Chinaunix首页 | 论坛 | 博客
  • 博客访问: 4247759
  • 博文数量: 447
  • 博客积分: 1241
  • 博客等级: 中尉
  • 技术积分: 5786
  • 用 户 组: 普通用户
  • 注册时间: 2011-01-27 06:48
个人简介

读好书,交益友

文章分类

全部博文(447)

文章存档

2024年(1)

2023年(5)

2022年(29)

2021年(49)

2020年(16)

2019年(15)

2018年(23)

2017年(67)

2016年(42)

2015年(51)

2014年(57)

2013年(52)

2012年(35)

2011年(5)

分类: Java

2021-08-06 16:02:05

maven 3.8.1 使用http代理的时候,提示
maven-default-http-blocker (

maven官方给出了答案
  • Possible Man-In-The-Middle-Attack due to custom repositories using HTTP
    More and more repositories use HTTPS nowadays, but this hasn’t always been the case. This means that Maven Central contains POMs with custom repositories that refer to a URL over HTTP. This makes downloads via such repository a target for a MITM attack. At the same time, developers are probably not aware that for some downloads an insecure URL is being used. Because uploaded POMs to Maven Central are immutable, a change for Maven was required. To solve this, we extended the mirror configuration with  parameter, and we added a new external:http:* mirror selector (like existing external:*), meaning “any external URL using HTTP”.
    The decision was made to block such external HTTP repositories by default: this is done by providing a mirror in the conf/settings.xml blocking insecure HTTP external URLs.

但是公司内部的maven仓库。这些仓库一般都是http协议,Maven 3.8.1禁止了http协议
打开conf/settings.xml
删除

点击(此处)折叠或打开

  1. <mirror>
  2.       <id>maven-default-http-blocker</id>
  3.       <mirrorOf>external:http:*</mirrorOf>
  4.       <name>Pseudo repository to mirror external repositories initially using HTTP.</name>
  5.       <url>http://0.0.0.0/</url>
  6.       <blocked>true</blocked>
  7.     </mirror>
重新下载

   
阅读(4488) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~