single instance environments can be created using the CLI as well using the following
command:

@ -3590,7 +3590,7 @@ persistence for the embedded mode:
====
The Neo4j OGM embedded driver does not provide the Neo4j kernel. Users are expected to
provide this dependency manually, see
http://neo4j.com/docs/ogm-manual/current/reference/#reference:getting-started[the documentation]
https://neo4j.com/docs/ogm-manual/current/reference/#reference:getting-started[the documentation]
for more details.
====
@ -4015,7 +4015,7 @@ If you need to customize connection settings you can use the `spring.ldap.base`
==== Spring Data LDAP repositories
Spring Data includes repository support for LDAP. For complete details of Spring
Data LDAP, refer to their
http://docs.spring.io/spring-data/ldap/docs/1.0.x/reference/html/[reference documentation].
https://docs.spring.io/spring-data/ldap/docs/1.0.x/reference/html/[reference documentation].
You can also inject an auto-configured `LdapTemplate` instance as you would with any
other Spring Bean.
@ -4828,7 +4828,7 @@ reached.
[[boot-features-kafka]]
=== Apache Kafka Support
http://kafka.apache.org/[Apache Kafka] is supported by providing auto-configuration of the
https://kafka.apache.org/[Apache Kafka] is supported by providing auto-configuration of the
`spring-kafka` project.
Kafka configuration is controlled by external configuration properties in

@ -12,5 +12,5 @@ spring.data.neo4j.password=secret
You can also locally add the embedded driver to embed Neo4j instead. Note
that Spring Boot does not provide dependency management for that GPL-licensed
library, see
http://docs.spring.io/spring-data/neo4j/docs/4.2.x/reference/html/#reference.getting_started.driver[the official documentation]
https://docs.spring.io/spring-data/neo4j/docs/4.2.x/reference/html/#reference.getting_started.driver[the official documentation]
for more details.

@ -16,7 +16,7 @@ limitations under the License.
-->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
"https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>

@ -31,7 +31,7 @@ do as they were designed before this was clarified.
| https://qpid.apache.org/components/jms/[Apache Qpid]
| https://github.com/amqphub/amqp-10-jms-spring-boot
| http://wicket.apache.org/[Apache Wicket]
| https://wicket.apache.org/[Apache Wicket]
| https://github.com/MarcGiffing/wicket-spring-boot
| https://camunda.org/[Camunda BPM]
@ -82,7 +82,7 @@ do as they were designed before this was clarified.
| JSF (https://primefaces.org/[PrimeFaces], https://primefaces-extensions.github.io/[PrimeFaces Extensions], https://bootsfaces.net/[BootsFaces], https://github.com/ButterFaces/ButterFaces[ButterFaces], https://omnifaces.org/[OmniFaces], https://angularfaces.net/[AngularFaces], https://javaserverfaces.java.net/[Mojarra] and https://myfaces.apache.org[MyFaces])
| https://github.com/joinfaces/joinfaces
| http://log4jdbc.brunorozendo.com/[Log4jdbc]
| https://log4jdbc.brunorozendo.com/[Log4jdbc]
| https://github.com/candrews/log4jdbc-spring-boot-starter
| https://logback.qos.ch/access.html[Logback-access]
@ -109,7 +109,7 @@ do as they were designed before this was clarified.
| https://square.github.io/okhttp/[OkHttp]
| https://github.com/freefair/okhttp-spring-boot
| http://orika-mapper.github.io/orika-docs/[Orika]
| https://orika-mapper.github.io/orika-docs/[Orika]
| https://github.com/akihyro/orika-spring-boot-starter
| https://resteasy.jboss.org/[RESTEasy]
@ -127,7 +127,7 @@ do as they were designed before this was clarified.
| https://github.com/StripesFramework/stripes[Stripes]
| https://github.com/juanpablo-santos/stripes-spring-boot
| http://teiid.org/[Teiid]
| https://teiid.github.io/teiid.io/[Teiid]
| https://github.com/teiid/teiid-spring-boot
| https://vaadin.com/[Vaadin]

@ -19,7 +19,7 @@ package org.springframework.boot.configurationprocessor.json;
// Note: this class was written without inspecting the non-free org.json sourcecode.
/**
* Parses a JSON (<a href="http://www.ietf.org/rfc/rfc4627.txt">RFC 4627</a>) encoded
* Parses a JSON (<a href="https://www.ietf.org/rfc/rfc4627.txt">RFC 4627</a>) encoded
* string into the corresponding object. Most clients of this class will use only need the
* {@link #JSONTokener(String) constructor} and {@link #nextValue} method. Example usage:
* <pre>

Loading…
Cancel
Save