From bc4f45bbfe1012adea785df84e383673f5f914c2 Mon Sep 17 00:00:00 2001
From: Jan Bartel <janb@intalio.com>
Date: Mon, 20 Aug 2012 08:40:04 +1000
Subject: [PATCH 1/3] JETTY-1532 HTTP headers decoded with platform's default
encoding
---
.../src/main/java/org/eclipse/jetty/http/MimeTypes.java | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/jetty-http/src/main/java/org/eclipse/jetty/http/MimeTypes.java b/jetty-http/src/main/java/org/eclipse/jetty/http/MimeTypes.java
index e20dde3cdb1..7ec00e24095 100644
--- a/jetty-http/src/main/java/org/eclipse/jetty/http/MimeTypes.java
+++ b/jetty-http/src/main/java/org/eclipse/jetty/http/MimeTypes.java
@@ -364,12 +364,12 @@ public class MimeTypes
case 10:
if (!quote && (';'==b || ' '==b )||
(quote && '"'==b ))
- return CACHE.lookup(value.peek(start,i-start)).toString();
+ return CACHE.lookup(value.peek(start,i-start)).toString(StringUtil.__UTF8);
}
}
if (state==10)
- return CACHE.lookup(value.peek(start,i-start)).toString();
+ return CACHE.lookup(value.peek(start,i-start)).toString(StringUtil.__UTF8);
return (String)__encodings.get(value);
}
From e0276a8f65f882b0468d8b299e3ad362b1bfb536 Mon Sep 17 00:00:00 2001
From: Jan Bartel <janb@intalio.com>
Date: Mon, 20 Aug 2012 14:52:33 +1000
Subject: [PATCH 2/3] JETTY-1515 Include cookies on 304 responses from
DefaultServlet.
---
.../org/eclipse/jetty/server/Response.java | 34 ++++++++++++++++
.../eclipse/jetty/server/ResponseTest.java | 39 +++++++++++++++++++
.../eclipse/jetty/servlet/DefaultServlet.java | 20 ++++++----
3 files changed, 86 insertions(+), 7 deletions(-)
diff --git a/jetty-server/src/main/java/org/eclipse/jetty/server/Response.java b/jetty-server/src/main/java/org/eclipse/jetty/server/Response.java
index ba8081bc6d5..49f6d1551dc 100644
--- a/jetty-server/src/main/java/org/eclipse/jetty/server/Response.java
+++ b/jetty-server/src/main/java/org/eclipse/jetty/server/Response.java
@@ -20,6 +20,7 @@ package org.eclipse.jetty.server;
import java.io.IOException;
import java.io.PrintWriter;
+import java.util.ArrayList;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Locale;
@@ -77,6 +78,16 @@ public class Response implements HttpServletResponse
*/
public final static String HTTP_ONLY_COMMENT="__HTTP_ONLY__";
+
+ /* ------------------------------------------------------------ */
+ public static Response getResponse(HttpServletResponse response)
+ {
+ if (response instanceof Response)
+ return (Response)response;
+
+ return AbstractHttpConnection.getCurrentConnection().getResponse();
+ }
+
private final AbstractHttpConnection _connection;
private int _status=SC_OK;
private String _reason;
@@ -1070,6 +1081,29 @@ public class Response implements HttpServletResponse
}
}
+
+ public void reset(boolean preserveCookies)
+ {
+ if (!preserveCookies)
+ reset();
+ else
+ {
+ HttpFields response_fields=_connection.getResponseFields();
+
+ ArrayList<String> cookieValues = new ArrayList<String>(5);
+ Enumeration vals = response_fields.getValues(HttpHeaders.SET_COOKIE);
+ while (vals.hasMoreElements())
+ cookieValues.add((String)vals.nextElement());
+
+ reset();
+
+ for (String v:cookieValues)
+ response_fields.add(HttpHeaders.SET_COOKIE, v);
+ }
+ }
+
+
+
/* ------------------------------------------------------------ */
/*
* @see javax.servlet.ServletResponse#reset()
diff --git a/jetty-server/src/test/java/org/eclipse/jetty/server/ResponseTest.java b/jetty-server/src/test/java/org/eclipse/jetty/server/ResponseTest.java
index 4c71ab09334..0c205b0bfc9 100644
--- a/jetty-server/src/test/java/org/eclipse/jetty/server/ResponseTest.java
+++ b/jetty-server/src/test/java/org/eclipse/jetty/server/ResponseTest.java
@@ -20,6 +20,7 @@ package org.eclipse.jetty.server;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
@@ -28,6 +29,8 @@ import java.io.InputStreamReader;
import java.io.LineNumberReader;
import java.io.PrintWriter;
import java.net.Socket;
+import java.util.ArrayList;
+import java.util.Collections;
import java.util.Enumeration;
import java.util.Locale;
import java.util.Map;
@@ -556,6 +559,42 @@ public class ResponseTest
assertEquals("name=value;Comment=comment;Path=/path;Domain=domain;Secure;HttpOnly",set);
}
+
+
+ @Test
+ public void testCookiesWithReset() throws Exception
+ {
+ Response response = new Response(new TestHttpConnection(connector,new ByteArrayEndPoint(), connector.getServer()));
+
+ Cookie cookie=new Cookie("name","value");
+ cookie.setDomain("domain");
+ cookie.setPath("/path");
+ cookie.setSecure(true);
+ cookie.setComment("comment__HTTP_ONLY__");
+ response.addCookie(cookie);
+
+ Cookie cookie2=new Cookie("name2", "value2");
+ cookie2.setDomain("domain");
+ cookie2.setPath("/path");
+ response.addCookie(cookie2);
+
+ //keep the cookies
+ response.reset(true);
+
+ Enumeration<String> set = response.getHttpFields().getValues("Set-Cookie");
+
+ assertNotNull(set);
+ ArrayList<String> list = Collections.list(set);
+ assertEquals(2, list.size());
+ assertTrue(list.contains("name=value;Comment=comment;Path=/path;Domain=domain;Secure;HttpOnly"));
+ assertTrue(list.contains("name2=value2;Path=/path;Domain=domain"));
+
+ //get rid of the cookies
+ response.reset();
+
+ set = response.getHttpFields().getValues("Set-Cookie");
+ assertFalse(set.hasMoreElements());
+ }
private Response newResponse()
{
diff --git a/jetty-servlet/src/main/java/org/eclipse/jetty/servlet/DefaultServlet.java b/jetty-servlet/src/main/java/org/eclipse/jetty/servlet/DefaultServlet.java
index 1f443972b0e..c5b91cacc9d 100644
--- a/jetty-servlet/src/main/java/org/eclipse/jetty/servlet/DefaultServlet.java
+++ b/jetty-servlet/src/main/java/org/eclipse/jetty/servlet/DefaultServlet.java
@@ -24,6 +24,7 @@ import java.io.InputStream;
import java.io.OutputStream;
import java.net.MalformedURLException;
import java.net.URL;
+import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;
import java.util.Map;
@@ -674,6 +675,9 @@ public class DefaultServlet extends HttpServlet implements ResourceFactory
String ifms=request.getHeader(HttpHeaders.IF_MODIFIED_SINCE);
if (ifms!=null)
{
+ //Get jetty's Response impl
+ Response r = Response.getResponse(response);
+
if (content!=null)
{
Buffer mdlm=content.getLastModified();
@@ -681,9 +685,9 @@ public class DefaultServlet extends HttpServlet implements ResourceFactory
{
if (ifms.equals(mdlm.toString()))
{
- response.reset();
- response.setStatus(HttpServletResponse.SC_NOT_MODIFIED);
- response.flushBuffer();
+ r.reset(true);
+ r.setStatus(HttpServletResponse.SC_NOT_MODIFIED);
+ r.flushBuffer();
return false;
}
}
@@ -693,10 +697,10 @@ public class DefaultServlet extends HttpServlet implements ResourceFactory
if (ifmsl!=-1)
{
if (resource.lastModified()/1000 <= ifmsl/1000)
- {
- response.reset();
- response.setStatus(HttpServletResponse.SC_NOT_MODIFIED);
- response.flushBuffer();
+ {
+ r.reset(true);
+ r.setStatus(HttpServletResponse.SC_NOT_MODIFIED);
+ r.flushBuffer();
return false;
}
}
@@ -1025,6 +1029,8 @@ public class DefaultServlet extends HttpServlet implements ResourceFactory
if (_cacheControl!=null)
response.setHeader(HttpHeaders.CACHE_CONTROL,_cacheControl.toString());
}
+
+
/* ------------------------------------------------------------ */
/*
From c1a454c2780f6a70a70399f15b937df536c82647 Mon Sep 17 00:00:00 2001
From: Greg Wilkins <gregw@intalio.com>
Date: Mon, 20 Aug 2012 22:28:03 +1000
Subject: [PATCH 3/3] avoided race in FormAuth by not sending redirect until
after session attribute set
---
.../authentication/FormAuthenticator.java | 21 ++++++++++---------
1 file changed, 11 insertions(+), 10 deletions(-)
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java
index 6bfae412fb0..ccb00a200d6 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java
@@ -216,19 +216,20 @@ public class FormAuthenticator extends LoginAuthenticator
synchronized(session)
{
nuri = (String) session.getAttribute(__J_URI);
- }
-
- if (nuri == null || nuri.length() == 0)
- {
- nuri = request.getContextPath();
- if (nuri.length() == 0)
- nuri = URIUtil.SLASH;
+
+ if (nuri == null || nuri.length() == 0)
+ {
+ nuri = request.getContextPath();
+ if (nuri.length() == 0)
+ nuri = URIUtil.SLASH;
+ }
+
+ Authentication cached=new SessionAuthentication(getAuthMethod(),user,password);
+ session.setAttribute(SessionAuthentication.__J_AUTHENTICATED, cached);
}
response.setContentLength(0);
response.sendRedirect(response.encodeRedirectURL(nuri));
-
- Authentication cached=new SessionAuthentication(getAuthMethod(),user,password);
- session.setAttribute(SessionAuthentication.__J_AUTHENTICATED, cached);
+
return new FormAuthentication(getAuthMethod(),user);
}