Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Issue #1568 - Fixing improper query encoding in WebSocket ServletUpgradeRequest

This commit is contained in:
Joakim Erdfelt 2017-05-23 10:32:22 -07:00
parent 79883c739d
commit 296050dfc4
3 changed files with 51 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
jetty-websocket/websocket-common/src/test/java/org/eclipse/jetty/websocket/common/test/BlockheadClient.java
View File

@ -530,7 +530,7 @@ public class BlockheadClient implements OutgoingFrames, ConnectionStateListener,
path.append(destHttpURI.getPath());
if (StringUtil.isNotBlank(destHttpURI.getQuery()))
{
path.append('?').append(destHttpURI.getQuery());
path.append('?').append(destHttpURI.getRawQuery());
}
return path.toString();
}

44
jetty-websocket/websocket-server/src/test/java/org/eclipse/jetty/websocket/server/RequestHeadersTest.java
View File

@ -21,14 +21,15 @@ package org.eclipse.jetty.websocket.server;
import static org.hamcrest.Matchers.anyOf;
import static org.hamcrest.Matchers.is;
import static org.hamcrest.Matchers.notNullValue;
import static org.junit.Assert.assertThat;
import java.net.HttpCookie;
import java.net.URI;
import java.util.List;
import java.util.concurrent.TimeUnit;
import org.eclipse.jetty.websocket.api.UpgradeRequest;
import org.eclipse.jetty.websocket.api.UpgradeResponse;
import org.eclipse.jetty.websocket.common.UpgradeRequestAdapter;
import org.eclipse.jetty.websocket.common.test.BlockheadClient;
import org.eclipse.jetty.websocket.server.helper.EchoSocket;
import org.eclipse.jetty.websocket.servlet.ServletUpgradeRequest;
@ -37,7 +38,6 @@ import org.eclipse.jetty.websocket.servlet.WebSocketCreator;
import org.eclipse.jetty.websocket.servlet.WebSocketServlet;
import org.eclipse.jetty.websocket.servlet.WebSocketServletFactory;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
@ -71,9 +71,6 @@ public class RequestHeadersTest
public static class EchoRequestServlet extends WebSocketServlet
{
/**
*
*/
private static final long serialVersionUID = -6575001979901924179L;
private final WebSocketCreator creator;
@ -120,14 +117,14 @@ public class RequestHeadersTest
client.expectUpgradeResponse();
UpgradeRequest req = echoCreator.getLastRequest();
Assert.assertThat("Last Request",req,notNullValue());
assertThat("Last Request",req,notNullValue());
List<HttpCookie> cookies = req.getCookies();
Assert.assertThat("Request cookies",cookies,notNullValue());
Assert.assertThat("Request cookies.size",cookies.size(),is(2));
assertThat("Request cookies",cookies,notNullValue());
assertThat("Request cookies.size",cookies.size(),is(2));
for (HttpCookie cookie : cookies)
{
Assert.assertThat("Cookie name",cookie.getName(),anyOf(is("fruit"),is("type")));
Assert.assertThat("Cookie value",cookie.getValue(),anyOf(is("Pear"),is("Anjou")));
assertThat("Cookie name",cookie.getName(),anyOf(is("fruit"),is("type")));
assertThat("Cookie value",cookie.getValue(),anyOf(is("Pear"),is("Anjou")));
}
}
finally
@ -135,4 +132,31 @@ public class RequestHeadersTest
client.close();
}
}
@Test
public void testRequestURI() throws Exception
{
URI destUri = server.getServerUri().resolve("/?abc=x%20z");
BlockheadClient client = new BlockheadClient(destUri);
client.setTimeout(1,TimeUnit.SECONDS);
try
{
client.connect();
client.sendStandardRequest();
client.expectUpgradeResponse();
UpgradeRequest req = echoCreator.getLastRequest();
assertThat("Last Request",req,notNullValue());
assertThat("Request.host", req.getHost(), is(server.getServerUri().getHost()));
assertThat("Request.queryString", req.getQueryString(), is("abc=x%20z"));
assertThat("Request.uri.path", req.getRequestURI().getPath(), is("/"));
assertThat("Request.uri.query", req.getRequestURI().getQuery(), is("abc=x z"));
assertThat("Request.uri.rawQuery", req.getRequestURI().getRawQuery(), is("abc=x%20z"));
}
finally
{
client.close();
}
}
}

19
jetty-websocket/websocket-servlet/src/main/java/org/eclipse/jetty/websocket/servlet/ServletUpgradeRequest.java
View File

@ -18,10 +18,13 @@
package org.eclipse.jetty.websocket.servlet;
import java.io.UnsupportedEncodingException;
import java.net.HttpCookie;
import java.net.InetSocketAddress;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URLDecoder;
import java.nio.charset.StandardCharsets;
import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
@ -48,6 +51,7 @@ public class ServletUpgradeRequest implements UpgradeRequest
{
private static final String CANNOT_MODIFY_SERVLET_REQUEST = "Cannot modify Servlet Request";
private final URI requestURI;
private final String queryString;
private final UpgradeHttpServletRequest request;
private final boolean secure;
private List<HttpCookie> cookies;
@ -61,9 +65,18 @@ public class ServletUpgradeRequest implements UpgradeRequest
String scheme = secure ? "wss" : "ws";
String authority = servletURI.getAuthority();
String path = servletURI.getPath();
String query = httpRequest.getQueryString();
this.queryString = httpRequest.getQueryString();
String fragment = null;
this.requestURI = new URI(scheme,authority,path,query,fragment);
URI reqURI;
try
{
reqURI = new URI(scheme,authority,path, URLDecoder.decode(queryString, StandardCharsets.UTF_8.toString()),fragment);
}
catch (UnsupportedEncodingException e)
{
reqURI = new URI(scheme,authority,path, queryString, fragment);
}
this.requestURI = reqURI;
this.request = new UpgradeHttpServletRequest(httpRequest);
}
@ -292,7 +305,7 @@ public class ServletUpgradeRequest implements UpgradeRequest
@Override
public String getQueryString()
{
return requestURI.getQuery();
return this.queryString;
}
/**