Purpose, just a POC (for now) to automatically and periodically find some CVE tags in the maven repository.
我可以通过浏览器和mvn很好地访问maven,但无法通过Java访问maven,我缺少什么?我try 过UrlConnection、HttpsURLConnection、有无GET、Content type、User Agent和Accept,对于我try 的所有地址,它总是返回403,同样的代码在其他网站(如"cve.mitre.org"或"nvd.nist.gov")上运行良好,但在以下情况下失败:https://mvnrepository.com/artifact/log4j/apache-log4j-extras/1.2.17".
我的URL是动态构建的,以"**https://mvnrepository.com/artifact/**""开头,然后添加组、名称和版本,将其转换为有效地址,如https://mvnrepository.com/artifact/log4j/apache-log4j-extras/1.2.17"
System.setProperty("https.proxyHost", "xxxx");
System.setProperty("https.proxyPort", "xxxx");
String content = null;
try {
URL obj = new URL(address);
HttpsURLConnection con = (HttpsURLConnection) obj.openConnection();
con.setRequestMethod("GET");
con.setRequestProperty("Content-Type", "application/json");
con.setRequestProperty("User-Agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36");
con.setRequestProperty("Accept", "*/*");
con.connect();
BufferedReader br;
if (con.getResponseCode() < 300) {
br = new BufferedReader(new InputStreamReader(con.getInputStream(), StandardCharsets.UTF_8));
} else {
br = new BufferedReader(new InputStreamReader(con.getErrorStream(), StandardCharsets.UTF_8));
}
final StringBuilder sb = new StringBuilder();
String line;
while ((line = br.readLine()) != null) {
sb.append(line);
}
br.close();