Merge branch 'jetty-9.2.x'

This commit is contained in:
Joakim Erdfelt 2015-01-22 11:51:36 -07:00
commit 03121edc92
1 changed files with 47 additions and 1 deletions

View File

@ -1209,7 +1209,7 @@ public class RequestTest
@Test @Test
public void testHashDOS() throws Exception public void testHashDOSKeys() throws Exception
{ {
((StdErrLog)Log.getLogger(HttpChannel.class)).setHideStacks(true); ((StdErrLog)Log.getLogger(HttpChannel.class)).setHideStacks(true);
LOG.info("Expecting maxFormKeys limit and Closing HttpParser exceptions..."); LOG.info("Expecting maxFormKeys limit and Closing HttpParser exceptions...");
@ -1271,6 +1271,52 @@ public class RequestTest
((StdErrLog)Log.getLogger(HttpChannel.class)).setHideStacks(false); ((StdErrLog)Log.getLogger(HttpChannel.class)).setHideStacks(false);
} }
} }
@Test
public void testHashDOSSize() throws Exception
{
((StdErrLog)Log.getLogger(HttpChannel.class)).setHideStacks(true);
LOG.info("Expecting maxFormSize limit and too much data exceptions...");
_server.setAttribute("org.eclipse.jetty.server.Request.maxFormContentSize",3396);
_server.setAttribute("org.eclipse.jetty.server.Request.maxFormKeys",1000);
StringBuilder buf = new StringBuilder(4000000);
buf.append("a=b");
// we will just create a lot of keys and make sure the limit is applied
for (int i=0;i<500;i++)
buf.append("&").append("K").append(i).append("=").append("x");
buf.append("&c=d");
_handler._checker = new RequestTester()
{
@Override
public boolean check(HttpServletRequest request,HttpServletResponse response)
{
return "b".equals(request.getParameter("a")) && request.getParameter("c")==null;
}
};
String request="POST / HTTP/1.1\r\n"+
"Host: whatever\r\n"+
"Content-Type: "+MimeTypes.Type.FORM_ENCODED.asString()+"\r\n"+
"Content-Length: "+buf.length()+"\r\n"+
"Connection: close\r\n"+
"\r\n"+
buf;
try
{
long start=System.currentTimeMillis();
String response = _connector.getResponses(request);
assertTrue(response.contains("Form too large:"));
long now=System.currentTimeMillis();
assertTrue((now-start)<5000);
}
finally
{
((StdErrLog)Log.getLogger(HttpChannel.class)).setHideStacks(false);
}
}
@Test(expected = UnsupportedEncodingException.class) @Test(expected = UnsupportedEncodingException.class)
public void testNotSupportedCharacterEncoding() throws UnsupportedEncodingException public void testNotSupportedCharacterEncoding() throws UnsupportedEncodingException