291448 encodeRedirectURL only encodes absolute URLs to same host/port/context

git-svn-id: svn+ssh://dev.eclipse.org/svnroot/rt/org.eclipse.jetty/jetty/trunk@1644 7e9141cc-0065-0410-87d8-b60c137991c4

VERSION.txt

@@ -1,5 +1,7 @@
 
 jetty-7.1.0.RC1-SNAPSHOT
+ + 291448 encodeRedirectURL only encodes absolute URLs to same host/port/context
+ + 297104 HTTP CONNECT does not work correct with SSL destinations
  + 308848 Update test suite to JUnit4 - Module jetty-ajp
  + 308861 Update test suite to JUnit4 - Module jetty-security
  + 308868 Update test suite to JUnit4 - Module jetty-websocket
@@ -10,7 +12,6 @@ jetty-7.1.0.RC1-SNAPSHOT
  + 310703 Update test suite to JUnit4 - Module tests/test-integration
  + 310918 Synchronize content exchange
  + 311154 Use Appendable in preference to StringBuilder/StringBuffer in APIs
- + 297104 HTTP CONNECT does not work correct with SSL destinations
  + 308865 Update test suite to JUnit4 - Module jetty-start
 
 jetty-7.1.0.RC0 27 April 2010

jetty-server/src/main/java/org/eclipse/jetty/server/Response.java

@@ -30,6 +30,7 @@ import org.eclipse.jetty.http.HttpFields;
 import org.eclipse.jetty.http.HttpGenerator;
 import org.eclipse.jetty.http.HttpHeaderValues;
 import org.eclipse.jetty.http.HttpHeaders;
+import org.eclipse.jetty.http.HttpSchemes;
 import org.eclipse.jetty.http.HttpStatus;
 import org.eclipse.jetty.http.HttpURI;
 import org.eclipse.jetty.http.HttpVersions;
@@ -221,30 +222,44 @@ public class Response implements HttpServletResponse
     }
 
     /* ------------------------------------------------------------ */
-    /*
+    /**
-     * @see javax.servlet.http.HttpServletResponse#encodeRedirectURL(java.lang.String)
+     * Encode Redirect URL.
+     * <p>This method differs from {@link #encodeURL(String)}, in that it only encodes 
+     * relative URLs or absolute URLs to the same host/port/contextPath as the request.
      */
     public String encodeRedirectURL(String url)
     {
+        if (URIUtil.hasScheme(url))
+        {
+            HttpURI uri = new HttpURI(url);
+            Request request=_connection.getRequest();
+            int port=uri.getPort();
+            if (port<0) 
+                port = HttpSchemes.HTTPS.equalsIgnoreCase(uri.getScheme())?443:80;
+            if (request.getServerName().equalsIgnoreCase(uri.getHost()) &&
+                request.getServerPort()==port && 
+                uri.getPath().startsWith(request.getContextPath()))
+
+                return encodeURL(url);
+            return url;
+        }
+
+        
         return encodeURL(url);
     }
 
     /* ------------------------------------------------------------ */
-    /*
+    @Deprecated
-     * @see javax.servlet.http.HttpServletResponse#encodeUrl(java.lang.String)
-     */
     public String encodeUrl(String url)
     {
         return encodeURL(url);
     }
 
     /* ------------------------------------------------------------ */
-    /*
+    @Deprecated
-     * @see javax.servlet.http.HttpServletResponse#encodeRedirectUrl(java.lang.String)
-     */
     public String encodeRedirectUrl(String url)
     {
-        return encodeURL(url);
+        return encodeRedirectURL(url);
     }
 
     /* ------------------------------------------------------------ */

jetty-server/src/test/java/org/eclipse/jetty/server/ResponseTest.java

@@ -325,8 +325,11 @@ public class ResponseTest extends TestCase
         HttpConnection connection=new HttpConnection(connector,new ByteArrayEndPoint(), connector.getServer());
         Response response = new Response(connection);
         Request request = connection.getRequest();
+        request.setServerName("myhost");
+        request.setServerPort(8888);
+        request.setContextPath("/path");
 
-        assertEquals("http://host:port/path/info;param?query=0&more=1#target",response.encodeRedirectUrl("http://host:port/path/info;param?query=0&more=1#target"));
+        assertEquals("http://myhost:8888/path/info;param?query=0&more=1#target",response.encodeURL("http://myhost:8888/path/info;param?query=0&more=1#target"));
 
         request.setRequestedSessionId("12345");
         request.setRequestedSessionIdFromCookie(false);
@@ -335,8 +338,19 @@ public class ResponseTest extends TestCase
         request.setSessionManager(manager);
         request.setSession(new TestSession(manager,"12345"));
 
-        assertEquals("http://host:port/path/info;param;jsessionid=12345?query=0&more=1#target",response.encodeRedirectUrl("http://host:port/path/info;param?query=0&more=1#target"));
+        assertEquals("http://myhost:8888/path/info;param;jsessionid=12345?query=0&more=1#target",response.encodeURL("http://myhost:8888/path/info;param?query=0&more=1#target"));
+ 
+        assertEquals("http://other:8888/path/info;param;jsessionid=12345?query=0&more=1#target",response.encodeURL("http://other:8888/path/info;param?query=0&more=1#target"));
+        assertEquals("http://other:8888/path/info;param?query=0&more=1#target",response.encodeRedirectURL("http://other:8888/path/info;param?query=0&more=1#target"));
+        
+        assertEquals("http://myhost/path/info;param;jsessionid=12345?query=0&more=1#target",response.encodeURL("http://myhost/path/info;param?query=0&more=1#target"));
+        assertEquals("http://myhost/path/info;param?query=0&more=1#target",response.encodeRedirectURL("http://myhost/path/info;param?query=0&more=1#target"));
 
+        assertEquals("http://myhost:8888/other/info;param;jsessionid=12345?query=0&more=1#target",response.encodeURL("http://myhost:8888/other/info;param?query=0&more=1#target"));
+        assertEquals("http://myhost:8888/other/info;param?query=0&more=1#target",response.encodeRedirectURL("http://myhost:8888/other/info;param?query=0&more=1#target"));
+        
+    
+    
     }
 
     public void testSetBufferSize ()