From c4d94f56238ce873b08c968a4d5d1eb23c3be0c2 Mon Sep 17 00:00:00 2001 From: Wei-Chiu Chuang Date: Wed, 24 Aug 2022 08:16:49 +0800 Subject: [PATCH] HADOOP-18333. Upgrade jetty version to 9.4.48.v20220622 (#4600) * HADOOP-18001. Upgrade jetty version to 9.4.44 (#3700). Contributed by Yuan Luo. Signed-off-by: Ayush Saxena (cherry picked from commit b85c66a035b3091dd5269e39cfb9b0b3e82a8637) * HADOOP-18333.Upgrade jetty version to 9.4.48.v20220622 (#4553) Co-authored-by: Ashutosh Gupta (cherry picked from commit e664f81ce720e1f2aecfd795656538cfd171a2a0) Conflicts: LICENSE-binary Change-Id: I5a758df2551539c2780e170c3738c5b21eb0c79d Co-authored-by: better3471 <46600375+better3471@users.noreply.github.com> Co-authored-by: Ashutosh Gupta --- LICENSE-binary | 34 ++++++++----------- .../org/apache/hadoop/http/HttpServer2.java | 6 ++-- hadoop-project/pom.xml | 2 +- 3 files changed, 18 insertions(+), 24 deletions(-) diff --git a/LICENSE-binary b/LICENSE-binary index 7da76cc0ce8..b2b5a3cecda 100644 --- a/LICENSE-binary +++ b/LICENSE-binary @@ -352,26 +352,20 @@ org.codehaus.jackson:jackson-jaxrs:1.9.13 org.codehaus.jackson:jackson-mapper-asl:1.9.13 org.codehaus.jackson:jackson-xc:1.9.13 org.codehaus.jettison:jettison:1.1 -org.eclipse.jetty:jetty-annotations:9.4.40.v20210413 -org.eclipse.jetty:jetty-client:9.4.40.v20210413 -org.eclipse.jetty:jetty-http:9.4.40.v20210413 -org.eclipse.jetty:jetty-io:9.4.40.v20210413 -org.eclipse.jetty:jetty-jndi:9.4.40.v20210413 -org.eclipse.jetty:jetty-plus:9.4.40.v20210413 -org.eclipse.jetty:jetty-security:9.4.40.v20210413 -org.eclipse.jetty:jetty-server:9.4.40.v20210413 -org.eclipse.jetty:jetty-servlet:9.4.40.v20210413 -org.eclipse.jetty:jetty-util:9.4.40.v20210413 -org.eclipse.jetty:jetty-util-ajax:9.4.40.v20210413 -org.eclipse.jetty:jetty-webapp:9.4.40.v20210413 -org.eclipse.jetty:jetty-xml:9.4.40.v20210413 -org.eclipse.jetty.websocket:javax-websocket-client-impl:9.4.40.v20210413 -org.eclipse.jetty.websocket:javax-websocket-server-impl:9.4.40.v20210413 -org.eclipse.jetty.websocket:websocket-api:9.4.40.v20210413 -org.eclipse.jetty.websocket:websocket-client:9.4.40.v20210413 -org.eclipse.jetty.websocket:websocket-common:9.4.40.v20210413 -org.eclipse.jetty.websocket:websocket-server:9.4.40.v20210413 -org.eclipse.jetty.websocket:websocket-servlet:9.4.40.v20210413 +org.eclipse.jetty:jetty-annotations:9.4.48.v20220622 +org.eclipse.jetty:jetty-http:9.4.48.v20220622 +org.eclipse.jetty:jetty-io:9.4.48.v20220622 +org.eclipse.jetty:jetty-jndi:9.4.48.v20220622 +org.eclipse.jetty:jetty-plus:9.4.48.v20220622 +org.eclipse.jetty:jetty-security:9.4.48.v20220622 +org.eclipse.jetty:jetty-server:9.4.48.v20220622 +org.eclipse.jetty:jetty-servlet:9.4.48.v20220622 +org.eclipse.jetty:jetty-util:9.4.48.v20220622 +org.eclipse.jetty:jetty-util-ajax:9.4.48.v20220622 +org.eclipse.jetty:jetty-webapp:9.4.48.v20220622 +org.eclipse.jetty:jetty-xml:9.4.48.v20220622 +org.eclipse.jetty.websocket:javax-websocket-client-impl:9.4.48.v20220622 +org.eclipse.jetty.websocket:javax-websocket-server-impl:9.4.48.v20220622 org.ehcache:ehcache:3.3.1 org.lz4:lz4-java:1.7.1 org.objenesis:objenesis:2.6 diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java index 48c606788d0..8dadbe390a5 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java @@ -95,7 +95,7 @@ import org.eclipse.jetty.server.SecureRequestCustomizer; import org.eclipse.jetty.server.Server; import org.eclipse.jetty.server.ServerConnector; import org.eclipse.jetty.server.SslConnectionFactory; -import org.eclipse.jetty.server.handler.AllowSymLinkAliasChecker; +import org.eclipse.jetty.server.SymlinkAllowedResourceAliasChecker; import org.eclipse.jetty.server.handler.ContextHandlerCollection; import org.eclipse.jetty.server.handler.HandlerCollection; import org.eclipse.jetty.server.handler.RequestLogHandler; @@ -872,7 +872,7 @@ public final class HttpServer2 implements FilterContainer { handler.setHttpOnly(true); handler.getSessionCookieConfig().setSecure(true); logContext.setSessionHandler(handler); - logContext.addAliasCheck(new AllowSymLinkAliasChecker()); + logContext.addAliasCheck(new SymlinkAllowedResourceAliasChecker(logContext)); setContextAttributes(logContext, conf); addNoCacheFilter(logContext); defaultContexts.put(logContext, true); @@ -891,7 +891,7 @@ public final class HttpServer2 implements FilterContainer { handler.setHttpOnly(true); handler.getSessionCookieConfig().setSecure(true); staticContext.setSessionHandler(handler); - staticContext.addAliasCheck(new AllowSymLinkAliasChecker()); + staticContext.addAliasCheck(new SymlinkAllowedResourceAliasChecker(staticContext)); setContextAttributes(staticContext, conf); defaultContexts.put(staticContext, true); } diff --git a/hadoop-project/pom.xml b/hadoop-project/pom.xml index 8a44fcad5d7..c23bbe2d7af 100644 --- a/hadoop-project/pom.xml +++ b/hadoop-project/pom.xml @@ -37,7 +37,7 @@ true true - 9.4.43.v20210629 + 9.4.48.v20220622 _ _