Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

JETTY-1042 

git-svn-id: svn+ssh://dev.eclipse.org/svnroot/rt/org.eclipse.jetty/jetty/trunk@438 7e9141cc-0065-0410-87d8-b60c137991c4
This commit is contained in:
Greg Wilkins 2009-06-26 00:33:15 +00:00
parent 05f730be81
commit 02dd1975ec
3 changed files with 64 additions and 91 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
VERSION.txt
View File

@ -1,5 +1,6 @@
jetty-7.0.0.M4-SNAPSHOT
+ 281059 NPE in QTP with debug on
+ JETTY-1042 Prevent cookie leak between shared connection
jetty-7.0.0.M3 20 June 2009
+ fixed race with expired async listeners

113
jetty-server/src/main/java/org/eclipse/jetty/server/CookieCutter.java
View File

@ -39,95 +39,85 @@ public class CookieCutter
private static final byte STATE_UNQUOTED_VALUE = 16;
private Cookie[] _cookies;
private String[] _fields;
int _added=0;
boolean _dirty;
HttpServletRequest _request;
private Cookie[] _lastCookies;
Object _lazyFields;
int _fields;
public CookieCutter()
{
}
public CookieCutter(HttpServletRequest request)
{
_request = request;
{
}
public Cookie[] getCookies()
{
if (_added>0)
{
if (!_dirty && _added==_fields.length)
{
// same cookies as last time!
_added=0;
return _cookies;
}
if (_cookies!=null)
return _cookies;
if (_lastCookies!=null &&
_lazyFields!=null &&
_fields==LazyList.size(_lazyFields))
_cookies=_lastCookies;
else
parseFields();
}
_lastCookies=_cookies;
return _cookies;
}
public void setCookies(Cookie[] cookies)
{
_dirty=false;
_added=0;
_cookies=cookies;
_lastCookies=null;
_lazyFields=null;
_fields=0;
}
public void reset()
{
_fields=null;
_cookies=null;
_fields=0;
}
public void addCookieField(String f)
{
if (!_dirty &&
_fields!=null &&
_fields.length>_added &&
_fields[_added].equals(f))
{
_added++;
if (f==null)
return;
}
if (_dirty)
f=f.trim();
if (f.length()==0)
return;
if (LazyList.size(_lazyFields)>_fields)
{
_added++;
_fields=(String[])LazyList.addToArray(_fields,f,String.class);
}
else
{
_dirty=true;
if (_added>0)
if (f.equals(LazyList.get(_lazyFields,_fields)))
{
String[] fields=new String[_added+1];
System.arraycopy(_fields,0,fields,0,_added);
fields[_added++]=f;
_fields=fields;
}
else
{
_fields = new String[]{f};
_added=1;
_fields++;
return;
}
while (LazyList.size(_lazyFields)>_fields)
_lazyFields=LazyList.remove(_lazyFields,_fields);
}
_cookies=null;
_lastCookies=null;
_lazyFields=LazyList.add(_lazyFields,_fields++,f);
}
protected void parseFields()
{
_lastCookies=null;
_cookies=null;
Object cookies = null;
int version = 0;
// delete excess fields
while (LazyList.size(_lazyFields)>_fields)
_lazyFields=LazyList.remove(_lazyFields,_fields);
// For each cookie field
for (int f=0;f<_added;f++)
for (int f=0;f<_fields;f++)
{
String hdr = _fields[f];
String hdr = LazyList.get(_lazyFields,f);
// Parse the header
String name = null;
@ -152,8 +142,6 @@ public class CookieCutter
case STATE_UNQUOTED_VALUE:
state = STATE_NAME;
value = hdr.substring(tokenstart, i).trim();
if(_request!=null && _request.isRequestedSessionIdFromURL())
value = URIUtil.decodePath(value);
tokenstart = i + 1;
break;
case STATE_NAME:
@ -218,8 +206,6 @@ public class CookieCutter
{
case STATE_UNQUOTED_VALUE:
value = hdr.substring(tokenstart).trim();
if(_request!=null && _request.isRequestedSessionIdFromURL())
value = URIUtil.decodePath(value);
break;
case STATE_NAME:
name = hdr.substring(tokenstart);
@ -276,21 +262,8 @@ public class CookieCutter
}
}
int l = LazyList.size(cookies);
if (l>0)
{
if (_cookies != null && _cookies.length == l)
{
for (int i = 0; i < l; i++)
_cookies[i] = (Cookie) LazyList.get(cookies, i);
}
else
_cookies = (Cookie[]) LazyList.toArray(cookies,Cookie.class);
}
_added=0;
_dirty=false;
_cookies = (Cookie[]) LazyList.toArray(cookies,Cookie.class);
_lastCookies=_cookies;
}
}

41
jetty-server/src/main/java/org/eclipse/jetty/server/Request.java
View File

@ -433,27 +433,24 @@ public class Request implements HttpServletRequest
if (_cookiesExtracted)
return _cookies==null?null:_cookies.getCookies();
// Handle no cookies
if (!_connection.getRequestFields().containsKey(HttpHeaders.COOKIE_BUFFER))
{
_cookiesExtracted = true;
if (_cookies!=null)
_cookies.reset();
return null;
}
if (_cookies==null)
_cookies=new CookieCutter(this);
_cookiesExtracted = true;
Enumeration enm = _connection.getRequestFields().getValues(HttpHeaders.COOKIE_BUFFER);
while (enm.hasMoreElements())
// Handle no cookies
if (enm!=null)
{
String c = (String)enm.nextElement();
_cookies.addCookieField(c);
}
_cookiesExtracted=true;
if (_cookies==null)
_cookies=new CookieCutter();
return _cookies.getCookies();
while (enm.hasMoreElements())
{
String c = (String)enm.nextElement();
_cookies.addCookieField(c);
}
}
return _cookies==null?null:_cookies.getCookies();
}
/* ------------------------------------------------------------ */
@ -1308,13 +1305,16 @@ public class Request implements HttpServletRequest
if(_attributes!=null)
_attributes.clearAttributes();
_characterEncoding=null;
_queryEncoding=null;
if (_cookies!=null)
_cookies.reset();
_cookiesExtracted=false;
_context=null;
_serverName=null;
_method=null;
_pathInfo=null;
_port=0;
_protocol=HttpVersions.HTTP_1_1;
_queryEncoding=null;
_queryString=null;
_requestedSessionId=null;
_requestedSessionIdFromCookie=false;
@ -1332,7 +1332,6 @@ public class Request implements HttpServletRequest
_paramsExtracted=false;
_inputState=__NONE;
_cookiesExtracted=false;
if (_savedNewSessions!=null)
_savedNewSessions.clear();
_savedNewSessions=null;
@ -1571,7 +1570,7 @@ public class Request implements HttpServletRequest
public void setCookies(Cookie[] cookies)
{
if (_cookies==null)
_cookies=new CookieCutter(this);
_cookies=new CookieCutter();
_cookies.setCookies(cookies);
}