JETTY-1042
git-svn-id: svn+ssh://dev.eclipse.org/svnroot/rt/org.eclipse.jetty/jetty/trunk@438 7e9141cc-0065-0410-87d8-b60c137991c4
This commit is contained in:
parent
05f730be81
commit
02dd1975ec
|
@ -1,5 +1,6 @@
|
|||
jetty-7.0.0.M4-SNAPSHOT
|
||||
+ 281059 NPE in QTP with debug on
|
||||
+ JETTY-1042 Prevent cookie leak between shared connection
|
||||
|
||||
jetty-7.0.0.M3 20 June 2009
|
||||
+ fixed race with expired async listeners
|
||||
|
|
|
@ -39,95 +39,85 @@ public class CookieCutter
|
|||
private static final byte STATE_UNQUOTED_VALUE = 16;
|
||||
|
||||
private Cookie[] _cookies;
|
||||
private String[] _fields;
|
||||
int _added=0;
|
||||
boolean _dirty;
|
||||
HttpServletRequest _request;
|
||||
private Cookie[] _lastCookies;
|
||||
Object _lazyFields;
|
||||
int _fields;
|
||||
|
||||
public CookieCutter()
|
||||
{
|
||||
|
||||
}
|
||||
|
||||
public CookieCutter(HttpServletRequest request)
|
||||
{
|
||||
_request = request;
|
||||
}
|
||||
|
||||
public Cookie[] getCookies()
|
||||
{
|
||||
if (_added>0)
|
||||
{
|
||||
if (!_dirty && _added==_fields.length)
|
||||
{
|
||||
// same cookies as last time!
|
||||
_added=0;
|
||||
if (_cookies!=null)
|
||||
return _cookies;
|
||||
}
|
||||
|
||||
if (_lastCookies!=null &&
|
||||
_lazyFields!=null &&
|
||||
_fields==LazyList.size(_lazyFields))
|
||||
_cookies=_lastCookies;
|
||||
else
|
||||
parseFields();
|
||||
}
|
||||
_lastCookies=_cookies;
|
||||
return _cookies;
|
||||
}
|
||||
|
||||
public void setCookies(Cookie[] cookies)
|
||||
{
|
||||
_dirty=false;
|
||||
_added=0;
|
||||
_cookies=cookies;
|
||||
_lastCookies=null;
|
||||
_lazyFields=null;
|
||||
_fields=0;
|
||||
}
|
||||
|
||||
public void reset()
|
||||
{
|
||||
_fields=null;
|
||||
_cookies=null;
|
||||
_fields=0;
|
||||
}
|
||||
|
||||
public void addCookieField(String f)
|
||||
{
|
||||
if (!_dirty &&
|
||||
_fields!=null &&
|
||||
_fields.length>_added &&
|
||||
_fields[_added].equals(f))
|
||||
if (f==null)
|
||||
return;
|
||||
f=f.trim();
|
||||
if (f.length()==0)
|
||||
return;
|
||||
|
||||
if (LazyList.size(_lazyFields)>_fields)
|
||||
{
|
||||
_added++;
|
||||
if (f.equals(LazyList.get(_lazyFields,_fields)))
|
||||
{
|
||||
_fields++;
|
||||
return;
|
||||
}
|
||||
|
||||
if (_dirty)
|
||||
{
|
||||
_added++;
|
||||
_fields=(String[])LazyList.addToArray(_fields,f,String.class);
|
||||
while (LazyList.size(_lazyFields)>_fields)
|
||||
_lazyFields=LazyList.remove(_lazyFields,_fields);
|
||||
}
|
||||
else
|
||||
{
|
||||
_dirty=true;
|
||||
if (_added>0)
|
||||
{
|
||||
String[] fields=new String[_added+1];
|
||||
System.arraycopy(_fields,0,fields,0,_added);
|
||||
fields[_added++]=f;
|
||||
_fields=fields;
|
||||
}
|
||||
else
|
||||
{
|
||||
_fields = new String[]{f};
|
||||
_added=1;
|
||||
_cookies=null;
|
||||
_lastCookies=null;
|
||||
_lazyFields=LazyList.add(_lazyFields,_fields++,f);
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
protected void parseFields()
|
||||
{
|
||||
_lastCookies=null;
|
||||
_cookies=null;
|
||||
|
||||
Object cookies = null;
|
||||
|
||||
int version = 0;
|
||||
|
||||
// delete excess fields
|
||||
while (LazyList.size(_lazyFields)>_fields)
|
||||
_lazyFields=LazyList.remove(_lazyFields,_fields);
|
||||
|
||||
// For each cookie field
|
||||
for (int f=0;f<_added;f++)
|
||||
for (int f=0;f<_fields;f++)
|
||||
{
|
||||
String hdr = _fields[f];
|
||||
String hdr = LazyList.get(_lazyFields,f);
|
||||
|
||||
// Parse the header
|
||||
String name = null;
|
||||
|
@ -152,8 +142,6 @@ public class CookieCutter
|
|||
case STATE_UNQUOTED_VALUE:
|
||||
state = STATE_NAME;
|
||||
value = hdr.substring(tokenstart, i).trim();
|
||||
if(_request!=null && _request.isRequestedSessionIdFromURL())
|
||||
value = URIUtil.decodePath(value);
|
||||
tokenstart = i + 1;
|
||||
break;
|
||||
case STATE_NAME:
|
||||
|
@ -218,8 +206,6 @@ public class CookieCutter
|
|||
{
|
||||
case STATE_UNQUOTED_VALUE:
|
||||
value = hdr.substring(tokenstart).trim();
|
||||
if(_request!=null && _request.isRequestedSessionIdFromURL())
|
||||
value = URIUtil.decodePath(value);
|
||||
break;
|
||||
case STATE_NAME:
|
||||
name = hdr.substring(tokenstart);
|
||||
|
@ -276,21 +262,8 @@ public class CookieCutter
|
|||
}
|
||||
}
|
||||
|
||||
int l = LazyList.size(cookies);
|
||||
if (l>0)
|
||||
{
|
||||
if (_cookies != null && _cookies.length == l)
|
||||
{
|
||||
for (int i = 0; i < l; i++)
|
||||
_cookies[i] = (Cookie) LazyList.get(cookies, i);
|
||||
}
|
||||
else
|
||||
_cookies = (Cookie[]) LazyList.toArray(cookies,Cookie.class);
|
||||
}
|
||||
|
||||
_added=0;
|
||||
_dirty=false;
|
||||
|
||||
_lastCookies=_cookies;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -433,27 +433,24 @@ public class Request implements HttpServletRequest
|
|||
if (_cookiesExtracted)
|
||||
return _cookies==null?null:_cookies.getCookies();
|
||||
|
||||
// Handle no cookies
|
||||
if (!_connection.getRequestFields().containsKey(HttpHeaders.COOKIE_BUFFER))
|
||||
{
|
||||
_cookiesExtracted = true;
|
||||
if (_cookies!=null)
|
||||
_cookies.reset();
|
||||
return null;
|
||||
}
|
||||
|
||||
if (_cookies==null)
|
||||
_cookies=new CookieCutter(this);
|
||||
|
||||
Enumeration enm = _connection.getRequestFields().getValues(HttpHeaders.COOKIE_BUFFER);
|
||||
|
||||
// Handle no cookies
|
||||
if (enm!=null)
|
||||
{
|
||||
if (_cookies==null)
|
||||
_cookies=new CookieCutter();
|
||||
|
||||
while (enm.hasMoreElements())
|
||||
{
|
||||
String c = (String)enm.nextElement();
|
||||
_cookies.addCookieField(c);
|
||||
}
|
||||
_cookiesExtracted=true;
|
||||
}
|
||||
|
||||
return _cookies.getCookies();
|
||||
return _cookies==null?null:_cookies.getCookies();
|
||||
}
|
||||
|
||||
/* ------------------------------------------------------------ */
|
||||
|
@ -1308,13 +1305,16 @@ public class Request implements HttpServletRequest
|
|||
if(_attributes!=null)
|
||||
_attributes.clearAttributes();
|
||||
_characterEncoding=null;
|
||||
_queryEncoding=null;
|
||||
if (_cookies!=null)
|
||||
_cookies.reset();
|
||||
_cookiesExtracted=false;
|
||||
_context=null;
|
||||
_serverName=null;
|
||||
_method=null;
|
||||
_pathInfo=null;
|
||||
_port=0;
|
||||
_protocol=HttpVersions.HTTP_1_1;
|
||||
_queryEncoding=null;
|
||||
_queryString=null;
|
||||
_requestedSessionId=null;
|
||||
_requestedSessionIdFromCookie=false;
|
||||
|
@ -1332,7 +1332,6 @@ public class Request implements HttpServletRequest
|
|||
_paramsExtracted=false;
|
||||
_inputState=__NONE;
|
||||
|
||||
_cookiesExtracted=false;
|
||||
if (_savedNewSessions!=null)
|
||||
_savedNewSessions.clear();
|
||||
_savedNewSessions=null;
|
||||
|
@ -1571,7 +1570,7 @@ public class Request implements HttpServletRequest
|
|||
public void setCookies(Cookie[] cookies)
|
||||
{
|
||||
if (_cookies==null)
|
||||
_cookies=new CookieCutter(this);
|
||||
_cookies=new CookieCutter();
|
||||
_cookies.setCookies(cookies);
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue