khttp icon indicating copy to clipboard operation
khttp copied to clipboard

Published 20 hours ago verified publisher icon lojewalo

Illegal access with Java 9

Open Torbilicious opened this issue 7 years ago • 16 comments

When running with java 9 you get the following warning:

WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by khttp.requests.GenericRequest (file:/C:/Users/Torben/.m2/repository/khttp/khttp/0.1.0/khttp-0.1.0.jar) to field java.net.URL.host
WARNING: Please consider reporting this to the maintainers of khttp.requests.GenericRequest
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release

Torbilicious avatar Sep 30 '17 14:09 Torbilicious

I too am affected by this issue.

tkuismin avatar Jan 08 '18 19:01 tkuismin

I found this warning too

WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by khttp.requests.GenericRequest (file:/home/sherlock/.gradle/caches/modules-2/files-2.1/khttp/khttp/0.1.0/810c5e89d44b032c2d079aa1c05230e5e7cfcc81/khttp-0.1.0.jar) to field java.net.URL.host
WARNING: Please consider reporting this to the maintainers of khttp.requests.GenericRequest
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release

Sherlock-Holo avatar Feb 17 '18 14:02 Sherlock-Holo

Any update on this?

jcornaz avatar Jun 12 '19 10:06 jcornaz

This does not seem to happen with Java 8, but does with newer versions

mrnohr avatar Jun 12 '19 13:06 mrnohr

This does not seem to happen with Java 8, but does with newer versions

Yes, as stated in the title of the issue. But the current LTS version of java is 11, so it'd be nice being able to use it.

jcornaz avatar Jun 12 '19 13:06 jcornaz

Any update? still getting it using java 11

Nadim96 avatar Jul 02 '19 11:07 Nadim96

Still getting this with 1.0.0:

WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by khttp.requests.GenericRequest (file:/home/gradle/.gradle/caches/modules-2/files-2.1/khttp/khttp/1.0.0/91b746489c4e55d44847d978c66cfbea91d84a62/khttp-1.0.0.jar) to field java.net.URL.host
WARNING: Please consider reporting this to the maintainers of khttp.requests.GenericRequest
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release

rmaclean-ee avatar Jul 19 '19 07:07 rmaclean-ee

The issue is the reflection code in this function:

    private fun URL.toIDN(): URL {
        val newHost = IDN.toASCII(this.host)
        this.javaClass.getDeclaredField("host").apply { this.isAccessible = true }.set(this, newHost)
        this.javaClass.getDeclaredField("authority").apply { this.isAccessible = true }.set(this, if (this.port == -1) this.host else "${this.host}:${this.port}")

The code is taking a URL that already has been constructed in makeRoute

private fun makeRoute(route: String) = URL(route + if (this.params.isNotEmpty()) "?${Parameters(this.params)}" else "").toIDN().toString()

and making the host and authority fields accessible so it can replace the host passed in with an IDN version.

A fix should eliminate the reflection code and construct the URL with an already modified host instead.

I can't get the existing Maven build of this project to run successfully. There are breaking tests on a freshly checked out copy of the project. Any fix should be along these lines (code untested due to above build problems):

    private fun makeRoute(route: String): String {

        val tempURL = URL(route + if (this.params.isNotEmpty()) "?${Parameters(this.params)}" else "")
        val newHost = IDN.toASCII(tempURL.host)
        val query = if (tempURL.query == null) {
            null
        } else {
            URLDecoder.decode(tempURL.query, "UTF-8")
        }
        with(tempURL) {
           return URL(URI(protocol, userInfo, newHost, port, path, query, ref).toASCIIString()).toString()
        }
    }

The above as a patch:

Index: src/main/kotlin/khttp/requests/GenericRequest.kt
IDEA additional info:
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
<+>UTF-8
===================================================================
--- src/main/kotlin/khttp/requests/GenericRequest.kt	(revision 130b89ca9007fb2a03af85d71ecfcde617d0c909)
+++ src/main/kotlin/khttp/requests/GenericRequest.kt	(date 1578838350218)
@@ -193,18 +193,20 @@
         return stringWriter.toString()
     }
 
-    private fun URL.toIDN(): URL {
-        val newHost = IDN.toASCII(this.host)
-        this.javaClass.getDeclaredField("host").apply { this.isAccessible = true }.set(this, newHost)
-        this.javaClass.getDeclaredField("authority").apply { this.isAccessible = true }.set(this, if (this.port == -1) this.host else "${this.host}:${this.port}")
-        val query = if (this.query == null) {
+
+
+    private fun makeRoute(route: String): String {
+
+        val tempURL = URL(route + if (this.params.isNotEmpty()) "?${Parameters(this.params)}" else "")
+        val newHost = IDN.toASCII(tempURL.host)
+        val query = if (tempURL.query == null) {
             null
         } else {
-            URLDecoder.decode(this.query, "UTF-8")
+            URLDecoder.decode(tempURL.query, "UTF-8")
         }
-        return URL(URI(this.protocol, this.userInfo, this.host, this.port, this.path, query, this.ref).toASCIIString())
+        with(tempURL) {
+           return URL(URI(protocol, userInfo, newHost, port, path, query, ref).toASCIIString()).toString()
+        }
     }
-
-    private fun makeRoute(route: String) = URL(route + if (this.params.isNotEmpty()) "?${Parameters(this.params)}" else "").toIDN().toString()
 
 }

ghost avatar Jan 12 '20 14:01 ghost

Thanks @paulnuk!

Although I'm afraid we should consider this project discontinued. The build has been failing for eight months now.

jcornaz avatar Jan 13 '20 07:01 jcornaz

Thanks @paulnuk!

Although I'm afraid we should consider this project discontinued. The build has been failing for eight months now.

Well either we can count this project as dead (what are the alternatives) or fix it.

I'm happy to look at trying to do the fix, and fix the build whilst I'm at it, though that may involve a migration to Gradle Kotlin DSL whilst I'm at it.

Are people still interested in the fix?

ghost avatar Jan 17 '20 18:01 ghost

So, any chance this can be fixed? :(

spyro2000 avatar Jul 24 '20 17:07 spyro2000

Thanks @paulnuk! Although I'm afraid we should consider this project discontinued. The build has been failing for eight months now.

Well either we can count this project as dead (what are the alternatives) or fix it.

I'm happy to look at trying to do the fix, and fix the build whilst I'm at it, though that may involve a migration to Gradle Kotlin DSL whilst I'm at it.

Are people still interested in the fix?

yes

kylichist avatar Aug 19 '20 16:08 kylichist

Yep, having recently upgraded to java 15, yes, I'd love this fixed. KHttp is an awesome addition to my development. Would be great to have this fixed.

sp33dy avatar Dec 11 '20 23:12 sp33dy

yes it would be nice to fix this, khttp is great!

AldoLaClasse avatar Jan 23 '21 11:01 AldoLaClasse

3 years after reported and the last comment is "it would be nice to fix this", this is no bueno

amonaco avatar Jan 31 '21 16:01 amonaco

Has anybody forked this and made a fixed version yet?

spaceclouds42 avatar Mar 25 '21 17:03 spaceclouds42