Ported circular redirect check
git-svn-id: https://svn.apache.org/repos/asf/jakarta/httpcomponents/httpclient/trunk@537567 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
e7f0a20c5e
commit
69fa4fa732
|
@ -0,0 +1,70 @@
|
||||||
|
/*
|
||||||
|
* $HeadURL$
|
||||||
|
* $Revision$
|
||||||
|
* $Date$
|
||||||
|
*
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* Licensed to the Apache Software Foundation (ASF) under one or more
|
||||||
|
* contributor license agreements. See the NOTICE file distributed with
|
||||||
|
* this work for additional information regarding copyright ownership.
|
||||||
|
* The ASF licenses this file to You under the Apache License, Version 2.0
|
||||||
|
* (the "License"); you may not use this file except in compliance with
|
||||||
|
* the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This software consists of voluntary contributions made by many
|
||||||
|
* individuals on behalf of the Apache Software Foundation. For more
|
||||||
|
* information on the Apache Software Foundation, please see
|
||||||
|
* <http://www.apache.org/>.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.apache.http.client;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Signals a circular redirect
|
||||||
|
*
|
||||||
|
* @author <a href="mailto:oleg@ural.ru">Oleg Kalnichevski</a>
|
||||||
|
*
|
||||||
|
* @since 3.0
|
||||||
|
*/
|
||||||
|
public class CircularRedirectException extends RedirectException {
|
||||||
|
|
||||||
|
private static final long serialVersionUID = 6830063487001091803L;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Creates a new CircularRedirectException with a <tt>null</tt> detail message.
|
||||||
|
*/
|
||||||
|
public CircularRedirectException() {
|
||||||
|
super();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Creates a new CircularRedirectException with the specified detail message.
|
||||||
|
*
|
||||||
|
* @param message The exception detail message
|
||||||
|
*/
|
||||||
|
public CircularRedirectException(String message) {
|
||||||
|
super(message);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Creates a new CircularRedirectException with the specified detail message and cause.
|
||||||
|
*
|
||||||
|
* @param message the exception detail message
|
||||||
|
* @param cause the <tt>Throwable</tt> that caused this exception, or <tt>null</tt>
|
||||||
|
* if the cause is unavailable, unknown, or not a <tt>Throwable</tt>
|
||||||
|
*/
|
||||||
|
public CircularRedirectException(String message, Throwable cause) {
|
||||||
|
super(message, cause);
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,72 @@
|
||||||
|
/*
|
||||||
|
* $HeadURL$
|
||||||
|
* $Revision$
|
||||||
|
* $Date$
|
||||||
|
*
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* Licensed to the Apache Software Foundation (ASF) under one or more
|
||||||
|
* contributor license agreements. See the NOTICE file distributed with
|
||||||
|
* this work for additional information regarding copyright ownership.
|
||||||
|
* The ASF licenses this file to You under the Apache License, Version 2.0
|
||||||
|
* (the "License"); you may not use this file except in compliance with
|
||||||
|
* the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This software consists of voluntary contributions made by many
|
||||||
|
* individuals on behalf of the Apache Software Foundation. For more
|
||||||
|
* information on the Apache Software Foundation, please see
|
||||||
|
* <http://www.apache.org/>.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.apache.http.client;
|
||||||
|
|
||||||
|
import org.apache.http.ProtocolException;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Signals violation of HTTP specification caused by an invalid redirect
|
||||||
|
*
|
||||||
|
* @author <a href="mailto:oleg@ural.ru">Oleg Kalnichevski</a>
|
||||||
|
*
|
||||||
|
* @since 3.0
|
||||||
|
*/
|
||||||
|
public class RedirectException extends ProtocolException {
|
||||||
|
|
||||||
|
private static final long serialVersionUID = 4418824536372559326L;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Creates a new RedirectException with a <tt>null</tt> detail message.
|
||||||
|
*/
|
||||||
|
public RedirectException() {
|
||||||
|
super();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Creates a new RedirectException with the specified detail message.
|
||||||
|
*
|
||||||
|
* @param message The exception detail message
|
||||||
|
*/
|
||||||
|
public RedirectException(String message) {
|
||||||
|
super(message);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Creates a new RedirectException with the specified detail message and cause.
|
||||||
|
*
|
||||||
|
* @param message the exception detail message
|
||||||
|
* @param cause the <tt>Throwable</tt> that caused this exception, or <tt>null</tt>
|
||||||
|
* if the cause is unavailable, unknown, or not a <tt>Throwable</tt>
|
||||||
|
*/
|
||||||
|
public RedirectException(String message, Throwable cause) {
|
||||||
|
super(message, cause);
|
||||||
|
}
|
||||||
|
}
|
|
@ -56,11 +56,12 @@ public interface RedirectHandler {
|
||||||
* given the response from the target server.
|
* given the response from the target server.
|
||||||
*
|
*
|
||||||
* @param response the response received from the target server
|
* @param response the response received from the target server
|
||||||
|
* @param context the context for the request execution
|
||||||
*
|
*
|
||||||
* @return <code>true</code> if the request should be redirected, <code>false</code>
|
* @return <code>true</code> if the request should be redirected, <code>false</code>
|
||||||
* otherwise
|
* otherwise
|
||||||
*/
|
*/
|
||||||
boolean isRedirectNeeded(HttpResponse response);
|
boolean isRedirectNeeded(HttpResponse response, HttpContext context);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Determines the location request is expected to be redirected to
|
* Determines the location request is expected to be redirected to
|
||||||
|
|
|
@ -52,6 +52,7 @@ import org.apache.http.HttpVersion;
|
||||||
import org.apache.http.ProtocolException;
|
import org.apache.http.ProtocolException;
|
||||||
import org.apache.http.client.ClientRequestDirector;
|
import org.apache.http.client.ClientRequestDirector;
|
||||||
import org.apache.http.client.HttpRequestRetryHandler;
|
import org.apache.http.client.HttpRequestRetryHandler;
|
||||||
|
import org.apache.http.client.RedirectException;
|
||||||
import org.apache.http.client.RedirectHandler;
|
import org.apache.http.client.RedirectHandler;
|
||||||
import org.apache.http.client.RoutedRequest;
|
import org.apache.http.client.RoutedRequest;
|
||||||
import org.apache.http.client.methods.AbortableHttpRequest;
|
import org.apache.http.client.methods.AbortableHttpRequest;
|
||||||
|
@ -115,6 +116,9 @@ public class DefaultClientRequestDirector
|
||||||
/** The currently allocated connection. */
|
/** The currently allocated connection. */
|
||||||
protected ManagedClientConnection managedConn;
|
protected ManagedClientConnection managedConn;
|
||||||
|
|
||||||
|
private int redirectCount;
|
||||||
|
|
||||||
|
private int maxRedirects;
|
||||||
|
|
||||||
public DefaultClientRequestDirector(
|
public DefaultClientRequestDirector(
|
||||||
final ClientConnectionManager conman,
|
final ClientConnectionManager conman,
|
||||||
|
@ -152,6 +156,9 @@ public class DefaultClientRequestDirector
|
||||||
|
|
||||||
this.managedConn = null;
|
this.managedConn = null;
|
||||||
|
|
||||||
|
this.redirectCount = 0;
|
||||||
|
this.maxRedirects = this.params.getIntParameter(HttpClientParams.MAX_REDIRECTS, 100);
|
||||||
|
|
||||||
//@@@ authentication?
|
//@@@ authentication?
|
||||||
|
|
||||||
} // constructor
|
} // constructor
|
||||||
|
@ -516,7 +523,13 @@ public class DefaultClientRequestDirector
|
||||||
|
|
||||||
HttpParams params = request.getParams();
|
HttpParams params = request.getParams();
|
||||||
if (params.getBooleanParameter(HttpClientParams.HANDLE_REDIRECTS, true) &&
|
if (params.getBooleanParameter(HttpClientParams.HANDLE_REDIRECTS, true) &&
|
||||||
this.redirectHandler.isRedirectNeeded(response)) {
|
this.redirectHandler.isRedirectNeeded(response, context)) {
|
||||||
|
|
||||||
|
if (redirectCount >= maxRedirects) {
|
||||||
|
throw new RedirectException("Maximum redirects ("
|
||||||
|
+ maxRedirects + ") exceeded");
|
||||||
|
}
|
||||||
|
redirectCount++;
|
||||||
|
|
||||||
URI uri;
|
URI uri;
|
||||||
try {
|
try {
|
||||||
|
|
|
@ -33,6 +33,8 @@ package org.apache.http.impl.client;
|
||||||
|
|
||||||
import java.net.URI;
|
import java.net.URI;
|
||||||
import java.net.URISyntaxException;
|
import java.net.URISyntaxException;
|
||||||
|
import java.util.HashSet;
|
||||||
|
import java.util.Set;
|
||||||
|
|
||||||
import org.apache.commons.logging.Log;
|
import org.apache.commons.logging.Log;
|
||||||
import org.apache.commons.logging.LogFactory;
|
import org.apache.commons.logging.LogFactory;
|
||||||
|
@ -41,6 +43,7 @@ import org.apache.http.HttpHost;
|
||||||
import org.apache.http.HttpResponse;
|
import org.apache.http.HttpResponse;
|
||||||
import org.apache.http.HttpStatus;
|
import org.apache.http.HttpStatus;
|
||||||
import org.apache.http.ProtocolException;
|
import org.apache.http.ProtocolException;
|
||||||
|
import org.apache.http.client.CircularRedirectException;
|
||||||
import org.apache.http.client.RedirectHandler;
|
import org.apache.http.client.RedirectHandler;
|
||||||
import org.apache.http.client.params.HttpClientParams;
|
import org.apache.http.client.params.HttpClientParams;
|
||||||
import org.apache.http.params.HttpParams;
|
import org.apache.http.params.HttpParams;
|
||||||
|
@ -61,7 +64,15 @@ public class DefaultRedirectHandler implements RedirectHandler {
|
||||||
|
|
||||||
private static final Log LOG = LogFactory.getLog(DefaultRedirectHandler.class);
|
private static final Log LOG = LogFactory.getLog(DefaultRedirectHandler.class);
|
||||||
|
|
||||||
public boolean isRedirectNeeded(final HttpResponse response) {
|
private static final String REDIRECT_LOCATIONS = "http.protocol.redirect-locations";
|
||||||
|
|
||||||
|
public DefaultRedirectHandler() {
|
||||||
|
super();
|
||||||
|
}
|
||||||
|
|
||||||
|
public boolean isRedirectNeeded(
|
||||||
|
final HttpResponse response,
|
||||||
|
final HttpContext context) {
|
||||||
if (response == null) {
|
if (response == null) {
|
||||||
throw new IllegalArgumentException("HTTP response may not be null");
|
throw new IllegalArgumentException("HTTP response may not be null");
|
||||||
}
|
}
|
||||||
|
@ -131,6 +142,42 @@ public class DefaultRedirectHandler implements RedirectHandler {
|
||||||
throw new ProtocolException(ex.getMessage(), ex);
|
throw new ProtocolException(ex.getMessage(), ex);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (params.isParameterFalse(HttpClientParams.ALLOW_CIRCULAR_REDIRECTS)) {
|
||||||
|
|
||||||
|
Set redirectLocations = (Set) context.getAttribute(REDIRECT_LOCATIONS);
|
||||||
|
|
||||||
|
if (redirectLocations == null) {
|
||||||
|
redirectLocations = new HashSet();
|
||||||
|
context.setAttribute(REDIRECT_LOCATIONS, redirectLocations);
|
||||||
|
}
|
||||||
|
|
||||||
|
URI redirectURI;
|
||||||
|
if (uri.getQuery() != null || uri.getFragment() != null) {
|
||||||
|
try {
|
||||||
|
redirectURI = new URI(
|
||||||
|
uri.getScheme(),
|
||||||
|
null,
|
||||||
|
uri.getHost(),
|
||||||
|
uri.getPort(),
|
||||||
|
uri.getPath(),
|
||||||
|
null,
|
||||||
|
null);
|
||||||
|
} catch (URISyntaxException ex) {
|
||||||
|
throw new ProtocolException(ex.getMessage(), ex);
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
redirectURI = uri;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (redirectLocations.contains(redirectURI)) {
|
||||||
|
throw new CircularRedirectException("Circular redirect to '" +
|
||||||
|
redirectURI + "'");
|
||||||
|
} else {
|
||||||
|
redirectLocations.add(redirectURI);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return uri;
|
return uri;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue