Monday, May 07, 2007

Running TRACE on the server using Java from within the browser Part 2

In the previous post on running TRACE on the server using java from within the browser, the approach was using java.net.Socket. In this approach, we are using java.net.UrlConnection


There are certain limitations with this approach
1.If the TRACE is disabled on the server, firefox will give PrivilegeException
2.It the HTTP is disabled on the web server then it will give PrivilegeException
3.It will run on FireFox only
4.Requires JDK 2 at least


1. Get the host name from the browser’s location bar. Assuming the port is 80.
var l = "http://" + document.location.host + "/";

2. Create a URL object
var url = new java.net.URL(l);

3. Open a URL Connection to the host.
var uc = url.openConnection();

4. Run the TRACE request on the host.
uc.setRequestMethod("TRACE");

5. Open an input stream to the read from the server.
var rd = new java.io.BufferedReader(new java.io.InputStreamReader(uc.getInputStream()));

6. Read the lines from the server and display them as javascript alert.
var lines = "";
while ((str = rd.readLine()) != null) {
lines += str + "\n";
}

alert(lines);

7. Close the stream.
rd.close();


Run it as a bookmarklet
javascript:var l = "http://" + document.location.host + "/";var url = new java.net.URL(l);var uc = url.openConnection();uc.setRequestMethod("TRACE");var rd = new java.io.BufferedReader(new java.io.InputStreamReader(uc.getInputStream()));var lines = "";while ((str = rd.readLine()) != null){ lines += str + "\n"; }alert(lines);rd.close();

1 comment:

Anonymous said...

looks good,
thanks