Send GET HTTPS request but get 403 forbidden response, why? why?

Friends, I have the same problem as Send GET HTTPS request but get 403 forbidden response, wh开发者_Python百科y?

My urlstring also contains https://.., However, I can't understand Bruno's answer.

When you send an HTTP GET the request should be like this: GET /COVIWeb/gate/... HTTP/1.1 Host: ekp.truefriend.com Not: GET https://ekp.truefriend.com/COVIWeb/gate/... HTTP/1.1 (that's only for requests via a proxy, and doesn't apply to the HTTPS requests anyway.)

Update

I'm still not having any success:

java.lang.IllegalStateException: Target host must not be null, or set in parameters.

My absoluteURL:

https://www.stage.ceosace.com/platform/j_spring_cas_security_check?ticket=ST-14-J76iOk5aXQNrZBBUeIn3-cas

My code:

String url = "/platform/j_spring_cas_security_check?ticket=ST-14-J76iOk5aXQNrZBBUeIn3-cas";

HttpGet request = new HttpGet(url);
request.setHeader("Accept", "*/*");
request.setHeader("User-Agent", USER_AGENT);
request.setHeader("connection","keep-alive");
request.setHeader("Host","Host:www.stage.ceosace.com"+":443");

I don't know where I am wrong; any advice?

Bruno's answer says that the form of the URL including the hostname is awkward and perhaps problematic; the hostname must be included in a Host: header. Including the hostname in the full URI is duplicating information, and potentially harmful (even though the RFC states HTTP 1.1 servers should be prepared to accept the full hostname in the URI).

RFC 2616 Section 5.1.2 has the full details:

The absoluteURI form is REQUIRED when the request is being made to a
proxy. The proxy is requested to forward the request or service it
from a valid cache, and return the response. Note that the proxy MAY
forward the request on to another proxy or directly to the server
specified by the absoluteURI. In order to avoid request loops, a
proxy MUST be able to recognize all of its server names, including
any aliases, local variations, and the numeric IP address. An example
Request-Line would be:

    GET http://www.w3.org/pub/WWW/TheProject.html HTTP/1.1

To allow for transition to absoluteURIs in all requests in future
versions of HTTP, all HTTP/1.1 servers MUST accept the absoluteURI
form in requests, even though HTTP/1.1 clients will only generate
them in requests to proxies.

The authority form is only used by the CONNECT method (section 9.9).

The most common form of Request-URI is that used to identify a
resource on an origin server or gateway. In this case the absolute
path of the URI MUST be transmitted (see section 3.2.1, abs_path) as
the Request-URI, and the network location of the URI (authority) MUST
be transmitted in a Host header field. For example, a client wishing
to retrieve the resource above directly from the origin server would
create a TCP connection to port 80 of the host "www.w3.org" and send
the lines:

    GET /pub/WWW/TheProject.html HTTP/1.1
    Host: www.w3.org

followed by the remainder of the Request. Note that the absolute path
cannot be empty; if none is present in the original URI, it MUST be
given as "/" (the server root).