getProxy | The crawler obtains http : //www.xicidali.com/ proxy server

It looks like your pointcut is too global. As @target() can only be evaluated during runtime, as is documented, the aspect is basically applied to all classes. One way is to use @within() instead. If that does not work, you can also add something like ... && within(my.own.app..*) in order to limit the aspect scope.

It turns out that the MockRestServiceServer needed to verify after the latch is awaiting as shown in this code below.

From the Javadoc of StepScope:

Both @EnableAspectJAutoProxy and enable creation of the bean post-processor singleton AnnotationAwareAspectJAutoProxyCreator. This object has an optional property includePatterns for filtering the eligible annotated aspect beans. By default all annotated aspect beans are eligible which means that advisors will be created for their annotated methods and these advisors will later be matched while wrapping the other beans with proxies.

includePatterns is only configurable via the XML tag , there's no annotation equivalent. If you have in one of your XML configs you can't clear includePatterns to make all annotated aspects eligible.

All this makes it pointless to use AspectJ annotations if you want to avoid side effects. To create just one aspect bean without enabling aspectj-autoproxy it's optimal to configure that bean with the tag:

As the comments at the top say, that class is no longer used; it was the abstract user-visible class that is now replaced by javax.net.HttpsURLConnection which you will observe has the same code. But the implementation class for https URL is sun.net.www.protocol.https.HttpsURLConnectionImpl which just wraps (delegates to) sun.net.www.protocol.https.DelegateHttpsURLConnection which subclasses sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection which to make the actual connection uses sun.net.www.protocol.HttpsClient and in particular .afterConnect(). As background, in earlier versions of Java SSLSocket did not do hostname verification, so the implementation of HttpsURLConnection had to add it. In Java 7 up, SSLSocket does support 'endpoint identification', so when afterConnect() recognizes that the hostnameVerifier on this URLconnection was the default one, it turns off needToCheckSpoofing and sets the SSLSocket to do endpoint identification.

javax.net.ssl.SSLSocket is similarly an abstract class that is actually implemented by sun.security.ssl.SSLSocketImpl and several dozen related classes including sun.security.ssl.ClientHandshaker.serverCertificate() which calls the configurable trustmanager which by default is sun.security.ssl.X509TrustManagerImpl which in checkTrusted() since endpoint identification was requested calls checkIdentity() which calls sun.security.util.HostnameChecker with TYPE_TLS (actually meaning HTTPS RFC 2818), and that does the actual checking.

Glad you asked?

PS: the analysis on that webpage, that HttpsURLConnection.DefaultHostnameVerifier is called only for mismatch, is quite wrong. As above it is bypassed and never called by the actual implementation.

Also I assume you realize java 7 has not been supported for years unless you pay. Although this area hasn't changed that I know of in more recent versions. Java 11 does add a new java.net.http.HttpClient which functionally supersedes [Http,Https]URLConnection.

Eventually I determined that the "system" configuration of the powershell script was coming from an old config file in the Framework install.

C:\Windows\Microsoft.NET\Framework\v4.0.30319\Config\machine.config

In your code example, you are attempting to send the CORS headers from the client to the server.

It needs to be the other way around.

The client needs to respond to your request with the 'Access-Control-Allow-Origin': '*' header for this to work.

Can your check, using Chrome Dev tools network tab, that the server is returning the correct access control headers from the GimmeProxy API.

Edit: Upon further inspection, I don't seem to see an access control header on this API endpoint.

What you'll need to do in that case, is set up your own API endpoint as a middleman:

1. Set up an Express API on a VPS (or alternatively an AWS lambda function).
2. Create an endpoint that makes a request to gimmeproxy.
3. Your Chrome extension makes a request to this endpoint via Axios.
4. The endpoint makes a request to the gimmeproxy API via Axios (it is not a browser, so no cross origin policies are enforced).
5. Your API returns the response to the client.

It is important to note, that your Express API must return the header 'Access-Control-Allow-Origin': '*' or have an origin matching that of your extension.

There were some issue in build.sbt by making changes to sbt file resolved my issue:-

updated code build.sbt:-

Ok, so I found the culprit, turns out it was the Java 9 module-info.java, I encountered an issue making RabbitMq work, all files were imported correctly but it was pointing to say the error was coming from my module-info.java so I removed it, after removing it I have not had this problem (and RabbitMq worked too), from my understanding, their are internal classes that were not put on the allow list that need to access my classes and because of that the app kept failing, the app has been working since then without any problems.