Apache
/
hadoop
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

HADOOP-7093. Servlets should default to text/plain. Contributed by Todd Lipcon 

git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1058822 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Todd Lipcon 2011-01-14 01:08:18 +00:00
parent f395f67d62
commit ee27b8ea64
6 changed files with 83 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGES.txt
View File

@ -438,6 +438,8 @@ Release 0.22.0 - Unreleased
HADOOP-7097. JAVA_LIBRARY_PATH missing base directory. (Noah Watkins via HADOOP-7097. JAVA_LIBRARY_PATH missing base directory. (Noah Watkins via
todd) todd)
HADOOP-7093. Servlets should default to text/plain (todd)
Release 0.21.1 - Unreleased Release 0.21.1 - Unreleased
IMPROVEMENTS IMPROVEMENTS

6
src/java/org/apache/hadoop/conf/ConfServlet.java
View File

@ -69,12 +69,12 @@ public class ConfServlet extends HttpServlet {
} }
if (FORMAT_XML.equals(format)) { if (FORMAT_XML.equals(format)) {
response.setContentType("text/xml"); response.setContentType("text/xml; charset=utf-8");
} else if (FORMAT_JSON.equals(format)) { } else if (FORMAT_JSON.equals(format)) {
response.setContentType("text/javascript"); response.setContentType("application/json; charset=utf-8");
} }
OutputStreamWriter out = new OutputStreamWriter(response.getOutputStream()); Writer out = response.getWriter();
try { try {
writeResponse(getConfFromContext(), out, format); writeResponse(getConfFromContext(), out, format);
} catch (BadFormatException bfe) { } catch (BadFormatException bfe) {

11
src/java/org/apache/hadoop/http/HttpServer.java
View File

@ -739,8 +739,7 @@ public class HttpServer implements FilterContainer {
return; return;
} }
PrintWriter out = new PrintWriter PrintWriter out = response.getWriter();
(HtmlQuoting.quoteOutputStream(response.getOutputStream()));
ReflectionUtils.printThreadInfo(out, ""); ReflectionUtils.printThreadInfo(out, "");
out.close(); out.close();
ReflectionUtils.logThreadInfo(LOG, "jsp requested", 1); ReflectionUtils.logThreadInfo(LOG, "jsp requested", 1);
@ -858,12 +857,16 @@ public class HttpServer implements FilterContainer {
HttpServletResponse httpResponse = (HttpServletResponse) response; HttpServletResponse httpResponse = (HttpServletResponse) response;
String mime = inferMimeType(request); String mime = inferMimeType(request);
if (mime == null || mime.equals("text/html")) { if (mime == null) {
// no extension or HTML with unspecified encoding, we want to httpResponse.setContentType("text/plain; charset=utf-8");
} else if (mime.startsWith("text/html")) {
// HTML with unspecified encoding, we want to
// force HTML with utf-8 encoding // force HTML with utf-8 encoding
// This is to avoid the following security issue: // This is to avoid the following security issue:
// http://openmya.hacker.jp/hasegawa/security/utf7cs.html // http://openmya.hacker.jp/hasegawa/security/utf7cs.html
httpResponse.setContentType("text/html; charset=utf-8"); httpResponse.setContentType("text/html; charset=utf-8");
} else if (mime.startsWith("application/xml")) {
httpResponse.setContentType("text/xml; charset=utf-8");
} }
chain.doFilter(quoted, httpResponse); chain.doFilter(quoted, httpResponse);
} }

19
src/java/org/apache/hadoop/metrics/MetricsServlet.java
View File

@ -112,17 +112,26 @@ public class MetricsServlet extends HttpServlet {
return; return;
} }
PrintWriter out = new PrintWriter(response.getOutputStream());
String format = request.getParameter("format"); String format = request.getParameter("format");
Collection<MetricsContext> allContexts = Collection<MetricsContext> allContexts =
ContextFactory.getFactory().getAllContexts(); ContextFactory.getFactory().getAllContexts();
if ("json".equals(format)) { if ("json".equals(format)) {
// Uses Jetty's built-in JSON support to convert the map into JSON. response.setContentType("application/json; charset=utf-8");
out.print(new JSON().toJSON(makeMap(allContexts))); PrintWriter out = response.getWriter();
try {
// Uses Jetty's built-in JSON support to convert the map into JSON.
out.print(new JSON().toJSON(makeMap(allContexts)));
} finally {
out.close();
}
} else { } else {
printMap(out, makeMap(allContexts)); PrintWriter out = response.getWriter();
try {
printMap(out, makeMap(allContexts));
} finally {
out.close();
}
} }
out.close();
} }
/** /**

42
src/test/core/org/apache/hadoop/http/TestHttpServer.java
View File

@ -19,6 +19,7 @@ package org.apache.hadoop.http;
import java.io.IOException; import java.io.IOException;
import java.io.PrintStream; import java.io.PrintStream;
import java.io.PrintWriter;
import java.net.URLConnection; import java.net.URLConnection;
import java.net.HttpURLConnection; import java.net.HttpURLConnection;
import java.net.URL; import java.net.URL;
@ -67,7 +68,7 @@ public class TestHttpServer extends HttpServerFunctionalTest {
public void doGet(HttpServletRequest request, public void doGet(HttpServletRequest request,
HttpServletResponse response HttpServletResponse response
) throws ServletException, IOException { ) throws ServletException, IOException {
PrintStream out = new PrintStream(response.getOutputStream()); PrintWriter out = response.getWriter();
Map<String, String[]> params = request.getParameterMap(); Map<String, String[]> params = request.getParameterMap();
SortedSet<String> keys = new TreeSet(params.keySet()); SortedSet<String> keys = new TreeSet(params.keySet());
for(String key: keys) { for(String key: keys) {
@ -94,7 +95,7 @@ public class TestHttpServer extends HttpServerFunctionalTest {
public void doGet(HttpServletRequest request, public void doGet(HttpServletRequest request,
HttpServletResponse response HttpServletResponse response
) throws ServletException, IOException { ) throws ServletException, IOException {
PrintStream out = new PrintStream(response.getOutputStream()); PrintWriter out = response.getWriter();
SortedSet<String> sortedKeys = new TreeSet(); SortedSet<String> sortedKeys = new TreeSet();
Enumeration<String> keys = request.getParameterNames(); Enumeration<String> keys = request.getParameterNames();
while(keys.hasMoreElements()) { while(keys.hasMoreElements()) {
@ -110,10 +111,25 @@ public class TestHttpServer extends HttpServerFunctionalTest {
} }
} }
@SuppressWarnings("serial")
public static class HtmlContentServlet extends HttpServlet {
@SuppressWarnings("unchecked")
@Override
public void doGet(HttpServletRequest request,
HttpServletResponse response
) throws ServletException, IOException {
response.setContentType("text/html");
PrintWriter out = response.getWriter();
out.print("hello world");
out.close();
}
}
@BeforeClass public static void setup() throws Exception { @BeforeClass public static void setup() throws Exception {
server = createTestServer(); server = createTestServer();
server.addServlet("echo", "/echo", EchoServlet.class); server.addServlet("echo", "/echo", EchoServlet.class);
server.addServlet("echomap", "/echomap", EchoMapServlet.class); server.addServlet("echomap", "/echomap", EchoMapServlet.class);
server.addServlet("htmlcontent", "/htmlcontent", HtmlContentServlet.class);
server.start(); server.start();
baseUrl = getServerURL(server); baseUrl = getServerURL(server);
} }
@ -176,16 +192,30 @@ public class TestHttpServer extends HttpServerFunctionalTest {
assertEquals(200, conn.getResponseCode()); assertEquals(200, conn.getResponseCode());
assertEquals("text/css", conn.getContentType()); assertEquals("text/css", conn.getContentType());
// Servlets should have text/html with proper encoding // Servlets should have text/plain with proper encoding by default
URL servletUrl = new URL(baseUrl, "/echo?a=b"); URL servletUrl = new URL(baseUrl, "/echo?a=b");
conn = (HttpURLConnection)servletUrl.openConnection(); conn = (HttpURLConnection)servletUrl.openConnection();
conn.connect(); conn.connect();
assertEquals(200, conn.getResponseCode()); assertEquals(200, conn.getResponseCode());
assertEquals("text/plain; charset=utf-8", conn.getContentType());
// We should ignore parameters for mime types - ie a parameter
// ending in .css should not change mime type
servletUrl = new URL(baseUrl, "/echo?a=b.css");
conn = (HttpURLConnection)servletUrl.openConnection();
conn.connect();
assertEquals(200, conn.getResponseCode());
assertEquals("text/plain; charset=utf-8", conn.getContentType());
// Servlets that specify text/html should get that content type
servletUrl = new URL(baseUrl, "/htmlcontent");
conn = (HttpURLConnection)servletUrl.openConnection();
conn.connect();
assertEquals(200, conn.getResponseCode());
assertEquals("text/html; charset=utf-8", conn.getContentType()); assertEquals("text/html; charset=utf-8", conn.getContentType());
// We should ignore parameters for mime types - ie a parameter // JSPs should default to text/html with utf8
// ending in .css should not change mime type servletUrl = new URL(baseUrl, "/testjsp.jsp");
servletUrl = new URL(baseUrl, "/echo?a=b.css");
conn = (HttpURLConnection)servletUrl.openConnection(); conn = (HttpURLConnection)servletUrl.openConnection();
conn.connect(); conn.connect();
assertEquals(200, conn.getResponseCode()); assertEquals(200, conn.getResponseCode());

21
src/test/test-webapps/test/testjsp.jsp Normal file
View File

@ -0,0 +1,21 @@
<?xml version="1.0" encoding="UTF-8"?><%!
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
%>
<%@ page contentType="text/html; charset=UTF-8" %>
Hello world!