diff --git a/build-resources/src/main/resources/jetty-checkstyle.xml b/build-resources/src/main/resources/jetty-checkstyle.xml index c95d421a03d..ea03ac5e994 100644 --- a/build-resources/src/main/resources/jetty-checkstyle.xml +++ b/build-resources/src/main/resources/jetty-checkstyle.xml @@ -98,7 +98,7 @@ - + + + + + + - - + + diff --git a/jetty-annotations/src/test/java/org/eclipse/jetty/annotations/resources/ResourceA.java b/jetty-annotations/src/test/java/org/eclipse/jetty/annotations/resources/ResourceA.java index bb203c10836..e7ded008e7d 100644 --- a/jetty-annotations/src/test/java/org/eclipse/jetty/annotations/resources/ResourceA.java +++ b/jetty-annotations/src/test/java/org/eclipse/jetty/annotations/resources/ResourceA.java @@ -35,7 +35,7 @@ public class ResourceA implements javax.servlet.Servlet private Integer k; @Resource(name = "myf", mappedName = "resB") //test giving both a name and mapped name from the environment - private Integer f;//test a non inherited field that needs injection + private Integer f; //test a non inherited field that needs injection @Resource(mappedName = "resA") //test the default naming scheme but using a mapped name from the environment private Integer g; diff --git a/jetty-annotations/src/test/java/org/eclipse/jetty/annotations/resources/ResourceB.java b/jetty-annotations/src/test/java/org/eclipse/jetty/annotations/resources/ResourceB.java index 999b6229da6..ce31dfeebb1 100644 --- a/jetty-annotations/src/test/java/org/eclipse/jetty/annotations/resources/ResourceB.java +++ b/jetty-annotations/src/test/java/org/eclipse/jetty/annotations/resources/ResourceB.java @@ -31,7 +31,7 @@ import javax.annotation.Resources; public class ResourceB extends ResourceA { @Resource(mappedName = "resB") - private Integer f;//test no inheritance of private fields + private Integer f; //test no inheritance of private fields @Resource private Integer p = new Integer(8); //test no injection because no value diff --git a/jetty-deploy/src/main/java/org/eclipse/jetty/deploy/providers/WebAppProvider.java b/jetty-deploy/src/main/java/org/eclipse/jetty/deploy/providers/WebAppProvider.java index 06933b8b4bd..35058024137 100644 --- a/jetty-deploy/src/main/java/org/eclipse/jetty/deploy/providers/WebAppProvider.java +++ b/jetty-deploy/src/main/java/org/eclipse/jetty/deploy/providers/WebAppProvider.java @@ -107,7 +107,7 @@ public class WebAppProvider extends ScanningAppProvider return false; //is it a sccs dir? - return !"cvs".equals(lowername) && !"cvsroot".equals(lowername);// OK to deploy it then + return !"cvs".equals(lowername) && !"cvsroot".equals(lowername); // OK to deploy it then } // else is it a war file diff --git a/jetty-http/src/main/java/org/eclipse/jetty/http/HttpCompliance.java b/jetty-http/src/main/java/org/eclipse/jetty/http/HttpCompliance.java index 1488c89622e..8d6334cc307 100644 --- a/jetty-http/src/main/java/org/eclipse/jetty/http/HttpCompliance.java +++ b/jetty-http/src/main/java/org/eclipse/jetty/http/HttpCompliance.java @@ -56,13 +56,14 @@ public enum HttpCompliance // TODO in Jetty-10 convert this enum to a class so t LEGACY(sectionsBySpec("0,METHOD_CASE_SENSITIVE")), /** - * The legacy RFC2616 support, which incorrectly excludes + * The legacy RFC2616 support, which excludes * {@link HttpComplianceSection#METHOD_CASE_SENSITIVE}, * {@link HttpComplianceSection#FIELD_COLON}, * {@link HttpComplianceSection#TRANSFER_ENCODING_WITH_CONTENT_LENGTH}, - * {@link HttpComplianceSection#MULTIPLE_CONTENT_LENGTHS}, + * {@link HttpComplianceSection#MULTIPLE_CONTENT_LENGTHS} and + * {@link HttpComplianceSection#NO_AMBIGUOUS_PATH_SEGMENTS}. */ - RFC2616_LEGACY(sectionsBySpec("RFC2616,-FIELD_COLON,-METHOD_CASE_SENSITIVE,-TRANSFER_ENCODING_WITH_CONTENT_LENGTH,-MULTIPLE_CONTENT_LENGTHS")), + RFC2616_LEGACY(sectionsBySpec("RFC2616,-FIELD_COLON,-METHOD_CASE_SENSITIVE,-TRANSFER_ENCODING_WITH_CONTENT_LENGTH,-MULTIPLE_CONTENT_LENGTHS,-NO_AMBIGUOUS_PATH_SEGMENTS")), /** * The strict RFC2616 support mode @@ -70,9 +71,11 @@ public enum HttpCompliance // TODO in Jetty-10 convert this enum to a class so t RFC2616(sectionsBySpec("RFC2616")), /** - * Jetty's current RFC7230 support, which incorrectly excludes {@link HttpComplianceSection#METHOD_CASE_SENSITIVE} + * Jetty's current RFC7230 support, which excludes + * {@link HttpComplianceSection#METHOD_CASE_SENSITIVE} and + * {@link HttpComplianceSection#NO_AMBIGUOUS_PATH_SEGMENTS}. */ - RFC7230_LEGACY(sectionsBySpec("RFC7230,-METHOD_CASE_SENSITIVE")), + RFC7230_LEGACY(sectionsBySpec("RFC7230,-METHOD_CASE_SENSITIVE,-NO_AMBIGUOUS_PATH_SEGMENTS")), /** * The RFC7230 support mode @@ -123,11 +126,6 @@ public enum HttpCompliance // TODO in Jetty-10 convert this enum to a class so t i++; break; - case "*": - i++; - sections = EnumSet.allOf(HttpComplianceSection.class); - break; - case "RFC2616": sections = EnumSet.complementOf(EnumSet.of( HttpComplianceSection.NO_FIELD_FOLDING, @@ -135,6 +133,7 @@ public enum HttpCompliance // TODO in Jetty-10 convert this enum to a class so t i++; break; + case "*": case "RFC7230": i++; sections = EnumSet.allOf(HttpComplianceSection.class); @@ -152,11 +151,6 @@ public enum HttpCompliance // TODO in Jetty-10 convert this enum to a class so t if (exclude) element = element.substring(1); HttpComplianceSection section = HttpComplianceSection.valueOf(element); - if (section == null) - { - LOG.warn("Unknown section '" + element + "' in HttpCompliance spec: " + spec); - continue; - } if (exclude) sections.remove(section); else diff --git a/jetty-http/src/main/java/org/eclipse/jetty/http/HttpComplianceSection.java b/jetty-http/src/main/java/org/eclipse/jetty/http/HttpComplianceSection.java index e1dcc025a6d..ce5fa6645a3 100644 --- a/jetty-http/src/main/java/org/eclipse/jetty/http/HttpComplianceSection.java +++ b/jetty-http/src/main/java/org/eclipse/jetty/http/HttpComplianceSection.java @@ -31,7 +31,8 @@ public enum HttpComplianceSection NO_FIELD_FOLDING("https://tools.ietf.org/html/rfc7230#section-3.2.4", "No line Folding"), NO_HTTP_0_9("https://tools.ietf.org/html/rfc7230#appendix-A.2", "No HTTP/0.9"), TRANSFER_ENCODING_WITH_CONTENT_LENGTH("https://tools.ietf.org/html/rfc7230#section-3.3.1", "Transfer-Encoding and Content-Length"), - MULTIPLE_CONTENT_LENGTHS("https://tools.ietf.org/html/rfc7230#section-3.3.1", "Multiple Content-Lengths"); + MULTIPLE_CONTENT_LENGTHS("https://tools.ietf.org/html/rfc7230#section-3.3.1", "Multiple Content-Lengths"), + NO_AMBIGUOUS_PATH_SEGMENTS("https://tools.ietf.org/html/rfc3986#section-3.3", "No ambiguous URI path segments"); final String url; final String description; diff --git a/jetty-http/src/main/java/org/eclipse/jetty/http/HttpParser.java b/jetty-http/src/main/java/org/eclipse/jetty/http/HttpParser.java index 237e9613057..4637006c864 100644 --- a/jetty-http/src/main/java/org/eclipse/jetty/http/HttpParser.java +++ b/jetty-http/src/main/java/org/eclipse/jetty/http/HttpParser.java @@ -311,6 +311,11 @@ public class HttpParser return _handler; } + public HttpCompliance getHttpCompliance() + { + return _compliance; + } + /** * Check RFC compliance violation * diff --git a/jetty-http/src/main/java/org/eclipse/jetty/http/HttpURI.java b/jetty-http/src/main/java/org/eclipse/jetty/http/HttpURI.java index 6b5cdff2995..74d5f2471d1 100644 --- a/jetty-http/src/main/java/org/eclipse/jetty/http/HttpURI.java +++ b/jetty-http/src/main/java/org/eclipse/jetty/http/HttpURI.java @@ -23,8 +23,11 @@ import java.net.URI; import java.net.URISyntaxException; import java.nio.charset.Charset; import java.nio.charset.StandardCharsets; +import java.util.Objects; +import org.eclipse.jetty.util.ArrayTrie; import org.eclipse.jetty.util.MultiMap; +import org.eclipse.jetty.util.Trie; import org.eclipse.jetty.util.TypeUtil; import org.eclipse.jetty.util.URIUtil; import org.eclipse.jetty.util.UrlEncoded; @@ -65,6 +68,30 @@ public class HttpURI ASTERISK } + /** + * The concept of URI path parameters was originally specified in + * RFC2396, but that was + * obsoleted by + * RFC3986 which removed + * a normative definition of path parameters. Specifically it excluded them from the + * Remove Dot Segments + * algorithm. This results in some ambiguity as dot segments can result from later + * parameter removal or % encoding expansion, that are not removed from the URI + * by {@link URIUtil#canonicalPath(String)}. Thus this class flags such ambiguous + * path segments, so that they may be rejected by the server if so configured. + */ + private static final Trie __ambiguousSegments = new ArrayTrie<>(); + + static + { + __ambiguousSegments.put("%2e", Boolean.TRUE); + __ambiguousSegments.put("%2e%2e", Boolean.TRUE); + __ambiguousSegments.put(".%2e", Boolean.TRUE); + __ambiguousSegments.put("%2e.", Boolean.TRUE); + __ambiguousSegments.put("..", Boolean.FALSE); + __ambiguousSegments.put(".", Boolean.FALSE); + } + private String _scheme; private String _user; private String _host; @@ -73,9 +100,9 @@ public class HttpURI private String _param; private String _query; private String _fragment; - - String _uri; - String _decodedPath; + private String _uri; + private String _decodedPath; + private boolean _ambiguousSegment; /** * Construct a normalized URI. @@ -108,16 +135,29 @@ public class HttpURI _scheme = scheme; _host = host; _port = port; - _path = path; - _param = param; - _query = query; - _fragment = fragment; + if (path != null) + parse(State.PATH, path, 0, path.length()); + if (param != null) + _param = param; + if (query != null) + _query = query; + if (fragment != null) + _fragment = fragment; } public HttpURI(HttpURI uri) { - this(uri._scheme, uri._host, uri._port, uri._path, uri._param, uri._query, uri._fragment); + _scheme = uri._scheme; + _user = uri._user; + _host = uri._host; + _port = uri._port; + _path = uri._path; + _param = uri._param; + _query = uri._query; + _fragment = uri._fragment; _uri = uri._uri; + _decodedPath = uri._decodedPath; + _ambiguousSegment = uri._ambiguousSegment; } public HttpURI(String uri) @@ -129,40 +169,44 @@ public class HttpURI public HttpURI(URI uri) { _uri = null; - _scheme = uri.getScheme(); _host = uri.getHost(); if (_host == null && uri.getRawSchemeSpecificPart().startsWith("//")) _host = ""; _port = uri.getPort(); _user = uri.getUserInfo(); - _path = uri.getRawPath(); - - _decodedPath = uri.getPath(); - if (_decodedPath != null) - { - int p = _decodedPath.lastIndexOf(';'); - if (p >= 0) - _param = _decodedPath.substring(p + 1); - } + String path = uri.getRawPath(); + if (path != null) + parse(State.PATH, path, 0, path.length()); _query = uri.getRawQuery(); _fragment = uri.getFragment(); - - _decodedPath = null; } public HttpURI(String scheme, String host, int port, String pathQuery) { _uri = null; - _scheme = scheme; _host = host; _port = port; - if (pathQuery != null) parse(State.PATH, pathQuery, 0, pathQuery.length()); } + public void clear() + { + _uri = null; + _scheme = null; + _user = null; + _host = null; + _port = -1; + _path = null; + _param = null; + _query = null; + _fragment = null; + _decodedPath = null; + _ambiguousSegment = false; + } + public void parse(String uri) { clear(); @@ -205,9 +249,12 @@ public class HttpURI private void parse(State state, final String uri, final int offset, final int end) { - boolean encoded = false; - int mark = offset; - int pathMark = 0; + int mark = offset; // the start of the current section being parsed + int pathMark = 0; // the start of the path section + int segment = 0; // the start of the current segment within the path + boolean encoded = false; // set to true if the path contains % encoded characters + boolean dot = false; // set to true if the path containers . or .. segments + int escapedSlash = 0; // state of parsing a %2f for (int i = offset; i < end; i++) { @@ -241,21 +288,30 @@ public class HttpURI _path = "*"; state = State.ASTERISK; break; - + case '%': + encoded = true; + escapedSlash = 1; + mark = pathMark = segment = i; + state = State.PATH; + break; + case '.' : + dot = true; + pathMark = segment = i; + state = State.PATH; + break; default: mark = i; if (_scheme == null) state = State.SCHEME_OR_PATH; else { - pathMark = i; + pathMark = segment = i; state = State.PATH; } } continue; } - case SCHEME_OR_PATH: { switch (c) @@ -266,40 +322,38 @@ public class HttpURI // Start again with scheme set state = State.START; break; - case '/': // must have been in a path and still are + segment = i + 1; state = State.PATH; break; - case ';': // must have been in a path mark = i + 1; state = State.PARAM; break; - case '?': // must have been in a path _path = uri.substring(mark, i); mark = i + 1; state = State.QUERY; break; - case '%': // must have be in an encoded path encoded = true; + escapedSlash = 1; state = State.PATH; break; - case '#': // must have been in a path _path = uri.substring(mark, i); state = State.FRAGMENT; break; + default: + break; } continue; } - case HOST_OR_PATH: { switch (c) @@ -310,23 +364,26 @@ public class HttpURI state = State.HOST; break; + case '%': case '@': case ';': case '?': case '#': + case '.': // was a path, look again i--; pathMark = mark; + segment = mark + 1; state = State.PATH; break; default: // it is a path pathMark = mark; + segment = mark + 1; state = State.PATH; } continue; } - case HOST: { switch (c) @@ -334,6 +391,7 @@ public class HttpURI case '/': _host = uri.substring(mark, i); pathMark = mark = i; + segment = mark + 1; state = State.PATH; break; case ':': @@ -348,14 +406,14 @@ public class HttpURI _user = uri.substring(mark, i); mark = i + 1; break; - case '[': state = State.IPV6; break; + default: + break; } continue; } - case IPV6: { switch (c) @@ -376,11 +434,11 @@ public class HttpURI state = State.PATH; } break; + default: + break; } - continue; } - case PORT: { if (c == '@') @@ -396,36 +454,57 @@ public class HttpURI { _port = TypeUtil.parseInt(uri, mark, i - mark, 10); pathMark = mark = i; + segment = i + 1; state = State.PATH; } continue; } - case PATH: { switch (c) { case ';': + checkSegment(uri, segment, i, true); mark = i + 1; state = State.PARAM; break; case '?': + checkSegment(uri, segment, i, false); _path = uri.substring(pathMark, i); mark = i + 1; state = State.QUERY; break; case '#': + checkSegment(uri, segment, i, false); _path = uri.substring(pathMark, i); mark = i + 1; state = State.FRAGMENT; break; + case '/': + checkSegment(uri, segment, i, false); + segment = i + 1; + break; + case '.': + dot |= segment == i; + break; case '%': encoded = true; + escapedSlash = 1; + break; + case '2': + escapedSlash = escapedSlash == 1 ? 2 : 0; + break; + case 'f': + case 'F': + _ambiguousSegment |= (escapedSlash == 2); + escapedSlash = 0; + break; + default: + escapedSlash = 0; break; } continue; } - case PARAM: { switch (c) @@ -444,17 +523,18 @@ public class HttpURI break; case '/': encoded = true; - // ignore internal params + segment = i + 1; state = State.PATH; break; case ';': // multiple parameters mark = i + 1; break; + default: + break; } continue; } - case QUERY: { if (c == '#') @@ -465,17 +545,18 @@ public class HttpURI } continue; } - case ASTERISK: { throw new IllegalArgumentException("Bad character '*'"); } - case FRAGMENT: { _fragment = uri.substring(mark, end); i = end; + break; } + default: + break; } } @@ -486,51 +567,78 @@ public class HttpURI case SCHEME_OR_PATH: _path = uri.substring(mark, end); break; - case HOST_OR_PATH: _path = uri.substring(mark, end); break; - case HOST: if (end > mark) _host = uri.substring(mark, end); break; - case IPV6: throw new IllegalArgumentException("No closing ']' for ipv6 in " + uri); - case PORT: _port = TypeUtil.parseInt(uri, mark, end - mark, 10); break; - case ASTERISK: break; - case FRAGMENT: _fragment = uri.substring(mark, end); break; - case PARAM: _path = uri.substring(pathMark, end); _param = uri.substring(mark, end); break; - case PATH: + checkSegment(uri, segment, end, false); _path = uri.substring(pathMark, end); break; - case QUERY: _query = uri.substring(mark, end); break; + default: + break; } - if (!encoded) + if (!encoded && !dot) { if (_param == null) _decodedPath = _path; else _decodedPath = _path.substring(0, _path.length() - _param.length() - 1); } + else if (_path != null) + { + String canonical = URIUtil.canonicalPath(_path); + if (canonical == null) + throw new BadMessageException("Bad URI"); + _decodedPath = URIUtil.decodePath(canonical); + } + } + + /** + * Check for ambiguous path segments. + * + * An ambiguous path segment is one that is perhaps technically legal, but is considered undesirable to handle + * due to possible ambiguity. Examples include segments like '..;', '%2e', '%2e%2e' etc. + * @param uri The URI string + * @param segment The inclusive starting index of the segment (excluding any '/') + * @param end The exclusive end index of the segment + */ + private void checkSegment(String uri, int segment, int end, boolean param) + { + if (!_ambiguousSegment) + { + Boolean ambiguous = __ambiguousSegments.get(uri, segment, end - segment); + _ambiguousSegment |= ambiguous == Boolean.TRUE || (param && ambiguous == Boolean.FALSE); + } + } + + /** + * @return True if the URI has a possibly ambiguous segment like '..;' or '%2e%2e' + */ + public boolean hasAmbiguousSegment() + { + return _ambiguousSegment; } public String getScheme() @@ -561,10 +669,12 @@ public class HttpURI return _path; } + /** + * @return The decoded canonical path. + * @see URIUtil#canonicalPath(String) + */ public String getDecodedPath() { - if (_decodedPath == null && _path != null) - _decodedPath = URIUtil.decodePath(_path); return _decodedPath; } @@ -575,10 +685,14 @@ public class HttpURI public void setParam(String param) { - _param = param; - if (_path != null && !_path.contains(_param)) + if (!Objects.equals(_param, param)) { - _path += ";" + _param; + if (_param != null && _path.endsWith(";" + _param)) + _path = _path.substring(0, _path.length() - 1 - _param.length()); + _param = param; + if (_param != null) + _path = (_path == null ? "" : _path) + ";" + _param; + _uri = null; } } @@ -620,21 +734,6 @@ public class HttpURI UrlEncoded.decodeTo(_query, parameters, encoding); } - public void clear() - { - _uri = null; - - _scheme = null; - _host = null; - _port = -1; - _path = null; - _param = null; - _query = null; - _fragment = null; - - _decodedPath = null; - } - public boolean isAbsolute() { return _scheme != null && !_scheme.isEmpty(); @@ -688,6 +787,12 @@ public class HttpURI return toString().equals(o.toString()); } + @Override + public int hashCode() + { + return toString().hashCode(); + } + public void setScheme(String scheme) { _scheme = scheme; @@ -711,8 +816,9 @@ public class HttpURI public void setPath(String path) { _uri = null; - _path = path; - _decodedPath = null; + _path = null; + if (path != null) + parse(State.PATH, path, 0, path.length()); } public void setPathQuery(String path) @@ -722,6 +828,7 @@ public class HttpURI _decodedPath = null; _param = null; _fragment = null; + _query = null; if (path != null) parse(State.PATH, path, 0, path.length()); } diff --git a/jetty-http/src/test/java/org/eclipse/jetty/http/HttpCookieTest.java b/jetty-http/src/test/java/org/eclipse/jetty/http/HttpCookieTest.java index 62ef22b788f..7d7224da24e 100644 --- a/jetty-http/src/test/java/org/eclipse/jetty/http/HttpCookieTest.java +++ b/jetty-http/src/test/java/org/eclipse/jetty/http/HttpCookieTest.java @@ -215,7 +215,7 @@ public class HttpCookieTest @Override public void setAttribute(String name, Object object) { - _attributes.put(name,object); + _attributes.put(name, object); } @Override diff --git a/jetty-http/src/test/java/org/eclipse/jetty/http/HttpParserTest.java b/jetty-http/src/test/java/org/eclipse/jetty/http/HttpParserTest.java index c730ed1db15..f886ad60176 100644 --- a/jetty-http/src/test/java/org/eclipse/jetty/http/HttpParserTest.java +++ b/jetty-http/src/test/java/org/eclipse/jetty/http/HttpParserTest.java @@ -90,13 +90,13 @@ public class HttpParserTest { for (HttpMethod m : HttpMethod.values()) { - assertNull(HttpMethod.lookAheadGet(BufferUtil.toBuffer(m.asString().substring(0,2)))); + assertNull(HttpMethod.lookAheadGet(BufferUtil.toBuffer(m.asString().substring(0, 2)))); assertNull(HttpMethod.lookAheadGet(BufferUtil.toBuffer(m.asString()))); assertNull(HttpMethod.lookAheadGet(BufferUtil.toBuffer(m.asString() + "FOO"))); assertEquals(m, HttpMethod.lookAheadGet(BufferUtil.toBuffer(m.asString() + " "))); assertEquals(m, HttpMethod.lookAheadGet(BufferUtil.toBuffer(m.asString() + " /foo/bar"))); - assertNull(HttpMethod.lookAheadGet(m.asString().substring(0,2).getBytes(), 0,2)); + assertNull(HttpMethod.lookAheadGet(m.asString().substring(0, 2).getBytes(), 0, 2)); assertNull(HttpMethod.lookAheadGet(m.asString().getBytes(), 0, m.asString().length())); assertNull(HttpMethod.lookAheadGet((m.asString() + "FOO").getBytes(), 0, m.asString().length() + 3)); assertEquals(m, HttpMethod.lookAheadGet(("\n" + m.asString() + " ").getBytes(), 1, m.asString().length() + 2)); diff --git a/jetty-http/src/test/java/org/eclipse/jetty/http/HttpURITest.java b/jetty-http/src/test/java/org/eclipse/jetty/http/HttpURITest.java index b341e57b333..98f78ac896e 100644 --- a/jetty-http/src/test/java/org/eclipse/jetty/http/HttpURITest.java +++ b/jetty-http/src/test/java/org/eclipse/jetty/http/HttpURITest.java @@ -20,9 +20,14 @@ package org.eclipse.jetty.http; import java.net.URLEncoder; import java.nio.charset.StandardCharsets; +import java.util.Arrays; +import java.util.stream.Stream; import org.eclipse.jetty.util.MultiMap; import org.junit.jupiter.api.Test; +import org.junit.jupiter.params.ParameterizedTest; +import org.junit.jupiter.params.provider.Arguments; +import org.junit.jupiter.params.provider.MethodSource; import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.is; @@ -214,11 +219,137 @@ public class HttpURITest } @Test - public void testBasicAuthCredentials() throws Exception + public void testSetters() throws Exception { - HttpURI uri = new HttpURI("http://user:password@example.com:8888/blah"); - assertEquals("http://user:password@example.com:8888/blah", uri.toString()); - assertEquals(uri.getAuthority(), "example.com:8888"); - assertEquals(uri.getUser(), "user:password"); + HttpURI uri = new HttpURI(); + assertEquals("", uri.toString()); + + uri = new HttpURI(null, null, 0, null, null, null, null); + assertEquals("", uri.toString()); + + uri.setPath("/path/info"); + assertEquals("/path/info", uri.toString()); + + uri.setAuthority("host", 8080); + assertEquals("//host:8080/path/info", uri.toString()); + + uri.setParam("param"); + assertEquals("//host:8080/path/info;param", uri.toString()); + + uri.setQuery("a=b"); + assertEquals("//host:8080/path/info;param?a=b", uri.toString()); + + uri.setScheme("http"); + assertEquals("http://host:8080/path/info;param?a=b", uri.toString()); + + uri.setPathQuery("/other;xxx/path;ppp?query"); + assertEquals("http://host:8080/other;xxx/path;ppp?query", uri.toString()); + + assertThat(uri.getScheme(), is("http")); + assertThat(uri.getAuthority(), is("host:8080")); + assertThat(uri.getHost(), is("host")); + assertThat(uri.getPort(), is(8080)); + assertThat(uri.getPath(), is("/other;xxx/path;ppp")); + assertThat(uri.getDecodedPath(), is("/other/path")); + assertThat(uri.getParam(), is("ppp")); + assertThat(uri.getQuery(), is("query")); + assertThat(uri.getPathQuery(), is("/other;xxx/path;ppp?query")); + + uri.setPathQuery(null); + assertEquals("http://host:8080", uri.toString()); + + uri.setPathQuery("/other;xxx/path;ppp?query"); + assertEquals("http://host:8080/other;xxx/path;ppp?query", uri.toString()); + + uri.setScheme(null); + assertEquals("//host:8080/other;xxx/path;ppp?query", uri.toString()); + + uri.setAuthority(null, -1); + assertEquals("/other;xxx/path;ppp?query", uri.toString()); + + uri.setParam(null); + assertEquals("/other;xxx/path?query", uri.toString()); + + uri.setQuery(null); + assertEquals("/other;xxx/path", uri.toString()); + + uri.setPath(null); + assertEquals("", uri.toString()); + } + + public static Stream decodePathTests() + { + return Arrays.stream(new Object[][] + { + // Simple path example + {"http://host/path/info", "/path/info", false}, + {"//host/path/info", "/path/info", false}, + {"/path/info", "/path/info", false}, + + // legal non ambiguous relative paths + {"http://host/../path/info", null, false}, + {"http://host/path/../info", "/info", false}, + {"http://host/path/./info", "/path/info", false}, + {"//host/path/../info", "/info", false}, + {"//host/path/./info", "/path/info", false}, + {"/path/../info", "/info", false}, + {"/path/./info", "/path/info", false}, + {"path/../info", "info", false}, + {"path/./info", "path/info", false}, + + // illegal paths + {"//host/../path/info", null, false}, + {"/../path/info", null, false}, + {"../path/info", null, false}, + {"/path/%XX/info", null, false}, + {"/path/%2/F/info", null, false}, + + // ambiguous dot encodings or parameter inclusions + {"scheme://host/path/%2e/info", "/path/./info", true}, + {"scheme:/path/%2e/info", "/path/./info", true}, + {"/path/%2e/info", "/path/./info", true}, + {"path/%2e/info/", "path/./info/", true}, + {"/path/%2e%2e/info", "/path/../info", true}, + {"/path/%2e%2e;/info", "/path/../info", true}, + {"/path/%2e%2e;param/info", "/path/../info", true}, + {"/path/%2e%2e;param;other/info;other", "/path/../info", true}, + {"/path/.;/info", "/path/./info", true}, + {"/path/.;param/info", "/path/./info", true}, + {"/path/..;/info", "/path/../info", true}, + {"/path/..;param/info", "/path/../info", true}, + {"%2e/info", "./info", true}, + {"%2e%2e/info", "../info", true}, + {"%2e%2e;/info", "../info", true}, + {".;/info", "./info", true}, + {".;param/info", "./info", true}, + {"..;/info", "../info", true}, + {"..;param/info", "../info", true}, + {"%2e", ".", true}, + {"%2e.", "..", true}, + {".%2e", "..", true}, + {"%2e%2e", "..", true}, + + // ambiguous segment separators + {"/path/%2f/info", "/path///info", true}, + {"%2f/info", "//info", true}, + {"%2F/info", "//info", true}, + + }).map(Arguments::of); + } + + @ParameterizedTest + @MethodSource("decodePathTests") + public void testDecodedPath(String input, String decodedPath, boolean ambiguous) + { + try + { + HttpURI uri = new HttpURI(input); + assertThat(uri.getDecodedPath(), is(decodedPath)); + assertThat(uri.hasAmbiguousSegment(), is(ambiguous)); + } + catch (Exception e) + { + assertThat(decodedPath, nullValue()); + } } } diff --git a/jetty-http/src/test/java/org/eclipse/jetty/http/MultiPartFormInputStreamTest.java b/jetty-http/src/test/java/org/eclipse/jetty/http/MultiPartFormInputStreamTest.java index fd833ac901f..f34acea63ee 100644 --- a/jetty-http/src/test/java/org/eclipse/jetty/http/MultiPartFormInputStreamTest.java +++ b/jetty-http/src/test/java/org/eclipse/jetty/http/MultiPartFormInputStreamTest.java @@ -761,9 +761,9 @@ public class MultiPartFormInputStreamTest assertEquals("Joe Blow", new String(os.toByteArray())); assertEquals(8, field1.getSize()); - assertNotNull(((MultiPartFormInputStream.MultiPart)field1).getBytes());//in internal buffer + assertNotNull(((MultiPartFormInputStream.MultiPart)field1).getBytes()); //in internal buffer field1.write("field1.txt"); - assertNull(((MultiPartFormInputStream.MultiPart)field1).getBytes());//no longer in internal buffer + assertNull(((MultiPartFormInputStream.MultiPart)field1).getBytes()); //no longer in internal buffer File f = new File(_dirname + File.separator + "field1.txt"); assertTrue(f.exists()); field1.write("another_field1.txt"); //write after having already written diff --git a/jetty-infinispan/infinispan-common/src/main/java/org/eclipse/jetty/session/infinispan/SessionDataMarshaller.java b/jetty-infinispan/infinispan-common/src/main/java/org/eclipse/jetty/session/infinispan/SessionDataMarshaller.java index 75566a1dc78..1a6b0a4cfdb 100644 --- a/jetty-infinispan/infinispan-common/src/main/java/org/eclipse/jetty/session/infinispan/SessionDataMarshaller.java +++ b/jetty-infinispan/infinispan-common/src/main/java/org/eclipse/jetty/session/infinispan/SessionDataMarshaller.java @@ -108,15 +108,15 @@ public class SessionDataMarshaller @Override public InfinispanSessionData readFrom(ProtoStreamReader in) throws IOException { - int version = in.readInt("version");// version of serialized session + int version = in.readInt("version"); // version of serialized session String id = in.readString("id"); // session id String cpath = in.readString("contextPath"); // context path String vhost = in.readString("vhost"); // first vhost - long accessed = in.readLong("accessed");// accessTime + long accessed = in.readLong("accessed"); // accessTime long lastAccessed = in.readLong("lastAccessed"); // lastAccessTime long created = in.readLong("created"); // time created - long cookieSet = in.readLong("cookieSet");// time cookie was set + long cookieSet = in.readLong("cookieSet"); // time cookie was set String lastNode = in.readString("lastNode"); // name of last node // managing @@ -147,10 +147,10 @@ public class SessionDataMarshaller out.writeString("contextPath", sdata.getContextPath()); // context path out.writeString("vhost", sdata.getVhost()); // first vhost - out.writeLong("accessed", sdata.getAccessed());// accessTime + out.writeLong("accessed", sdata.getAccessed()); // accessTime out.writeLong("lastAccessed", sdata.getLastAccessed()); // lastAccessTime out.writeLong("created", sdata.getCreated()); // time created - out.writeLong("cookieSet", sdata.getCookieSet());// time cookie was set + out.writeLong("cookieSet", sdata.getCookieSet()); // time cookie was set out.writeString("lastNode", sdata.getLastNode()); // name of last node // managing diff --git a/jetty-infinispan/infinispan-remote-query/src/test/java/org/eclipse/jetty/server/session/infinispan/RemoteQueryManagerTest.java b/jetty-infinispan/infinispan-remote-query/src/test/java/org/eclipse/jetty/server/session/infinispan/RemoteQueryManagerTest.java index b71a64796eb..2a2ae2e1c9b 100644 --- a/jetty-infinispan/infinispan-remote-query/src/test/java/org/eclipse/jetty/server/session/infinispan/RemoteQueryManagerTest.java +++ b/jetty-infinispan/infinispan-remote-query/src/test/java/org/eclipse/jetty/server/session/infinispan/RemoteQueryManagerTest.java @@ -68,14 +68,14 @@ public class RemoteQueryManagerTest GenericContainer infinispan = new GenericContainer(System.getProperty("infinispan.docker.image.name", "jboss/infinispan-server") + - ":" + System.getProperty("infinispan.docker.image.version", "9.4.8.Final")) - .withEnv("APP_USER","theuser") - .withEnv("APP_PASS","foobar") + ":" + System.getProperty("infinispan.docker.image.version", "9.4.8.Final")) + .withEnv("APP_USER", "theuser") + .withEnv("APP_PASS", "foobar") .withEnv("MGMT_USER", "admin") .withEnv("MGMT_PASS", "admin") .waitingFor(new LogMessageWaitStrategy() - .withRegEx(".*Infinispan Server.*started in.*\\s")) - .withExposedPorts(4712,4713,8088,8089,8443,9990,9993,11211,11222,11223,11224) + .withRegEx(".*Infinispan Server.*started in.*\\s")) + .withExposedPorts(4712, 4713, 8088, 8089, 8443, 9990, 9993, 11211, 11222, 11223, 11224) .withLogConsumer(new Slf4jLogConsumer(INFINISPAN_LOG)); @BeforeEach diff --git a/jetty-jaas/src/main/java/org/eclipse/jetty/jaas/PropertyUserStoreManager.java b/jetty-jaas/src/main/java/org/eclipse/jetty/jaas/PropertyUserStoreManager.java index 2b67f71f659..97815feef74 100644 --- a/jetty-jaas/src/main/java/org/eclipse/jetty/jaas/PropertyUserStoreManager.java +++ b/jetty-jaas/src/main/java/org/eclipse/jetty/jaas/PropertyUserStoreManager.java @@ -84,7 +84,7 @@ public class PropertyUserStoreManager extends AbstractLifeCycle @Override protected void doStop() throws Exception { - for (Map.Entry entry: _propertyUserStores.entrySet()) + for (Map.Entry entry : _propertyUserStores.entrySet()) { try { diff --git a/jetty-jmh/src/main/java/org/eclipse/jetty/client/jmh/ConnectionPoolsBenchmark.java b/jetty-jmh/src/main/java/org/eclipse/jetty/client/jmh/ConnectionPoolsBenchmark.java index c6be37fc748..8af5810adc7 100644 --- a/jetty-jmh/src/main/java/org/eclipse/jetty/client/jmh/ConnectionPoolsBenchmark.java +++ b/jetty-jmh/src/main/java/org/eclipse/jetty/client/jmh/ConnectionPoolsBenchmark.java @@ -97,11 +97,11 @@ public class ConnectionPoolsBenchmark pool.preCreateConnections(initialConnections).get(); break; case "uncached/multiplex": - pool = new MultiplexConnectionPool(httpDestination, maxConnections,false, Callback.NOOP, 12); + pool = new MultiplexConnectionPool(httpDestination, maxConnections, false, Callback.NOOP, 12); pool.preCreateConnections(initialConnections).get(); break; case "cached/multiplex": - pool = new MultiplexConnectionPool(httpDestination, maxConnections,true, Callback.NOOP, 12); + pool = new MultiplexConnectionPool(httpDestination, maxConnections, true, Callback.NOOP, 12); pool.preCreateConnections(initialConnections).get(); break; case "round-robin": diff --git a/jetty-maven-plugin/src/main/java/org/eclipse/jetty/maven/plugin/AbstractJettyMojo.java b/jetty-maven-plugin/src/main/java/org/eclipse/jetty/maven/plugin/AbstractJettyMojo.java index 0dc1598e4f6..62b8112c9ce 100644 --- a/jetty-maven-plugin/src/main/java/org/eclipse/jetty/maven/plugin/AbstractJettyMojo.java +++ b/jetty-maven-plugin/src/main/java/org/eclipse/jetty/maven/plugin/AbstractJettyMojo.java @@ -473,7 +473,7 @@ public abstract class AbstractJettyMojo extends AbstractMojo } catch (Exception e) { - getLog().error("Error reconfiguring/restarting webapp after change in watched files",e); + getLog().error("Error reconfiguring/restarting webapp after change in watched files", e); } } }); diff --git a/jetty-maven-plugin/src/main/java/org/eclipse/jetty/maven/plugin/SelectiveJarResource.java b/jetty-maven-plugin/src/main/java/org/eclipse/jetty/maven/plugin/SelectiveJarResource.java index 0864ba41b6e..4ea88b38ef4 100644 --- a/jetty-maven-plugin/src/main/java/org/eclipse/jetty/maven/plugin/SelectiveJarResource.java +++ b/jetty-maven-plugin/src/main/java/org/eclipse/jetty/maven/plugin/SelectiveJarResource.java @@ -47,7 +47,7 @@ import org.eclipse.jetty.util.resource.JarResource; public class SelectiveJarResource extends JarResource { private static final Logger LOG = Log.getLogger(SelectiveJarResource.class); - public static final List DEFAULT_INCLUDES = Arrays.asList("**");// No includes supplied, so set it to 'matches all' + public static final List DEFAULT_INCLUDES = Arrays.asList("**"); // No includes supplied, so set it to 'matches all' public static final List DEFAULT_EXCLUDES = Collections.emptyList(); //No includes, set to no exclusions List _includes = null; diff --git a/jetty-openid/src/test/java/org/eclipse/jetty/security/openid/OpenIdAuthenticationTest.java b/jetty-openid/src/test/java/org/eclipse/jetty/security/openid/OpenIdAuthenticationTest.java index 6c41ac8f86d..4290c697225 100644 --- a/jetty-openid/src/test/java/org/eclipse/jetty/security/openid/OpenIdAuthenticationTest.java +++ b/jetty-openid/src/test/java/org/eclipse/jetty/security/openid/OpenIdAuthenticationTest.java @@ -102,7 +102,7 @@ public class OpenIdAuthenticationTest OpenIdConfiguration configuration = new OpenIdConfiguration(openIdProvider.getProvider(), CLIENT_ID, CLIENT_SECRET); // Configure OpenIdLoginService optionally providing a base LoginService to provide user roles - OpenIdLoginService loginService = new OpenIdLoginService(configuration);//, hashLoginService); + OpenIdLoginService loginService = new OpenIdLoginService(configuration); securityHandler.setLoginService(loginService); Authenticator authenticator = new OpenIdAuthenticator(configuration, "/error"); diff --git a/jetty-osgi/jetty-osgi-boot/src/main/java/org/eclipse/jetty/osgi/boot/utils/internal/DefaultFileLocatorHelper.java b/jetty-osgi/jetty-osgi-boot/src/main/java/org/eclipse/jetty/osgi/boot/utils/internal/DefaultFileLocatorHelper.java index 60de0a67199..085b19a0358 100644 --- a/jetty-osgi/jetty-osgi-boot/src/main/java/org/eclipse/jetty/osgi/boot/utils/internal/DefaultFileLocatorHelper.java +++ b/jetty-osgi/jetty-osgi-boot/src/main/java/org/eclipse/jetty/osgi/boot/utils/internal/DefaultFileLocatorHelper.java @@ -53,12 +53,12 @@ public class DefaultFileLocatorHelper implements BundleFileLocatorHelper private static Field FILE_FIELD = null; - private static Field BUNDLE_FILE_FIELD_FOR_DIR_ZIP_BUNDLE_ENTRY = null;// ZipBundleFile + private static Field BUNDLE_FILE_FIELD_FOR_DIR_ZIP_BUNDLE_ENTRY = null; // ZipBundleFile // inside // DirZipBundleEntry - private static Field ZIP_FILE_FILED_FOR_ZIP_BUNDLE_FILE = null;// ZipFile + private static Field ZIP_FILE_FILED_FOR_ZIP_BUNDLE_FILE = null; // ZipFile private static final String[] FILE_BUNDLE_ENTRY_CLASSES = { "org.eclipse.osgi.baseadaptor.bundlefile.FileBundleEntry", "org.eclipse.osgi.storage.bundlefile.FileBundleEntry" diff --git a/jetty-osgi/test-jetty-osgi/src/test/java/org/eclipse/jetty/osgi/test/TestJettyOSGiBootHTTP2.java b/jetty-osgi/test-jetty-osgi/src/test/java/org/eclipse/jetty/osgi/test/TestJettyOSGiBootHTTP2.java index ca07ba9a529..d369dad8ddd 100644 --- a/jetty-osgi/test-jetty-osgi/src/test/java/org/eclipse/jetty/osgi/test/TestJettyOSGiBootHTTP2.java +++ b/jetty-osgi/test-jetty-osgi/src/test/java/org/eclipse/jetty/osgi/test/TestJettyOSGiBootHTTP2.java @@ -154,7 +154,7 @@ public class TestJettyOSGiBootHTTP2 httpClient.start(); ContentResponse response = httpClient.GET("https://localhost:" + port + "/jsp/jstl.jsp"); - assertEquals(HttpStatus.OK_200,response.getStatus()); + assertEquals(HttpStatus.OK_200, response.getStatus()); String body = response.getContentAsString(); assertTrue("Body contains \"JSTL Example\": " + body, body.contains("JSTL Example")); } diff --git a/jetty-plus/src/main/java/org/eclipse/jetty/plus/annotation/InjectionCollection.java b/jetty-plus/src/main/java/org/eclipse/jetty/plus/annotation/InjectionCollection.java index a8a69afc0d2..cd9311a92e1 100644 --- a/jetty-plus/src/main/java/org/eclipse/jetty/plus/annotation/InjectionCollection.java +++ b/jetty-plus/src/main/java/org/eclipse/jetty/plus/annotation/InjectionCollection.java @@ -21,11 +21,9 @@ package org.eclipse.jetty.plus.annotation; import java.lang.reflect.Field; import java.lang.reflect.Method; import java.util.Iterator; -import java.util.List; import java.util.Set; import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.ConcurrentMap; -import java.util.concurrent.CopyOnWriteArrayList; import java.util.concurrent.CopyOnWriteArraySet; import org.eclipse.jetty.util.log.Log; @@ -45,7 +43,7 @@ public class InjectionCollection public static final String INJECTION_COLLECTION = "org.eclipse.jetty.injectionCollection"; - private final ConcurrentMap> _injectionMap = new ConcurrentHashMap<>();//map of classname to injections + private final ConcurrentMap> _injectionMap = new ConcurrentHashMap<>(); //map of classname to injections public void add(Injection injection) { diff --git a/jetty-plus/src/main/java/org/eclipse/jetty/plus/annotation/RunAsCollection.java b/jetty-plus/src/main/java/org/eclipse/jetty/plus/annotation/RunAsCollection.java index 58c1619b642..cfe500125f9 100644 --- a/jetty-plus/src/main/java/org/eclipse/jetty/plus/annotation/RunAsCollection.java +++ b/jetty-plus/src/main/java/org/eclipse/jetty/plus/annotation/RunAsCollection.java @@ -35,7 +35,7 @@ public class RunAsCollection private static final Logger LOG = Log.getLogger(RunAsCollection.class); public static final String RUNAS_COLLECTION = "org.eclipse.jetty.runAsCollection"; - private ConcurrentMap _runAsMap = new ConcurrentHashMap();//map of classname to run-as + private ConcurrentMap _runAsMap = new ConcurrentHashMap(); //map of classname to run-as public void add(RunAs runAs) { diff --git a/jetty-plus/src/main/java/org/eclipse/jetty/plus/webapp/EnvConfiguration.java b/jetty-plus/src/main/java/org/eclipse/jetty/plus/webapp/EnvConfiguration.java index fbdc94aaa25..05173061db3 100644 --- a/jetty-plus/src/main/java/org/eclipse/jetty/plus/webapp/EnvConfiguration.java +++ b/jetty-plus/src/main/java/org/eclipse/jetty/plus/webapp/EnvConfiguration.java @@ -237,7 +237,7 @@ public class EnvConfiguration extends AbstractConfiguration { ee.bindToENC(ee.getJndiName()); Name namingEntryName = NamingEntryUtil.makeNamingEntryName(null, ee); - NamingUtil.bind(envCtx, namingEntryName.toString(), ee);//also save the EnvEntry in the context so we can check it later + NamingUtil.bind(envCtx, namingEntryName.toString(), ee); //also save the EnvEntry in the context so we can check it later } } diff --git a/jetty-runner/src/main/java/org/eclipse/jetty/runner/Runner.java b/jetty-runner/src/main/java/org/eclipse/jetty/runner/Runner.java index f60b3757cd8..1ad95d67732 100644 --- a/jetty-runner/src/main/java/org/eclipse/jetty/runner/Runner.java +++ b/jetty-runner/src/main/java/org/eclipse/jetty/runner/Runner.java @@ -32,7 +32,6 @@ import org.eclipse.jetty.security.ConstraintMapping; import org.eclipse.jetty.security.ConstraintSecurityHandler; import org.eclipse.jetty.security.HashLoginService; import org.eclipse.jetty.security.authentication.BasicAuthenticator; -import org.eclipse.jetty.server.AbstractConnector; import org.eclipse.jetty.server.Connector; import org.eclipse.jetty.server.Handler; import org.eclipse.jetty.server.NCSARequestLog; @@ -278,7 +277,7 @@ public class Runner _configFiles.add(args[++i]); break; case "--lib": - ++i;//skip + ++i; //skip break; case "--jar": @@ -286,7 +285,7 @@ public class Runner break; case "--classes": - ++i;//skip + ++i; //skip break; case "--stats": diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java b/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java index 93463b2f482..2e8251606ce 100644 --- a/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java +++ b/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java @@ -780,7 +780,7 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr return Collections.emptySet(); Set uncoveredPaths = new HashSet<>(); - for (Entry> entry : _constraintMap.entrySet()) + for (Entry> entry : _constraintMap.entrySet()) { Map methodMappings = entry.getValue(); diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/RoleInfo.java b/jetty-security/src/main/java/org/eclipse/jetty/security/RoleInfo.java index f8ba12f23ac..eba7b981c6e 100644 --- a/jetty-security/src/main/java/org/eclipse/jetty/security/RoleInfo.java +++ b/jetty-security/src/main/java/org/eclipse/jetty/security/RoleInfo.java @@ -41,7 +41,7 @@ public class RoleInfo /** * List of permitted roles */ - private final Set _roles = new CopyOnWriteArraySet(); + private final Set _roles = new CopyOnWriteArraySet<>(); public RoleInfo() { @@ -140,26 +140,28 @@ public class RoleInfo { if (other._forbidden) setForbidden(true); - else if (!other._checked) // TODO is this the right way around??? - setChecked(true); - else if (other._isAnyRole) - setAnyRole(true); - else if (other._isAnyAuth) - setAnyAuth(true); - else if (!_isAnyRole) + else if (other._checked) { - for (String r : other._roles) - { - _roles.add(r); - } - } + setChecked(true); + if (other._isAnyAuth) + setAnyAuth(true); + if (other._isAnyRole) + setAnyRole(true); + _roles.addAll(other._roles); + } setUserDataConstraint(other._userDataConstraint); } @Override public String toString() { - return "{RoleInfo" + (_forbidden ? ",F" : "") + (_checked ? ",C" : "") + (_isAnyRole ? ",*" : _roles) + (_userDataConstraint != null ? "," + _userDataConstraint : "") + "}"; + return String.format("RoleInfo@%x{%s%s%s%s,%s}", + hashCode(), + (_forbidden ? "Forbidden," : ""), + (_checked ? "Checked," : ""), + (_isAnyAuth ? "AnyAuth," : ""), + (_isAnyRole ? "*" : _roles), + _userDataConstraint); } } diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/SpnegoLoginService.java b/jetty-security/src/main/java/org/eclipse/jetty/security/SpnegoLoginService.java index 2fbbcd31fa6..b17baa7da02 100644 --- a/jetty-security/src/main/java/org/eclipse/jetty/security/SpnegoLoginService.java +++ b/jetty-security/src/main/java/org/eclipse/jetty/security/SpnegoLoginService.java @@ -43,7 +43,7 @@ public class SpnegoLoginService extends AbstractLifeCycle implements LoginServic { private static final Logger LOG = Log.getLogger(SpnegoLoginService.class); - protected IdentityService _identityService;// = new LdapIdentityService(); + protected IdentityService _identityService; protected String _name; private String _config; diff --git a/jetty-security/src/test/java/org/eclipse/jetty/security/ConstraintTest.java b/jetty-security/src/test/java/org/eclipse/jetty/security/ConstraintTest.java index 5353eef9e88..9eef996fb96 100644 --- a/jetty-security/src/test/java/org/eclipse/jetty/security/ConstraintTest.java +++ b/jetty-security/src/test/java/org/eclipse/jetty/security/ConstraintTest.java @@ -31,6 +31,7 @@ import java.util.Map; import java.util.Set; import java.util.concurrent.TimeUnit; import java.util.function.Consumer; +import java.util.logging.Logger; import java.util.regex.Matcher; import java.util.regex.Pattern; import java.util.stream.Stream; @@ -74,6 +75,7 @@ import org.junit.jupiter.params.provider.MethodSource; import static java.nio.charset.StandardCharsets.ISO_8859_1; import static org.hamcrest.MatcherAssert.assertThat; +import static org.hamcrest.Matchers.contains; import static org.hamcrest.Matchers.containsString; import static org.hamcrest.Matchers.in; import static org.hamcrest.Matchers.is; @@ -92,9 +94,17 @@ public class ConstraintTest private LocalConnector _connector; private ConstraintSecurityHandler _security; private HttpConfiguration _config; + private Constraint _forbidConstraint; + private Constraint _authAnyRoleConstraint; + private Constraint _authAdminConstraint; + private Constraint _relaxConstraint; + private Constraint _loginPageConstraint; + private Constraint _noAuthConstraint; + private Constraint _confidentialDataConstraint; + private Constraint _anyUserAuthConstraint; @BeforeEach - public void startServer() + public void setupServer() { _server = new Server(); _connector = new LocalConnector(_server); @@ -143,98 +153,80 @@ public class ConstraintTest private List getConstraintMappings() { - Constraint constraint0 = new Constraint(); - constraint0.setAuthenticate(true); - constraint0.setName("forbid"); + _forbidConstraint = new Constraint(); + _forbidConstraint.setAuthenticate(true); + _forbidConstraint.setName("forbid"); ConstraintMapping mapping0 = new ConstraintMapping(); mapping0.setPathSpec("/forbid/*"); - mapping0.setConstraint(constraint0); + mapping0.setConstraint(_forbidConstraint); - Constraint constraint1 = new Constraint(); - constraint1.setAuthenticate(true); - constraint1.setName("auth"); - constraint1.setRoles(new String[]{Constraint.ANY_ROLE}); + _authAnyRoleConstraint = new Constraint(); + _authAnyRoleConstraint.setAuthenticate(true); + _authAnyRoleConstraint.setName("auth"); + _authAnyRoleConstraint.setRoles(new String[]{Constraint.ANY_ROLE}); ConstraintMapping mapping1 = new ConstraintMapping(); mapping1.setPathSpec("/auth/*"); - mapping1.setConstraint(constraint1); + mapping1.setConstraint(_authAnyRoleConstraint); - Constraint constraint2 = new Constraint(); - constraint2.setAuthenticate(true); - constraint2.setName("admin"); - constraint2.setRoles(new String[]{"administrator"}); + _authAdminConstraint = new Constraint(); + _authAdminConstraint.setAuthenticate(true); + _authAdminConstraint.setName("admin"); + _authAdminConstraint.setRoles(new String[]{"administrator"}); ConstraintMapping mapping2 = new ConstraintMapping(); mapping2.setPathSpec("/admin/*"); - mapping2.setConstraint(constraint2); + mapping2.setConstraint(_authAdminConstraint); mapping2.setMethod("GET"); + ConstraintMapping mapping2o = new ConstraintMapping(); + mapping2o.setPathSpec("/admin/*"); + mapping2o.setConstraint(_forbidConstraint); + mapping2o.setMethodOmissions(new String[]{"GET"}); - Constraint constraint3 = new Constraint(); - constraint3.setAuthenticate(false); - constraint3.setName("relax"); + _relaxConstraint = new Constraint(); + _relaxConstraint.setAuthenticate(false); + _relaxConstraint.setName("relax"); ConstraintMapping mapping3 = new ConstraintMapping(); mapping3.setPathSpec("/admin/relax/*"); - mapping3.setConstraint(constraint3); + mapping3.setConstraint(_relaxConstraint); - Constraint constraint4 = new Constraint(); - constraint4.setAuthenticate(true); - constraint4.setName("loginpage"); - constraint4.setRoles(new String[]{"administrator"}); + _loginPageConstraint = new Constraint(); + _loginPageConstraint.setAuthenticate(true); + _loginPageConstraint.setName("loginpage"); + _loginPageConstraint.setRoles(new String[]{"administrator"}); ConstraintMapping mapping4 = new ConstraintMapping(); mapping4.setPathSpec("/testLoginPage"); - mapping4.setConstraint(constraint4); + mapping4.setConstraint(_loginPageConstraint); - Constraint constraint5 = new Constraint(); - constraint5.setAuthenticate(false); - constraint5.setName("allow forbidden POST"); + _noAuthConstraint = new Constraint(); + _noAuthConstraint.setAuthenticate(false); + _noAuthConstraint.setName("allow forbidden"); ConstraintMapping mapping5 = new ConstraintMapping(); mapping5.setPathSpec("/forbid/post"); - mapping5.setConstraint(constraint5); + mapping5.setConstraint(_noAuthConstraint); mapping5.setMethod("POST"); + ConstraintMapping mapping5o = new ConstraintMapping(); + mapping5o.setPathSpec("/forbid/post"); + mapping5o.setConstraint(_forbidConstraint); + mapping5o.setMethodOmissions(new String[]{"POST"}); - Constraint constraint6 = new Constraint(); - constraint6.setAuthenticate(false); - constraint6.setName("data constraint"); - constraint6.setDataConstraint(2); + _confidentialDataConstraint = new Constraint(); + _confidentialDataConstraint.setAuthenticate(false); + _confidentialDataConstraint.setName("data constraint"); + _confidentialDataConstraint.setDataConstraint(Constraint.DC_CONFIDENTIAL); ConstraintMapping mapping6 = new ConstraintMapping(); mapping6.setPathSpec("/data/*"); - mapping6.setConstraint(constraint6); + mapping6.setConstraint(_confidentialDataConstraint); - Constraint constraint7 = new Constraint(); - constraint7.setAuthenticate(true); - constraint7.setName("** constraint"); - constraint7.setRoles(new String[]{ + _anyUserAuthConstraint = new Constraint(); + _anyUserAuthConstraint.setAuthenticate(true); + _anyUserAuthConstraint.setName("** constraint"); + _anyUserAuthConstraint.setRoles(new String[]{ Constraint.ANY_AUTH, "user" }); //the "user" role is superfluous once ** has been defined ConstraintMapping mapping7 = new ConstraintMapping(); mapping7.setPathSpec("/starstar/*"); - mapping7.setConstraint(constraint7); + mapping7.setConstraint(_anyUserAuthConstraint); - return Arrays.asList(mapping0, mapping1, mapping2, mapping3, mapping4, mapping5, mapping6, mapping7); - } - - @Test - public void testConstraints() throws Exception - { - List mappings = new ArrayList<>(_security.getConstraintMappings()); - - assertTrue(mappings.get(0).getConstraint().isForbidden()); - assertFalse(mappings.get(1).getConstraint().isForbidden()); - assertFalse(mappings.get(2).getConstraint().isForbidden()); - assertFalse(mappings.get(3).getConstraint().isForbidden()); - - assertFalse(mappings.get(0).getConstraint().isAnyRole()); - assertTrue(mappings.get(1).getConstraint().isAnyRole()); - assertFalse(mappings.get(2).getConstraint().isAnyRole()); - assertFalse(mappings.get(3).getConstraint().isAnyRole()); - - assertFalse(mappings.get(0).getConstraint().hasRole("administrator")); - assertTrue(mappings.get(1).getConstraint().hasRole("administrator")); - assertTrue(mappings.get(2).getConstraint().hasRole("administrator")); - assertFalse(mappings.get(3).getConstraint().hasRole("administrator")); - - assertTrue(mappings.get(0).getConstraint().getAuthenticate()); - assertTrue(mappings.get(1).getConstraint().getAuthenticate()); - assertTrue(mappings.get(2).getConstraint().getAuthenticate()); - assertFalse(mappings.get(3).getConstraint().getAuthenticate()); + return Arrays.asList(mapping0, mapping1, mapping2, mapping2o, mapping3, mapping4, mapping5, mapping5o, mapping6, mapping7); } /** @@ -758,7 +750,7 @@ public class ConstraintTest constraint8.setRoles(new String[]{"foo"}); ConstraintMapping mapping8 = new ConstraintMapping(); mapping8.setPathSpec("/omit/*"); - mapping8.setConstraint(constraint8);//requests for all methods must be in role "foo" + mapping8.setConstraint(constraint8); //requests for all methods must be in role "foo" list.add(mapping8); Set knownRoles = new HashSet<>(); @@ -1798,7 +1790,78 @@ public class ConstraintTest assertThat(response, startsWith("HTTP/1.1 200 ")); response = _connector.getResponse("GET /ctx/forbid/post HTTP/1.0\r\n\r\n"); - assertThat(response, startsWith("HTTP/1.1 200 ")); // This is so stupid, but it is the S P E C + assertThat(response, startsWith("HTTP/1.1 403 ")); + } + + @Test + public void testUncoveredMethod() throws Exception + { + ConstraintMapping specificMethod = new ConstraintMapping(); + specificMethod.setMethod("GET"); + specificMethod.setPathSpec("/specific/method"); + specificMethod.setConstraint(_forbidConstraint); + _security.addConstraintMapping(specificMethod); + _security.setAuthenticator(new BasicAuthenticator()); + Logger.getAnonymousLogger().info("Uncovered method for /specific/method is expected"); + _server.start(); + + assertThat(_security.getPathsWithUncoveredHttpMethods(), contains("/specific/method")); + + String response; + response = _connector.getResponse("GET /ctx/specific/method HTTP/1.0\r\n\r\n"); + assertThat(response, startsWith("HTTP/1.1 403 ")); + + response = _connector.getResponse("POST /ctx/specific/method HTTP/1.0\r\n\r\n"); + assertThat(response, startsWith("HTTP/1.1 200 ")); // This is so stupid, but it is the S P E C + } + + @Test + public void testForbidTraceAndOptions() throws Exception + { + ConstraintMapping forbidTrace = new ConstraintMapping(); + forbidTrace.setMethod("TRACE"); + forbidTrace.setPathSpec("/"); + forbidTrace.setConstraint(_forbidConstraint); + ConstraintMapping allowOmitTrace = new ConstraintMapping(); + allowOmitTrace.setMethodOmissions(new String[] {"TRACE"}); + allowOmitTrace.setPathSpec("/"); + allowOmitTrace.setConstraint(_relaxConstraint); + + ConstraintMapping forbidOptions = new ConstraintMapping(); + forbidOptions.setMethod("OPTIONS"); + forbidOptions.setPathSpec("/"); + forbidOptions.setConstraint(_forbidConstraint); + ConstraintMapping allowOmitOptions = new ConstraintMapping(); + allowOmitOptions.setMethodOmissions(new String[] {"OPTIONS"}); + allowOmitOptions.setPathSpec("/"); + allowOmitOptions.setConstraint(_relaxConstraint); + + ConstraintMapping someConstraint = new ConstraintMapping(); + someConstraint.setPathSpec("/some/constaint/*"); + someConstraint.setConstraint(_noAuthConstraint); + + _security.setConstraintMappings(new ConstraintMapping[] {forbidTrace, allowOmitTrace, forbidOptions, allowOmitOptions, someConstraint}); + + _security.setAuthenticator(new BasicAuthenticator()); + _server.start(); + + assertThat(_security.getPathsWithUncoveredHttpMethods(), Matchers.empty()); + + String response; + response = _connector.getResponse("TRACE /ctx/some/path HTTP/1.0\r\n\r\n"); + assertThat(response, startsWith("HTTP/1.1 403 ")); + + response = _connector.getResponse("OPTIONS /ctx/some/path HTTP/1.0\r\n\r\n"); + assertThat(response, startsWith("HTTP/1.1 403 ")); + + response = _connector.getResponse("GET /ctx/some/path HTTP/1.0\r\n\r\n"); + assertThat(response, startsWith("HTTP/1.1 200 ")); + + response = _connector.getResponse("GET /ctx/some/constraint/info HTTP/1.0\r\n\r\n"); + assertThat(response, startsWith("HTTP/1.1 200 ")); + + response = _connector.getResponse("OPTIONS /ctx/some/constraint/info HTTP/1.0\r\n\r\n"); + assertThat(response, startsWith("HTTP/1.1 403 ")); } private static String authBase64(String authorization) diff --git a/jetty-server/src/main/java/org/eclipse/jetty/server/HttpChannel.java b/jetty-server/src/main/java/org/eclipse/jetty/server/HttpChannel.java index c80ac4b2e5d..314ee5274af 100644 --- a/jetty-server/src/main/java/org/eclipse/jetty/server/HttpChannel.java +++ b/jetty-server/src/main/java/org/eclipse/jetty/server/HttpChannel.java @@ -393,7 +393,7 @@ public class HttpChannel implements Runnable, HttpOutput.Interceptor case ASYNC_DISPATCH: { - dispatch(DispatcherType.ASYNC,() -> getServer().handleAsync(this)); + dispatch(DispatcherType.ASYNC, () -> getServer().handleAsync(this)); break; } @@ -432,7 +432,7 @@ public class HttpChannel implements Runnable, HttpOutput.Interceptor break; } - dispatch(DispatcherType.ERROR,() -> + dispatch(DispatcherType.ERROR, () -> { errorHandler.handle(null, _request, _request, _response); _request.setHandled(true); diff --git a/jetty-server/src/main/java/org/eclipse/jetty/server/HttpConnection.java b/jetty-server/src/main/java/org/eclipse/jetty/server/HttpConnection.java index 6849de64e86..aa1acf5f7df 100644 --- a/jetty-server/src/main/java/org/eclipse/jetty/server/HttpConnection.java +++ b/jetty-server/src/main/java/org/eclipse/jetty/server/HttpConnection.java @@ -114,6 +114,12 @@ public class HttpConnection extends AbstractConnection implements Runnable, Http LOG.debug("New HTTP Connection {}", this); } + @Deprecated + public HttpCompliance getHttpCompliance() + { + return _parser.getHttpCompliance(); + } + public HttpConfiguration getHttpConfiguration() { return _config; diff --git a/jetty-server/src/main/java/org/eclipse/jetty/server/Request.java b/jetty-server/src/main/java/org/eclipse/jetty/server/Request.java index 634b3733999..bcd2777a311 100644 --- a/jetty-server/src/main/java/org/eclipse/jetty/server/Request.java +++ b/jetty-server/src/main/java/org/eclipse/jetty/server/Request.java @@ -65,6 +65,8 @@ import javax.servlet.http.Part; import org.eclipse.jetty.http.BadMessageException; import org.eclipse.jetty.http.HostPortHttpField; +import org.eclipse.jetty.http.HttpCompliance; +import org.eclipse.jetty.http.HttpComplianceSection; import org.eclipse.jetty.http.HttpCookie; import org.eclipse.jetty.http.HttpField; import org.eclipse.jetty.http.HttpFields; @@ -77,6 +79,7 @@ import org.eclipse.jetty.http.HttpURI; import org.eclipse.jetty.http.HttpVersion; import org.eclipse.jetty.http.MetaData; import org.eclipse.jetty.http.MimeTypes; +import org.eclipse.jetty.io.Connection; import org.eclipse.jetty.io.RuntimeIOException; import org.eclipse.jetty.server.handler.ContextHandler; import org.eclipse.jetty.server.handler.ContextHandler.Context; @@ -1820,6 +1823,19 @@ public class Request implements HttpServletRequest setMethod(request.getMethod()); HttpURI uri = request.getURI(); + + if (uri.hasAmbiguousSegment()) + { + // TODO replace in jetty-10 with HttpCompliance from the HttpConfiguration + Connection connection = _channel.getConnection(); + HttpCompliance compliance = connection instanceof HttpConnection + ? ((HttpConnection)connection).getHttpCompliance() + : _channel.getConnector().getBean(HttpCompliance.class); + boolean allow = compliance != null && !compliance.sections().contains(HttpComplianceSection.NO_AMBIGUOUS_PATH_SEGMENTS); + if (!allow) + throw new BadMessageException("Ambiguous segment in URI"); + } + _originalURI = uri.isAbsolute() && request.getHttpVersion() != HttpVersion.HTTP_2 ? uri.toString() : uri.getPathQuery(); String encoded = uri.getPath(); @@ -1831,7 +1847,7 @@ public class Request implements HttpServletRequest } else if (encoded.startsWith("/")) { - path = (encoded.length() == 1) ? "/" : URIUtil.canonicalPath(uri.getDecodedPath()); + path = (encoded.length() == 1) ? "/" : uri.getDecodedPath(); } else if ("*".equals(encoded) || HttpMethod.CONNECT.is(getMethod())) { diff --git a/jetty-server/src/main/java/org/eclipse/jetty/server/ResourceService.java b/jetty-server/src/main/java/org/eclipse/jetty/server/ResourceService.java index c7fd21f4e80..c3866cd5f01 100644 --- a/jetty-server/src/main/java/org/eclipse/jetty/server/ResourceService.java +++ b/jetty-server/src/main/java/org/eclipse/jetty/server/ResourceService.java @@ -691,7 +691,7 @@ public class ResourceService putHeaders(response, content, Response.USE_KNOWN_CONTENT_LENGTH); // write the content asynchronously if supported - if (request.isAsyncSupported() && content.getContentLengthValue() > response.getBufferSize()) + if (request.isAsyncSupported()) { final AsyncContext context = request.startAsync(); context.setTimeout(0); diff --git a/jetty-server/src/main/java/org/eclipse/jetty/server/handler/ErrorHandler.java b/jetty-server/src/main/java/org/eclipse/jetty/server/handler/ErrorHandler.java index 0186c21f759..d9ad0741a65 100644 --- a/jetty-server/src/main/java/org/eclipse/jetty/server/handler/ErrorHandler.java +++ b/jetty-server/src/main/java/org/eclipse/jetty/server/handler/ErrorHandler.java @@ -472,7 +472,7 @@ public class ErrorHandler extends AbstractHandler { Throwable cause = (Throwable)request.getAttribute(Dispatcher.ERROR_EXCEPTION); Object servlet = request.getAttribute(Dispatcher.ERROR_SERVLET_NAME); - Map json = new HashMap<>(); + Map json = new HashMap<>(); json.put("url", request.getRequestURI()); json.put("status", Integer.toString(code)); diff --git a/jetty-server/src/main/java/org/eclipse/jetty/server/session/AbstractSessionCache.java b/jetty-server/src/main/java/org/eclipse/jetty/server/session/AbstractSessionCache.java index 1c4f9edd058..5265b1e5baa 100644 --- a/jetty-server/src/main/java/org/eclipse/jetty/server/session/AbstractSessionCache.java +++ b/jetty-server/src/main/java/org/eclipse/jetty/server/session/AbstractSessionCache.java @@ -424,7 +424,7 @@ public abstract class AbstractSessionCache extends ContainerLifeCycle implements if (data == null) //session doesn't exist return null; - data.setLastNode(_context.getWorkerName());//we are going to manage the node + data.setLastNode(_context.getWorkerName()); //we are going to manage the node session = newSession(data); return session; } @@ -590,7 +590,7 @@ public abstract class AbstractSessionCache extends ContainerLifeCycle implements //reactivate the session session.didActivate(); session.setResident(true); - doPutIfAbsent(id, session);//ensure it is in our map + doPutIfAbsent(id, session); //ensure it is in our map if (LOG.isDebugEnabled()) LOG.debug("Session reactivated id={}", id); } diff --git a/jetty-server/src/main/java/org/eclipse/jetty/server/session/JDBCSessionDataStore.java b/jetty-server/src/main/java/org/eclipse/jetty/server/session/JDBCSessionDataStore.java index 5e4dd54fc51..6bfb3cae47b 100644 --- a/jetty-server/src/main/java/org/eclipse/jetty/server/session/JDBCSessionDataStore.java +++ b/jetty-server/src/main/java/org/eclipse/jetty/server/session/JDBCSessionDataStore.java @@ -735,22 +735,22 @@ public class JDBCSessionDataStore extends AbstractSessionDataStore statement.setString(2, cp); //context path statement.setString(3, _context.getVhost()); //first vhost - statement.setString(4, data.getLastNode());//my node id - statement.setLong(5, data.getAccessed());//accessTime + statement.setString(4, data.getLastNode()); //my node id + statement.setLong(5, data.getAccessed()); //accessTime statement.setLong(6, data.getLastAccessed()); //lastAccessTime statement.setLong(7, data.getCreated()); //time created - statement.setLong(8, data.getCookieSet());//time cookie was set + statement.setLong(8, data.getCookieSet()); //time cookie was set statement.setLong(9, data.getLastSaved()); //last saved time statement.setLong(10, data.getExpiry()); statement.setLong(11, data.getMaxInactiveMs()); try (ByteArrayOutputStream baos = new ByteArrayOutputStream(); - ObjectOutputStream oos = new ObjectOutputStream(baos)) + ObjectOutputStream oos = new ObjectOutputStream(baos)) { SessionData.serializeAttributes(data, oos); byte[] bytes = baos.toByteArray(); ByteArrayInputStream bais = new ByteArrayInputStream(bytes); - statement.setBinaryStream(12, bais, bytes.length);//attribute map as blob + statement.setBinaryStream(12, bais, bytes.length); //attribute map as blob } statement.executeUpdate(); @@ -768,21 +768,21 @@ public class JDBCSessionDataStore extends AbstractSessionDataStore connection.setAutoCommit(true); try (PreparedStatement statement = _sessionTableSchema.getUpdateSessionStatement(connection, data.getId(), _context)) { - statement.setString(1, data.getLastNode());//should be my node id - statement.setLong(2, data.getAccessed());//accessTime + statement.setString(1, data.getLastNode()); //should be my node id + statement.setLong(2, data.getAccessed()); //accessTime statement.setLong(3, data.getLastAccessed()); //lastAccessTime statement.setLong(4, data.getLastSaved()); //last saved time statement.setLong(5, data.getExpiry()); statement.setLong(6, data.getMaxInactiveMs()); try (ByteArrayOutputStream baos = new ByteArrayOutputStream(); - ObjectOutputStream oos = new ObjectOutputStream(baos)) + ObjectOutputStream oos = new ObjectOutputStream(baos)) { SessionData.serializeAttributes(data, oos); byte[] bytes = baos.toByteArray(); try (ByteArrayInputStream bais = new ByteArrayInputStream(bytes)) { - statement.setBinaryStream(7, bais, bytes.length);//attribute map as blob + statement.setBinaryStream(7, bais, bytes.length); //attribute map as blob } } diff --git a/jetty-server/src/main/java/org/eclipse/jetty/server/session/SessionData.java b/jetty-server/src/main/java/org/eclipse/jetty/server/session/SessionData.java index 0ee9cf29824..978d3d8a66d 100644 --- a/jetty-server/src/main/java/org/eclipse/jetty/server/session/SessionData.java +++ b/jetty-server/src/main/java/org/eclipse/jetty/server/session/SessionData.java @@ -465,10 +465,10 @@ public class SessionData implements Serializable out.writeUTF(_id); //session id out.writeUTF(_contextPath); //context path out.writeUTF(_vhost); //first vhost - out.writeLong(_accessed);//accessTime + out.writeLong(_accessed); //accessTime out.writeLong(_lastAccessed); //lastAccessTime out.writeLong(_created); //time created - out.writeLong(_cookieSet);//time cookie was set + out.writeLong(_cookieSet); //time cookie was set out.writeUTF(_lastNode); //name of last node managing out.writeLong(_expiry); out.writeLong(_maxInactiveMs); @@ -480,10 +480,10 @@ public class SessionData implements Serializable _id = in.readUTF(); _contextPath = in.readUTF(); _vhost = in.readUTF(); - _accessed = in.readLong();//accessTime + _accessed = in.readLong(); //accessTime _lastAccessed = in.readLong(); //lastAccessTime _created = in.readLong(); //time created - _cookieSet = in.readLong();//time cookie was set + _cookieSet = in.readLong(); //time cookie was set _lastNode = in.readUTF(); //last managing node _expiry = in.readLong(); _maxInactiveMs = in.readLong(); diff --git a/jetty-server/src/test/java/org/eclipse/jetty/server/ClassLoaderDumpTest.java b/jetty-server/src/test/java/org/eclipse/jetty/server/ClassLoaderDumpTest.java index a3e67eb33e8..66814f18305 100644 --- a/jetty-server/src/test/java/org/eclipse/jetty/server/ClassLoaderDumpTest.java +++ b/jetty-server/src/test/java/org/eclipse/jetty/server/ClassLoaderDumpTest.java @@ -158,7 +158,7 @@ public class ClassLoaderDumpTest { Server server = new Server(); ClassLoader middleLoader = new URLClassLoader(new URL[] - {new URL("file:/one"), new URL("file:/two"), new URL("file:/three"),}, + {new URL("file:/one"), new URL("file:/two"), new URL("file:/three")}, Server.class.getClassLoader()) { public String toString() @@ -167,7 +167,7 @@ public class ClassLoaderDumpTest } }; ClassLoader loader = new URLClassLoader(new URL[] - {new URL("file:/ONE"), new URL("file:/TWO"), new URL("file:/THREE"),}, + {new URL("file:/ONE"), new URL("file:/TWO"), new URL("file:/THREE")}, middleLoader) { public String toString() diff --git a/jetty-server/src/test/java/org/eclipse/jetty/server/HttpConnectionTest.java b/jetty-server/src/test/java/org/eclipse/jetty/server/HttpConnectionTest.java index a480503e1d1..72197e6867a 100644 --- a/jetty-server/src/test/java/org/eclipse/jetty/server/HttpConnectionTest.java +++ b/jetty-server/src/test/java/org/eclipse/jetty/server/HttpConnectionTest.java @@ -500,43 +500,28 @@ public class HttpConnectionTest public void testBadPathDotDotPath() throws Exception { String response = connector.getResponse("GET /ooops/../../path HTTP/1.0\r\nHost: localhost:80\r\n\n"); - checkContains(response, 0, "HTTP/1.1 400 Bad URI"); - } - - @Test - public void testOKPathEncodedDotDotPath() throws Exception - { - String response = connector.getResponse("GET /ooops/%2e%2e/path HTTP/1.0\r\nHost: localhost:80\r\n\n"); - checkContains(response, 0, "HTTP/1.1 200 OK"); - checkContains(response, 0, "pathInfo=/path"); - } - - @Test - public void testBadPathEncodedDotDotPath() throws Exception - { - String response = connector.getResponse("GET /ooops/%2e%2e/%2e%2e/path HTTP/1.0\r\nHost: localhost:80\r\n\n"); - checkContains(response, 0, "HTTP/1.1 400 Bad URI"); + checkContains(response, 0, "HTTP/1.1 400 "); } @Test public void testBadDotDotPath() throws Exception { String response = connector.getResponse("GET ../path HTTP/1.0\r\nHost: localhost:80\r\n\n"); - checkContains(response, 0, "HTTP/1.1 400 Bad URI"); + checkContains(response, 0, "HTTP/1.1 400 "); } @Test public void testBadSlashDotDotPath() throws Exception { String response = connector.getResponse("GET /../path HTTP/1.0\r\nHost: localhost:80\r\n\n"); - checkContains(response, 0, "HTTP/1.1 400 Bad URI"); + checkContains(response, 0, "HTTP/1.1 400 "); } @Test public void testEncodedBadDotDotPath() throws Exception { String response = connector.getResponse("GET %2e%2e/path HTTP/1.0\r\nHost: localhost:80\r\n\n"); - checkContains(response, 0, "HTTP/1.1 400 Bad URI"); + checkContains(response, 0, "HTTP/1.1 400 "); } @Test diff --git a/jetty-server/src/test/java/org/eclipse/jetty/server/RequestTest.java b/jetty-server/src/test/java/org/eclipse/jetty/server/RequestTest.java index 8327245054e..1f796ab7a13 100644 --- a/jetty-server/src/test/java/org/eclipse/jetty/server/RequestTest.java +++ b/jetty-server/src/test/java/org/eclipse/jetty/server/RequestTest.java @@ -636,7 +636,7 @@ public class RequestTest System.out.println(request); String responses = _connector.getResponse(request); - assertThat(responses,startsWith("HTTP/1.1 200")); + assertThat(responses, startsWith("HTTP/1.1 200")); } /** @@ -1836,6 +1836,28 @@ public class RequestTest assertEquals(0, request.getParameterMap().size()); } + @Test + public void testAmbiguousPaths() throws Exception + { + _handler._checker = (request, response) -> true; + + String request = "GET /ambiguous/..;/path HTTP/1.0\r\n" + + "Host: whatever\r\n" + + "\r\n"; + + _connector.getBean(HttpConnectionFactory.class).setHttpCompliance(HttpCompliance.RFC7230); + assertThat(_connector.getResponse(request), startsWith("HTTP/1.1 400")); + + _connector.getBean(HttpConnectionFactory.class).setHttpCompliance(HttpCompliance.RFC7230_LEGACY); + assertThat(_connector.getResponse(request), startsWith("HTTP/1.1 200")); + + _connector.getBean(HttpConnectionFactory.class).setHttpCompliance(HttpCompliance.RFC2616); + assertThat(_connector.getResponse(request), startsWith("HTTP/1.1 400")); + + _connector.getBean(HttpConnectionFactory.class).setHttpCompliance(HttpCompliance.RFC2616_LEGACY); + assertThat(_connector.getResponse(request), startsWith("HTTP/1.1 200")); + } + private static long getFileCount(Path path) { try (Stream s = Files.list(path)) diff --git a/jetty-server/src/test/java/org/eclipse/jetty/server/handler/ContextHandlerGetResourceTest.java b/jetty-server/src/test/java/org/eclipse/jetty/server/handler/ContextHandlerGetResourceTest.java index ad97686b918..a6a471b9347 100644 --- a/jetty-server/src/test/java/org/eclipse/jetty/server/handler/ContextHandlerGetResourceTest.java +++ b/jetty-server/src/test/java/org/eclipse/jetty/server/handler/ContextHandlerGetResourceTest.java @@ -42,7 +42,6 @@ import static org.junit.jupiter.api.Assertions.assertNotNull; import static org.junit.jupiter.api.Assertions.assertNull; import static org.junit.jupiter.api.Assertions.assertThrows; import static org.junit.jupiter.api.Assertions.assertTrue; -import static org.junit.jupiter.api.Assertions.fail; import static org.junit.jupiter.api.Assumptions.assumeTrue; import static org.junit.jupiter.api.condition.OS.LINUX; import static org.junit.jupiter.api.condition.OS.MAC; @@ -139,8 +138,8 @@ public class ContextHandlerGetResourceTest public void testBadPath() throws Exception { final String path = "bad"; - assertThrows(MalformedURLException.class,() -> context.getResource(path)); - assertThrows(MalformedURLException.class,() -> context.getServletContext().getResource(path)); + assertThrows(MalformedURLException.class, () -> context.getResource(path)); + assertThrows(MalformedURLException.class, () -> context.getServletContext().getResource(path)); } @Test diff --git a/jetty-server/src/test/java/org/eclipse/jetty/server/session/SessionHandlerTest.java b/jetty-server/src/test/java/org/eclipse/jetty/server/session/SessionHandlerTest.java index e5995225b12..db26baa5771 100644 --- a/jetty-server/src/test/java/org/eclipse/jetty/server/session/SessionHandlerTest.java +++ b/jetty-server/src/test/java/org/eclipse/jetty/server/session/SessionHandlerTest.java @@ -35,7 +35,7 @@ public class SessionHandlerTest SessionHandler sessionHandler = new SessionHandler(); sessionHandler.setSessionTrackingModes(new HashSet<>(Arrays.asList(SessionTrackingMode.COOKIE, SessionTrackingMode.URL))); sessionHandler.setSessionTrackingModes(Collections.singleton(SessionTrackingMode.SSL)); - assertThrows(IllegalArgumentException.class,() -> + assertThrows(IllegalArgumentException.class, () -> sessionHandler.setSessionTrackingModes(new HashSet<>(Arrays.asList(SessionTrackingMode.SSL, SessionTrackingMode.URL)))); } } diff --git a/jetty-servlet/src/main/java/org/eclipse/jetty/servlet/ServletHandler.java b/jetty-servlet/src/main/java/org/eclipse/jetty/servlet/ServletHandler.java index 6d36be37b28..65956ae9d86 100644 --- a/jetty-servlet/src/main/java/org/eclipse/jetty/servlet/ServletHandler.java +++ b/jetty-servlet/src/main/java/org/eclipse/jetty/servlet/ServletHandler.java @@ -816,7 +816,7 @@ public class ServletHandler extends ScopedHandler { if (listeners != null) initializeHolders(listeners); - updateBeans(_listeners,listeners); + updateBeans(_listeners, listeners); _listeners = listeners; } @@ -1491,7 +1491,7 @@ public class ServletHandler extends ScopedHandler */ public void setFilterMappings(FilterMapping[] filterMappings) { - updateBeans(_filterMappings,filterMappings); + updateBeans(_filterMappings, filterMappings); _filterMappings = filterMappings; if (isRunning()) updateMappings(); @@ -1502,7 +1502,7 @@ public class ServletHandler extends ScopedHandler { if (holders != null) initializeHolders(holders); - updateBeans(_filters,holders); + updateBeans(_filters, holders); _filters = holders; updateNameMappings(); invalidateChainsCache(); @@ -1513,7 +1513,7 @@ public class ServletHandler extends ScopedHandler */ public void setServletMappings(ServletMapping[] servletMappings) { - updateBeans(_servletMappings,servletMappings); + updateBeans(_servletMappings, servletMappings); _servletMappings = servletMappings; if (isRunning()) updateMappings(); @@ -1529,7 +1529,7 @@ public class ServletHandler extends ScopedHandler { if (holders != null) initializeHolders(holders); - updateBeans(_servlets,holders); + updateBeans(_servlets, holders); _servlets = holders; updateNameMappings(); invalidateChainsCache(); diff --git a/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/AsyncContextTest.java b/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/AsyncContextTest.java index 87c08dc3545..d6e9b838c2a 100644 --- a/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/AsyncContextTest.java +++ b/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/AsyncContextTest.java @@ -229,7 +229,7 @@ public class AsyncContextTest @Test public void testDispatchAsyncContextEncodedUrl() throws Exception { - String request = "GET /ctx/test/hello%2fthere?dispatch=true HTTP/1.1\r\n" + + String request = "GET /ctx/test/hello%20there?dispatch=true HTTP/1.1\r\n" + "Host: localhost\r\n" + "Content-Type: application/x-www-form-urlencoded\r\n" + "Connection: close\r\n" + @@ -253,16 +253,16 @@ public class AsyncContextTest // async run attributes assertThat("async run attr servlet path is original", responseBody, containsString("async:run:attr:servletPath:/test")); - assertThat("async run attr path info has correct encoding", responseBody, containsString("async:run:attr:pathInfo:/hello/there")); + assertThat("async run attr path info has correct encoding", responseBody, containsString("async:run:attr:pathInfo:/hello there")); assertThat("async run attr query string", responseBody, containsString("async:run:attr:queryString:dispatch=true")); assertThat("async run context path", responseBody, containsString("async:run:attr:contextPath:/ctx")); - assertThat("async run request uri has correct encoding", responseBody, containsString("async:run:attr:requestURI:/ctx/test/hello%2fthere")); + assertThat("async run request uri has correct encoding", responseBody, containsString("async:run:attr:requestURI:/ctx/test/hello%20there")); } @Test public void testDispatchAsyncContextSelfEncodedUrl() throws Exception { - String request = "GET /ctx/self/hello%2fthere?dispatch=true HTTP/1.1\r\n" + + String request = "GET /ctx/self/hello%20there?dispatch=true HTTP/1.1\r\n" + "Host: localhost\r\n" + "Content-Type: application/x-www-form-urlencoded\r\n" + "Connection: close\r\n" + @@ -272,8 +272,8 @@ public class AsyncContextTest String responseBody = response.getContent(); - assertThat("servlet request uri initial", responseBody, containsString("doGet.REQUEST.requestURI:/ctx/self/hello%2fthere")); - assertThat("servlet request uri async", responseBody, containsString("doGet.ASYNC.requestURI:/ctx/self/hello%2fthere")); + assertThat("servlet request uri initial", responseBody, containsString("doGet.REQUEST.requestURI:/ctx/self/hello%20there")); + assertThat("servlet request uri async", responseBody, containsString("doGet.ASYNC.requestURI:/ctx/self/hello%20there")); } @Test diff --git a/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/DefaultServletTest.java b/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/DefaultServletTest.java index b2c063503f8..1661109d9a5 100644 --- a/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/DefaultServletTest.java +++ b/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/DefaultServletTest.java @@ -47,12 +47,14 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.eclipse.jetty.http.DateGenerator; +import org.eclipse.jetty.http.HttpCompliance; import org.eclipse.jetty.http.HttpContent; import org.eclipse.jetty.http.HttpField; import org.eclipse.jetty.http.HttpHeader; import org.eclipse.jetty.http.HttpStatus; import org.eclipse.jetty.http.HttpTester; import org.eclipse.jetty.server.HttpConfiguration; +import org.eclipse.jetty.server.HttpConnectionFactory; import org.eclipse.jetty.server.LocalConnector; import org.eclipse.jetty.server.ResourceContentFactory; import org.eclipse.jetty.server.ResourceService; @@ -116,6 +118,7 @@ public class DefaultServletTest connector = new LocalConnector(server); connector.getConnectionFactory(HttpConfiguration.ConnectionFactory.class).getHttpConfiguration().setSendServerVersion(false); + connector.getBean(HttpConnectionFactory.class).setHttpCompliance(HttpCompliance.RFC7230_LEGACY); // allow ambiguous path segments File extraJarResources = MavenTestingUtils.getTestResourceFile(ODD_JAR); URL[] urls = new URL[]{extraJarResources.toURI().toURL()}; diff --git a/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/RequestURITest.java b/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/RequestURITest.java index de3814accf2..7de53075e78 100644 --- a/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/RequestURITest.java +++ b/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/RequestURITest.java @@ -34,6 +34,8 @@ import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.eclipse.jetty.http.HttpCompliance; +import org.eclipse.jetty.server.HttpConnectionFactory; import org.eclipse.jetty.server.Server; import org.eclipse.jetty.server.ServerConnector; import org.hamcrest.Matchers; @@ -112,6 +114,7 @@ public class RequestURITest ServerConnector connector = new ServerConnector(server); connector.setPort(0); server.addConnector(connector); + connector.getBean(HttpConnectionFactory.class).setHttpCompliance(HttpCompliance.RFC7230_LEGACY); // Allow ambiguous segments ServletContextHandler context = new ServletContextHandler(); context.setContextPath("/"); diff --git a/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/ServletHandlerTest.java b/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/ServletHandlerTest.java index 2fe3fd37ccc..cc7d7544713 100644 --- a/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/ServletHandlerTest.java +++ b/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/ServletHandlerTest.java @@ -515,10 +515,10 @@ public class ServletHandlerTest mappings = handler.getFilterMappings(); assertNotNull(mappings); assertEquals(4, mappings.length); - assertTrue(fm4 == mappings[0]);//isMatchAfter = false; - assertTrue(fm5 == mappings[1]);//isMatchAfter = false; - assertTrue(fm1 == mappings[2]);//ordinary - assertTrue(fm3 == mappings[3]);//isMatchAfter = true; + assertTrue(fm4 == mappings[0]); //isMatchAfter = false; + assertTrue(fm5 == mappings[1]); //isMatchAfter = false; + assertTrue(fm1 == mappings[2]); //ordinary + assertTrue(fm3 == mappings[3]); //isMatchAfter = true; //add a non-programmatic one FilterHolder f = new FilterHolder(Source.EMBEDDED); @@ -568,7 +568,7 @@ public class ServletHandlerTest assertEquals(7, mappings.length); assertTrue(fm4 == mappings[0]); //isMatchAfter = false; assertTrue(fm5 == mappings[1]); //isMatchAfter = false; - assertTrue(pfm2 == mappings[2]);//isMatchAfter = false; + assertTrue(pfm2 == mappings[2]); //isMatchAfter = false; assertTrue(fm1 == mappings[3]); //ordinary assertTrue(fm == mappings[4]); //ordinary assertTrue(fm3 == mappings[5]); //isMatchAfter = true; @@ -618,10 +618,10 @@ public class ServletHandlerTest mappings = handler.getFilterMappings(); assertNotNull(mappings); assertEquals(4, mappings.length); - assertTrue(fh4 == mappings[0].getFilterHolder());//isMatchAfter = false; - assertTrue(fh5 == mappings[1].getFilterHolder());//isMatchAfter = false; - assertTrue(fh1 == mappings[2].getFilterHolder());//ordinary - assertTrue(fh3 == mappings[3].getFilterHolder());//isMatchAfter = true; + assertTrue(fh4 == mappings[0].getFilterHolder()); //isMatchAfter = false; + assertTrue(fh5 == mappings[1].getFilterHolder()); //isMatchAfter = false; + assertTrue(fh1 == mappings[2].getFilterHolder()); //ordinary + assertTrue(fh3 == mappings[3].getFilterHolder()); //isMatchAfter = true; //add a non-programmatic one FilterHolder f = new FilterHolder(Source.EMBEDDED); @@ -667,7 +667,7 @@ public class ServletHandlerTest assertEquals(7, mappings.length); assertTrue(fh4 == mappings[0].getFilterHolder()); //isMatchAfter = false; assertTrue(fh5 == mappings[1].getFilterHolder()); //isMatchAfter = false; - assertTrue(pf2 == mappings[2].getFilterHolder());//isMatchAfter = false; + assertTrue(pf2 == mappings[2].getFilterHolder()); //isMatchAfter = false; assertTrue(fh1 == mappings[3].getFilterHolder()); //ordinary assertTrue(f == mappings[4].getFilterHolder()); //ordinary assertTrue(fh3 == mappings[5].getFilterHolder()); //isMatchAfter = true; diff --git a/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/ServletHolderTest.java b/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/ServletHolderTest.java index 0bf76f0d78b..45e3a1af872 100644 --- a/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/ServletHolderTest.java +++ b/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/ServletHolderTest.java @@ -50,9 +50,9 @@ public class ServletHolderTest ServletHolder holder = new ServletHolder(Source.JAVAX_API); ServletRegistration reg = holder.getRegistration(); - assertThrows(IllegalArgumentException.class,() -> reg.setInitParameter(null, "foo")); + assertThrows(IllegalArgumentException.class, () -> reg.setInitParameter(null, "foo")); - assertThrows(IllegalArgumentException.class,() -> reg.setInitParameter("foo", null)); + assertThrows(IllegalArgumentException.class, () -> reg.setInitParameter("foo", null)); reg.setInitParameter("foo", "bar"); assertFalse(reg.setInitParameter("foo", "foo")); @@ -60,8 +60,8 @@ public class ServletHolderTest Set clash = reg.setInitParameters(Collections.singletonMap("foo", "bax")); assertTrue(clash != null && clash.size() == 1, "should be one clash"); - assertThrows(IllegalArgumentException.class,() -> reg.setInitParameters(Collections.singletonMap((String)null, "bax"))); - assertThrows(IllegalArgumentException.class,() -> reg.setInitParameters(Collections.singletonMap("foo", (String)null))); + assertThrows(IllegalArgumentException.class, () -> reg.setInitParameters(Collections.singletonMap((String)null, "bax"))); + assertThrows(IllegalArgumentException.class, () -> reg.setInitParameters(Collections.singletonMap("foo", (String)null))); Set clash2 = reg.setInitParameters(Collections.singletonMap("FOO", "bax")); assertTrue(clash2.isEmpty(), "should be no clash"); diff --git a/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/ServletLifeCycleTest.java b/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/ServletLifeCycleTest.java index 276f6c9e957..7add4fbe9f0 100644 --- a/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/ServletLifeCycleTest.java +++ b/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/ServletLifeCycleTest.java @@ -65,7 +65,7 @@ public class ServletLifeCycleTest ServletHandler sh = context.getServletHandler(); sh.addListener(new ListenerHolder(TestListener.class)); //added directly to ServletHandler - context.addEventListener(context.getServletContext().createListener(TestListener2.class));//create,decorate and add listener to context - no holder! + context.addEventListener(context.getServletContext().createListener(TestListener2.class)); //create,decorate and add listener to context - no holder! sh.addFilterWithMapping(TestFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST)); sh.addFilterWithMapping(new FilterHolder(context.getServletContext().createFilter(TestFilter2.class)), "/*", EnumSet.of(DispatcherType.REQUEST)); diff --git a/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/ServletRequestLogTest.java b/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/ServletRequestLogTest.java index 76e12deb3db..e80bde7fc31 100644 --- a/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/ServletRequestLogTest.java +++ b/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/ServletRequestLogTest.java @@ -622,6 +622,6 @@ public class ServletRequestLogTest private void assertRequestLog(final String expectedLogEntry, CaptureLog captureLog) { assertThat("Request log size", captureLog.captured, not(empty())); - assertThat("Request log entry",captureLog.captured.get(0), is(expectedLogEntry)); + assertThat("Request log entry", captureLog.captured.get(0), is(expectedLogEntry)); } } diff --git a/jetty-start/src/test/java/org/eclipse/jetty/start/IncludeJettyDirTest.java b/jetty-start/src/test/java/org/eclipse/jetty/start/IncludeJettyDirTest.java index 4a5cf16a0cf..66287115c77 100644 --- a/jetty-start/src/test/java/org/eclipse/jetty/start/IncludeJettyDirTest.java +++ b/jetty-start/src/test/java/org/eclipse/jetty/start/IncludeJettyDirTest.java @@ -99,7 +99,7 @@ public class IncludeJettyDirTest // Create base Path base = testdir.getPathFile("base"); FS.ensureEmpty(base); - TestEnv.makeFile(base, "start.ini", // + TestEnv.makeFile(base, "start.ini", "jetty.http.host=127.0.0.1"); // Simple command line - no reference to include-jetty-dirs @@ -129,7 +129,7 @@ public class IncludeJettyDirTest // Create base Path base = testdir.getPathFile("base"); FS.ensureEmpty(base); - TestEnv.makeFile(base, "start.ini", // + TestEnv.makeFile(base, "start.ini", "jetty.http.host=127.0.0.1"); // Simple command line reference to include-jetty-dir @@ -163,7 +163,7 @@ public class IncludeJettyDirTest // Create base Path base = testdir.getPathFile("base"); FS.ensureEmpty(base); - TestEnv.makeFile(base, "start.ini", // + TestEnv.makeFile(base, "start.ini", "jetty.http.host=127.0.0.1"); // Simple command line reference to include-jetty-dir via property (also on command line) @@ -203,7 +203,7 @@ public class IncludeJettyDirTest // Create base Path base = testdir.getPathFile("base"); FS.ensureEmpty(base); - TestEnv.makeFile(base, "start.ini", // + TestEnv.makeFile(base, "start.ini", "jetty.http.host=127.0.0.1"); String dirRef = "${my.opt}" + File.separator + "common"; @@ -245,7 +245,7 @@ public class IncludeJettyDirTest // Create base Path base = testdir.getPathFile("base"); FS.ensureEmpty(base); - TestEnv.makeFile(base, "start.ini", // + TestEnv.makeFile(base, "start.ini", "jetty.http.host=127.0.0.1"); String dirRef = "${my.opt}" + File.separator + "${my.dir}"; @@ -285,8 +285,8 @@ public class IncludeJettyDirTest // Create base Path base = testdir.getPathFile("base"); FS.ensureEmpty(base); - TestEnv.makeFile(base, "start.ini", // - "jetty.http.host=127.0.0.1",// + TestEnv.makeFile(base, "start.ini", + "jetty.http.host=127.0.0.1", "--include-jetty-dir=" + common.toString()); MainResult result = runMain(base, home); @@ -321,9 +321,9 @@ public class IncludeJettyDirTest // Create base Path base = testdir.getPathFile("base"); FS.ensureEmpty(base); - TestEnv.makeFile(base, "start.ini", // - "jetty.http.host=127.0.0.1",// - "--include-jetty-dir=" + common.toString(), // + TestEnv.makeFile(base, "start.ini", + "jetty.http.host=127.0.0.1", + "--include-jetty-dir=" + common.toString(), "--include-jetty-dir=" + corp.toString()); MainResult result = runMain(base, home); @@ -355,15 +355,15 @@ public class IncludeJettyDirTest // Create common Path common = testdir.getPathFile("common"); FS.ensureEmpty(common); - TestEnv.makeFile(common, "start.ini", // - "--include-jetty-dir=" + corp.toString(), // + TestEnv.makeFile(common, "start.ini", + "--include-jetty-dir=" + corp.toString(), "jetty.http.port=8080"); // Create base Path base = testdir.getPathFile("base"); FS.ensureEmpty(base); - TestEnv.makeFile(base, "start.ini", // - "jetty.http.host=127.0.0.1",// + TestEnv.makeFile(base, "start.ini", + "jetty.http.host=127.0.0.1", "--include-jetty-dir=" + common.toString()); MainResult result = runMain(base, home); @@ -390,23 +390,23 @@ public class IncludeJettyDirTest // Create corp Path corp = testdir.getPathFile("corp"); FS.ensureEmpty(corp); - TestEnv.makeFile(corp, "start.ini", // + TestEnv.makeFile(corp, "start.ini", "jetty.http.port=9090"); // Create common Path common = testdir.getPathFile("common"); FS.ensureEmpty(common); - TestEnv.makeFile(common, "start.ini", // - "my.corp=" + corp.toString(), // - "--include-jetty-dir=${my.corp}", // + TestEnv.makeFile(common, "start.ini", + "my.corp=" + corp.toString(), + "--include-jetty-dir=${my.corp}", "jetty.http.port=8080"); // Create base Path base = testdir.getPathFile("base"); FS.ensureEmpty(base); - TestEnv.makeFile(base, "start.ini", // - "jetty.http.host=127.0.0.1",// - "my.common=" + common.toString(), // + TestEnv.makeFile(base, "start.ini", + "jetty.http.host=127.0.0.1", + "my.common=" + common.toString(), "--include-jetty-dir=${my.common}"); MainResult result = runMain(base, home); @@ -433,28 +433,28 @@ public class IncludeJettyDirTest // Create devops Path devops = testdir.getPathFile("devops"); FS.ensureEmpty(devops); - TestEnv.makeFile(devops, "start.ini", // - "--module=optional", // + TestEnv.makeFile(devops, "start.ini", + "--module=optional", "jetty.http.port=2222"); // Create corp Path corp = testdir.getPathFile("corp"); FS.ensureEmpty(corp); - TestEnv.makeFile(corp, "start.ini", // + TestEnv.makeFile(corp, "start.ini", "jetty.http.port=9090"); // Create common Path common = testdir.getPathFile("common"); FS.ensureEmpty(common); - TestEnv.makeFile(common, "start.ini", // - "--include-jetty-dir=" + corp.toString(), // + TestEnv.makeFile(common, "start.ini", + "--include-jetty-dir=" + corp.toString(), "jetty.http.port=8080"); // Create base Path base = testdir.getPathFile("base"); FS.ensureEmpty(base); - TestEnv.makeFile(base, "start.ini", // - "jetty.http.host=127.0.0.1",// + TestEnv.makeFile(base, "start.ini", + "jetty.http.host=127.0.0.1", "--include-jetty-dir=" + common.toString()); MainResult result = runMain(base, home, @@ -484,21 +484,21 @@ public class IncludeJettyDirTest // Create corp Path corp = testdir.getPathFile("corp"); FS.ensureEmpty(corp); - TestEnv.makeFile(corp, "start.ini", // + TestEnv.makeFile(corp, "start.ini", "jetty.http.port=9090"); // Create common Path common = testdir.getPathFile("common"); FS.ensureEmpty(common); - TestEnv.makeFile(common, "start.ini", // - "--include-jetty-dir=" + corp.toString(), // + TestEnv.makeFile(common, "start.ini", + "--include-jetty-dir=" + corp.toString(), "jetty.http.port=8080"); // Create base Path base = testdir.getPathFile("base"); FS.ensureEmpty(base); - TestEnv.makeFile(base, "start.ini", // - "jetty.http.host=127.0.0.1",// + TestEnv.makeFile(base, "start.ini", + "jetty.http.host=127.0.0.1", "--include-jetty-dir=" + common.toString()); MainResult result = runMain(base, home, @@ -547,8 +547,8 @@ public class IncludeJettyDirTest // Create base Path base = testdir.getPathFile("base"); FS.ensureEmpty(base); - TestEnv.makeFile(base, "start.ini", // - "jetty.http.host=127.0.0.1",// + TestEnv.makeFile(base, "start.ini", + "jetty.http.host=127.0.0.1", "--include-jetty-dir=" + common.toString()); UsageException e = assertThrows(UsageException.class, () -> runMain(base, home)); diff --git a/jetty-start/src/test/java/org/eclipse/jetty/start/config/ConfigSourcesTest.java b/jetty-start/src/test/java/org/eclipse/jetty/start/config/ConfigSourcesTest.java index 0258ca630b5..d7ce6a692c8 100644 --- a/jetty-start/src/test/java/org/eclipse/jetty/start/config/ConfigSourcesTest.java +++ b/jetty-start/src/test/java/org/eclipse/jetty/start/config/ConfigSourcesTest.java @@ -93,7 +93,7 @@ public class ConfigSourcesTest // Create base Path base = testdir.getPathFile("base"); FS.ensureEmpty(base); - TestEnv.makeFile(base, "start.ini", // + TestEnv.makeFile(base, "start.ini", "jetty.http.host=127.0.0.1"); ConfigSources sources = new ConfigSources(); @@ -122,8 +122,8 @@ public class ConfigSourcesTest // Create base Path base = testdir.getPathFile("base"); FS.ensureEmpty(base); - TestEnv.makeFile(base, "start.ini", // - "jetty.http.host=127.0.0.1",// + TestEnv.makeFile(base, "start.ini", + "jetty.http.host=127.0.0.1", "--include-jetty-dir=" + common.toString()); ConfigSources sources = new ConfigSources(); @@ -152,7 +152,7 @@ public class ConfigSourcesTest // Create base Path base = testdir.getPathFile("base"); FS.ensureEmpty(base); - TestEnv.makeFile(base, "start.ini", // + TestEnv.makeFile(base, "start.ini", "jetty.http.host=127.0.0.1"); ConfigSources sources = new ConfigSources(); @@ -198,7 +198,7 @@ public class ConfigSourcesTest // Create base Path base = testdir.getPathFile("base"); FS.ensureEmpty(base); - TestEnv.makeFile(base, "start.ini", // + TestEnv.makeFile(base, "start.ini", "jetty.http.host=127.0.0.1"); String dirRef = "${my.opt}" + File.separator + "common"; @@ -245,7 +245,7 @@ public class ConfigSourcesTest // Create base Path base = testdir.getPathFile("base"); FS.ensureEmpty(base); - TestEnv.makeFile(base, "start.ini", // + TestEnv.makeFile(base, "start.ini", "jetty.http.host=127.0.0.1"); String dirRef = "${my.opt}" + File.separator + "${my.dir}"; @@ -291,8 +291,8 @@ public class ConfigSourcesTest // Create base Path base = testdir.getPathFile("base"); FS.ensureEmpty(base); - TestEnv.makeFile(base, "start.ini", // - "jetty.http.host=127.0.0.1",// + TestEnv.makeFile(base, "start.ini", + "jetty.http.host=127.0.0.1", "--include-jetty-dir=" + common.toString()); ConfigSources sources = new ConfigSources(); @@ -330,9 +330,9 @@ public class ConfigSourcesTest // Create base Path base = testdir.getPathFile("base"); FS.ensureEmpty(base); - TestEnv.makeFile(base, "start.ini", // - "jetty.http.host=127.0.0.1",// - "--include-jetty-dir=" + common.toString(), // + TestEnv.makeFile(base, "start.ini", + "jetty.http.host=127.0.0.1", + "--include-jetty-dir=" + common.toString(), "--include-jetty-dir=" + corp.toString()); ConfigSources sources = new ConfigSources(); @@ -364,21 +364,21 @@ public class ConfigSourcesTest // Create corp Path corp = testdir.getPathFile("corp"); FS.ensureEmpty(corp); - TestEnv.makeFile(corp, "start.ini", // + TestEnv.makeFile(corp, "start.ini", "jetty.http.port=9090"); // Create common Path common = testdir.getPathFile("common"); FS.ensureEmpty(common); - TestEnv.makeFile(common, "start.ini", // - "--include-jetty-dir=" + corp.toString(), // + TestEnv.makeFile(common, "start.ini", + "--include-jetty-dir=" + corp.toString(), "jetty.http.port=8080"); // Create base Path base = testdir.getPathFile("base"); FS.ensureEmpty(base); - TestEnv.makeFile(base, "start.ini", // - "jetty.http.host=127.0.0.1",// + TestEnv.makeFile(base, "start.ini", + "jetty.http.host=127.0.0.1", "--include-jetty-dir=" + common.toString()); ConfigSources sources = new ConfigSources(); @@ -410,23 +410,23 @@ public class ConfigSourcesTest // Create corp Path corp = testdir.getPathFile("corp"); FS.ensureEmpty(corp); - TestEnv.makeFile(corp, "start.ini", // + TestEnv.makeFile(corp, "start.ini", "jetty.http.port=9090"); // Create common Path common = testdir.getPathFile("common"); FS.ensureEmpty(common); - TestEnv.makeFile(common, "start.ini", // - "my.corp=" + corp.toString(), // - "--include-jetty-dir=${my.corp}", // + TestEnv.makeFile(common, "start.ini", + "my.corp=" + corp.toString(), + "--include-jetty-dir=${my.corp}", "jetty.http.port=8080"); // Create base Path base = testdir.getPathFile("base"); FS.ensureEmpty(base); - TestEnv.makeFile(base, "start.ini", // - "jetty.http.host=127.0.0.1",// - "my.common=" + common.toString(), // + TestEnv.makeFile(base, "start.ini", + "jetty.http.host=127.0.0.1", + "my.common=" + common.toString(), "--include-jetty-dir=${my.common}"); ConfigSources sources = new ConfigSources(); @@ -459,28 +459,28 @@ public class ConfigSourcesTest // Create devops Path devops = testdir.getPathFile("devops"); FS.ensureEmpty(devops); - TestEnv.makeFile(devops, "start.ini", // - "--module=logging", // + TestEnv.makeFile(devops, "start.ini", + "--module=logging", "jetty.http.port=2222"); // Create corp Path corp = testdir.getPathFile("corp"); FS.ensureEmpty(corp); - TestEnv.makeFile(corp, "start.ini", // + TestEnv.makeFile(corp, "start.ini", "jetty.http.port=9090"); // Create common Path common = testdir.getPathFile("common"); FS.ensureEmpty(common); - TestEnv.makeFile(common, "start.ini", // - "--include-jetty-dir=" + corp.toString(), // + TestEnv.makeFile(common, "start.ini", + "--include-jetty-dir=" + corp.toString(), "jetty.http.port=8080"); // Create base Path base = testdir.getPathFile("base"); FS.ensureEmpty(base); - TestEnv.makeFile(base, "start.ini", // - "jetty.http.host=127.0.0.1",// + TestEnv.makeFile(base, "start.ini", + "jetty.http.host=127.0.0.1", "--include-jetty-dir=" + common.toString()); ConfigSources sources = new ConfigSources(); @@ -517,21 +517,21 @@ public class ConfigSourcesTest // Create corp Path corp = testdir.getPathFile("corp"); FS.ensureEmpty(corp); - TestEnv.makeFile(corp, "start.ini", // + TestEnv.makeFile(corp, "start.ini", "jetty.http.port=9090"); // Create common Path common = testdir.getPathFile("common"); FS.ensureEmpty(common); - TestEnv.makeFile(common, "start.ini", // - "--include-jetty-dir=" + corp.toString(), // + TestEnv.makeFile(common, "start.ini", + "--include-jetty-dir=" + corp.toString(), "jetty.http.port=8080"); // Create base Path base = testdir.getPathFile("base"); FS.ensureEmpty(base); - TestEnv.makeFile(base, "start.ini", // - "jetty.http.host=127.0.0.1",// + TestEnv.makeFile(base, "start.ini", + "jetty.http.host=127.0.0.1", "--include-jetty-dir=" + common.toString()); ConfigSources sources = new ConfigSources(); @@ -586,8 +586,8 @@ public class ConfigSourcesTest // Create base Path base = testdir.getPathFile("base"); FS.ensureEmpty(base); - TestEnv.makeFile(base, "start.ini", // - "jetty.http.host=127.0.0.1",// + TestEnv.makeFile(base, "start.ini", + "jetty.http.host=127.0.0.1", "--include-jetty-dir=" + common.toString()); ConfigSources sources = new ConfigSources(); diff --git a/jetty-util/src/main/java/org/eclipse/jetty/util/IncludeExcludeSet.java b/jetty-util/src/main/java/org/eclipse/jetty/util/IncludeExcludeSet.java index 6358b76a96d..c54d08619d4 100644 --- a/jetty-util/src/main/java/org/eclipse/jetty/util/IncludeExcludeSet.java +++ b/jetty-util/src/main/java/org/eclipse/jetty/util/IncludeExcludeSet.java @@ -253,7 +253,7 @@ public class IncludeExcludeSet implements Predicate

*

  • Both sets have no includes OR at least one of the items is included in its respective set
    • * */ - public static boolean matchCombined(T1 item1, IncludeExcludeSet set1, T2 item2, IncludeExcludeSet set2) + public static boolean matchCombined(T1 item1, IncludeExcludeSet set1, T2 item2, IncludeExcludeSet set2) { Boolean match1 = set1.isIncludedAndNotExcluded(item1); Boolean match2 = set2.isIncludedAndNotExcluded(item2); diff --git a/jetty-util/src/main/java/org/eclipse/jetty/util/LeakDetector.java b/jetty-util/src/main/java/org/eclipse/jetty/util/LeakDetector.java index f394e4d5e47..96d12cd7bb6 100644 --- a/jetty-util/src/main/java/org/eclipse/jetty/util/LeakDetector.java +++ b/jetty-util/src/main/java/org/eclipse/jetty/util/LeakDetector.java @@ -78,7 +78,7 @@ public class LeakDetector extends AbstractLifeCycle implements Runnable String id = id(resource); LeakInfo info = resources.putIfAbsent(id, new LeakInfo(resource, id)); // Leak detected, prior acquire exists (not released) or id clash. - return info == null;// Normal behavior. + return info == null; // Normal behavior. } /** diff --git a/jetty-util/src/main/java/org/eclipse/jetty/util/Scanner.java b/jetty-util/src/main/java/org/eclipse/jetty/util/Scanner.java index 73c4a711ba7..264be4932f0 100644 --- a/jetty-util/src/main/java/org/eclipse/jetty/util/Scanner.java +++ b/jetty-util/src/main/java/org/eclipse/jetty/util/Scanner.java @@ -156,10 +156,10 @@ public class Scanner extends AbstractLifeCycle class Visitor implements FileVisitor { Map scanInfoMap; - IncludeExcludeSet rootIncludesExcludes; + IncludeExcludeSet rootIncludesExcludes; Path root; - - public Visitor(Path root, IncludeExcludeSet rootIncludesExcludes, Map scanInfoMap) + + public Visitor(Path root, IncludeExcludeSet rootIncludesExcludes, Map scanInfoMap) { this.root = root; this.rootIncludesExcludes = rootIncludesExcludes; @@ -668,7 +668,7 @@ public class Scanner extends AbstractLifeCycle Path p = entry.getKey(); try { - Files.walkFileTree(p, EnumSet.allOf(FileVisitOption.class),_scanDepth, new Visitor(p, entry.getValue(), _currentScan)); + Files.walkFileTree(p, EnumSet.allOf(FileVisitOption.class), _scanDepth, new Visitor(p, entry.getValue(), _currentScan)); } catch (IOException e) { diff --git a/jetty-util/src/main/java/org/eclipse/jetty/util/URIUtil.java b/jetty-util/src/main/java/org/eclipse/jetty/util/URIUtil.java index 371e15387fa..6818e544092 100644 --- a/jetty-util/src/main/java/org/eclipse/jetty/util/URIUtil.java +++ b/jetty-util/src/main/java/org/eclipse/jetty/util/URIUtil.java @@ -782,11 +782,9 @@ public class URIUtil } /** - * Convert a decoded path to a canonical form. + * Convert an encoded path to a canonical form. *

    * All instances of "." and ".." are factored out. - *

    - *

    * Null is returned if the path tries to .. above its root. *

    * @@ -795,31 +793,35 @@ public class URIUtil */ public static String canonicalPath(String path) { + // See https://tools.ietf.org/html/rfc3986#section-5.2.4 + if (path == null || path.isEmpty()) return path; - boolean slash = true; int end = path.length(); int i = 0; + int dots = 0; - loop: - while (i < end) + loop: while (i < end) { char c = path.charAt(i); switch (c) { case '/': - slash = true; + dots = 0; break; case '.': - if (slash) + if (dots == 0) + { + dots = 1; break loop; - slash = false; + } + dots = -1; break; default: - slash = false; + dots = -1; } i++; @@ -831,7 +833,6 @@ public class URIUtil StringBuilder canonical = new StringBuilder(path.length()); canonical.append(path, 0, i); - int dots = 1; i++; while (i <= end) { @@ -839,14 +840,18 @@ public class URIUtil switch (c) { case '\0': + if (dots == 2) + { + if (canonical.length() < 2) + return null; + canonical.setLength(canonical.length() - 1); + canonical.setLength(canonical.lastIndexOf("/") + 1); + } + break; + case '/': switch (dots) { - case 0: - if (c != '\0') - canonical.append(c); - break; - case 1: break; @@ -858,36 +863,42 @@ public class URIUtil break; default: - while (dots-- > 0) - { - canonical.append('.'); - } - if (c != '\0') - canonical.append(c); + canonical.append(c); } - - slash = true; dots = 0; break; case '.': - if (dots > 0) - dots++; - else if (slash) - dots = 1; - else - canonical.append('.'); - slash = false; + switch (dots) + { + case 0: + dots = 1; + break; + case 1: + dots = 2; + break; + case 2: + canonical.append("..."); + dots = -1; + break; + default: + canonical.append('.'); + } break; default: - while (dots-- > 0) + switch (dots) { - canonical.append('.'); + case 1: + canonical.append('.'); + break; + case 2: + canonical.append(".."); + break; + default: } canonical.append(c); - dots = 0; - slash = false; + dots = -1; } i++; diff --git a/jetty-util/src/test/java/org/eclipse/jetty/util/FutureCallbackTest.java b/jetty-util/src/test/java/org/eclipse/jetty/util/FutureCallbackTest.java index c7ce4ac2837..b47d2496d5a 100644 --- a/jetty-util/src/test/java/org/eclipse/jetty/util/FutureCallbackTest.java +++ b/jetty-util/src/test/java/org/eclipse/jetty/util/FutureCallbackTest.java @@ -28,12 +28,10 @@ import org.hamcrest.Matchers; import org.junit.jupiter.api.Test; import static org.hamcrest.MatcherAssert.assertThat; -import static org.junit.jupiter.api.Assertions.assertDoesNotThrow; import static org.junit.jupiter.api.Assertions.assertEquals; import static org.junit.jupiter.api.Assertions.assertFalse; import static org.junit.jupiter.api.Assertions.assertThrows; import static org.junit.jupiter.api.Assertions.assertTrue; -import static org.junit.jupiter.api.Assertions.fail; public class FutureCallbackTest { @@ -182,7 +180,7 @@ public class FutureCallbackTest latch.await(); long start = TimeUnit.NANOSECONDS.toMillis(System.nanoTime()); - CancellationException e = assertThrows(CancellationException.class,() -> fcb.get(10000, TimeUnit.MILLISECONDS)); + CancellationException e = assertThrows(CancellationException.class, () -> fcb.get(10000, TimeUnit.MILLISECONDS)); assertThat(e.getCause(), Matchers.instanceOf(CancellationException.class)); assertThat(TimeUnit.NANOSECONDS.toMillis(System.nanoTime()) - start, Matchers.greaterThan(10L)); diff --git a/jetty-util/src/test/java/org/eclipse/jetty/util/MultiPartInputStreamTest.java b/jetty-util/src/test/java/org/eclipse/jetty/util/MultiPartInputStreamTest.java index 1b39a657b08..46719810710 100644 --- a/jetty-util/src/test/java/org/eclipse/jetty/util/MultiPartInputStreamTest.java +++ b/jetty-util/src/test/java/org/eclipse/jetty/util/MultiPartInputStreamTest.java @@ -884,9 +884,9 @@ public class MultiPartInputStreamTest assertEquals("Joe Blow", new String(os.toByteArray())); assertEquals(8, field1.getSize()); - assertNotNull(((MultiPartInputStreamParser.MultiPart)field1).getBytes());//in internal buffer + assertNotNull(((MultiPartInputStreamParser.MultiPart)field1).getBytes()); //in internal buffer field1.write("field1.txt"); - assertNull(((MultiPartInputStreamParser.MultiPart)field1).getBytes());//no longer in internal buffer + assertNull(((MultiPartInputStreamParser.MultiPart)field1).getBytes()); //no longer in internal buffer File f = new File(_dirname + File.separator + "field1.txt"); assertTrue(f.exists()); field1.write("another_field1.txt"); //write after having already written diff --git a/jetty-util/src/test/java/org/eclipse/jetty/util/SearchPatternTest.java b/jetty-util/src/test/java/org/eclipse/jetty/util/SearchPatternTest.java index 757d2cbbb49..b1e3a17824d 100644 --- a/jetty-util/src/test/java/org/eclipse/jetty/util/SearchPatternTest.java +++ b/jetty-util/src/test/java/org/eclipse/jetty/util/SearchPatternTest.java @@ -224,11 +224,13 @@ public class SearchPatternTest public void testExampleFrom4673() { SearchPattern pattern = SearchPattern.compile("\r\n------WebKitFormBoundaryhXfFAMfUnUKhmqT8".getBytes(StandardCharsets.US_ASCII)); - byte[] data = new byte[]{118,97,108,117,101,49, - '\r','\n','-','-','-','-', - 0,0,0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0,0,0}; + byte[] data = new byte[]{ + 118, 97, 108, 117, 101, 49, + '\r', '\n', '-', '-', '-', '-', + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 + }; int length = 12; int partialMatch = pattern.endsWith(data, 0, length); diff --git a/jetty-util/src/test/java/org/eclipse/jetty/util/URIUtilCanonicalPathTest.java b/jetty-util/src/test/java/org/eclipse/jetty/util/URIUtilCanonicalPathTest.java index 396004ff705..82f2771a42c 100644 --- a/jetty-util/src/test/java/org/eclipse/jetty/util/URIUtilCanonicalPathTest.java +++ b/jetty-util/src/test/java/org/eclipse/jetty/util/URIUtilCanonicalPathTest.java @@ -34,6 +34,10 @@ public class URIUtilCanonicalPathTest { String[][] canonical = { + // Examples from RFC + {"/a/b/c/./../../g", "/a/g"}, + {"mid/content=5/../6", "mid/6"}, + // Basic examples (no changes expected) {"/hello.html", "/hello.html"}, {"/css/main.css", "/css/main.css"}, @@ -56,8 +60,12 @@ public class URIUtilCanonicalPathTest {"/aaa/./bbb/", "/aaa/bbb/"}, {"/aaa/./bbb", "/aaa/bbb"}, {"./bbb/", "bbb/"}, + {"./aaa", "aaa"}, + {"./aaa/", "aaa/"}, + {"/./aaa/", "/aaa/"}, {"./aaa/../bbb/", "bbb/"}, {"/foo/.", "/foo/"}, + {"/foo/./", "/foo/"}, {"./", ""}, {".", ""}, {".//", "/"}, @@ -121,6 +129,10 @@ public class URIUtilCanonicalPathTest {"/foo/.;/bar", "/foo/.;/bar"}, {"/foo/..;/bar", "/foo/..;/bar"}, {"/foo/..;/..;/bar", "/foo/..;/..;/bar"}, + + // Trailing / is preserved + {"/foo/bar/..", "/foo/"}, + {"/foo/bar/../", "/foo/"}, }; ArrayList ret = new ArrayList<>(); @@ -135,6 +147,6 @@ public class URIUtilCanonicalPathTest @MethodSource("data") public void testCanonicalPath(String input, String expectedResult) { - assertThat("Canonical", URIUtil.canonicalPath(input), is(expectedResult)); + assertThat(URIUtil.canonicalPath(input), is(expectedResult)); } } diff --git a/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/ClasspathPattern.java b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/ClasspathPattern.java index 78c49333137..160181b06b7 100644 --- a/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/ClasspathPattern.java +++ b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/ClasspathPattern.java @@ -43,8 +43,6 @@ import org.eclipse.jetty.util.IncludeExcludeSet; import org.eclipse.jetty.util.StringUtil; import org.eclipse.jetty.util.TypeUtil; import org.eclipse.jetty.util.URIUtil; -import org.eclipse.jetty.util.log.Log; -import org.eclipse.jetty.util.log.Logger; import org.eclipse.jetty.util.resource.Resource; /** @@ -69,8 +67,6 @@ import org.eclipse.jetty.util.resource.Resource; public class ClasspathPattern extends AbstractSet { - private static final Logger LOG = Log.getLogger(ClasspathPattern.class); - static class Entry { private final String _pattern; @@ -697,9 +693,8 @@ public class ClasspathPattern extends AbstractSet { return combine(_packageOrNamePatterns, clazz.getName(), _locations, () -> TypeUtil.getLocationOfClass(clazz)); } - catch (Exception e) + catch (Exception ignored) { - LOG.warn(e); } return false; } @@ -719,9 +714,8 @@ public class ClasspathPattern extends AbstractSet { return URIUtil.getJarSource(url.toURI()); } - catch (URISyntaxException e) + catch (URISyntaxException ignored) { - LOG.ignore(e); return null; } }); diff --git a/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/MetaData.java b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/MetaData.java index 475bc7f7665..820f76e0f96 100644 --- a/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/MetaData.java +++ b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/MetaData.java @@ -58,7 +58,7 @@ public class MetaData protected final List _webInfJars = new ArrayList<>(); protected final List _orderedContainerResources = new ArrayList<>(); protected final List _orderedWebInfResources = new ArrayList<>(); - protected Ordering _ordering;//can be set to RelativeOrdering by web-default.xml, web.xml, web-override.xml + protected Ordering _ordering; //can be set to RelativeOrdering by web-default.xml, web.xml, web-override.xml protected boolean _allowDuplicateFragmentNames = false; protected boolean _validateXml = false; diff --git a/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebAppClassLoader.java b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebAppClassLoader.java index 5d1116c5695..10860f1b524 100644 --- a/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebAppClassLoader.java +++ b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebAppClassLoader.java @@ -475,8 +475,6 @@ public class WebAppClassLoader extends URLClassLoader implements ClassVisibility webappClass = findLoadedClass(name); if (webappClass != null) { - if (LOG.isDebugEnabled()) - LOG.debug("found webapp loaded {}", webappClass); return webappClass; } @@ -493,8 +491,6 @@ public class WebAppClassLoader extends URLClassLoader implements ClassVisibility // If the webapp is allowed to see this class if (Boolean.TRUE.equals(__loadServerClasses.get()) || !_context.isServerClass(parentClass)) { - if (LOG.isDebugEnabled()) - LOG.debug("PLP parent loaded {}", parentClass); return parentClass; } } @@ -515,8 +511,6 @@ public class WebAppClassLoader extends URLClassLoader implements ClassVisibility webappClass = this.findClass(name); if (resolve) resolveClass(webappClass); - if (LOG.isDebugEnabled()) - LOG.debug("PLP webapp loaded {}", webappClass); return webappClass; } catch (ClassNotFoundException e) @@ -545,8 +539,6 @@ public class WebAppClassLoader extends URLClassLoader implements ClassVisibility // If the webapp is allowed to see this class if (Boolean.TRUE.equals(__loadServerClasses.get()) || !_context.isServerClass(parentClass)) { - if (LOG.isDebugEnabled()) - LOG.debug("WAP parent loaded {}", parentClass); return parentClass; } } @@ -655,9 +647,6 @@ public class WebAppClassLoader extends URLClassLoader implements ClassVisibility content = url.openStream(); byte[] bytes = IO.readBytes(content); - if (LOG.isDebugEnabled()) - LOG.debug("foundClass({}) url={} cl={}", name, url, this); - for (ClassFileTransformer transformer : _transformers) { byte[] tmp = transformer.transform(this, name, null, null, bytes); diff --git a/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebAppContext.java b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebAppContext.java index f2d6fc9411b..add98045726 100644 --- a/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebAppContext.java +++ b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebAppContext.java @@ -790,8 +790,6 @@ public class WebAppContext extends ServletContextHandler implements WebAppClassL loadServerClasses(); boolean result = _serverClasses.match(clazz); - if (LOG.isDebugEnabled()) - LOG.debug("isServerClass=={} {}", result, clazz); return result; } @@ -802,8 +800,6 @@ public class WebAppContext extends ServletContextHandler implements WebAppClassL loadSystemClasses(); boolean result = _systemClasses.match(clazz); - if (LOG.isDebugEnabled()) - LOG.debug("isSystemClass=={} {}", result, clazz); return result; } @@ -814,8 +810,6 @@ public class WebAppContext extends ServletContextHandler implements WebAppClassL loadServerClasses(); boolean result = _serverClasses.match(name, parentUrl); - if (LOG.isDebugEnabled()) - LOG.debug("isServerResource=={} {} {}", result, name, parentUrl); return result; } @@ -826,8 +820,6 @@ public class WebAppContext extends ServletContextHandler implements WebAppClassL loadSystemClasses(); boolean result = _systemClasses.match(name, webappUrl); - if (LOG.isDebugEnabled()) - LOG.debug("isSystemResource=={} {} {}", result, name, webappUrl); return result; } diff --git a/jetty-websocket/javax-websocket-client-impl/src/main/java/org/eclipse/jetty/websocket/jsr356/annotations/Param.java b/jetty-websocket/javax-websocket-client-impl/src/main/java/org/eclipse/jetty/websocket/jsr356/annotations/Param.java index bef398c4e3b..ae35c7dbe05 100644 --- a/jetty-websocket/javax-websocket-client-impl/src/main/java/org/eclipse/jetty/websocket/jsr356/annotations/Param.java +++ b/jetty-websocket/javax-websocket-client-impl/src/main/java/org/eclipse/jetty/websocket/jsr356/annotations/Param.java @@ -48,7 +48,7 @@ public class Param static { messageRoles = new Role[] - {MESSAGE_TEXT, MESSAGE_TEXT_STREAM, MESSAGE_BINARY, MESSAGE_BINARY_STREAM, MESSAGE_PONG,}; + {MESSAGE_TEXT, MESSAGE_TEXT_STREAM, MESSAGE_BINARY, MESSAGE_BINARY_STREAM, MESSAGE_PONG}; } public static Role[] getMessageRoles() diff --git a/tests/test-distribution/src/test/java/org/eclipse/jetty/tests/distribution/DynamicListenerTests.java b/tests/test-distribution/src/test/java/org/eclipse/jetty/tests/distribution/DynamicListenerTests.java index c8c07fb9492..5cda215383f 100644 --- a/tests/test-distribution/src/test/java/org/eclipse/jetty/tests/distribution/DynamicListenerTests.java +++ b/tests/test-distribution/src/test/java/org/eclipse/jetty/tests/distribution/DynamicListenerTests.java @@ -62,16 +62,16 @@ public class DynamicListenerTests File war = distribution.resolveArtifact("org.eclipse.jetty:test-jetty-webapp:war:" + jettyVersion); distribution.installWarFile(war, "test"); - Path etc = Paths.get(jettyBase.toString(),"etc"); + Path etc = Paths.get(jettyBase.toString(), "etc"); if (!Files.exists(etc)) { Files.createDirectory(etc); } Files.copy(Paths.get("src/test/resources/realm.ini"), - Paths.get(jettyBase.toString(),"start.d").resolve("realm.ini")); + Paths.get(jettyBase.toString(), "start.d").resolve("realm.ini")); Files.copy(Paths.get("src/test/resources/realm.properties"), - etc.resolve("realm.properties")); + etc.resolve("realm.properties")); Files.copy(Paths.get("src/test/resources/test-realm.xml"), etc.resolve("test-realm.xml")); diff --git a/tests/test-integration/src/test/java/org/eclipse/jetty/test/HttpInputIntegrationTest.java b/tests/test-integration/src/test/java/org/eclipse/jetty/test/HttpInputIntegrationTest.java index 5cc6ee4a66c..df7649e8100 100644 --- a/tests/test-integration/src/test/java/org/eclipse/jetty/test/HttpInputIntegrationTest.java +++ b/tests/test-integration/src/test/java/org/eclipse/jetty/test/HttpInputIntegrationTest.java @@ -127,7 +127,7 @@ public class HttpInputIntegrationTest SslConnectionFactory ssl = new SslConnectionFactory(__sslContextFactory, h1.getProtocol() /*TODO alpn.getProtocol()*/); // HTTP/2 Connector - ServerConnector http2 = new ServerConnector(__server, ssl,/*TODO alpn,h2,*/ h1); + ServerConnector http2 = new ServerConnector(__server, ssl, /*TODO alpn,h2,*/ h1); http2.setIdleTimeout(4000); __server.addConnector(http2); diff --git a/tests/test-sessions/test-infinispan-sessions/src/test/java/org/eclipse/jetty/server/session/SerializedInfinispanSessionDataStoreTest.java b/tests/test-sessions/test-infinispan-sessions/src/test/java/org/eclipse/jetty/server/session/SerializedInfinispanSessionDataStoreTest.java index 749485502b2..898c37bb7ce 100644 --- a/tests/test-sessions/test-infinispan-sessions/src/test/java/org/eclipse/jetty/server/session/SerializedInfinispanSessionDataStoreTest.java +++ b/tests/test-sessions/test-infinispan-sessions/src/test/java/org/eclipse/jetty/server/session/SerializedInfinispanSessionDataStoreTest.java @@ -113,7 +113,7 @@ public class SerializedInfinispanSessionDataStoreTest extends AbstractSessionDat ((InfinispanSessionDataStore)store).setCache(null); //test that loading it fails - assertThrows(UnreadableSessionDataException.class,() -> store.load("222")); + assertThrows(UnreadableSessionDataException.class, () -> store.load("222")); } /** diff --git a/tests/test-sessions/test-infinispan-sessions/src/test/java/org/eclipse/jetty/server/session/remote/RemoteInfinispanTestSupport.java b/tests/test-sessions/test-infinispan-sessions/src/test/java/org/eclipse/jetty/server/session/remote/RemoteInfinispanTestSupport.java index 7454cd80636..ba9723420d2 100644 --- a/tests/test-sessions/test-infinispan-sessions/src/test/java/org/eclipse/jetty/server/session/remote/RemoteInfinispanTestSupport.java +++ b/tests/test-sessions/test-infinispan-sessions/src/test/java/org/eclipse/jetty/server/session/remote/RemoteInfinispanTestSupport.java @@ -70,14 +70,14 @@ public class RemoteInfinispanTestSupport String infinispanVersion = System.getProperty("infinispan.docker.image.version", "9.4.8.Final"); infinispan = new GenericContainer(System.getProperty("infinispan.docker.image.name", "jboss/infinispan-server") + - ":" + infinispanVersion) - .withEnv("APP_USER","theuser") - .withEnv("APP_PASS","foobar") + ":" + infinispanVersion) + .withEnv("APP_USER", "theuser") + .withEnv("APP_PASS", "foobar") .withEnv("MGMT_USER", "admin") .withEnv("MGMT_PASS", "admin") .waitingFor(new LogMessageWaitStrategy() - .withRegEx(".*Infinispan Server.*started in.*\\s")) - .withExposedPorts(4712,4713,8088,8089,8443,9990,9993,11211,11222,11223,11224) + .withRegEx(".*Infinispan Server.*started in.*\\s")) + .withExposedPorts(4712, 4713, 8088, 8089, 8443, 9990, 9993, 11211, 11222, 11223, 11224) .withLogConsumer(new Slf4jLogConsumer(INFINISPAN_LOG)); infinispan.start(); String host = infinispan.getContainerIpAddress(); @@ -160,7 +160,7 @@ public class RemoteInfinispanTestSupport public void setup() throws Exception { - _cache = _manager.administration().getOrCreateCache(_name,(String)null); + _cache = _manager.administration().getOrCreateCache(_name, (String)null); } public void teardown() throws Exception diff --git a/tests/test-sessions/test-jdbc-sessions/src/test/java/org/eclipse/jetty/server/session/ClusteredSessionMigrationTest.java b/tests/test-sessions/test-jdbc-sessions/src/test/java/org/eclipse/jetty/server/session/ClusteredSessionMigrationTest.java index d7f32732afd..c1f33e07126 100644 --- a/tests/test-sessions/test-jdbc-sessions/src/test/java/org/eclipse/jetty/server/session/ClusteredSessionMigrationTest.java +++ b/tests/test-sessions/test-jdbc-sessions/src/test/java/org/eclipse/jetty/server/session/ClusteredSessionMigrationTest.java @@ -89,7 +89,7 @@ public class ClusteredSessionMigrationTest extends AbstractTestBase cacheFactory2.setSaveOnCreate(true); SessionDataStoreFactory storeFactory2 = createSessionDataStoreFactory(); - TestServer server2 = new TestServer(0,TestServer.DEFAULT_MAX_INACTIVE, TestServer.DEFAULT_SCAVENGE_SEC, + TestServer server2 = new TestServer(0, TestServer.DEFAULT_MAX_INACTIVE, TestServer.DEFAULT_SCAVENGE_SEC, cacheFactory2, storeFactory2); server2.addContext(contextPath).addServlet(TestServlet.class, servletMapping); diff --git a/tests/test-sessions/test-jdbc-sessions/src/test/java/org/eclipse/jetty/server/session/SessionTableSchemaTest.java b/tests/test-sessions/test-jdbc-sessions/src/test/java/org/eclipse/jetty/server/session/SessionTableSchemaTest.java index b4f979af70e..e37f3476e4f 100644 --- a/tests/test-sessions/test-jdbc-sessions/src/test/java/org/eclipse/jetty/server/session/SessionTableSchemaTest.java +++ b/tests/test-sessions/test-jdbc-sessions/src/test/java/org/eclipse/jetty/server/session/SessionTableSchemaTest.java @@ -267,7 +267,7 @@ public class SessionTableSchemaTest id, sc); - s.setString(1, "0");//should be my node id + s.setString(1, "0"); //should be my node id s.setLong(2, System.currentTimeMillis()); s.setLong(3, System.currentTimeMillis()); s.setLong(4, System.currentTimeMillis()); @@ -276,7 +276,7 @@ public class SessionTableSchemaTest byte[] bytes = new byte[3]; ByteArrayInputStream bais = new ByteArrayInputStream(bytes); - s.setBinaryStream(7, bais, bytes.length);//attribute map as blob + s.setBinaryStream(7, bais, bytes.length); //attribute map as blob assertEquals(1, s.executeUpdate()); } diff --git a/tests/test-sessions/test-sessions-common/src/main/java/org/eclipse/jetty/server/session/AbstractSessionDataStoreTest.java b/tests/test-sessions/test-sessions-common/src/main/java/org/eclipse/jetty/server/session/AbstractSessionDataStoreTest.java index 79cd1166825..377931e74ec 100644 --- a/tests/test-sessions/test-sessions-common/src/main/java/org/eclipse/jetty/server/session/AbstractSessionDataStoreTest.java +++ b/tests/test-sessions/test-sessions-common/src/main/java/org/eclipse/jetty/server/session/AbstractSessionDataStoreTest.java @@ -115,7 +115,7 @@ public abstract class AbstractSessionDataStoreTest Class fooclazz = Class.forName("Foo", true, _contextClassLoader); //create a session long now = System.currentTimeMillis(); - data = store.newSessionData("1234", 100, now, now - 1, -1);//never expires + data = store.newSessionData("1234", 100, now, now - 1, -1); //never expires data.setLastNode(sessionContext.getWorkerName()); //Make an attribute that uses the class only known to the webapp classloader @@ -175,7 +175,7 @@ public abstract class AbstractSessionDataStoreTest //create a session long now = System.currentTimeMillis(); - SessionData data = store.newSessionData("1234", 100, 200, 199, -1);//never expires + SessionData data = store.newSessionData("1234", 100, 200, 199, -1); //never expires data.setAttribute("a", "b"); data.setLastNode(sessionContext.getWorkerName()); data.setLastSaved(400); //make it look like it was previously saved by the store @@ -253,7 +253,7 @@ public abstract class AbstractSessionDataStoreTest Class factoryclazz = Class.forName("ProxyableFactory", true, _contextClassLoader); //create a session long now = System.currentTimeMillis(); - data = store.newSessionData("1234", 100, now, now - 1, -1);//never expires + data = store.newSessionData("1234", 100, now, now - 1, -1); //never expires data.setLastNode(sessionContext.getWorkerName()); Method m = factoryclazz.getMethod("newProxyable", ClassLoader.class); Object proxy = m.invoke(null, _contextClassLoader); @@ -322,7 +322,7 @@ public abstract class AbstractSessionDataStoreTest //persist a session that is not expired long now = System.currentTimeMillis(); - SessionData data = store.newSessionData("1234", 100, now, now - 1, -1);//never expires + SessionData data = store.newSessionData("1234", 100, now, now - 1, -1); //never expires data.setLastNode(sessionContext.getWorkerName()); persistSession(data); @@ -355,7 +355,7 @@ public abstract class AbstractSessionDataStoreTest //persist a session that is expired long now = System.currentTimeMillis(); - SessionData data = store.newSessionData("678", 100, now - 20, now - 30, 10);//10 sec max idle + SessionData data = store.newSessionData("678", 100, now - 20, now - 30, 10); //10 sec max idle data.setLastNode(sessionContext.getWorkerName()); data.setExpiry(RECENT_TIMESTAMP); //make it expired recently persistSession(data); diff --git a/tests/test-sessions/test-sessions-common/src/test/java/org/eclipse/jetty/server/session/AbstractSessionCacheTest.java b/tests/test-sessions/test-sessions-common/src/test/java/org/eclipse/jetty/server/session/AbstractSessionCacheTest.java index c872134328b..3f4be1fc646 100644 --- a/tests/test-sessions/test-sessions-common/src/test/java/org/eclipse/jetty/server/session/AbstractSessionCacheTest.java +++ b/tests/test-sessions/test-sessions-common/src/test/java/org/eclipse/jetty/server/session/AbstractSessionCacheTest.java @@ -158,12 +158,12 @@ public abstract class AbstractSessionCacheTest SessionCache cache = cacheFactory.getSessionCache(context.getSessionHandler()); //prefill the datastore with a session that will be treated as unreadable - UnreadableSessionDataStore store = new UnreadableSessionDataStore(1, new SessionData("1234", "/test", "0.0.0.0", System.currentTimeMillis(), 0,0, -1)); + UnreadableSessionDataStore store = new UnreadableSessionDataStore(1, new SessionData("1234", "/test", "0.0.0.0", System.currentTimeMillis(), 0, 0, -1)); cache.setSessionDataStore(store); context.getSessionHandler().setSessionCache(cache); server.start(); - try (StacklessLogging stackless = new StacklessLogging(Log.getLogger("org.eclipse.jetty.server.session"))) + try (StacklessLogging ignored = new StacklessLogging(Log.getLogger("org.eclipse.jetty.server.session"))) { //check that session 1234 cannot be read, ie returns null AND //that it is deleted in the datastore @@ -205,7 +205,7 @@ public abstract class AbstractSessionCacheTest cacheFactory.setEvictionPolicy(SessionCache.NEVER_EVICT); DefaultSessionCache cache = (DefaultSessionCache)cacheFactory.getSessionCache(context.getSessionHandler()); - TestSessionDataStore store = new TestSessionDataStore(true);//fake passivation + TestSessionDataStore store = new TestSessionDataStore(true); //fake passivation cache.setSessionDataStore(store); context.getSessionHandler().setSessionCache(cache); @@ -285,14 +285,14 @@ public abstract class AbstractSessionCacheTest store._numSaves.set(0); //clear save counter Session session = createUnExpiredSession(cache, store, "1234"); cache.add("1234", session); - session.getSessionData().setLastSaved(100);//simulate previously saved + session.getSessionData().setLastSaved(100); //simulate previously saved commitAndCheckSaveState(cache, store, session, false, true, false, true, 0, 0); //call commit: session has changed, should be written store._numSaves.set(0); //clear save counter session = createUnExpiredSession(cache, store, "456"); cache.add("456", session); - session.getSessionData().setLastSaved(100);//simulate previously saved + session.getSessionData().setLastSaved(100); //simulate previously saved session.setAttribute("foo", "bar"); commitAndCheckSaveState(cache, store, session, true, true, false, false, 0, 1); @@ -300,7 +300,7 @@ public abstract class AbstractSessionCacheTest store._numSaves.set(0); //clear save counter session = createUnExpiredSession(cache, store, "678"); cache.add("678", session); - session.getSessionData().setLastSaved(100);//simulate previously saved + session.getSessionData().setLastSaved(100); //simulate previously saved session.getSessionData().calcAndSetExpiry(System.currentTimeMillis() + TimeUnit.DAYS.toMillis(1)); commitAndCheckSaveState(cache, store, session, false, true, false, true, 0, 0); @@ -314,14 +314,14 @@ public abstract class AbstractSessionCacheTest store._numSaves.set(0); //clear save counter session = createUnExpiredSession(cache, store, "890"); cache.add("890", session); - session.getSessionData().setLastSaved(100);//simulate previously saved + session.getSessionData().setLastSaved(100); //simulate previously saved commitAndCheckSaveState(cache, store, session, false, true, false, true, 0, 0); //call commit: session has changed so session must be written store._numSaves.set(0); //clear save counter session = createUnExpiredSession(cache, store, "012"); cache.add("012", session); - session.getSessionData().setLastSaved(100);//simulate previously saved + session.getSessionData().setLastSaved(100); //simulate previously saved session.setAttribute("foo", "bar"); commitAndCheckSaveState(cache, store, session, true, true, false, false, 0, 1); @@ -330,7 +330,7 @@ public abstract class AbstractSessionCacheTest session = createUnExpiredSession(cache, store, "234"); session.getSessionData().setMetaDataDirty(true); cache.add("234", session); - session.getSessionData().setLastSaved(100);//simulate previously saved + session.getSessionData().setLastSaved(100); //simulate previously saved session.getSessionData().calcAndSetExpiry(System.currentTimeMillis() + TimeUnit.DAYS.toMillis(1)); commitAndCheckSaveState(cache, store, session, false, true, false, true, 0, 0); } @@ -376,7 +376,7 @@ public abstract class AbstractSessionCacheTest session = createUnExpiredSession(cache, store, "456"); cache.add("456", session); session.setAttribute("foo", "bar"); - session.getSessionData().setLastSaved(100);//simulate not "new" session, ie has been previously saved + session.getSessionData().setLastSaved(100); //simulate not "new" session, ie has been previously saved commitAndCheckSaveState(cache, store, session, true, true, false, false, 0, 1); //call release: session not dirty but release changes metadata, so it will be saved cache.release("456", session); @@ -417,7 +417,7 @@ public abstract class AbstractSessionCacheTest store._numSaves.set(0); //clear save counter session = createUnExpiredSession(cache, store, "012"); cache.add("012", session); - session.getSessionData().setLastSaved(100);//simulate previously saved session + session.getSessionData().setLastSaved(100); //simulate previously saved session session.setAttribute("foo", "bar"); session.getSessionData().setMetaDataDirty(false); commitAndCheckSaveState(cache, store, session, true, false, false, false, 0, 1); @@ -431,7 +431,7 @@ public abstract class AbstractSessionCacheTest store._numSaves.set(0); //clear save counter session = createUnExpiredSession(cache, store, "234"); session.getSessionData().calcAndSetExpiry(System.currentTimeMillis() + TimeUnit.DAYS.toMillis(1)); - session.getSessionData().setLastSaved(System.currentTimeMillis());//simulate session last saved recently + session.getSessionData().setLastSaved(System.currentTimeMillis()); //simulate session last saved recently commitAndCheckSaveState(cache, store, session, false, true, false, true, 0, 0); //call release: not dirty, release sets metadirty true (recalc expiry) but not within saveperiod so skip write cache.release("1234", session); @@ -511,7 +511,7 @@ public abstract class AbstractSessionCacheTest assertFalse(cache.contains("1234")); //test remove of session in both store and cache - session = cache.newSession(null, "1234",now - 20, TimeUnit.MINUTES.toMillis(10));//saveOnCreate ensures write to store + session = cache.newSession(null, "1234", now - 20, TimeUnit.MINUTES.toMillis(10)); //saveOnCreate ensures write to store cache.add("1234", session); assertTrue(store.exists("1234")); assertTrue(cache.contains("1234")); @@ -634,7 +634,7 @@ public abstract class AbstractSessionCacheTest AbstractSessionCacheFactory cacheFactory = newSessionCacheFactory(SessionCache.NEVER_EVICT, false, false, false, false); SessionCache cache = cacheFactory.getSessionCache(context.getSessionHandler()); - TestSessionDataStore store = new TestSessionDataStore(true);//fake passivation + TestSessionDataStore store = new TestSessionDataStore(true); //fake passivation cache.setSessionDataStore(store); context.getSessionHandler().setSessionCache(cache); TestHttpSessionListener sessionListener = new TestHttpSessionListener(); diff --git a/tests/test-sessions/test-sessions-common/src/test/java/org/eclipse/jetty/server/session/DefaultSessionCacheTest.java b/tests/test-sessions/test-sessions-common/src/test/java/org/eclipse/jetty/server/session/DefaultSessionCacheTest.java index 60b6b2b2c63..330b4a15eeb 100644 --- a/tests/test-sessions/test-sessions-common/src/test/java/org/eclipse/jetty/server/session/DefaultSessionCacheTest.java +++ b/tests/test-sessions/test-sessions-common/src/test/java/org/eclipse/jetty/server/session/DefaultSessionCacheTest.java @@ -276,7 +276,7 @@ public class DefaultSessionCacheTest extends AbstractSessionCacheTest cacheFactory.setEvictionPolicy(SessionCache.NEVER_EVICT); DefaultSessionCache cache = (DefaultSessionCache)cacheFactory.getSessionCache(context.getSessionHandler()); - TestSessionDataStore store = new TestSessionDataStore(true);//fake passivation + TestSessionDataStore store = new TestSessionDataStore(true); //fake passivation cache.setSessionDataStore(store); context.getSessionHandler().setSessionCache(cache); @@ -492,11 +492,11 @@ public class DefaultSessionCacheTest extends AbstractSessionCacheTest //test EVICT_ON_SESSION_EXIT with requests still active. //this should not affect the session because it this is an idle test only SessionData data2 = store.newSessionData("567", now, now - TimeUnit.SECONDS.toMillis(30), now - TimeUnit.SECONDS.toMillis(40), TimeUnit.MINUTES.toMillis(10)); - data2.setExpiry(now + TimeUnit.DAYS.toMillis(1));//not expired + data2.setExpiry(now + TimeUnit.DAYS.toMillis(1)); //not expired Session session2 = cache.newSession(data2); - cache.add("567", session2);//ensure session is in cache + cache.add("567", session2); //ensure session is in cache cache.setEvictionPolicy(SessionCache.EVICT_ON_SESSION_EXIT); - session2.access(System.currentTimeMillis());//simulate 1 request in session + session2.access(System.currentTimeMillis()); //simulate 1 request in session assertTrue(cache.contains("567")); cache.checkInactiveSession(session2); assertTrue(cache.contains("567")); //not evicted diff --git a/tests/test-sessions/test-sessions-common/src/test/java/org/eclipse/jetty/server/session/NullSessionCacheTest.java b/tests/test-sessions/test-sessions-common/src/test/java/org/eclipse/jetty/server/session/NullSessionCacheTest.java index 689dc85deea..a71bf59cf34 100644 --- a/tests/test-sessions/test-sessions-common/src/test/java/org/eclipse/jetty/server/session/NullSessionCacheTest.java +++ b/tests/test-sessions/test-sessions-common/src/test/java/org/eclipse/jetty/server/session/NullSessionCacheTest.java @@ -98,8 +98,8 @@ public class NullSessionCacheTest extends AbstractSessionCacheTest SessionData data = store.newSessionData("1234", now - 20, now - 10, now - 20, TimeUnit.MINUTES.toMillis(10)); data.setExpiry(now + TimeUnit.DAYS.toMillis(1)); Session session = cache.newSession(null, data); //mimic a request making a session - cache.add("1234", session); - assertFalse(cache.contains("1234"));//null cache doesn't actually retain the session + cache.add("1234", session); + assertFalse(cache.contains("1234")); //null cache doesn't actually retain the session //mimic releasing the session after the request is finished cache.release("1234", session); diff --git a/tests/test-webapps/test-jetty-webapp/src/test/java/org/eclipse/jetty/DispatchServletTest.java b/tests/test-webapps/test-jetty-webapp/src/test/java/org/eclipse/jetty/DispatchServletTest.java index 140d09e77c6..6c2e804a63b 100644 --- a/tests/test-webapps/test-jetty-webapp/src/test/java/org/eclipse/jetty/DispatchServletTest.java +++ b/tests/test-webapps/test-jetty-webapp/src/test/java/org/eclipse/jetty/DispatchServletTest.java @@ -102,7 +102,7 @@ public class DispatchServletTest tester.start(); String[] selfRefs = - {"/dispatch/forward", "/dispatch/includeS", "/dispatch/includeW", "/dispatch/includeN",}; + {"/dispatch/forward", "/dispatch/includeS", "/dispatch/includeW", "/dispatch/includeN"}; /* * Number of nested dispatch requests. 220 is a good value, as it won't