HttpURLConnection

public abstract class HttpURLConnection extends URLConnection
Known Direct Subclasses

An URLConnection for HTTP (RFC 2616) used to send and receive data over the web. Data may be of any type and length. This class may be used to send and receive streaming data whose length is not known in advance.

Uses of this class follow a pattern:

  1. Obtain a new HttpURLConnection by calling URL.openConnection() and casting the result to HttpURLConnection.
  2. Prepare the request. The primary property of a request is its URI. Request headers may also include metadata such as credentials, preferred content types, and session cookies.
  3. Optionally upload a request body. Instances must be configured with setDoOutput(true) if they include a request body. Transmit data by writing to the stream returned by getOutputStream().
  4. Read the response. Response headers typically include metadata such as the response body's content type and length, modified dates and session cookies. The response body may be read from the stream returned by getInputStream(). If the response has no body, that method returns an empty stream.
  5. Disconnect. Once the response body has been read, the HttpURLConnection should be closed by calling disconnect(). Disconnecting releases the resources held by a connection so they may be closed or reused.

For example, to retrieve the webpage at http://www.android.com/:

   URL url = new URL("http://www.android.com/");
   HttpURLConnection urlConnection = (HttpURLConnection) url.openConnection();
   try {
     InputStream in = new BufferedInputStream(urlConnection.getInputStream());
     readStream(in);
   } finally {
     urlConnection.disconnect();
   }
 

Secure Communication with HTTPS

Calling openConnection() on a URL with the "https" scheme will return an HttpsURLConnection, which allows for overriding the default HostnameVerifier and SSLSocketFactory. An application-supplied SSLSocketFactory created from an SSLContext can provide a custom X509TrustManager for verifying certificate chains and a custom X509KeyManager for supplying client certificates. See HttpsURLConnection for more details.

Response Handling

HttpURLConnection will follow up to five HTTP redirects. It will follow redirects from one origin server to another. This implementation doesn't follow redirects from HTTPS to HTTP or vice versa.

If the HTTP response indicates that an error occurred, getInputStream() will throw an IOException. Use getErrorStream() to read the error response. The headers can be read in the normal way using getHeaderFields(),

Posting Content

To upload data to a web server, configure the connection for output using setDoOutput(true).

For best performance, you should call either setFixedLengthStreamingMode(int) when the body length is known in advance, or setChunkedStreamingMode(int) when it is not. Otherwise HttpURLConnection will be forced to buffer the complete request body in memory before it is transmitted, wasting (and possibly exhausting) heap and increasing latency.

For example, to perform an upload:

   HttpURLConnection urlConnection = (HttpURLConnection) url.openConnection();
   try {
     urlConnection.setDoOutput(true);
     urlConnection.setChunkedStreamingMode(0);

     OutputStream out = new BufferedOutputStream(urlConnection.getOutputStream());
     writeStream(out);

     InputStream in = new BufferedInputStream(urlConnection.getInputStream());
     readStream(in);
   } finally {
     urlConnection.disconnect();
   }
 

Performance

The input and output streams returned by this class are not buffered. Most callers should wrap the returned streams with BufferedInputStream or BufferedOutputStream. Callers that do only bulk reads or writes may omit buffering.

When transferring large amounts of data to or from a server, use streams to limit how much data is in memory at once. Unless you need the entire body to be in memory at once, process it as a stream (rather than storing the complete body as a single byte array or string).

To reduce latency, this class may reuse the same underlying Socket for multiple request/response pairs. As a result, HTTP connections may be held open longer than necessary. Calls to disconnect() may return the socket to a pool of connected sockets. This behavior can be disabled by setting the http.keepAlive system property to false before issuing any HTTP requests. The http.maxConnections property may be used to control how many idle connections to each server will be held.

By default, this implementation of HttpURLConnection requests that servers use gzip compression. Since getContentLength() returns the number of bytes transmitted, you cannot use that method to predict how many bytes can be read from getInputStream(). Instead, read that stream until it is exhausted: when read() returns -1. Gzip compression can be disabled by setting the acceptable encodings in the request header:

   urlConnection.setRequestProperty("Accept-Encoding", "identity");
 

Handling Network Sign-On

Some Wi-Fi networks block Internet access until the user clicks through a sign-on page. Such sign-on pages are typically presented by using HTTP redirects. You can use getURL() to test if your connection has been unexpectedly redirected. This check is not valid until after the response headers have been received, which you can trigger by calling getHeaderFields() or getInputStream(). For example, to check that a response was not redirected to an unexpected host:
   HttpURLConnection urlConnection = (HttpURLConnection) url.openConnection();
   try {
     InputStream in = new BufferedInputStream(urlConnection.getInputStream());
     if (!url.getHost().equals(urlConnection.getURL().getHost())) {
       // we were redirected! Kick the user out to the browser to sign on?
     }
     ...
   } finally {
     urlConnection.disconnect();
   }
 

HTTP Authentication

HttpURLConnection supports HTTP basic authentication. Use Authenticator to set the VM-wide authentication handler:
   Authenticator.setDefault(new Authenticator() {
     protected PasswordAuthentication getPasswordAuthentication() {
       return new PasswordAuthentication(username, password.toCharArray());
     }
   });
 
Unless paired with HTTPS, this is not a secure mechanism for user authentication. In particular, the username, password, request and response are all transmitted over the network without encryption.

Sessions with Cookies

To establish and maintain a potentially long-lived session between client and server, HttpURLConnection includes an extensible cookie manager. Enable VM-wide cookie management using CookieHandler and CookieManager:
   CookieManager cookieManager = new CookieManager();
   CookieHandler.setDefault(cookieManager);
 
By default, CookieManager accepts cookies from the origin server only. Two other policies are included: ACCEPT_ALL and ACCEPT_NONE. Implement CookiePolicy to define a custom policy.

The default CookieManager keeps all accepted cookies in memory. It will forget these cookies when the VM exits. Implement CookieStore to define a custom cookie store.

In addition to the cookies set by HTTP responses, you may set cookies programmatically. To be included in HTTP request headers, cookies must have the domain and path properties set.

By default, new instances of HttpCookie work only with servers that support RFC 2965 cookies. Many web servers support only the older specification, RFC 2109. For compatibility with the most web servers, set the cookie version to 0.

For example, to receive www.twitter.com in French:

   HttpCookie cookie = new HttpCookie("lang", "fr");
   cookie.setDomain("twitter.com");
   cookie.setPath("/");
   cookie.setVersion(0);
   cookieManager.getCookieStore().add(new URI("http://twitter.com/"), cookie);
 

HTTP Methods

HttpURLConnection uses the GET method by default. It will use POST if setDoOutput(true) has been called. Other HTTP methods (OPTIONS, HEAD, PUT, DELETE and TRACE) can be used with setRequestMethod(String).

Proxies

By default, this class will connect directly to the origin server. It can also connect via an HTTP or SOCKS proxy. To use a proxy, use URL.openConnection(Proxy) when creating the connection.

IPv6 Support

This class includes transparent support for IPv6. For hosts with both IPv4 and IPv6 addresses, it will attempt to connect to each of a host's addresses until a connection is established.

Response Caching

Android 4.0 (Ice Cream Sandwich, API level 15) includes a response cache. See android.net.http.HttpResponseCache for instructions on enabling HTTP caching in your application.

Avoiding Bugs In Earlier Releases

Prior to Android 2.2 (Froyo), this class had some frustrating bugs. In particular, calling close() on a readable InputStream could poison the connection pool. Work around this by disabling connection pooling:
   private void disableConnectionReuseIfNecessary() {
   // Work around pre-Froyo bugs in HTTP connection reuse.
   if (Integer.parseInt(Build.VERSION.SDK) < Build.VERSION_CODES.FROYO) {
     System.setProperty("http.keepAlive", "false");
   }
 }

Each instance of HttpURLConnection may be used for one request/response pair. Instances of this class are not thread safe.

Constant Summary

int HTTP_ACCEPTED Numeric status code, 202: Accepted
int HTTP_BAD_GATEWAY Numeric status code, 502: Bad Gateway
int HTTP_BAD_METHOD Numeric status code, 405: Bad Method
int HTTP_BAD_REQUEST Numeric status code, 400: Bad Request
int HTTP_CLIENT_TIMEOUT Numeric status code, 408: Client Timeout
int HTTP_CONFLICT Numeric status code, 409: Conflict
int HTTP_CREATED Numeric status code, 201: Created
int HTTP_ENTITY_TOO_LARGE Numeric status code, 413: Entity too large
int HTTP_FORBIDDEN Numeric status code, 403: Forbidden
int HTTP_GATEWAY_TIMEOUT Numeric status code, 504: Gateway timeout
int HTTP_GONE Numeric status code, 410: Gone
int HTTP_INTERNAL_ERROR Numeric status code, 500: Internal error
int HTTP_LENGTH_REQUIRED Numeric status code, 411: Length required
int HTTP_MOVED_PERM Numeric status code, 301 Moved permanently
int HTTP_MOVED_TEMP Numeric status code, 302: Moved temporarily
int HTTP_MULT_CHOICE Numeric status code, 300: Multiple choices
int HTTP_NOT_ACCEPTABLE Numeric status code, 406: Not acceptable
int HTTP_NOT_AUTHORITATIVE Numeric status code, 203: Not authoritative
int HTTP_NOT_FOUND Numeric status code, 404: Not found
int HTTP_NOT_IMPLEMENTED Numeric status code, 501: Not implemented
int HTTP_NOT_MODIFIED Numeric status code, 304: Not modified
int HTTP_NO_CONTENT Numeric status code, 204: No content
int HTTP_OK Numeric status code, 200: OK
int HTTP_PARTIAL Numeric status code, 206: Partial
int HTTP_PAYMENT_REQUIRED Numeric status code, 402: Payment required
int HTTP_PRECON_FAILED Numeric status code, 412: Precondition failed
int HTTP_PROXY_AUTH Numeric status code, 407: Proxy authentication required
int HTTP_REQ_TOO_LONG Numeric status code, 414: Request too long
int HTTP_RESET Numeric status code, 205: Reset
int HTTP_SEE_OTHER Numeric status code, 303: See other
int HTTP_SERVER_ERROR This constant was deprecated. Use HTTP_INTERNAL_ERROR instead.
int HTTP_UNAUTHORIZED Numeric status code, 401: Unauthorized
int HTTP_UNAVAILABLE Numeric status code, 503: Unavailable
int HTTP_UNSUPPORTED_TYPE Numeric status code, 415: Unsupported type
int HTTP_USE_PROXY Numeric status code, 305: Use proxy.
int HTTP_VERSION Numeric status code, 505: Version not supported

Field Summary

protected int chunkLength If the HTTP chunked encoding is enabled this parameter defines the chunk-length.
protected int