Fixing DefaultServlet Alias Checking

+ Fixing DefaultServletTest.testSymLinks
2022-07-14 16:17:12 -05:00 · 2022-07-14 16:17:12 -05:00 · 0dc65e5588
parent da2af1141a
commit 0dc65e5588
4 changed files with 19 additions and 10 deletions
--- a/jetty-core/jetty-server/src/main/java/org/eclipse/jetty/server/SymlinkAllowedResourceAliasChecker.java
+++ b/jetty-core/jetty-server/src/main/java/org/eclipse/jetty/server/SymlinkAllowedResourceAliasChecker.java
@ -43,7 +43,7 @@ public class SymlinkAllowedResourceAliasChecker extends AllowedResourceAliasChec
        if (_base == null)
            return false;

-        // do not allow any file separation characters in the URI, as we need to know exactly what are the segments
+        // do not allow any non-URI file separation characters in the URI (such as Windows), as we need to know exactly what are the segments
        if (File.separatorChar != '/' && pathInContext.indexOf(File.separatorChar) >= 0)
            return false;

--- a/jetty-core/jetty-server/src/main/java/org/eclipse/jetty/server/handler/AllowSymLinkAliasChecker.java
+++ b/jetty-core/jetty-server/src/main/java/org/eclipse/jetty/server/handler/AllowSymLinkAliasChecker.java
@ -44,11 +44,9 @@ public class AllowSymLinkAliasChecker implements AliasCheck
    public boolean check(String pathInContext, Resource resource)
    {
        // Only support PathResource alias checking
-        if (!(resource instanceof PathResource))
+        if (!(resource instanceof PathResource pathResource))
            return false;

-        PathResource pathResource = (PathResource)resource;
-
        try
        {
            Path path = pathResource.getPath();
--- a/jetty-ee10/jetty-ee10-servlet/src/main/java/org/eclipse/jetty/ee10/servlet/DefaultServlet.java
+++ b/jetty-ee10/jetty-ee10-servlet/src/main/java/org/eclipse/jetty/ee10/servlet/DefaultServlet.java
@ -32,7 +32,6 @@ import java.util.function.Function;
 import java.util.function.Predicate;
 import java.util.stream.Collectors;

-import jakarta.servlet.DispatcherType;
 import jakarta.servlet.RequestDispatcher;
 import jakarta.servlet.ServletContext;
 import jakarta.servlet.ServletException;
@ -340,6 +339,8 @@ public class DefaultServlet extends HttpServlet
            }
            else
            {
+
+
                // serve content
                try (Blocker.Callback callback = Blocker.callback())
                {
@ -810,6 +811,17 @@ public class DefaultServlet extends HttpServlet
            _servletContextHandler = servletContextHandler;
        }

+        @Override
+        public HttpContent getContent(String path, int outputBufferSize) throws IOException
+        {
+            HttpContent httpContent = super.getContent(path, outputBufferSize);
+
+            if (!_servletContextHandler.checkAlias(path, httpContent.getResource()))
+                return null;
+
+            return httpContent;
+        }
+
        @Override
        public String getWelcomeTarget(Request coreRequest) throws IOException
        {
@ -820,7 +832,9 @@ public class DefaultServlet extends HttpServlet

            HttpServletRequest request = getServletRequest(coreRequest);

-            if (request.getDispatcherType() == DispatcherType.INCLUDE)
+            boolean included = request.getAttribute(RequestDispatcher.INCLUDE_REQUEST_URI) != null;
+
+            if (included)
            {
                // Servlet 9.3 - don't process welcome target from INCLUDE dispatch
                return null;
--- a/jetty-ee10/jetty-ee10-servlet/src/test/java/org/eclipse/jetty/ee10/servlet/DefaultServletTest.java
+++ b/jetty-ee10/jetty-ee10-servlet/src/test/java/org/eclipse/jetty/ee10/servlet/DefaultServletTest.java
@ -1100,7 +1100,6 @@ public class DefaultServletTest
        defholder.setInitParameter("redirectWelcome", "true");
        defholder.setInitParameter("welcomeServlets", "false");
        defholder.setInitParameter("gzip", "false");
-
        defholder.setInitParameter("maxCacheSize", "1024000");
        defholder.setInitParameter("maxCachedFileSize", "512000");
        defholder.setInitParameter("maxCachedFiles", "100");
@ -1288,7 +1287,6 @@ public class DefaultServletTest
     * Ensure that oddball directory names are served with proper escaping
     */
    @Test
-    @Disabled
    public void testWelcomeRedirectDirWithSemicolon() throws Exception
    {
        FS.ensureDirExists(docRoot);
@ -1405,7 +1403,6 @@ public class DefaultServletTest
    }

    @Test
-    @Disabled
    public void testSymLinks() throws Exception
    {
        FS.ensureDirExists(docRoot);
@ -1417,8 +1414,8 @@ public class DefaultServletTest
        Path link = dir.resolve("link.txt");
        Path rLink = dir.resolve("rlink.txt");
        Files.writeString(foobar, "Foo Bar", UTF_8);
-        ServletHolder defholder = context.addServlet(DefaultServlet.class, "/");

+        ServletHolder defholder = context.addServlet(DefaultServlet.class, "/");
        defholder.setInitParameter("gzip", "false");

        String rawResponse;