Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'jetty-9.4.x' of github.com:eclipse/jetty.project into jetty-9.4.x

This commit is contained in:
Joakim Erdfelt 2017-04-20 06:13:47 -07:00
parent 9e15e01f36 e1bd46023e
commit 2f870b0923
25 changed files with 720 additions and 305 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
examples/embedded/src/main/java/org/eclipse/jetty/embedded/FastFileServer.java
View File

@ -111,8 +111,7 @@ public class FastFileServer
{
if (!request.getPathInfo().endsWith(URIUtil.SLASH))
{
response.sendRedirect(response.encodeRedirectURL(URIUtil
.addPaths(request.getRequestURI(), URIUtil.SLASH)));
response.sendRedirect(response.encodeRedirectURL(request.getRequestURI()+URIUtil.SLASH));
return;
}
String listing = Resource.newResource(file).getListHTML(

4
jetty-rewrite/src/main/java/org/eclipse/jetty/rewrite/handler/RedirectUtil.java
View File

@ -47,14 +47,14 @@ public final class RedirectUtil
if (location.startsWith("/"))
{
// absolute in context
location = URIUtil.canonicalPath(location);
location = URIUtil.canonicalEncodedPath(location);
}
else
{
// relative to request
String path = request.getRequestURI();
String parent = (path.endsWith("/")) ? path : URIUtil.parentPath(path);
location = URIUtil.canonicalPath(URIUtil.addPaths(parent,location));
location = URIUtil.canonicalPath(URIUtil.addEncodedPaths(parent,location));
if (!location.startsWith("/"))
url.append('/');
}

51
jetty-security/src/main/java/org/eclipse/jetty/security/HashLoginService.java
View File

@ -22,6 +22,7 @@ import java.io.File;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;
import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.util.log.Log;
@ -49,11 +50,12 @@ public class HashLoginService extends AbstractLoginService
{
private static final Logger LOG = Log.getLogger(HashLoginService.class);
private PropertyUserStore _propertyUserStore;
private File _configFile;
private Resource _configResource;
private boolean hotReload = false; // default is not to reload
private UserStore _userStore;
private boolean _userStoreAutoCreate = false;
/* ------------------------------------------------------------ */
public HashLoginService()
@ -139,13 +141,21 @@ public class HashLoginService extends AbstractLoginService
this.hotReload = enable;
}
/**
* Configure the {@link UserStore} implementation to use.
* If none, for backward compat if none the {@link PropertyUserStore} will be used
* @param userStore the {@link UserStore} implementation to use
*/
public void setUserStore(UserStore userStore)
{
this._userStore = userStore;
}
/* ------------------------------------------------------------ */
@Override
protected String[] loadRoleInfo(UserPrincipal user)
{
UserIdentity id = _propertyUserStore.getUserIdentity(user.getName());
UserIdentity id = _userStore.getUserIdentity(user.getName());
if (id == null)
return null;
@ -154,21 +164,19 @@ public class HashLoginService extends AbstractLoginService
if (roles == null)
return null;
List<String> list = new ArrayList<>();
for (RolePrincipal r:roles)
list.add(r.getName());
List<String> list = roles.stream()
.map( rolePrincipal -> rolePrincipal.getName() )
.collect( Collectors.toList() );
return list.toArray(new String[roles.size()]);
}
/* ------------------------------------------------------------ */
@Override
protected UserPrincipal loadUserInfo(String userName)
{
UserIdentity id = _propertyUserStore.getUserIdentity(userName);
UserIdentity id = _userStore.getUserIdentity(userName);
if (id != null)
{
return (UserPrincipal)id.getUserPrincipal();
@ -187,16 +195,19 @@ public class HashLoginService extends AbstractLoginService
protected void doStart() throws Exception
{
super.doStart();
if (_propertyUserStore == null)
// can be null so we switch to previous behaviour using PropertyUserStore
if (_userStore == null)
{
if(LOG.isDebugEnabled())
LOG.debug("doStart: Starting new PropertyUserStore. PropertiesFile: " + _configFile + " hotReload: " + hotReload);
_propertyUserStore = new PropertyUserStore();
_propertyUserStore.setHotReload(hotReload);
_propertyUserStore.setConfigPath(_configFile);
_propertyUserStore.start();
PropertyUserStore propertyUserStore = new PropertyUserStore();
propertyUserStore.setHotReload(hotReload);
propertyUserStore.setConfigPath(_configFile);
propertyUserStore.start();
_userStore = propertyUserStore;
_userStoreAutoCreate = true;
}
}
@ -208,8 +219,8 @@ public class HashLoginService extends AbstractLoginService
protected void doStop() throws Exception
{
super.doStop();
if (_propertyUserStore != null)
_propertyUserStore.stop();
_propertyUserStore = null;
if (_userStore != null && _userStoreAutoCreate)
_userStore.stop();
_userStore = null;
}
}

97
jetty-security/src/main/java/org/eclipse/jetty/security/PropertyUserStore.java
View File

@ -18,12 +18,19 @@
package org.eclipse.jetty.security;
import org.eclipse.jetty.util.PathWatcher;
import org.eclipse.jetty.util.PathWatcher.PathWatchEvent;
import org.eclipse.jetty.util.StringUtil;
import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.util.log.Logger;
import org.eclipse.jetty.util.resource.PathResource;
import org.eclipse.jetty.util.resource.Resource;
import org.eclipse.jetty.util.security.Credential;
import java.io.File;
import java.io.IOException;
import java.nio.file.Path;
import java.security.Principal;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
@ -31,20 +38,6 @@ import java.util.Map;
import java.util.Properties;
import java.util.Set;
import javax.security.auth.Subject;
import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.util.PathWatcher;
import org.eclipse.jetty.util.PathWatcher.PathWatchEvent;
import org.eclipse.jetty.util.StringUtil;
import org.eclipse.jetty.util.component.AbstractLifeCycle;
import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.util.log.Logger;
import org.eclipse.jetty.util.resource.PathResource;
import org.eclipse.jetty.util.resource.Resource;
import org.eclipse.jetty.util.security.Credential;
/**
* PropertyUserStore
* <p>
@ -59,7 +52,7 @@ import org.eclipse.jetty.util.security.Credential;
*
* If DIGEST Authentication is used, the password must be in a recoverable format, either plain text or OBF:.
*/
public class PropertyUserStore extends AbstractLifeCycle implements PathWatcher.Listener
public class PropertyUserStore extends UserStore implements PathWatcher.Listener
{
private static final Logger LOG = Log.getLogger(PropertyUserStore.class);
@ -69,10 +62,7 @@ public class PropertyUserStore extends AbstractLifeCycle implements PathWatcher.
protected PathWatcher pathWatcher;
protected boolean hotReload = false; // default is not to reload
protected IdentityService _identityService = new DefaultIdentityService();
protected boolean _firstLoad = true; // true if first load, false from that point on
protected final List<String> _knownUsers = new ArrayList<String>();
protected final Map<String, UserIdentity> _knownUserIdentities = new HashMap<String, UserIdentity>();
protected List<UserListener> _listeners;
/**
@ -145,12 +135,6 @@ public class PropertyUserStore extends AbstractLifeCycle implements PathWatcher.
{
_configPath = configPath;
}
/* ------------------------------------------------------------ */
public UserIdentity getUserIdentity(String userName)
{
return _knownUserIdentities.get(userName);
}
/* ------------------------------------------------------------ */
/**
@ -199,8 +183,8 @@ public class PropertyUserStore extends AbstractLifeCycle implements PathWatcher.
StringBuilder s = new StringBuilder();
s.append(this.getClass().getName());
s.append("[");
s.append("users.count=").append(this._knownUsers.size());
s.append("identityService=").append(this._identityService);
s.append("users.count=").append(this.getKnownUserIdentities().size());
s.append("identityService=").append(this.getIdentityService());
s.append("]");
return s.toString();
}
@ -220,7 +204,7 @@ public class PropertyUserStore extends AbstractLifeCycle implements PathWatcher.
if (getConfigResource().exists())
properties.load(getConfigResource().getInputStream());
Set<String> known = new HashSet<String>();
Set<String> known = new HashSet<>();
for (Map.Entry<Object, Object> entry : properties.entrySet())
{
@ -243,60 +227,36 @@ public class PropertyUserStore extends AbstractLifeCycle implements PathWatcher.
}
known.add(username);
Credential credential = Credential.getCredential(credentials);
Principal userPrincipal = new AbstractLoginService.UserPrincipal(username,credential);
Subject subject = new Subject();
subject.getPrincipals().add(userPrincipal);
subject.getPrivateCredentials().add(credential);
if (roles != null)
{
for (String role : roleArray)
{
subject.getPrincipals().add(new AbstractLoginService.RolePrincipal(role));
}
}
subject.setReadOnly();
_knownUserIdentities.put(username,_identityService.newUserIdentity(subject,userPrincipal,roleArray));
addUser( username, credential, roleArray );
notifyUpdate(username,credential,roleArray);
}
}
synchronized (_knownUsers)
final List<String> currentlyKnownUsers = new ArrayList<String>(getKnownUserIdentities().keySet());
/*
*
* if its not the initial load then we want to process removed users
*/
if (!_firstLoad)
{
/*
* if its not the initial load then we want to process removed users
*/
if (!_firstLoad)
Iterator<String> users = currentlyKnownUsers.iterator();
while (users.hasNext())
{
Iterator<String> users = _knownUsers.iterator();
while (users.hasNext())
String user = users.next();
if (!known.contains(user))
{
String user = users.next();
if (!known.contains(user))
{
_knownUserIdentities.remove(user);
notifyRemove(user);
}
removeUser( user );
notifyRemove(user);
}
}
/*
* reset the tracked _users list to the known users we just processed
*/
_knownUsers.clear();
_knownUsers.addAll(known);
}
/*
* set initial load to false as there should be no more initial loads
*/
_firstLoad = false;
if (LOG.isDebugEnabled())
{
LOG.debug("Loaded " + this + " from " + _configPath);
@ -332,6 +292,7 @@ public class PropertyUserStore extends AbstractLifeCycle implements PathWatcher.
{
try
{
System.err.println("PATH WATCH EVENT: "+event.getType());
loadUsers();
}
catch (IOException e)

76
jetty-security/src/main/java/org/eclipse/jetty/security/UserStore.java Normal file
View File

@ -0,0 +1,76 @@
//
// ========================================================================
// Copyright (c) 1995-2017 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package org.eclipse.jetty.security;
import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.util.component.AbstractLifeCycle;
import org.eclipse.jetty.util.security.Credential;
import javax.security.auth.Subject;
import java.security.Principal;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
/**
* Base class to store User
*/
public class UserStore extends AbstractLifeCycle
{
private IdentityService _identityService = new DefaultIdentityService();
private final Map<String, UserIdentity> _knownUserIdentities = new ConcurrentHashMap<>();
public void addUser( String username, Credential credential, String[] roles)
{
Principal userPrincipal = new AbstractLoginService.UserPrincipal( username, credential);
Subject subject = new Subject();
subject.getPrincipals().add(userPrincipal);
subject.getPrivateCredentials().add(credential);
if (roles != null)
{
for (String role : roles)
{
subject.getPrincipals().add(new AbstractLoginService.RolePrincipal(role));
}
}
subject.setReadOnly();
_knownUserIdentities.put(username,_identityService.newUserIdentity(subject,userPrincipal,roles));
}
public void removeUser(String username)
{
_knownUserIdentities.remove(username);
}
public UserIdentity getUserIdentity(String userName)
{
return _knownUserIdentities.get(userName);
}
public IdentityService getIdentityService()
{
return _identityService;
}
public Map<String, UserIdentity> getKnownUserIdentities()
{
return _knownUserIdentities;
}
}

28
jetty-security/src/test/java/org/eclipse/jetty/security/TestLoginService.java
View File

@ -19,9 +19,14 @@
package org.eclipse.jetty.security;
import java.security.Principal;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.util.security.Credential;
/**
@ -31,9 +36,8 @@ import org.eclipse.jetty.util.security.Credential;
*/
public class TestLoginService extends AbstractLoginService
{
protected Map<String, UserPrincipal> _users = new HashMap<>();
protected Map<String, String[]> _roles = new HashMap<>();
UserStore userStore = new UserStore();
public TestLoginService(String name)
@ -43,9 +47,7 @@ public class TestLoginService extends AbstractLoginService
public void putUser (String username, Credential credential, String[] roles)
{
UserPrincipal userPrincipal = new UserPrincipal(username,credential);
_users.put(username, userPrincipal);
_roles.put(username, roles);
userStore.addUser( username, credential, roles );
}
/**
@ -54,7 +56,16 @@ public class TestLoginService extends AbstractLoginService
@Override
protected String[] loadRoleInfo(UserPrincipal user)
{
return _roles.get(user.getName());
UserIdentity userIdentity = userStore.getUserIdentity( user.getName() );
Set<RolePrincipal> roles = userIdentity.getSubject().getPrincipals( RolePrincipal.class);
if (roles == null)
return null;
List<String> list = new ArrayList<>();
for (RolePrincipal r:roles)
list.add(r.getName());
return list.toArray(new String[roles.size()]);
}
/**
@ -63,7 +74,8 @@ public class TestLoginService extends AbstractLoginService
@Override
protected UserPrincipal loadUserInfo(String username)
{
return _users.get(username);
UserIdentity userIdentity = userStore.getUserIdentity( username );
return userIdentity == null ? null : (UserPrincipal) userIdentity.getUserPrincipal();
}
}

70
jetty-security/src/test/java/org/eclipse/jetty/security/UserStoreTest.java Normal file
View File

@ -0,0 +1,70 @@
//
// ========================================================================
// Copyright (c) 1995-2017 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package org.eclipse.jetty.security;
import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.util.security.Credential;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;
public class UserStoreTest
{
UserStore userStore;
@Before
public void setup() {
userStore = new UserStore();
}
@Test
public void addUser()
{
this.userStore.addUser( "foo", Credential.getCredential( "beer" ), new String[]{"pub"} );
Assert.assertEquals(1, this.userStore.getKnownUserIdentities().size());
UserIdentity userIdentity = this.userStore.getUserIdentity( "foo" );
Assert.assertNotNull( userIdentity );
Assert.assertEquals( "foo", userIdentity.getUserPrincipal().getName() );
Set<AbstractLoginService.RolePrincipal>
roles = userIdentity.getSubject().getPrincipals( AbstractLoginService.RolePrincipal.class);
List<String> list = roles.stream()
.map( rolePrincipal -> rolePrincipal.getName() )
.collect( Collectors.toList() );
Assert.assertEquals(1, list.size());
Assert.assertEquals( "pub", list.get( 0 ) );
}
@Test
public void removeUser()
{
this.userStore.addUser( "foo", Credential.getCredential( "beer" ), new String[]{"pub"} );
Assert.assertEquals(1, this.userStore.getKnownUserIdentities().size());
UserIdentity userIdentity = this.userStore.getUserIdentity( "foo" );
Assert.assertNotNull( userIdentity );
Assert.assertEquals( "foo", userIdentity.getUserPrincipal().getName() );
userStore.removeUser( "foo" );
userIdentity = this.userStore.getUserIdentity( "foo" );
Assert.assertNull( userIdentity );
}
}

51
jetty-server/src/main/java/org/eclipse/jetty/server/Request.java
View File

@ -1283,7 +1283,7 @@ public class Request implements HttpServletRequest
relTo = relTo.substring(0,slash + 1);
else
relTo = "/";
path = URIUtil.addPaths(URIUtil.encodePath(relTo),path);
path = URIUtil.addPaths(relTo,path);
}
return _context.getRequestDispatcher(path);
@ -1754,47 +1754,38 @@ public class Request implements HttpServletRequest
*/
public void setMetaData(org.eclipse.jetty.http.MetaData.Request request)
{
_metaData=request;
_metaData = request;
setMethod(request.getMethod());
HttpURI uri = request.getURI();
_originalURI=uri.isAbsolute()&&request.getHttpVersion()!=HttpVersion.HTTP_2?uri.toString():uri.getPathQuery();
_originalURI = uri.isAbsolute()&&request.getHttpVersion()!=HttpVersion.HTTP_2?uri.toString():uri.getPathQuery();
String path = uri.getDecodedPath();
String info;
if (path==null || path.length()==0)
String encoded = uri.getPath();
String path;
if (encoded==null)
{
if (uri.isAbsolute())
{
path="/";
uri.setPath(path);
}
else
{
setPathInfo("");
throw new BadMessageException(400,"Bad URI");
}
info=path;
path = uri.isAbsolute()?"/":null;
uri.setPath(path);
}
else if (!path.startsWith("/"))
else if (encoded.startsWith("/"))
{
if (!"*".equals(path) && !HttpMethod.CONNECT.is(getMethod()))
{
setPathInfo(path);
throw new BadMessageException(400,"Bad URI");
}
info=path;
path = (encoded.length()==1)?"/":URIUtil.canonicalPath(URIUtil.decodePath(encoded));
}
else if ("*".equals(encoded) || HttpMethod.CONNECT.is(getMethod()))
{
path = encoded;
}
else
info = URIUtil.canonicalPath(path);// TODO should this be done prior to decoding???
if (info == null)
{
setPathInfo(path);
throw new BadMessageException(400,"Bad URI");
path = null;
}
setPathInfo(info);
if (path==null || path.isEmpty())
{
setPathInfo(encoded==null?"":encoded);
throw new BadMessageException(400,"Bad URI");
}
setPathInfo(path);
}
/* ------------------------------------------------------------ */

14
jetty-server/src/main/java/org/eclipse/jetty/server/ResourceService.java
View File

@ -20,8 +20,6 @@ package org.eclipse.jetty.server;
import static java.util.Arrays.stream;
import static java.util.Collections.emptyList;
import static org.eclipse.jetty.http.CompressedContentFormat.BR;
import static org.eclipse.jetty.http.CompressedContentFormat.GZIP;
import static org.eclipse.jetty.http.HttpHeaderValue.IDENTITY;
import java.io.FileNotFoundException;
@ -416,11 +414,13 @@ public class ResourceService
{
// Redirect to the index
response.setContentLength(0);
String uri = URIUtil.encodePath(URIUtil.addPaths(request.getContextPath(),welcome));
String q=request.getQueryString();
if (q!=null&&q.length()!=0)
response.sendRedirect(response.encodeRedirectURL(URIUtil.addPaths(request.getContextPath(),welcome)+"?"+q));
else
response.sendRedirect(response.encodeRedirectURL(URIUtil.addPaths(request.getContextPath(),welcome)));
if (q!=null&&!q.isEmpty())
uri+="?"+q;
response.sendRedirect(response.encodeRedirectURL(uri));
}
return;
}
@ -614,7 +614,7 @@ public class ResourceService
}
byte[] data=null;
String base = URIUtil.addPaths(request.getRequestURI(),URIUtil.SLASH);
String base = URIUtil.addEncodedPaths(request.getRequestURI(),URIUtil.SLASH);
String dir = resource.getListHTML(base,pathInContext.length()>1);
if (dir==null)
{

4
jetty-server/src/main/java/org/eclipse/jetty/server/Response.java
View File

@ -698,14 +698,14 @@ public class Response implements HttpServletResponse
if (location.startsWith("/"))
{
// absolute in context
location=URIUtil.canonicalPath(location);
location=URIUtil.canonicalEncodedPath(location);
}
else
{
// relative to request
String path=_channel.getRequest().getRequestURI();
String parent=(path.endsWith("/"))?path:URIUtil.parentPath(path);
location=URIUtil.canonicalPath(URIUtil.addPaths(parent,location));
location=URIUtil.canonicalEncodedPath(URIUtil.addEncodedPaths(parent,location));
if (!location.startsWith("/"))
buf.append('/');
}

2
jetty-server/src/main/java/org/eclipse/jetty/server/Server.java
View File

@ -593,7 +593,7 @@ public class Server extends HandlerWrapper implements Attributes
// this is a dispatch with a path
ServletContext context=event.getServletContext();
String query=baseRequest.getQueryString();
baseRequest.setURIPathQuery(URIUtil.addPaths(context==null?null:URIUtil.encodePath(context.getContextPath()), path));
baseRequest.setURIPathQuery(URIUtil.addEncodedPaths(context==null?null:URIUtil.encodePath(context.getContextPath()), path));
HttpURI uri = baseRequest.getHttpURI();
baseRequest.setPathInfo(uri.getDecodedPath());
if (uri.getQuery()!=null)

4
jetty-server/src/main/java/org/eclipse/jetty/server/handler/ContextHandler.java
View File

@ -1043,9 +1043,9 @@ public class ContextHandler extends ScopedHandler implements Attributes, Gracefu
// context request must end with /
baseRequest.setHandled(true);
if (baseRequest.getQueryString() != null)
response.sendRedirect(URIUtil.addPaths(baseRequest.getRequestURI(),URIUtil.SLASH) + "?" + baseRequest.getQueryString());
response.sendRedirect(baseRequest.getRequestURI() + "/?" + baseRequest.getQueryString());
else
response.sendRedirect(URIUtil.addPaths(baseRequest.getRequestURI(),URIUtil.SLASH));
response.sendRedirect(baseRequest.getRequestURI() + "/");
return false;
}

1
jetty-server/src/test/java/org/eclipse/jetty/server/HttpConnectionTest.java
View File

@ -372,6 +372,7 @@ public class HttpConnectionTest
@Test
public void testChunkNoTrailer() throws Exception
{
// Expect TimeoutException logged
String response=connector.getResponse("GET /R1 HTTP/1.1\r\n"+
"Host: localhost\r\n"+
"Transfer-Encoding: chunked\r\n"+

2
jetty-servlet/src/main/java/org/eclipse/jetty/servlet/DefaultServlet.java
View File

@ -509,7 +509,7 @@ public class DefaultServlet extends HttpServlet implements ResourceFactory, Welc
String welcome_in_context=URIUtil.addPaths(pathInContext,_welcomes[i]);
Resource welcome=getResource(welcome_in_context);
if (welcome!=null && welcome.exists())
return _welcomes[i];
return welcome_in_context;
if ((_welcomeServlets || _welcomeExactServlets) && welcome_servlet==null)
{

93
jetty-servlet/src/test/java/org/eclipse/jetty/servlet/DefaultServletTest.java
View File

@ -259,7 +259,7 @@ public class DefaultServletTest
defholder.setInitParameter("resourceBase", resBasePath);
String response;
response = connector.getResponse("GET /context/ HTTP/1.0\r\n\r\n");
assertResponseContains("<h1>Hello Index</h1>", response);
@ -326,11 +326,13 @@ public class DefaultServletTest
testdir.ensureEmpty();
File resBase = testdir.getPathFile("docroot").toFile();
FS.ensureDirExists(resBase);
File inde = new File(resBase, "index.htm");
File index = new File(resBase, "index.html");
File dir = new File(resBase, "dir");
assertTrue(dir.mkdirs());
File inde = new File(dir, "index.htm");
File index = new File(dir, "index.html");
String resBasePath = resBase.getAbsolutePath();
ServletHolder defholder = context.addServlet(DefaultServlet.class, "/");
defholder.setInitParameter("dirAllowed", "false");
defholder.setInitParameter("redirectWelcome", "false");
@ -344,25 +346,98 @@ public class DefaultServletTest
@SuppressWarnings("unused")
ServletHolder jspholder = context.addServlet(NoJspServlet.class, "*.jsp");
String response = connector.getResponse("GET /context/ HTTP/1.0\r\n\r\n");
String response = connector.getResponse("GET /context/dir/ HTTP/1.0\r\n\r\n");
assertResponseContains("403", response);
createFile(index, "<h1>Hello Index</h1>");
response = connector.getResponse("GET /context/ HTTP/1.0\r\n\r\n");
response = connector.getResponse("GET /context/dir/ HTTP/1.0\r\n\r\n");
assertResponseContains("<h1>Hello Index</h1>", response);
createFile(inde, "<h1>Hello Inde</h1>");
response = connector.getResponse("GET /context/ HTTP/1.0\r\n\r\n");
response = connector.getResponse("GET /context/dir/ HTTP/1.0\r\n\r\n");
assertResponseContains("<h1>Hello Index</h1>", response);
assertTrue(index.delete());
response = connector.getResponse("GET /context/ HTTP/1.0\r\n\r\n");
response = connector.getResponse("GET /context/dir/ HTTP/1.0\r\n\r\n");
assertResponseContains("<h1>Hello Inde</h1>", response);
assertTrue(inde.delete());
response = connector.getResponse("GET /context/ HTTP/1.0\r\n\r\n");
response = connector.getResponse("GET /context/dir/ HTTP/1.0\r\n\r\n");
assertResponseContains("403", response);
}
@Test
public void testWelcomeRedirect() throws Exception
{
testdir.ensureEmpty();
File resBase = testdir.getPathFile("docroot").toFile();
FS.ensureDirExists(resBase);
File dir = new File(resBase, "dir");
assertTrue(dir.mkdirs());
File inde = new File(dir, "index.htm");
File index = new File(dir, "index.html");
String resBasePath = resBase.getAbsolutePath();
ServletHolder defholder = context.addServlet(DefaultServlet.class, "/");
defholder.setInitParameter("dirAllowed", "false");
defholder.setInitParameter("redirectWelcome", "true");
defholder.setInitParameter("welcomeServlets", "false");
defholder.setInitParameter("gzip", "false");
defholder.setInitParameter("resourceBase", resBasePath);
defholder.setInitParameter("maxCacheSize", "1024000");
defholder.setInitParameter("maxCachedFileSize", "512000");
defholder.setInitParameter("maxCachedFiles", "100");
@SuppressWarnings("unused")
ServletHolder jspholder = context.addServlet(NoJspServlet.class, "*.jsp");
String response = connector.getResponses("GET /context/dir/ HTTP/1.0\r\n\r\n");
assertResponseContains("403", response);
createFile(index, "<h1>Hello Index</h1>");
response = connector.getResponses("GET /context/dir/ HTTP/1.0\r\n\r\n");
assertResponseContains("Location: http://0.0.0.0/context/dir/index.html", response);
createFile(inde, "<h1>Hello Inde</h1>");
response = connector.getResponses("GET /context/dir/ HTTP/1.0\r\n\r\n");
assertResponseContains("Location: http://0.0.0.0/context/dir/index.html", response);
assertTrue(index.delete());
response = connector.getResponses("GET /context/dir/ HTTP/1.0\r\n\r\n");
assertResponseContains("Location: http://0.0.0.0/context/dir/index.htm", response);
assertTrue(inde.delete());
response = connector.getResponses("GET /context/dir/ HTTP/1.0\r\n\r\n");
assertResponseContains("403", response);
}
@Test
public void testWelcomeDirWithQuestion() throws Exception
{
testdir.ensureEmpty();
File resBase = testdir.getPathFile("docroot").toFile();
FS.ensureDirExists(resBase);
context.setBaseResource(Resource.newResource(resBase));
File dir = new File(resBase, "dir?");
assertTrue(dir.mkdirs());
File index = new File(dir, "index.html");
createFile(index, "<h1>Hello Index</h1>");
ServletHolder defholder = context.addServlet(DefaultServlet.class, "/");
defholder.setInitParameter("dirAllowed", "false");
defholder.setInitParameter("redirectWelcome", "true");
defholder.setInitParameter("welcomeServlets", "false");
defholder.setInitParameter("gzip", "false");
String response = connector.getResponse("GET /context/dir%3F HTTP/1.0\r\n\r\n");
assertResponseContains("Location: http://0.0.0.0/context/dir%3F/", response);
response = connector.getResponse("GET /context/dir%3F/ HTTP/1.0\r\n\r\n");
assertResponseContains("Location: http://0.0.0.0/context/dir%3F/index.html", response);
}
@Test
public void testWelcomeServlet() throws Exception

4
jetty-servlets/src/main/java/org/eclipse/jetty/servlets/PutFilter.java
View File

@ -295,7 +295,7 @@ public class PutFilter implements Filter
public void handleMove(HttpServletRequest request, HttpServletResponse response, String pathInContext, File file)
throws ServletException, IOException, URISyntaxException
{
String newPath = URIUtil.canonicalPath(request.getHeader("new-uri"));
String newPath = URIUtil.canonicalEncodedPath(request.getHeader("new-uri"));
if (newPath == null)
{
response.sendError(HttpServletResponse.SC_BAD_REQUEST);
@ -312,7 +312,7 @@ public class PutFilter implements Filter
if (contextPath != null)
newInfo = newInfo.substring(contextPath.length());
String new_resource = URIUtil.addPaths(_baseURI,newInfo);
String new_resource = URIUtil.addEncodedPaths(_baseURI,newInfo);
File new_file=new File(new URI(new_resource));
file.renameTo(new_file);

181
jetty-util/src/main/java/org/eclipse/jetty/util/URIUtil.java
View File

@ -473,14 +473,14 @@ public class URIUtil
/* ------------------------------------------------------------ */
/** Add two URI path segments.
* Handles null and empty paths, path and query params (eg ?a=b or
* ;JSESSIONID=xxx) and avoids duplicate '/'
/** Add two encoded URI path segments.
* Handles null and empty paths, path and query params
* (eg ?a=b or ;JSESSIONID=xxx) and avoids duplicate '/'
* @param p1 URI path segment (should be encoded)
* @param p2 URI path segment (should be encoded)
* @return Legally combined path segments.
*/
public static String addPaths(String p1, String p2)
public static String addEncodedPaths(String p1, String p2)
{
if (p1==null || p1.length()==0)
{
@ -525,6 +525,54 @@ public class URIUtil
return buf.toString();
}
/* ------------------------------------------------------------ */
/** Add two Decoded URI path segments.
* Handles null and empty paths. Path and query params (eg ?a=b or
* ;JSESSIONID=xxx) are not handled
* @param p1 URI path segment (should be decoded)
* @param p2 URI path segment (should be decoded)
* @return Legally combined path segments.
*/
public static String addPaths(String p1, String p2)
{
if (p1==null || p1.length()==0)
{
if (p1!=null && p2==null)
return p1;
return p2;
}
if (p2==null || p2.length()==0)
return p1;
boolean p1EndsWithSlash = p1.endsWith(SLASH);
boolean p2StartsWithSlash = p2.startsWith(SLASH);
if (p1EndsWithSlash && p2StartsWithSlash)
{
if (p2.length()==1)
return p1;
if (p1.length()==1)
return p2;
}
StringBuilder buf = new StringBuilder(p1.length()+p2.length()+2);
buf.append(p1);
if (p1.endsWith(SLASH))
{
if (p2.startsWith(SLASH))
buf.setLength(buf.length()-1);
}
else
{
if (!p2.startsWith(SLASH))
buf.append(SLASH);
}
buf.append(p2);
return buf.toString();
}
/* ------------------------------------------------------------ */
/** Return the parent Path.
@ -542,6 +590,117 @@ public class URIUtil
return null;
}
/* ------------------------------------------------------------ */
/**
* Convert a decoded path to a canonical form.
* <p>
* All instances of "." and ".." are factored out.
* </p>
* <p>
* Null is returned if the path tries to .. above its root.
* </p>
* @param path the path to convert, decoded, with path separators '/' and no queries.
* @return the canonical path, or null if path traversal above root.
*/
public static String canonicalPath(String path)
{
if (path == null || path.isEmpty())
return path;
boolean slash = true;
int end = path.length();
int i = 0;
loop:
while (i<end)
{
char c = path.charAt(i);
switch(c)
{
case '/':
slash = true;
break;
case '.':
if (slash)
break loop;
slash = false;
break;
default:
slash = false;
}
i++;
}
if(i==end)
return path;
StringBuilder canonical = new StringBuilder(path.length());
canonical.append(path,0,i);
int dots = 1;
i++;
while (i<=end)
{
char c = i<end?path.charAt(i):'\0';
switch(c)
{
case '\0':
case '/':
switch(dots)
{
case 0:
if (c!='\0')
canonical.append(c);
break;
case 1:
break;
case 2:
if (canonical.length()<2)
return null;
canonical.setLength(canonical.length()-1);
canonical.setLength(canonical.lastIndexOf("/")+1);
break;
default:
while (dots-->0)
canonical.append('.');
if (c!='\0')
canonical.append(c);
}
slash = true;
dots = 0;
break;
case '.':
if (dots>0)
dots++;
else if (slash)
dots = 1;
else
canonical.append('.');
slash = false;
break;
default:
while (dots-->0)
canonical.append('.');
canonical.append(c);
dots = 0;
slash = false;
}
i++;
}
return canonical.toString();
}
/* ------------------------------------------------------------ */
/**
* Convert a path to a cananonical form.
@ -551,10 +710,10 @@ public class URIUtil
* <p>
* Null is returned if the path tries to .. above its root.
* </p>
* @param path the path to convert (expects URI/URL form, decoded, and with path separators '/')
* @param path the path to convert (expects URI/URL form, encoded, and with path separators '/')
* @return the canonical path, or null if path traversal above root.
*/
public static String canonicalPath(String path)
public static String canonicalEncodedPath(String path)
{
if (path == null || path.isEmpty())
return path;
@ -659,6 +818,8 @@ public class URIUtil
return canonical.toString();
}
/* ------------------------------------------------------------ */
/** Convert a path to a compact form.
* All instances of "//" and "///" etc. are factored out to single "/"
@ -899,7 +1060,12 @@ public class URIUtil
return equalsIgnoreEncodings(uriA.getPath(),uriB.getPath());
}
public static URI addDecodedPath(URI uri, String path)
/**
* @param uri A URI to add the path to
* @param path A decoded path element
* @return URI with path added.
*/
public static URI addPath(URI uri, String path)
{
String base = uri.toASCIIString();
StringBuilder buf = new StringBuilder(base.length()+path.length()*3);
@ -907,7 +1073,6 @@ public class URIUtil
if (buf.charAt(base.length()-1)!='/')
buf.append('/');
byte[] bytes=null;
int offset=path.charAt(0)=='/'?1:0;
encodePath(buf,path,offset);

2
jetty-util/src/main/java/org/eclipse/jetty/util/resource/FileResource.java
View File

@ -169,7 +169,7 @@ public class FileResource extends Resource
if (base.isDirectory())
{
// treat all paths being added as relative
uri=new URI(URIUtil.addPaths(base.toURI().toASCIIString(),encoded));
uri=new URI(URIUtil.addEncodedPaths(base.toURI().toASCIIString(),encoded));
}
else
{

2
jetty-util/src/main/java/org/eclipse/jetty/util/resource/PathResource.java
View File

@ -213,7 +213,7 @@ public class PathResource extends Resource
this.path = parent.path.getFileSystem().getPath(parent.path.toString(), childPath);
if (isDirectory() &&!childPath.endsWith("/"))
childPath+="/";
this.uri = URIUtil.addDecodedPath(parent.uri,childPath);
this.uri = URIUtil.addPath(parent.uri,childPath);
this.alias = checkAliasPath();
}

4
jetty-util/src/main/java/org/eclipse/jetty/util/resource/Resource.java
View File

@ -565,7 +565,7 @@ public abstract class Resource implements ResourceFactory, Closeable
if (parent)
{
buf.append("<TR><TD><A HREF=\"");
buf.append(URIUtil.addPaths(base,"../"));
buf.append(URIUtil.addEncodedPaths(base,"../"));
buf.append("\">Parent Directory</A></TD><TD></TD><TD></TD></TR>\n");
}
@ -578,7 +578,7 @@ public abstract class Resource implements ResourceFactory, Closeable
Resource item = addPath(ls[i]);
buf.append("\n<TR><TD><A HREF=\"");
String path=URIUtil.addPaths(encodedBase,URIUtil.encodePath(ls[i]));
String path=URIUtil.addEncodedPaths(encodedBase,URIUtil.encodePath(ls[i]));
buf.append(path);

2
jetty-util/src/main/java/org/eclipse/jetty/util/resource/URLResource.java
View File

@ -303,7 +303,7 @@ public class URLResource extends Resource
path = URIUtil.canonicalPath(path);
return newResource(URIUtil.addPaths(_url.toExternalForm(),URIUtil.encodePath(path)), _useCaches);
return newResource(URIUtil.addEncodedPaths(_url.toExternalForm(),URIUtil.encodePath(path)), _useCaches);
}
/* ------------------------------------------------------------ */

181
jetty-util/src/test/java/org/eclipse/jetty/util/URIUtilCanonicalPathTest.java
View File

@ -19,9 +19,7 @@
package org.eclipse.jetty.util;
import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.CoreMatchers.nullValue;
import static org.junit.Assert.assertThat;
import static org.junit.Assume.assumeFalse;
import java.util.Arrays;
import java.util.List;
@ -37,88 +35,88 @@ public class URIUtilCanonicalPathTest
public static List<String[]> data()
{
String[][] canonical =
{
// Basic examples (no changes expected)
{"/hello.html", "/hello.html"},
{"/css/main.css", "/css/main.css"},
{"/", "/"},
{"", ""},
{"/aaa/bbb/", "/aaa/bbb/"},
{"/aaa/bbb", "/aaa/bbb"},
{"aaa/bbb", "aaa/bbb"},
{"aaa/", "aaa/"},
{"aaa", "aaa"},
{"a", "a"},
{"a/", "a/"},
// Extra slashes
{"/aaa//bbb/", "/aaa//bbb/"},
{"/aaa//bbb", "/aaa//bbb"},
{"/aaa///bbb/", "/aaa///bbb/"},
// Path traversal with current references "./"
{"/aaa/./bbb/", "/aaa/bbb/"},
{"/aaa/./bbb", "/aaa/bbb"},
{"./bbb/", "bbb/"},
{"./aaa/../bbb/", "bbb/"},
{"/foo/.", "/foo/"},
{"./", ""},
{".", ""},
{".//", "/"},
{".///", "//"},
{"/.", "/"},
{"//.", "//"},
{"///.", "///"},
// Path traversal directory (but not past root)
{"/aaa/../bbb/", "/bbb/"},
{"/aaa/../bbb", "/bbb"},
{"/aaa..bbb/", "/aaa..bbb/"},
{"/aaa..bbb", "/aaa..bbb"},
{"/aaa/..bbb/", "/aaa/..bbb/"},
{"/aaa/..bbb", "/aaa/..bbb"},
{"/aaa/./../bbb/", "/bbb/"},
{"/aaa/./../bbb", "/bbb"},
{"/aaa/bbb/ccc/../../ddd/", "/aaa/ddd/"},
{"/aaa/bbb/ccc/../../ddd", "/aaa/ddd"},
{"/foo/../bar//", "/bar//"},
{"/ctx/../bar/../ctx/all/index.txt", "/ctx/all/index.txt"},
{"/down/.././index.html", "/index.html"},
// Path traversal up past root
{"..", null},
{"./..", null},
{"aaa/../..", null},
{"/foo/bar/../../..", null},
{"/../foo", null},
{"a/.", "a/"},
{"a/..", ""},
{"a/../..", null},
{"/foo/../../bar", null},
// Query parameter specifics
{"/ctx/dir?/../index.html", "/ctx/dir?/../index.html"},
{"/get-files?file=/etc/passwd", "/get-files?file=/etc/passwd"},
{"/get-files?file=../../../../../passwd", "/get-files?file=../../../../../passwd"},
// Known windows shell quirks
{"file.txt ", "file.txt "}, // with spaces
{"file.txt...", "file.txt..."}, // extra dots ignored by windows
// BREAKS Jenkins: {"file.txt\u0000", "file.txt\u0000"}, // null terminated is ignored by windows
{"file.txt\r", "file.txt\r"}, // CR terminated is ignored by windows
{"file.txt\n", "file.txt\n"}, // LF terminated is ignored by windows
{"file.txt\"\"\"\"", "file.txt\"\"\"\""}, // extra quotes ignored by windows
{"file.txt<<<>>><", "file.txt<<<>>><"}, // angle brackets at end of path ignored by windows
{"././././././file.txt", "file.txt"},
// Oddball requests that look like path traversal, but are not
{"/....", "/...."},
{"/..../ctx/..../blah/logo.jpg", "/..../ctx/..../blah/logo.jpg"},
// paths with encoded segments should remain encoded
// canonicalPath() is not responsible for decoding characters
{"%2e%2e/", "%2e%2e/"},
};
{
// Basic examples (no changes expected)
{"/hello.html", "/hello.html"},
{"/css/main.css", "/css/main.css"},
{"/", "/"},
{"", ""},
{"/aaa/bbb/", "/aaa/bbb/"},
{"/aaa/bbb", "/aaa/bbb"},
{"aaa/bbb", "aaa/bbb"},
{"aaa/", "aaa/"},
{"aaa", "aaa"},
{"a", "a"},
{"a/", "a/"},
// Extra slashes
{"/aaa//bbb/", "/aaa//bbb/"},
{"/aaa//bbb", "/aaa//bbb"},
{"/aaa///bbb/", "/aaa///bbb/"},
// Path traversal with current references "./"
{"/aaa/./bbb/", "/aaa/bbb/"},
{"/aaa/./bbb", "/aaa/bbb"},
{"./bbb/", "bbb/"},
{"./aaa/../bbb/", "bbb/"},
{"/foo/.", "/foo/"},
{"./", ""},
{".", ""},
{".//", "/"},
{".///", "//"},
{"/.", "/"},
{"//.", "//"},
{"///.", "///"},
// Path traversal directory (but not past root)
{"/aaa/../bbb/", "/bbb/"},
{"/aaa/../bbb", "/bbb"},
{"/aaa..bbb/", "/aaa..bbb/"},
{"/aaa..bbb", "/aaa..bbb"},
{"/aaa/..bbb/", "/aaa/..bbb/"},
{"/aaa/..bbb", "/aaa/..bbb"},
{"/aaa/./../bbb/", "/bbb/"},
{"/aaa/./../bbb", "/bbb"},
{"/aaa/bbb/ccc/../../ddd/", "/aaa/ddd/"},
{"/aaa/bbb/ccc/../../ddd", "/aaa/ddd"},
{"/foo/../bar//", "/bar//"},
{"/ctx/../bar/../ctx/all/index.txt", "/ctx/all/index.txt"},
{"/down/.././index.html", "/index.html"},
// Path traversal up past root
{"..", null},
{"./..", null},
{"aaa/../..", null},
{"/foo/bar/../../..", null},
{"/../foo", null},
{"a/.", "a/"},
{"a/..", ""},
{"a/../..", null},
{"/foo/../../bar", null},
// Query parameter specifics
{"/ctx/dir?/../index.html", "/ctx/index.html"},
{"/get-files?file=/etc/passwd", "/get-files?file=/etc/passwd"},
{"/get-files?file=../../../../../passwd", null},
// Known windows shell quirks
{"file.txt ", "file.txt "}, // with spaces
{"file.txt...", "file.txt..."}, // extra dots ignored by windows
// BREAKS Jenkins: {"file.txt\u0000", "file.txt\u0000"}, // null terminated is ignored by windows
{"file.txt\r", "file.txt\r"}, // CR terminated is ignored by windows
{"file.txt\n", "file.txt\n"}, // LF terminated is ignored by windows
{"file.txt\"\"\"\"", "file.txt\"\"\"\""}, // extra quotes ignored by windows
{"file.txt<<<>>><", "file.txt<<<>>><"}, // angle brackets at end of path ignored by windows
{"././././././file.txt", "file.txt"},
// Oddball requests that look like path traversal, but are not
{"/....", "/...."},
{"/..../ctx/..../blah/logo.jpg", "/..../ctx/..../blah/logo.jpg"},
// paths with encoded segments should remain encoded
// canonicalPath() is not responsible for decoding characters
{"%2e%2e/", "%2e%2e/"},
};
return Arrays.asList(canonical);
}
@ -134,19 +132,4 @@ public class URIUtilCanonicalPathTest
assertThat("Canonical", URIUtil.canonicalPath(input), is(expectedResult));
}
@Test
public void testCanonicalPathWithQuery()
{
// Skip this variation if the actual test contains a query already
assumeFalse(input.contains("?"));
if (expectedResult == null)
{
assertThat("Canonical with Query", URIUtil.canonicalPath(input + "?a=1"), nullValue());
}
else
{
assertThat("Canonical", URIUtil.canonicalPath(input + "?a=1"), is(expectedResult + "?a=1"));
}
}
}

145
jetty-util/src/test/java/org/eclipse/jetty/util/URIUtilTest.java
View File

@ -90,7 +90,96 @@ public class URIUtilTest
/* ------------------------------------------------------------ */
@Test
public void testAddPaths()
public void testAddEncodedPaths()
{
assertEquals("null+null", URIUtil.addEncodedPaths(null,null),null);
assertEquals("null+", URIUtil.addEncodedPaths(null,""),"");
assertEquals("null+bbb", URIUtil.addEncodedPaths(null,"bbb"),"bbb");
assertEquals("null+/", URIUtil.addEncodedPaths(null,"/"),"/");
assertEquals("null+/bbb", URIUtil.addEncodedPaths(null,"/bbb"),"/bbb");
assertEquals("+null", URIUtil.addEncodedPaths("",null),"");
assertEquals("+", URIUtil.addEncodedPaths("",""),"");
assertEquals("+bbb", URIUtil.addEncodedPaths("","bbb"),"bbb");
assertEquals("+/", URIUtil.addEncodedPaths("","/"),"/");
assertEquals("+/bbb", URIUtil.addEncodedPaths("","/bbb"),"/bbb");
assertEquals("aaa+null", URIUtil.addEncodedPaths("aaa",null),"aaa");
assertEquals("aaa+", URIUtil.addEncodedPaths("aaa",""),"aaa");
assertEquals("aaa+bbb", URIUtil.addEncodedPaths("aaa","bbb"),"aaa/bbb");
assertEquals("aaa+/", URIUtil.addEncodedPaths("aaa","/"),"aaa/");
assertEquals("aaa+/bbb", URIUtil.addEncodedPaths("aaa","/bbb"),"aaa/bbb");
assertEquals("/+null", URIUtil.addEncodedPaths("/",null),"/");
assertEquals("/+", URIUtil.addEncodedPaths("/",""),"/");
assertEquals("/+bbb", URIUtil.addEncodedPaths("/","bbb"),"/bbb");
assertEquals("/+/", URIUtil.addEncodedPaths("/","/"),"/");
assertEquals("/+/bbb", URIUtil.addEncodedPaths("/","/bbb"),"/bbb");
assertEquals("aaa/+null", URIUtil.addEncodedPaths("aaa/",null),"aaa/");
assertEquals("aaa/+", URIUtil.addEncodedPaths("aaa/",""),"aaa/");
assertEquals("aaa/+bbb", URIUtil.addEncodedPaths("aaa/","bbb"),"aaa/bbb");
assertEquals("aaa/+/", URIUtil.addEncodedPaths("aaa/","/"),"aaa/");
assertEquals("aaa/+/bbb", URIUtil.addEncodedPaths("aaa/","/bbb"),"aaa/bbb");
assertEquals(";JS+null", URIUtil.addEncodedPaths(";JS",null),";JS");
assertEquals(";JS+", URIUtil.addEncodedPaths(";JS",""),";JS");
assertEquals(";JS+bbb", URIUtil.addEncodedPaths(";JS","bbb"),"bbb;JS");
assertEquals(";JS+/", URIUtil.addEncodedPaths(";JS","/"),"/;JS");
assertEquals(";JS+/bbb", URIUtil.addEncodedPaths(";JS","/bbb"),"/bbb;JS");
assertEquals("aaa;JS+null", URIUtil.addEncodedPaths("aaa;JS",null),"aaa;JS");
assertEquals("aaa;JS+", URIUtil.addEncodedPaths("aaa;JS",""),"aaa;JS");
assertEquals("aaa;JS+bbb", URIUtil.addEncodedPaths("aaa;JS","bbb"),"aaa/bbb;JS");
assertEquals("aaa;JS+/", URIUtil.addEncodedPaths("aaa;JS","/"),"aaa/;JS");
assertEquals("aaa;JS+/bbb", URIUtil.addEncodedPaths("aaa;JS","/bbb"),"aaa/bbb;JS");
assertEquals("aaa;JS+null", URIUtil.addEncodedPaths("aaa/;JS",null),"aaa/;JS");
assertEquals("aaa;JS+", URIUtil.addEncodedPaths("aaa/;JS",""),"aaa/;JS");
assertEquals("aaa;JS+bbb", URIUtil.addEncodedPaths("aaa/;JS","bbb"),"aaa/bbb;JS");
assertEquals("aaa;JS+/", URIUtil.addEncodedPaths("aaa/;JS","/"),"aaa/;JS");
assertEquals("aaa;JS+/bbb", URIUtil.addEncodedPaths("aaa/;JS","/bbb"),"aaa/bbb;JS");
assertEquals("?A=1+null", URIUtil.addEncodedPaths("?A=1",null),"?A=1");
assertEquals("?A=1+", URIUtil.addEncodedPaths("?A=1",""),"?A=1");
assertEquals("?A=1+bbb", URIUtil.addEncodedPaths("?A=1","bbb"),"bbb?A=1");
assertEquals("?A=1+/", URIUtil.addEncodedPaths("?A=1","/"),"/?A=1");
assertEquals("?A=1+/bbb", URIUtil.addEncodedPaths("?A=1","/bbb"),"/bbb?A=1");
assertEquals("aaa?A=1+null", URIUtil.addEncodedPaths("aaa?A=1",null),"aaa?A=1");
assertEquals("aaa?A=1+", URIUtil.addEncodedPaths("aaa?A=1",""),"aaa?A=1");
assertEquals("aaa?A=1+bbb", URIUtil.addEncodedPaths("aaa?A=1","bbb"),"aaa/bbb?A=1");
assertEquals("aaa?A=1+/", URIUtil.addEncodedPaths("aaa?A=1","/"),"aaa/?A=1");
assertEquals("aaa?A=1+/bbb", URIUtil.addEncodedPaths("aaa?A=1","/bbb"),"aaa/bbb?A=1");
assertEquals("aaa?A=1+null", URIUtil.addEncodedPaths("aaa/?A=1",null),"aaa/?A=1");
assertEquals("aaa?A=1+", URIUtil.addEncodedPaths("aaa/?A=1",""),"aaa/?A=1");
assertEquals("aaa?A=1+bbb", URIUtil.addEncodedPaths("aaa/?A=1","bbb"),"aaa/bbb?A=1");
assertEquals("aaa?A=1+/", URIUtil.addEncodedPaths("aaa/?A=1","/"),"aaa/?A=1");
assertEquals("aaa?A=1+/bbb", URIUtil.addEncodedPaths("aaa/?A=1","/bbb"),"aaa/bbb?A=1");
assertEquals(";JS?A=1+null", URIUtil.addEncodedPaths(";JS?A=1",null),";JS?A=1");
assertEquals(";JS?A=1+", URIUtil.addEncodedPaths(";JS?A=1",""),";JS?A=1");
assertEquals(";JS?A=1+bbb", URIUtil.addEncodedPaths(";JS?A=1","bbb"),"bbb;JS?A=1");
assertEquals(";JS?A=1+/", URIUtil.addEncodedPaths(";JS?A=1","/"),"/;JS?A=1");
assertEquals(";JS?A=1+/bbb", URIUtil.addEncodedPaths(";JS?A=1","/bbb"),"/bbb;JS?A=1");
assertEquals("aaa;JS?A=1+null", URIUtil.addEncodedPaths("aaa;JS?A=1",null),"aaa;JS?A=1");
assertEquals("aaa;JS?A=1+", URIUtil.addEncodedPaths("aaa;JS?A=1",""),"aaa;JS?A=1");
assertEquals("aaa;JS?A=1+bbb", URIUtil.addEncodedPaths("aaa;JS?A=1","bbb"),"aaa/bbb;JS?A=1");
assertEquals("aaa;JS?A=1+/", URIUtil.addEncodedPaths("aaa;JS?A=1","/"),"aaa/;JS?A=1");
assertEquals("aaa;JS?A=1+/bbb", URIUtil.addEncodedPaths("aaa;JS?A=1","/bbb"),"aaa/bbb;JS?A=1");
assertEquals("aaa;JS?A=1+null", URIUtil.addEncodedPaths("aaa/;JS?A=1",null),"aaa/;JS?A=1");
assertEquals("aaa;JS?A=1+", URIUtil.addEncodedPaths("aaa/;JS?A=1",""),"aaa/;JS?A=1");
assertEquals("aaa;JS?A=1+bbb", URIUtil.addEncodedPaths("aaa/;JS?A=1","bbb"),"aaa/bbb;JS?A=1");
assertEquals("aaa;JS?A=1+/", URIUtil.addEncodedPaths("aaa/;JS?A=1","/"),"aaa/;JS?A=1");
assertEquals("aaa;JS?A=1+/bbb", URIUtil.addEncodedPaths("aaa/;JS?A=1","/bbb"),"aaa/bbb;JS?A=1");
}
/* ------------------------------------------------------------ */
@Test
public void testAddDecodedPaths()
{
assertEquals("null+null", URIUtil.addPaths(null,null),null);
assertEquals("null+", URIUtil.addPaths(null,""),"");
@ -124,57 +213,39 @@ public class URIUtilTest
assertEquals(";JS+null", URIUtil.addPaths(";JS",null),";JS");
assertEquals(";JS+", URIUtil.addPaths(";JS",""),";JS");
assertEquals(";JS+bbb", URIUtil.addPaths(";JS","bbb"),"bbb;JS");
assertEquals(";JS+/", URIUtil.addPaths(";JS","/"),"/;JS");
assertEquals(";JS+/bbb", URIUtil.addPaths(";JS","/bbb"),"/bbb;JS");
assertEquals(";JS+bbb", URIUtil.addPaths(";JS","bbb"),";JS/bbb");
assertEquals(";JS+/", URIUtil.addPaths(";JS","/"),";JS/");
assertEquals(";JS+/bbb", URIUtil.addPaths(";JS","/bbb"),";JS/bbb");
assertEquals("aaa;JS+null", URIUtil.addPaths("aaa;JS",null),"aaa;JS");
assertEquals("aaa;JS+", URIUtil.addPaths("aaa;JS",""),"aaa;JS");
assertEquals("aaa;JS+bbb", URIUtil.addPaths("aaa;JS","bbb"),"aaa/bbb;JS");
assertEquals("aaa;JS+/", URIUtil.addPaths("aaa;JS","/"),"aaa/;JS");
assertEquals("aaa;JS+/bbb", URIUtil.addPaths("aaa;JS","/bbb"),"aaa/bbb;JS");
assertEquals("aaa;JS+bbb", URIUtil.addPaths("aaa;JS","bbb"),"aaa;JS/bbb");
assertEquals("aaa;JS+/", URIUtil.addPaths("aaa;JS","/"),"aaa;JS/");
assertEquals("aaa;JS+/bbb", URIUtil.addPaths("aaa;JS","/bbb"),"aaa;JS/bbb");
assertEquals("aaa;JS+null", URIUtil.addPaths("aaa/;JS",null),"aaa/;JS");
assertEquals("aaa;JS+", URIUtil.addPaths("aaa/;JS",""),"aaa/;JS");
assertEquals("aaa;JS+bbb", URIUtil.addPaths("aaa/;JS","bbb"),"aaa/bbb;JS");
assertEquals("aaa;JS+/", URIUtil.addPaths("aaa/;JS","/"),"aaa/;JS");
assertEquals("aaa;JS+/bbb", URIUtil.addPaths("aaa/;JS","/bbb"),"aaa/bbb;JS");
assertEquals("aaa;JS+bbb", URIUtil.addPaths("aaa/;JS","bbb"),"aaa/;JS/bbb");
assertEquals("aaa;JS+/", URIUtil.addPaths("aaa/;JS","/"),"aaa/;JS/");
assertEquals("aaa;JS+/bbb", URIUtil.addPaths("aaa/;JS","/bbb"),"aaa/;JS/bbb");
assertEquals("?A=1+null", URIUtil.addPaths("?A=1",null),"?A=1");
assertEquals("?A=1+", URIUtil.addPaths("?A=1",""),"?A=1");
assertEquals("?A=1+bbb", URIUtil.addPaths("?A=1","bbb"),"bbb?A=1");
assertEquals("?A=1+/", URIUtil.addPaths("?A=1","/"),"/?A=1");
assertEquals("?A=1+/bbb", URIUtil.addPaths("?A=1","/bbb"),"/bbb?A=1");
assertEquals("?A=1+bbb", URIUtil.addPaths("?A=1","bbb"),"?A=1/bbb");
assertEquals("?A=1+/", URIUtil.addPaths("?A=1","/"),"?A=1/");
assertEquals("?A=1+/bbb", URIUtil.addPaths("?A=1","/bbb"),"?A=1/bbb");
assertEquals("aaa?A=1+null", URIUtil.addPaths("aaa?A=1",null),"aaa?A=1");
assertEquals("aaa?A=1+", URIUtil.addPaths("aaa?A=1",""),"aaa?A=1");
assertEquals("aaa?A=1+bbb", URIUtil.addPaths("aaa?A=1","bbb"),"aaa/bbb?A=1");
assertEquals("aaa?A=1+/", URIUtil.addPaths("aaa?A=1","/"),"aaa/?A=1");
assertEquals("aaa?A=1+/bbb", URIUtil.addPaths("aaa?A=1","/bbb"),"aaa/bbb?A=1");
assertEquals("aaa?A=1+bbb", URIUtil.addPaths("aaa?A=1","bbb"),"aaa?A=1/bbb");
assertEquals("aaa?A=1+/", URIUtil.addPaths("aaa?A=1","/"),"aaa?A=1/");
assertEquals("aaa?A=1+/bbb", URIUtil.addPaths("aaa?A=1","/bbb"),"aaa?A=1/bbb");
assertEquals("aaa?A=1+null", URIUtil.addPaths("aaa/?A=1",null),"aaa/?A=1");
assertEquals("aaa?A=1+", URIUtil.addPaths("aaa/?A=1",""),"aaa/?A=1");
assertEquals("aaa?A=1+bbb", URIUtil.addPaths("aaa/?A=1","bbb"),"aaa/bbb?A=1");
assertEquals("aaa?A=1+/", URIUtil.addPaths("aaa/?A=1","/"),"aaa/?A=1");
assertEquals("aaa?A=1+/bbb", URIUtil.addPaths("aaa/?A=1","/bbb"),"aaa/bbb?A=1");
assertEquals(";JS?A=1+null", URIUtil.addPaths(";JS?A=1",null),";JS?A=1");
assertEquals(";JS?A=1+", URIUtil.addPaths(";JS?A=1",""),";JS?A=1");
assertEquals(";JS?A=1+bbb", URIUtil.addPaths(";JS?A=1","bbb"),"bbb;JS?A=1");
assertEquals(";JS?A=1+/", URIUtil.addPaths(";JS?A=1","/"),"/;JS?A=1");
assertEquals(";JS?A=1+/bbb", URIUtil.addPaths(";JS?A=1","/bbb"),"/bbb;JS?A=1");
assertEquals("aaa;JS?A=1+null", URIUtil.addPaths("aaa;JS?A=1",null),"aaa;JS?A=1");
assertEquals("aaa;JS?A=1+", URIUtil.addPaths("aaa;JS?A=1",""),"aaa;JS?A=1");
assertEquals("aaa;JS?A=1+bbb", URIUtil.addPaths("aaa;JS?A=1","bbb"),"aaa/bbb;JS?A=1");
assertEquals("aaa;JS?A=1+/", URIUtil.addPaths("aaa;JS?A=1","/"),"aaa/;JS?A=1");
assertEquals("aaa;JS?A=1+/bbb", URIUtil.addPaths("aaa;JS?A=1","/bbb"),"aaa/bbb;JS?A=1");
assertEquals("aaa;JS?A=1+null", URIUtil.addPaths("aaa/;JS?A=1",null),"aaa/;JS?A=1");
assertEquals("aaa;JS?A=1+", URIUtil.addPaths("aaa/;JS?A=1",""),"aaa/;JS?A=1");
assertEquals("aaa;JS?A=1+bbb", URIUtil.addPaths("aaa/;JS?A=1","bbb"),"aaa/bbb;JS?A=1");
assertEquals("aaa;JS?A=1+/", URIUtil.addPaths("aaa/;JS?A=1","/"),"aaa/;JS?A=1");
assertEquals("aaa;JS?A=1+/bbb", URIUtil.addPaths("aaa/;JS?A=1","/bbb"),"aaa/bbb;JS?A=1");
assertEquals("aaa?A=1+bbb", URIUtil.addPaths("aaa/?A=1","bbb"),"aaa/?A=1/bbb");
assertEquals("aaa?A=1+/", URIUtil.addPaths("aaa/?A=1","/"),"aaa/?A=1/");
assertEquals("aaa?A=1+/bbb", URIUtil.addPaths("aaa/?A=1","/bbb"),"aaa/?A=1/bbb");
}

2
jetty-webapp/src/test/java/org/eclipse/jetty/webapp/WebAppContextTest.java
View File

@ -217,7 +217,7 @@ public class WebAppContextTest
server.start();
try
{
String response = connector.getResponses("GET http://localhost:8080 HTTP/1.1\r\nHost: localhost:8080\r\nConnection: close\r\n\r\n");
String response = connector.getResponse("GET http://localhost:8080 HTTP/1.1\r\nHost: localhost:8080\r\nConnection: close\r\n\r\n");
Assert.assertTrue(response.indexOf("200 OK")>=0);
}
finally

2
pom.xml
View File

@ -581,7 +581,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<version>2.19.1</version>
<version>2.20</version>
<configuration>
<argLine>@{argLine} -Dfile.encoding=UTF-8 -Duser.language=en -Duser.region=US -showversion -Xmx1g -Xms1g -XX:+PrintGCDetails</argLine>
<failIfNoTests>false</failIfNoTests>