Eclipse/jetty.project
1
0
Fork 0
mirror of https://github.com/jetty/jetty.project.git synced 2025-03-03 20:39:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

Issue #448 - RFC2616 Compliance Mode should track and report RFC7230 violations

Browse Source 
Empty value is not a compliance issue
removed debug
moved violation handling to end of header rather than end of message
This commit is contained in:
Greg Wilkins 2016-03-23 13:13:16 +11:00
parent 7be58f9730
commit 7f96db72c4
3 changed files with 10 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
jetty-http/src/main/java/org/eclipse/jetty/http/HttpParser.java
View File

@ -313,8 +313,6 @@ public class HttpParser
/* ------------------------------------------------------------------------------- */
protected String legacyString(String orig, String cached)
{
System.err.printf("o=%s%n",orig);
System.err.printf("c=%s%n",cached);
return (orig.equals(cached) || !checkCompliance(LEGACY,"case sensitive"))?cached:orig;
}

5
jetty-server/src/main/java/org/eclipse/jetty/server/HttpChannelOverHttp.java
View File

@ -260,6 +260,9 @@ public class HttpChannelOverHttp extends HttpChannel implements HttpParser.Reque
@Override
public boolean headerComplete()
{
if(_complianceViolations != null)
this.getRequest().setAttribute(ATTR_COMPLIANCE_VIOLATIONS, _complianceViolations);
boolean persistent;
switch (_metadata.getVersion())
@ -447,8 +450,6 @@ public class HttpChannelOverHttp extends HttpChannel implements HttpParser.Reque
@Override
public boolean messageComplete()
{
if(_complianceViolations != null)
this.getRequest().setAttribute(ATTR_COMPLIANCE_VIOLATIONS, _complianceViolations);
return onRequestComplete();
}

31
jetty-servlet/src/test/java/org/eclipse/jetty/servlet/ComplianceViolations2616Test.java
View File

@ -147,7 +147,7 @@ public class ComplianceViolations2616Test
String response = connector.getResponses(req1.toString());
assertThat("Response status", response, containsString("HTTP/1.1 200 OK"));
assertThat("Response headers", response, containsString("X-Http-Violation-0: RFC7230 (name only header)"));
assertThat("Response headers", response, containsString("X-Http-Violation-0: RFC2616<=RFC2616: name only header"));
assertThat("Response body", response, containsString("[Name] = []"));
}
@ -165,44 +165,27 @@ public class ComplianceViolations2616Test
String response = connector.getResponses(req1.toString());
assertThat("Response status", response, containsString("HTTP/1.1 200"));
assertThat("Response headers", response, containsString("X-Http-Violation-0: RFC7230 (name only header)"));
assertThat("Response headers", response, containsString("X-Http-Violation-0: RFC2616<=RFC2616: name only header"));
assertThat("Response body", response, containsString("[Name] = []"));
}
@Test
public void testEmptyQuotedHeader() throws Exception
public void testFoldedHeader() throws Exception
{
StringBuffer req1 = new StringBuffer();
req1.append("GET /dump/ HTTP/1.1\r\n");
req1.append("Host: local\r\n");
req1.append("Name: \"\"\r\n");
req1.append("Name: Some\r\n");
req1.append(" Value\r\n");
req1.append("Connection: close\r\n");
req1.append("Accept: */*\r\n");
req1.append("\r\n");
String response = connector.getResponses(req1.toString());
assertThat("Response status", response, containsString("HTTP/1.1 200"));
assertThat("Response headers", response, containsString("X-Http-Violation-0: RFC7230 (name only header)"));
assertThat("Response headers", response, containsString("X-Http-Violation-0: RFC2616<=RFC2616: header folding"));
assertThat("Response body", response, containsString("[Name] = []"));
}
@Test
public void testEmptyHeader() throws Exception
{
StringBuffer req1 = new StringBuffer();
req1.append("GET /dump/ HTTP/1.1\r\n");
req1.append("Host: local\r\n");
req1.append("Name:\r\n");
req1.append("Connection: close\r\n");
req1.append("Accept: */*\r\n");
req1.append("\r\n");
String response = connector.getResponses(req1.toString());
assertThat("Response status", response, containsString("HTTP/1.1 200"));
assertThat("Response headers", response, containsString("X-Http-Violation-0: RFC7230 (name only header)"));
assertThat("Response body", response, containsString("[Name] = []"));
assertThat("Response body", response, containsString("[Name] = [Some Value]"));
}
}