Merge pull request #6411 from eclipse/jetty-10.0.x-6407-ClientUpgradeRequestUri
Issue #6407 - Fix URI validation for WebSocket ClientUpgradeRequest
This commit is contained in:
commit
1cd0093855
|
@ -88,25 +88,17 @@ public abstract class CoreClientUpgradeRequest extends HttpRequest implements Re
|
|||
|
||||
// Validate websocket URI
|
||||
if (!requestURI.isAbsolute())
|
||||
{
|
||||
throw new IllegalArgumentException("WebSocket URI must be absolute");
|
||||
}
|
||||
|
||||
if (StringUtil.isBlank(requestURI.getScheme()))
|
||||
{
|
||||
throw new IllegalArgumentException("WebSocket URI must include a scheme");
|
||||
}
|
||||
|
||||
String scheme = requestURI.getScheme();
|
||||
if (!HttpScheme.WS.is(scheme) && !HttpScheme.WSS.is(scheme))
|
||||
{
|
||||
throw new IllegalArgumentException("WebSocket URI scheme only supports [ws] and [wss], not [" + scheme + "]");
|
||||
}
|
||||
|
||||
if (requestURI.getHost() == null)
|
||||
{
|
||||
throw new IllegalArgumentException("Invalid WebSocket URI: host not present");
|
||||
}
|
||||
|
||||
this.wsClient = webSocketClient;
|
||||
this.futureCoreSession = new CompletableFuture<>();
|
||||
|
@ -437,7 +429,7 @@ public abstract class CoreClientUpgradeRequest extends HttpRequest implements Re
|
|||
Negotiated negotiated = new Negotiated(
|
||||
request.getURI(),
|
||||
negotiatedSubProtocol,
|
||||
HttpScheme.HTTPS.is(request.getScheme()), // TODO better than this?
|
||||
HttpClient.isSchemeSecure(request.getScheme()),
|
||||
extensionStack,
|
||||
WebSocketConstants.SPEC_VERSION_STRING);
|
||||
|
||||
|
|
|
@ -22,6 +22,7 @@ import java.util.Map;
|
|||
import java.util.Objects;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
import org.eclipse.jetty.http.HttpScheme;
|
||||
import org.eclipse.jetty.util.MultiMap;
|
||||
import org.eclipse.jetty.util.StringUtil;
|
||||
import org.eclipse.jetty.util.UrlEncoded;
|
||||
|
@ -134,24 +135,14 @@ public class Negotiated
|
|||
String httpScheme = uri.getScheme();
|
||||
if (httpScheme == null)
|
||||
return uri;
|
||||
|
||||
if ("ws".equalsIgnoreCase(httpScheme) || "wss".equalsIgnoreCase(httpScheme))
|
||||
{
|
||||
// keep as-is
|
||||
if (HttpScheme.WS.is(httpScheme) || HttpScheme.WSS.is(httpScheme))
|
||||
return uri;
|
||||
}
|
||||
|
||||
if ("http".equalsIgnoreCase(httpScheme))
|
||||
{
|
||||
// convert to ws
|
||||
return new URI("ws" + uri.toString().substring(httpScheme.length()));
|
||||
}
|
||||
|
||||
if ("https".equalsIgnoreCase(httpScheme))
|
||||
{
|
||||
// convert to wss
|
||||
return new URI("wss" + uri.toString().substring(httpScheme.length()));
|
||||
}
|
||||
String afterScheme = uri.toString().substring(httpScheme.length());
|
||||
if (HttpScheme.HTTP.is(httpScheme))
|
||||
return new URI("ws" + afterScheme);
|
||||
if (HttpScheme.HTTPS.is(httpScheme))
|
||||
return new URI("wss" + afterScheme);
|
||||
|
||||
throw new URISyntaxException(uri.toString(), "Unrecognized HTTP scheme");
|
||||
}
|
||||
|
|
|
@ -103,23 +103,17 @@ public final class WSURI
|
|||
{
|
||||
Objects.requireNonNull(inputUri, "Input URI must not be null");
|
||||
String httpScheme = inputUri.getScheme();
|
||||
if (httpScheme == null)
|
||||
throw new URISyntaxException(inputUri.toString(), "Undefined HTTP scheme");
|
||||
|
||||
if ("ws".equalsIgnoreCase(httpScheme) || "wss".equalsIgnoreCase(httpScheme))
|
||||
{
|
||||
// keep as-is
|
||||
return inputUri;
|
||||
}
|
||||
|
||||
String afterScheme = inputUri.toString().substring(httpScheme.length());
|
||||
if ("http".equalsIgnoreCase(httpScheme))
|
||||
{
|
||||
// convert to ws
|
||||
return new URI("ws" + inputUri.toString().substring(httpScheme.length()));
|
||||
}
|
||||
|
||||
return new URI("ws" + afterScheme);
|
||||
if ("https".equalsIgnoreCase(httpScheme))
|
||||
{
|
||||
// convert to wss
|
||||
return new URI("wss" + inputUri.toString().substring(httpScheme.length()));
|
||||
}
|
||||
return new URI("wss" + afterScheme);
|
||||
|
||||
throw new URISyntaxException(inputUri.toString(), "Unrecognized HTTP scheme");
|
||||
}
|
||||
|
|
|
@ -50,11 +50,15 @@ public final class ClientUpgradeRequest implements UpgradeRequest
|
|||
this.host = null;
|
||||
}
|
||||
|
||||
/**
|
||||
* @deprecated use {@link #ClientUpgradeRequest()} instead.
|
||||
*/
|
||||
@Deprecated
|
||||
public ClientUpgradeRequest(URI uri)
|
||||
{
|
||||
this.requestURI = uri;
|
||||
String scheme = uri.getScheme();
|
||||
if (!HttpScheme.WS.is(scheme) || !HttpScheme.WSS.is(scheme))
|
||||
if (!HttpScheme.WS.is(scheme) && !HttpScheme.WSS.is(scheme))
|
||||
throw new IllegalArgumentException("URI scheme must be 'ws' or 'wss'");
|
||||
this.host = this.requestURI.getHost();
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue