8344222: Remove calls to SecurityManager and doPrivileged in java.net.HttpURLConnection, java.net.HttpConnectSocketImpl, and javax.net.HttpsURLConnection after JEP 486 integration

Reviewed-by: dfuchs, jpai

src/java.base/share/classes/java/net/HttpConnectSocketImpl.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010, 2023, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -40,7 +40,7 @@ import java.util.Set;
  * @since 1.8
  */
 
-/*package*/ @SuppressWarnings("removal") class HttpConnectSocketImpl extends DelegatingSocketImpl {
+/*package*/ class HttpConnectSocketImpl extends DelegatingSocketImpl {
 
     private static final String httpURLClazzStr =
                                   "sun.net.www.protocol.http.HttpURLConnection";
@@ -59,18 +59,11 @@ import java.util.Set;
         try {
             Class<?> httpClazz = Class.forName(httpURLClazzStr, true, null);
             httpField = httpClazz.getDeclaredField("http");
+            httpField.setAccessible(true);
             doTunneling = httpClazz.getDeclaredMethod(doTunnelingStr);
             Class<?> netClientClazz = Class.forName(netClientClazzStr, true, null);
             serverSocketField = netClientClazz.getDeclaredField("serverSocket");
-
-            java.security.AccessController.doPrivileged(
-                new java.security.PrivilegedAction<>() {
-                    public Void run() {
-                        httpField.setAccessible(true);
-                        serverSocketField.setAccessible(true);
-                        return null;
-                }
-            });
+            serverSocketField.setAccessible(true);
         } catch (ReflectiveOperationException x) {
             throw new InternalError("Should not reach here", x);
         }
@@ -107,16 +100,12 @@ import java.util.Set;
                                                 : epoint.getAddress().getHostAddress();
         final int destPort = epoint.getPort();
 
-        SecurityManager security = System.getSecurityManager();
-        if (security != null)
-            security.checkConnect(destHost, destPort);
-
         if (destHost.contains(":"))
             destHost = "[" + destHost + "]";
 
         // Connect to the HTTP proxy server
         String urlString = "http://" + destHost + ":" + destPort;
-        Socket httpSocket = privilegedDoTunnel(urlString, timeout);
+        Socket httpSocket = doTunnel(urlString, timeout);
 
         // Success!
         external_address = epoint;
@@ -164,22 +153,6 @@ import java.util.Set;
         optionsMap.put(opt, val);
     }
 
-    private Socket privilegedDoTunnel(final String urlString,
-                                      final int timeout)
-        throws IOException
-    {
-        try {
-            return java.security.AccessController.doPrivileged(
-                new java.security.PrivilegedExceptionAction<>() {
-                    public Socket run() throws IOException {
-                        return doTunnel(urlString, timeout);
-                }
-            });
-        } catch (java.security.PrivilegedActionException pae) {
-            throw (IOException) pae.getException();
-        }
-    }
-
     private Socket doTunnel(String urlString, int connectTimeout)
         throws IOException
     {

src/java.base/share/classes/java/net/HttpURLConnection.java

@@ -368,12 +368,6 @@ public abstract class HttpURLConnection extends URLConnection {
      * @see #getFollowRedirects()
      */
     public static void setFollowRedirects(boolean set) {
-        @SuppressWarnings("removal")
-        SecurityManager sec = System.getSecurityManager();
-        if (sec != null) {
-            // seems to be the best check here...
-            sec.checkSetFactory();
-        }
         followRedirects = set;
     }
 
@@ -452,13 +446,6 @@ public abstract class HttpURLConnection extends URLConnection {
 
         for (int i = 0; i < methods.length; i++) {
             if (methods[i].equals(method)) {
-                if (method.equals("TRACE")) {
-                    @SuppressWarnings("removal")
-                    SecurityManager s = System.getSecurityManager();
-                    if (s != null) {
-                        s.checkPermission(new NetPermission("allowHttpTrace"));
-                    }
-                }
                 this.method = method;
                 return;
             }

src/java.base/share/classes/javax/net/ssl/HttpsURLConnection.java

@@ -226,7 +226,6 @@ public abstract class HttpsURLConnection extends HttpURLConnection {
             throw new IllegalArgumentException(
                 "no default HostnameVerifier specified");
         }
-
         defaultHostnameVerifier = v;
     }
 
@@ -300,7 +299,6 @@ public abstract class HttpsURLConnection extends HttpURLConnection {
             throw new IllegalArgumentException(
                 "no default SSLSocketFactory specified");
         }
-
         defaultSSLSocketFactory = sf;
     }
 
@@ -342,7 +340,6 @@ public abstract class HttpsURLConnection extends HttpURLConnection {
             throw new IllegalArgumentException(
                 "no SSLSocketFactory specified");
         }
-
         sslSocketFactory = sf;
     }
 

test/jdk/java/net/HttpURLConnection/HttpURLConWithProxy.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2016, 2020, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2016, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -165,6 +165,6 @@ class ProxyHandler extends Handler {
     }
 
     @Override
-    public void close() throws SecurityException {
+    public void close() {
     }
 }