From 1d18522a99847617cf67ab153e9cad5174fd0be3 Mon Sep 17 00:00:00 2001 From: Joakim Erdfelt Date: Fri, 21 Apr 2017 17:21:47 -0700 Subject: [PATCH] Issue #207 - allowing untrusted sessions to have non-validating generators --- .../jetty/websocket/common/Generator.java | 17 ++++++++++++++--- .../websocket/tests/UntrustedWSSession.java | 4 +++- 2 files changed, 17 insertions(+), 4 deletions(-) diff --git a/jetty-websocket/websocket-common/src/main/java/org/eclipse/jetty/websocket/common/Generator.java b/jetty-websocket/websocket-common/src/main/java/org/eclipse/jetty/websocket/common/Generator.java index 2a90f5dca56..3886ac2ab4b 100644 --- a/jetty-websocket/websocket-common/src/main/java/org/eclipse/jetty/websocket/common/Generator.java +++ b/jetty-websocket/websocket-common/src/main/java/org/eclipse/jetty/websocket/common/Generator.java @@ -62,8 +62,9 @@ public class Generator private final WebSocketBehavior behavior; private final ByteBufferPool bufferPool; - private final boolean validating; private final boolean readOnly; + + private boolean validating = true; /** * Are any flags in use @@ -374,7 +375,12 @@ public class Generator { return bufferPool; } - + + public boolean isValidating() + { + return validating; + } + public void setRsv1InUse(boolean rsv1InUse) { if (readOnly) @@ -401,7 +407,12 @@ public class Generator } flagsInUse = (byte)((flagsInUse & 0xEF) | (rsv3InUse?0x10:0x00)); } - + + public void setValidating(boolean validating) + { + this.validating = validating; + } + public boolean isRsv1InUse() { return (flagsInUse & 0x40) != 0; diff --git a/jetty-websocket/websocket-tests/src/main/java/org/eclipse/jetty/websocket/tests/UntrustedWSSession.java b/jetty-websocket/websocket-tests/src/main/java/org/eclipse/jetty/websocket/tests/UntrustedWSSession.java index 11c36098285..ca45ec09a2a 100644 --- a/jetty-websocket/websocket-tests/src/main/java/org/eclipse/jetty/websocket/tests/UntrustedWSSession.java +++ b/jetty-websocket/websocket-tests/src/main/java/org/eclipse/jetty/websocket/tests/UntrustedWSSession.java @@ -33,7 +33,9 @@ public class UntrustedWSSession extends WebSocketSession implements AutoCloseabl public UntrustedWSSession(WebSocketContainerScope containerScope, URI requestURI, Object endpoint, LogicalConnection connection) { super(containerScope, requestURI, endpoint, connection); - this.untrustedConnection = new UntrustedWSConnection((AbstractWebSocketConnection) connection); + AbstractWebSocketConnection abstractWebSocketConnection = (AbstractWebSocketConnection) connection; + abstractWebSocketConnection.getGenerator().setValidating(false); + this.untrustedConnection = new UntrustedWSConnection(abstractWebSocketConnection); this.untrustedEndpoint = (UntrustedWSEndpoint) endpoint; }