Skip to content
Branch: master
Find file History
Latest commit b57ac99 Jun 6, 2019
Permalink
Type Name Latest commit message Commit time
..
Failed to load latest commit information.
src Use Config Directory of /config Jun 5, 2019
README.adoc Add NoHttpCheck.whitelist Jun 5, 2019
build.gradle Add Copyright Header Apr 1, 2019

README.adoc

This project integrates nohttp with checkstyle to reject URLs with the http:// scheme while ignoring URLs that cannot be https://.

NoHttpCheck

This verifies that your build has no http:// URLs but ignores URLs that cannot be https://.

Note

If you are using Gradle, see nohttp-gradle project.

While many checkstyle configurations only impact your source and resources, it is important that no http checks are performed on all the files within your repository. For example, you will want to ensure that you validate your build files like pom.xml and build.gradle.

Samples

Configuration

The default nohttp checkstyle.xml configuration can be found below:

<!DOCTYPE module PUBLIC "-//Puppy Crawl//DTD Check Configuration 1.3//EN"
        "https://www.puppycrawl.com/dtds/configuration_1_3.dtd">
<module name="Checker">

    <property name="charset" value="UTF-8"/>
    <!-- Configure checker to run on files with all file extensions (empty is all) -->
    <property name="fileExtensions" value=""/>

    <module name="io.spring.nohttp.checkstyle.check.NoHttpCheck">
        <property name="whitelistFileName" value="${nohttp.checkstyle.whitelistFileName}" default=""/>
    </module>

    <module name="SuppressionFilter">
        <property name="file" value="${config_loc}/suppressions.xml" default=""/>
        <property name="optional" value="true"/>
    </module>

    <!-- Allow suppression with comments
       // CHECKSTYLE:OFF
       ... ignored content ...
       // CHECKSTYLE:ON
    -->
    <module name="SuppressWithPlainTextCommentFilter"/>
</module>
Note
SuppressWithPlainTextCommentFilter was added in Checkstyle 8.6, so for the default configuration to work you must run with Checkstyle 8.6+

Custom Whitelist

The nohttp project provides a default whitelist. If you find the need to exclude additional URL patterns, you can do so with the above configuration by including a checkstyle property named nohttp.checkstyle.whitelistFileName pointing to an whitelist file that is in the format of RegexPredicate.createWhitelist(InputStream).

Embedding a Whitelist

If you prefer, you can embed a whitelist rather than externalizing it into a separate file by using the whitelist property. The value of whitelist should be in the format of RegexPredicate.createWhitelist(InputStream). For example, the following will whitelist http://example.com and http://example.org:

<module name="io.spring.nohttp.checkstyle.check.NoHttpCheck">
	<property name="whitelist" value="^\Qhttp://example.com\E$&#10;
^\Qhttp://example.org\E$"/>
</module>
Note
Use &#10 to specify new lines.

Suppress With Comments

The above Configuration demonstrates how to suppress checks using SuppressWithPlainTextCommentFilter. For example, the following will ignore the URL http://example.org/schema/ only in the location of code surrounded by the CHECKSTYLE:OFF / CHECKSTYLE:ON comments.

// CHECKSTYLE:OFF
if (url.startsWith("http://example.org/schema/") {
// CHECKSTYLE:ON

Suppressions with SuppressionFilter

The above Configuration demonstrates how to leverage SuppressionFilter to ignore specific violations. To leverage it make sure a file exists at ${config_loc}/suppressions.xml that contains the necessary suppressions. An example supressions file might look like:

<!DOCTYPE suppressions PUBLIC
	"-//Checkstyle//DTD SuppressionFilter Configuration 1.2//EN"
	"https://checkstyle.org/dtds/suppressions_1_2.dtd">

<suppressions>
	<suppress checks="io.spring.nohttp.checkstyle.check.NoHttpCheck" files="BeanDefinitionParserDelegate.java" lines="1409"/>
</suppressions>
You can’t perform that action at this time.