spring-projects
diff --git a/‎CODE_OF_CONDUCT.adoc
+2-2 b/‎CODE_OF_CONDUCT.adoc
+2-2
diff --git a/‎CONTRIBUTING.md
+5-5 b/‎CONTRIBUTING.md
+5-5
diff --git a/‎README.adoc
+9-9 b/‎README.adoc
+9-9
diff --git a/‎cas/src/main/java/org/springframework/security/cas/authentication/EhCacheBasedTicketCache.java
+1-1 b/‎cas/src/main/java/org/springframework/security/cas/authentication/EhCacheBasedTicketCache.java
+1-1
diff --git a/‎cas/src/main/java/org/springframework/security/cas/package-info.java
+1-1 b/‎cas/src/main/java/org/springframework/security/cas/package-info.java
+1-1
diff --git a/‎config/src/main/java/org/springframework/security/config/annotation/authentication/builders/AuthenticationManagerBuilder.java
+3-3 b/‎config/src/main/java/org/springframework/security/config/annotation/authentication/builders/AuthenticationManagerBuilder.java
+3-3
diff --git a/‎config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java
+10-10 b/‎config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java
+10-10
diff --git a/‎config/src/main/java/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurer.java
+1-1 b/‎config/src/main/java/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurer.java
+1-1
diff --git a/‎config/src/main/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurer.java
+13-13 b/‎config/src/main/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurer.java
+13-13
diff --git a/‎config/src/main/java/org/springframework/security/config/annotation/web/configurers/LogoutConfigurer.java
+1-1 b/‎config/src/main/java/org/springframework/security/config/annotation/web/configurers/LogoutConfigurer.java
+1-1
diff --git a/‎config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java
+1-1 b/‎config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java
+1-1
@@ -40,5 +40,5 @@ appropriate to the circumstances. Maintainers are obligated to maintain confiden
 with regard to the reporter of an incident.
 
 This Code of Conduct is adapted from the
-http://contributor-covenant.org[Contributor Covenant], version 1.3.0, available at
-http://contributor-covenant.org/version/1/3/0/[contributor-covenant.org/version/1/3/0/]
+https://contributor-covenant.org[Contributor Covenant], version 1.3.0, available at
+https://contributor-covenant.org/version/1/3/0/[contributor-covenant.org/version/1/3/0/]
@@ -12,7 +12,7 @@ Each Spring module is slightly different than another in terms of team size, num
 
 # Importing into IDE
 
-The following provides information on setting up a development environment that can run the sample in [Spring Tool Suite 3.6.0+](http://www.springsource.org/sts). Other IDE's should work using Gradle's IDE support, but have not been tested.
+The following provides information on setting up a development environment that can run the sample in [Spring Tool Suite 3.6.0+](https://www.springsource.org/sts). Other IDE's should work using Gradle's IDE support, but have not been tested.
 
 * IDE Setup
   * Install Spring Tool Suite 3.6.0+
@@ -25,7 +25,7 @@ The following provides information on setting up a development environment that
 As of new versions of Spring Tool Suite, you might need to install Groovy Eclipse pointing directly to the updates plugin location. To install Groovy Eclipse on Spring Tool Suite based on Eclipse Oxigen you must do the following steps:
 
 Help->Install New Software...->Add the following URL into _Work with_ field:
-http://dist.springsource.org/snapshot/GRECLIPSE/e4.7/
+https://dist.springsource.org/snapshot/GRECLIPSE/e4.7/
 
 # Understand the basics 
 Not sure what a pull request is, or how to submit one? Take a look at GitHub's excellent [help documentation first](https://help.github.com/articles/using-pull-requests).
@@ -64,8 +64,8 @@ Please carefully follow the whitespace and formatting conventions already presen
 
 Whitespace management tips
 
-1. You can use the [AnyEdit Eclipse plugin](http://marketplace.eclipse.org/content/anyedit-tools) to ensure spaces are used and to clean up trailing whitespaces.
-1. Use git's pre-commit.sample hook to prevent invalid whitespace from being pushed out. You can enable it by moving ~/spring-security/.git/hooks/pre-commit.sample to ~/spring-security/.git/hooks/pre-commit and ensuring it is executable. For more information on hooks refer to [Pro Git's Pre-Commit Hook's section](http://git-scm.com/book/cs/ch7-3.html)
+1. You can use the [AnyEdit Eclipse plugin](https://marketplace.eclipse.org/content/anyedit-tools) to ensure spaces are used and to clean up trailing whitespaces.
+1. Use git's pre-commit.sample hook to prevent invalid whitespace from being pushed out. You can enable it by moving ~/spring-security/.git/hooks/pre-commit.sample to ~/spring-security/.git/hooks/pre-commit and ensuring it is executable. For more information on hooks refer to [Pro Git's Pre-Commit Hook's section](https://git-scm.com/book/cs/ch7-3.html)
 
 # Add Apache license header to all new classes
 
@@ -116,7 +116,7 @@ Search the codebase to find related unit tests and add additional `@Test` method
 2. New test methods should not start with test. This is an old JUnit3 convention and is not necessary since the method is annotated with @Test.
 
 # Update spring-security-x.y.rnc for schema changes
-Update the [RELAX NG](http://www.relaxng.org) schema `spring-security-x.y.rnc` instead of `spring-security-x.y.xsd` if you contribute changes to supported XML configuration. The XML schema file can be generated the following Gradle task:
+Update the [RELAX NG](https://relaxng.org/) schema `spring-security-x.y.rnc` instead of `spring-security-x.y.xsd` if you contribute changes to supported XML configuration. The XML schema file can be generated the following Gradle task:
 
 <pre>
 ./gradlew spring-security-config:rncToXsd
 
@@ -4,10 +4,10 @@ image:https://travis-ci.org/spring-projects/spring-security.svg?branch=master["B
 
 = Spring Security
 
-Spring Security provides security services for the http://docs.spring.io[Spring IO Platform]. Spring Security 5.0 requires Spring 5.0 as
+Spring Security provides security services for the https://docs.spring.io[Spring IO Platform]. Spring Security 5.0 requires Spring 5.0 as
 a minimum and also requires Java 8.
 
-For a detailed list of features and access to the latest release, please visit http://spring.io/projects[Spring projects].
+For a detailed list of features and access to the latest release, please visit https://spring.io/projects[Spring projects].
 
 == Code of Conduct
 This project adheres to the Contributor Covenant link:CODE_OF_CONDUCT.adoc[code of conduct].
@@ -17,19 +17,19 @@ By participating, you  are expected to uphold this code. Please report unaccepta
 See https://github.com/spring-projects/spring-framework/wiki/Downloading-Spring-artifacts[downloading Spring artifacts] for Maven repository information.
 
 == Documentation
-Be sure to read the http://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/[Spring Security Reference].
+Be sure to read the https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/[Spring Security Reference].
 Extensive JavaDoc for the Spring Security code is also available in the https://docs.spring.io/spring-security/site/docs/current/api/[Spring Security API Documentation].
 
 == Quick Start
-We recommend you visit http://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/[Spring Security Reference] and read the "Getting Started" page.
+We recommend you visit https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/[Spring Security Reference] and read the "Getting Started" page.
 
 == Building from Source
-Spring Security uses a http://gradle.org[Gradle]-based build system.
-In the instructions below, http://vimeo.com/34436402[`./gradlew`] is invoked from the root of the source tree and serves as
+Spring Security uses a https://gradle.org[Gradle]-based build system.
+In the instructions below, https://vimeo.com/34436402[`./gradlew`] is invoked from the root of the source tree and serves as
 a cross-platform, self-contained bootstrap mechanism for the build.
 
 === Prerequisites
-http://help.github.com/set-up-git-redirect[Git] and the http://www.oracle.com/technetwork/java/javase/downloads[JDK8 build].
+https://help.github.com/set-up-git-redirect[Git] and the https://www.oracle.com/technetwork/java/javase/downloads[JDK8 build].
 
 Be sure that your `JAVA_HOME` environment variable points to the `jdk1.8.0` folder extracted from the JDK download.
 
@@ -55,8 +55,8 @@ Discover more commands with `./gradlew tasks`.
 See also the https://github.com/spring-projects/spring-framework/wiki/Gradle-build-and-release-FAQ[Gradle build and release FAQ].
 
 == Getting Support
-Check out the http://stackoverflow.com/questions/tagged/spring-security[Spring Security tags on Stack Overflow].
-http://spring.io/services[Commercial support] is available too.
+Check out the https://stackoverflow.com/questions/tagged/spring-security[Spring Security tags on Stack Overflow].
+https://spring.io/services[Commercial support] is available too.
 
 == Contributing
 https://help.github.com/articles/creating-a-pull-request[Pull requests] are welcome; see the https://github.com/spring-projects/spring-security/blob/master/CONTRIBUTING.md[contributor guidelines] for details.
 
@@ -26,7 +26,7 @@
 
 /**
  * Caches tickets using a Spring IoC defined <a
- * href="http://ehcache.sourceforge.net">EHCACHE</a>.
+ * href="https://www.ehcache.org/">EHCACHE</a>.
  *
  * @author Ben Alex
  */
 
@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 /**
- * Spring Security support for Jasig's Central Authentication Service (<a href="http://www.jasig.org/cas">CAS</a>).
+ * Spring Security support for Jasig's Central Authentication Service (<a href="https://www.jasig.org/cas">CAS</a>).
  */
 package org.springframework.security.cas;
 
@@ -141,8 +141,8 @@ public InMemoryUserDetailsManagerConfigurer<AuthenticationManagerBuilder> inMemo
 	 *
 	 * <p>
 	 * When using with a persistent data store, it is best to add users external of
-	 * configuration using something like <a href="http://flywaydb.org/">Flyway</a> or <a
-	 * href="http://www.liquibase.org/">Liquibase</a> to create the schema and adding
+	 * configuration using something like <a href="https://flywaydb.org/">Flyway</a> or <a
+	 * href="https://www.liquibase.org/">Liquibase</a> to create the schema and adding
 	 * users to ensure these steps are only done once and that the optimal SQL is used.
 	 * </p>
 	 *
@@ -151,7 +151,7 @@ public InMemoryUserDetailsManagerConfigurer<AuthenticationManagerBuilder> inMemo
 	 * {@link #getDefaultUserDetailsService()} method. Note that additional
 	 * {@link UserDetailsService}'s may override this {@link UserDetailsService} as the
 	 * default. See the <a href=
-	 * "http://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/#user-schema"
+	 * "https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/#user-schema"
 	 * >User Schema</a> section of the reference for the default schema.
 	 * </p>
 	 *
 
@@ -204,17 +204,17 @@ private ApplicationContext getContext() {
 	 * 				.authenticationUserDetailsService(
 	 * 						new AutoProvisioningUserDetailsService())
 	 * 				.attributeExchange(&quot;https://www.google.com/.*&quot;).attribute(&quot;email&quot;)
-	 * 				.type(&quot;http://axschema.org/contact/email&quot;).required(true).and()
-	 * 				.attribute(&quot;firstname&quot;).type(&quot;http://axschema.org/namePerson/first&quot;)
+	 * 				.type(&quot;https://axschema.org/contact/email&quot;).required(true).and()
+	 * 				.attribute(&quot;firstname&quot;).type(&quot;https://axschema.org/namePerson/first&quot;)
 	 * 				.required(true).and().attribute(&quot;lastname&quot;)
-	 * 				.type(&quot;http://axschema.org/namePerson/last&quot;).required(true).and().and()
+	 * 				.type(&quot;https://axschema.org/namePerson/last&quot;).required(true).and().and()
 	 * 				.attributeExchange(&quot;.*yahoo.com.*&quot;).attribute(&quot;email&quot;)
-	 * 				.type(&quot;http://schema.openid.net/contact/email&quot;).required(true).and()
-	 * 				.attribute(&quot;fullname&quot;).type(&quot;http://axschema.org/namePerson&quot;)
+	 * 				.type(&quot;https://schema.openid.net/contact/email&quot;).required(true).and()
+	 * 				.attribute(&quot;fullname&quot;).type(&quot;https://axschema.org/namePerson&quot;)
 	 * 				.required(true).and().and().attributeExchange(&quot;.*myopenid.com.*&quot;)
-	 * 				.attribute(&quot;email&quot;).type(&quot;http://schema.openid.net/contact/email&quot;)
+	 * 				.attribute(&quot;email&quot;).type(&quot;https://schema.openid.net/contact/email&quot;)
 	 * 				.required(true).and().attribute(&quot;fullname&quot;)
-	 * 				.type(&quot;http://schema.openid.net/namePerson&quot;).required(true);
+	 * 				.type(&quot;https://schema.openid.net/namePerson&quot;).required(true);
 	 * 	}
 	 * }
 	 *
@@ -906,7 +906,7 @@ public FormLoginConfigurer<HttpSecurity> formLogin() throws Exception {
 	 *
 	 * The &quot;authentication flow&quot; is implemented using the <b>Authorization Code Grant</b>, as specified in the
 	 * <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1">OAuth 2.0 Authorization Framework</a>
-	 * and <a target="_blank" href="http://openid.net/specs/openid-connect-core-1_0.html#CodeFlowAuth">OpenID Connect Core 1.0</a>
+	 * and <a target="_blank" href="https://openid.net/specs/openid-connect-core-1_0.html#CodeFlowAuth">OpenID Connect Core 1.0</a>
 	 * specification.
 	 * <br>
 	 * <br>
@@ -982,7 +982,7 @@ public FormLoginConfigurer<HttpSecurity> formLogin() throws Exception {
 	 *
 	 * @since 5.0
 	 * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1">Section 4.1 Authorization Code Grant</a>
-	 * @see <a target="_blank" href="http://openid.net/specs/openid-connect-core-1_0.html#CodeFlowAuth">Section 3.1 Authorization Code Flow</a>
+	 * @see <a target="_blank" href="https://openid.net/specs/openid-connect-core-1_0.html#CodeFlowAuth">Section 3.1 Authorization Code Flow</a>
 	 * @see org.springframework.security.oauth2.client.registration.ClientRegistration
 	 * @see org.springframework.security.oauth2.client.registration.ClientRegistrationRepository
 	 * @return the {@link OAuth2LoginConfigurer} for further customizations
@@ -1030,7 +1030,7 @@ public OAuth2ResourceServerConfigurer<HttpSecurity> oauth2ResourceServer() throw
 	 * requiring HTTPS for some requests is supported, but not recommended since an
 	 * application that allows for HTTP introduces many security vulnerabilities. For one
 	 * such example, read about <a
-	 * href="http://en.wikipedia.org/wiki/Firesheep">Firesheep</a>.
+	 * href="https://en.wikipedia.org/wiki/Firesheep">Firesheep</a>.
 	 *
 	 * <pre>
 	 * &#064;Configuration
 
@@ -371,7 +371,7 @@ public ExpressionInterceptUrlRegistry hasAnyAuthority(String... authorities) {
 
 		/**
 		 * Specify that URLs requires a specific IP Address or <a href=
-		 * "http://forum.springsource.org/showthread.php?102783-How-to-use-hasIpAddress&p=343971#post343971"
+		 * "https://forum.spring.io/showthread.php?102783-How-to-use-hasIpAddress&p=343971#post343971"
 		 * >subnet</a>.
 		 *
 		 * @param ipaddressExpression the ipaddress (i.e. 192.168.1.79) or local subnet
 
@@ -108,7 +108,7 @@ public HeadersConfigurer<H> addHeaderWriter(HeaderWriter headerWriter) {
 
 	/**
 	 * Configures the {@link XContentTypeOptionsHeaderWriter} which inserts the <a href=
-	 * "http://msdn.microsoft.com/en-us/library/ie/gg622941(v=vs.85).aspx"
+	 * "https://msdn.microsoft.com/en-us/library/ie/gg622941(v=vs.85).aspx"
 	 * >X-Content-Type-Options</a>:
 	 *
 	 * <pre>
@@ -164,7 +164,7 @@ private ContentTypeOptionsConfig enable() {
 	 *
 	 * <p>
 	 * Allows customizing the {@link XXssProtectionHeaderWriter} which adds the <a href=
-	 * "http://blogs.msdn.com/b/ieinternals/archive/2011/01/31/controlling-the-internet-explorer-xss-filter-with-the-x-xss-protection-http-header.aspx"
+	 * "https://blogs.msdn.com/b/ieinternals/archive/2011/01/31/controlling-the-internet-explorer-xss-filter-with-the-x-xss-protection-http-header.aspx"
 	 * >X-XSS-Protection header</a>
 	 * </p>
 	 *
@@ -310,7 +310,7 @@ private CacheControlConfig enable() {
 
 	/**
 	 * Allows customizing the {@link HstsHeaderWriter} which provides support for <a
-	 * href="http://tools.ietf.org/html/rfc6797">HTTP Strict Transport Security
+	 * href="https://tools.ietf.org/html/rfc6797">HTTP Strict Transport Security
 	 * (HSTS)</a>.
 	 *
 	 * @return the {@link HeadersConfigurer} for additional customizations
@@ -335,7 +335,7 @@ private HstsConfig() {
 		 * <p>
 		 * This instructs browsers how long to remember to keep this domain as a known
 		 * HSTS Host. See <a
-		 * href="http://tools.ietf.org/html/rfc6797#section-6.1.1">Section 6.1.1</a> for
+		 * href="https://tools.ietf.org/html/rfc6797#section-6.1.1">Section 6.1.1</a> for
 		 * additional details.
 		 * </p>
 		 *
@@ -368,7 +368,7 @@ public HstsConfig requestMatcher(RequestMatcher requestMatcher) {
 		 * </p>
 		 *
 		 * <p>
-		 * See <a href="http://tools.ietf.org/html/rfc6797#section-6.1.2">Section
+		 * See <a href="https://tools.ietf.org/html/rfc6797#section-6.1.2">Section
 		 * 6.1.2</a> for additional details.
 		 * </p>
 		 *
@@ -506,7 +506,7 @@ private FrameOptionsConfig enable() {
 
 	/**
 	 * Allows customizing the {@link HpkpHeaderWriter} which provides support for <a
-	 * href="http://tools.ietf.org/html/rfc7469">HTTP Public Key Pinning (HPKP)</a>.
+	 * href="https://tools.ietf.org/html/rfc7469">HTTP Public Key Pinning (HPKP)</a>.
 	 *
 	 * @return the {@link HeadersConfigurer} for additional customizations
 	 *
@@ -529,7 +529,7 @@ private HpkpConfig() {}
 		 * <p>
 		 * The pin directive specifies a way for web host operators to indicate
 		 * a cryptographic identity that should be bound to a given web host.
-		 * See <a href="http://tools.ietf.org/html/rfc7469#section-2.1.1">Section 2.1.1</a> for additional details.
+		 * See <a href="https://tools.ietf.org/html/rfc7469#section-2.1.1">Section 2.1.1</a> for additional details.
 		 * </p>
 		 *
 		 * @param pins the map of base64-encoded SPKI fingerprint &amp; cryptographic hash algorithm pairs.
@@ -548,7 +548,7 @@ public HpkpConfig withPins(Map<String, String> pins) {
 		 * <p>
 		 * The pin directive specifies a way for web host operators to indicate
 		 * a cryptographic identity that should be bound to a given web host.
-		 * See <a href="http://tools.ietf.org/html/rfc7469#section-2.1.1">Section 2.1.1</a> for additional details.
+		 * See <a href="https://tools.ietf.org/html/rfc7469#section-2.1.1">Section 2.1.1</a> for additional details.
 		 * </p>
 		 *
 		 * @param pins a list of base64-encoded SPKI fingerprints.
@@ -567,7 +567,7 @@ public HpkpConfig addSha256Pins(String ... pins) {
 		 *
 		 * <p>
 		 * This instructs browsers how long they should regard the host (from whom the message was received)
-		 * as a known pinned host. See <a href="http://tools.ietf.org/html/rfc7469#section-2.1.2">Section
+		 * as a known pinned host. See <a href="https://tools.ietf.org/html/rfc7469#section-2.1.2">Section
 		 * 2.1.2</a> for additional details.
 		 * </p>
 		 *
@@ -587,7 +587,7 @@ public HpkpConfig maxAgeInSeconds(long maxAgeInSeconds) {
 		 * </p>
 		 *
 		 * <p>
-		 * See <a href="http://tools.ietf.org/html/rfc7469#section-2.1.3">Section 2.1.3</a>
+		 * See <a href="https://tools.ietf.org/html/rfc7469#section-2.1.3">Section 2.1.3</a>
 		 * for additional details.
 		 * </p>
 		 *
@@ -604,7 +604,7 @@ public HpkpConfig includeSubDomains(boolean includeSubDomains) {
 		 * </p>
 		 *
 		 * <p>
-		 * See <a href="http://tools.ietf.org/html/rfc7469#section-2.1">Section 2.1</a>
+		 * See <a href="https://tools.ietf.org/html/rfc7469#section-2.1">Section 2.1</a>
 		 * for additional details.
 		 * </p>
 		 *
@@ -621,7 +621,7 @@ public HpkpConfig reportOnly(boolean reportOnly) {
 		 * </p>
 		 *
 		 * <p>
-		 * See <a href="http://tools.ietf.org/html/rfc7469#section-2.1.4">Section 2.1.4</a>
+		 * See <a href="https://tools.ietf.org/html/rfc7469#section-2.1.4">Section 2.1.4</a>
 		 * for additional details.
 		 * </p>
 		 *
@@ -638,7 +638,7 @@ public HpkpConfig reportUri(URI reportUri) {
 		 * </p>
 		 *
 		 * <p>
-		 * See <a href="http://tools.ietf.org/html/rfc7469#section-2.1.4">Section 2.1.4</a>
+		 * See <a href="https://tools.ietf.org/html/rfc7469#section-2.1.4">Section 2.1.4</a>
 		 * for additional details.
 		 * </p>
 		 *
 
@@ -129,7 +129,7 @@ public LogoutConfigurer<H> invalidateHttpSession(boolean invalidateHttpSession)
 	 * <p>
 	 * It is considered best practice to use an HTTP POST on any action that changes state
 	 * (i.e. log out) to protect against <a
-	 * href="http://en.wikipedia.org/wiki/Cross-site_request_forgery">CSRF attacks</a>. If
+	 * href="https://en.wikipedia.org/wiki/Cross-site_request_forgery">CSRF attacks</a>. If
 	 * you really want to use an HTTP GET, you can use
 	 * <code>logoutRequestMatcher(new AntPathRequestMatcher(logoutUrl, "GET"));</code>
 	 * </p>
 
@@ -640,7 +640,7 @@ public Authentication authenticate(Authentication authentication) throws Authent
 			OAuth2LoginAuthenticationToken authorizationCodeAuthentication =
 				(OAuth2LoginAuthenticationToken) authentication;
 
-			// Section 3.1.2.1 Authentication Request - http://openid.net/specs/openid-connect-core-1_0.html#AuthRequest
+			// Section 3.1.2.1 Authentication Request - https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest
 			// scope
 			// 		REQUIRED. OpenID Connect requests MUST contain the "openid" scope value.
 			if (authorizationCodeAuthentication.getAuthorizationExchange()
Original file line number	Diff line number	Diff line change
`@@ -26,7 +26,7 @@`
`26`	`26`
`27`	`27`	`/**`
`28`	`28`	`* Caches tickets using a Spring IoC defined <a`
`29`		`- * href="http://ehcache.sourceforge.net">EHCACHE</a>.`
	`29`	`+ * href="https://www.ehcache.org/">EHCACHE</a>.`
`30`	`30`	`*`
`31`	`31`	`* @author Ben Alex`
`32`	`32`	`*/`
Original file line number	Diff line number	Diff line change
`@@ -141,8 +141,8 @@ public InMemoryUserDetailsManagerConfigurer<AuthenticationManagerBuilder> inMemo`
`141`	`141`	`*`
`142`	`142`	`* <p>`
`143`	`143`	`* When using with a persistent data store, it is best to add users external of`
`144`		`- * configuration using something like <a href="http://flywaydb.org/">Flyway</a> or <a`
`145`		`- * href="http://www.liquibase.org/">Liquibase</a> to create the schema and adding`
	`144`	`+ * configuration using something like <a href="https://flywaydb.org/">Flyway</a> or <a`
	`145`	`+ * href="https://www.liquibase.org/">Liquibase</a> to create the schema and adding`
`146`	`146`	`* users to ensure these steps are only done once and that the optimal SQL is used.`
`147`	`147`	`* </p>`
`148`	`148`	`*`
`@@ -151,7 +151,7 @@ public InMemoryUserDetailsManagerConfigurer<AuthenticationManagerBuilder> inMemo`
`151`	`151`	`* {@link #getDefaultUserDetailsService()} method. Note that additional`
`152`	`152`	`* {@link UserDetailsService}'s may override this {@link UserDetailsService} as the`
`153`	`153`	`* default. See the <a href=`
`154`		`- * "http://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/#user-schema"`
	`154`	`+ * "https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/#user-schema"`
`155`	`155`	`* >User Schema</a> section of the reference for the default schema.`
`156`	`156`	`* </p>`
`157`	`157`	`*`
Original file line number	Diff line number	Diff line change
`@@ -371,7 +371,7 @@ public ExpressionInterceptUrlRegistry hasAnyAuthority(String... authorities) {`
`371`	`371`
`372`	`372`	`/**`
`373`	`373`	`* Specify that URLs requires a specific IP Address or <a href=`
`374`		`- * "http://forum.springsource.org/showthread.php?102783-How-to-use-hasIpAddress&p=343971#post343971"`
	`374`	`+ * "https://forum.spring.io/showthread.php?102783-How-to-use-hasIpAddress&p=343971#post343971"`
`375`	`375`	`* >subnet</a>.`
`376`	`376`	`*`
`377`	`377`	`* @param ipaddressExpression the ipaddress (i.e. 192.168.1.79) or local subnet`
Original file line number	Diff line number	Diff line change
`@@ -108,7 +108,7 @@ public HeadersConfigurer<H> addHeaderWriter(HeaderWriter headerWriter) {`
`108`	`108`
`109`	`109`	`/**`
`110`	`110`	`* Configures the {@link XContentTypeOptionsHeaderWriter} which inserts the <a href=`
`111`		`- * "http://msdn.microsoft.com/en-us/library/ie/gg622941(v=vs.85).aspx"`
	`111`	`+ * "https://msdn.microsoft.com/en-us/library/ie/gg622941(v=vs.85).aspx"`
`112`	`112`	`* >X-Content-Type-Options</a>:`
`113`	`113`	`*`
`114`	`114`	`* <pre>`
`@@ -164,7 +164,7 @@ private ContentTypeOptionsConfig enable() {`
`164`	`164`	`*`
`165`	`165`	`* <p>`
`166`	`166`	`* Allows customizing the {@link XXssProtectionHeaderWriter} which adds the <a href=`
`167`		`- * "http://blogs.msdn.com/b/ieinternals/archive/2011/01/31/controlling-the-internet-explorer-xss-filter-with-the-x-xss-protection-http-header.aspx"`
	`167`	`+ * "https://blogs.msdn.com/b/ieinternals/archive/2011/01/31/controlling-the-internet-explorer-xss-filter-with-the-x-xss-protection-http-header.aspx"`
`168`	`168`	`* >X-XSS-Protection header</a>`
`169`	`169`	`* </p>`
`170`	`170`	`*`
`@@ -310,7 +310,7 @@ private CacheControlConfig enable() {`
`310`	`310`
`311`	`311`	`/**`
`312`	`312`	`* Allows customizing the {@link HstsHeaderWriter} which provides support for <a`
`313`		`- * href="http://tools.ietf.org/html/rfc6797">HTTP Strict Transport Security`
	`313`	`+ * href="https://tools.ietf.org/html/rfc6797">HTTP Strict Transport Security`
`314`	`314`	`* (HSTS)</a>.`
`315`	`315`	`*`
`316`	`316`	`* @return the {@link HeadersConfigurer} for additional customizations`
`@@ -335,7 +335,7 @@ private HstsConfig() {`
`335`	`335`	`* <p>`
`336`	`336`	`* This instructs browsers how long to remember to keep this domain as a known`
`337`	`337`	`* HSTS Host. See <a`
`338`		`- * href="http://tools.ietf.org/html/rfc6797#section-6.1.1">Section 6.1.1</a> for`
	`338`	`+ * href="https://tools.ietf.org/html/rfc6797#section-6.1.1">Section 6.1.1</a> for`
`339`	`339`	`* additional details.`
`340`	`340`	`* </p>`
`341`	`341`	`*`
`@@ -368,7 +368,7 @@ public HstsConfig requestMatcher(RequestMatcher requestMatcher) {`
`368`	`368`	`* </p>`
`369`	`369`	`*`
`370`	`370`	`* <p>`
`371`		`- * See <a href="http://tools.ietf.org/html/rfc6797#section-6.1.2">Section`
	`371`	`+ * See <a href="https://tools.ietf.org/html/rfc6797#section-6.1.2">Section`
`372`	`372`	`* 6.1.2</a> for additional details.`
`373`	`373`	`* </p>`
`374`	`374`	`*`
`@@ -506,7 +506,7 @@ private FrameOptionsConfig enable() {`
`506`	`506`
`507`	`507`	`/**`
`508`	`508`	`* Allows customizing the {@link HpkpHeaderWriter} which provides support for <a`
`509`		`- * href="http://tools.ietf.org/html/rfc7469">HTTP Public Key Pinning (HPKP)</a>.`
	`509`	`+ * href="https://tools.ietf.org/html/rfc7469">HTTP Public Key Pinning (HPKP)</a>.`
`510`	`510`	`*`
`511`	`511`	`* @return the {@link HeadersConfigurer} for additional customizations`
`512`	`512`	`*`
`@@ -529,7 +529,7 @@ private HpkpConfig() {}`
`529`	`529`	`* <p>`
`530`	`530`	`* The pin directive specifies a way for web host operators to indicate`
`531`	`531`	`* a cryptographic identity that should be bound to a given web host.`
`532`		`- * See <a href="http://tools.ietf.org/html/rfc7469#section-2.1.1">Section 2.1.1</a> for additional details.`
	`532`	`+ * See <a href="https://tools.ietf.org/html/rfc7469#section-2.1.1">Section 2.1.1</a> for additional details.`
`533`	`533`	`* </p>`
`534`	`534`	`*`
`535`	`535`	`* @param pins the map of base64-encoded SPKI fingerprint & cryptographic hash algorithm pairs.`
`@@ -548,7 +548,7 @@ public HpkpConfig withPins(Map<String, String> pins) {`
`548`	`548`	`* <p>`
`549`	`549`	`* The pin directive specifies a way for web host operators to indicate`
`550`	`550`	`* a cryptographic identity that should be bound to a given web host.`
`551`		`- * See <a href="http://tools.ietf.org/html/rfc7469#section-2.1.1">Section 2.1.1</a> for additional details.`
	`551`	`+ * See <a href="https://tools.ietf.org/html/rfc7469#section-2.1.1">Section 2.1.1</a> for additional details.`
`552`	`552`	`* </p>`
`553`	`553`	`*`
`554`	`554`	`* @param pins a list of base64-encoded SPKI fingerprints.`
`@@ -567,7 +567,7 @@ public HpkpConfig addSha256Pins(String ... pins) {`
`567`	`567`	`*`
`568`	`568`	`* <p>`
`569`	`569`	`* This instructs browsers how long they should regard the host (from whom the message was received)`
`570`		`- * as a known pinned host. See <a href="http://tools.ietf.org/html/rfc7469#section-2.1.2">Section`
	`570`	`+ * as a known pinned host. See <a href="https://tools.ietf.org/html/rfc7469#section-2.1.2">Section`
`571`	`571`	`* 2.1.2</a> for additional details.`
`572`	`572`	`* </p>`
`573`	`573`	`*`
`@@ -587,7 +587,7 @@ public HpkpConfig maxAgeInSeconds(long maxAgeInSeconds) {`
`587`	`587`	`* </p>`
`588`	`588`	`*`
`589`	`589`	`* <p>`
`590`		`- * See <a href="http://tools.ietf.org/html/rfc7469#section-2.1.3">Section 2.1.3</a>`
	`590`	`+ * See <a href="https://tools.ietf.org/html/rfc7469#section-2.1.3">Section 2.1.3</a>`
`591`	`591`	`* for additional details.`
`592`	`592`	`* </p>`
`593`	`593`	`*`
`@@ -604,7 +604,7 @@ public HpkpConfig includeSubDomains(boolean includeSubDomains) {`
`604`	`604`	`* </p>`
`605`	`605`	`*`
`606`	`606`	`* <p>`
`607`		`- * See <a href="http://tools.ietf.org/html/rfc7469#section-2.1">Section 2.1</a>`
	`607`	`+ * See <a href="https://tools.ietf.org/html/rfc7469#section-2.1">Section 2.1</a>`
`608`	`608`	`* for additional details.`
`609`	`609`	`* </p>`
`610`	`610`	`*`
`@@ -621,7 +621,7 @@ public HpkpConfig reportOnly(boolean reportOnly) {`
`621`	`621`	`* </p>`
`622`	`622`	`*`
`623`	`623`	`* <p>`
`624`		`- * See <a href="http://tools.ietf.org/html/rfc7469#section-2.1.4">Section 2.1.4</a>`
	`624`	`+ * See <a href="https://tools.ietf.org/html/rfc7469#section-2.1.4">Section 2.1.4</a>`
`625`	`625`	`* for additional details.`
`626`	`626`	`* </p>`
`627`	`627`	`*`
`@@ -638,7 +638,7 @@ public HpkpConfig reportUri(URI reportUri) {`
`638`	`638`	`* </p>`
`639`	`639`	`*`
`640`	`640`	`* <p>`
`641`		`- * See <a href="http://tools.ietf.org/html/rfc7469#section-2.1.4">Section 2.1.4</a>`
	`641`	`+ * See <a href="https://tools.ietf.org/html/rfc7469#section-2.1.4">Section 2.1.4</a>`
`642`	`642`	`* for additional details.`
`643`	`643`	`* </p>`
`644`	`644`	`*`