Merge remote-tracking branch 'origin/jetty-9.3.x'

This commit is contained in:
Greg Wilkins 2016-04-05 10:01:22 +10:00
commit 8f74ff3585
6 changed files with 118 additions and 9 deletions

View File

@ -0,0 +1,8 @@
[name]
protonego-boot
[files]
http://central.maven.org/maven2/org/mortbay/jetty/alpn/alpn-boot/8.1.7.v20160121/alpn-boot-8.1.7.v20160121.jar|lib/alpn/alpn-boot-8.1.7.v20160121.jar
[exec]
-Xbootclasspath/p:lib/alpn/alpn-boot-8.1.7.v20160121.jar

View File

@ -0,0 +1,8 @@
[name]
protonego-boot
[files]
http://central.maven.org/maven2/org/mortbay/jetty/alpn/alpn-boot/8.1.7.v20160121/alpn-boot-8.1.7.v20160121.jar|lib/alpn/alpn-boot-8.1.7.v20160121.jar
[exec]
-Xbootclasspath/p:lib/alpn/alpn-boot-8.1.7.v20160121.jar

View File

@ -381,6 +381,53 @@ public class StringUtil
} }
} }
/**
* Find the index of a control characters in String
* <p>
* This will return a result on the first occurrence of a control character, regardless if
* there are more than one.
* </p>
* <p>
* Note: uses codepoint version of {@link Character#isISOControl(int)} to support Unicode better.
* </p>
*
* <pre>
* indexOfControlChars(null) == -1
* indexOfControlChars("") == -1
* indexOfControlChars("\r\n") == 0
* indexOfControlChars("\t") == 0
* indexOfControlChars(" ") == -1
* indexOfControlChars("a") == -1
* indexOfControlChars(".") == -1
* indexOfControlChars(";\n") == 1
* indexOfControlChars("abc\f") == 3
* indexOfControlChars("z\010") == 1
* indexOfControlChars(":\u001c") == 1
* </pre>
*
* @param str
* the string to test.
* @return the index of first control character in string, -1 if no control characters encountered
*/
public static int indexOfControlChars(String str)
{
if (str == null)
{
return -1;
}
int len = str.length();
for (int i = 0; i < len; i++)
{
if (Character.isISOControl(str.codePointAt(i)))
{
// found a control character, we can stop searching now
return i;
}
}
// no control characters
return -1;
}
/* ------------------------------------------------------------ */ /* ------------------------------------------------------------ */
/** /**
* Test if a string is null or only has whitespace characters in it. * Test if a string is null or only has whitespace characters in it.

View File

@ -29,10 +29,12 @@ import java.net.URL;
import java.net.URLConnection; import java.net.URLConnection;
import java.nio.channels.FileChannel; import java.nio.channels.FileChannel;
import java.nio.channels.ReadableByteChannel; import java.nio.channels.ReadableByteChannel;
import java.nio.file.InvalidPathException;
import java.nio.file.StandardOpenOption; import java.nio.file.StandardOpenOption;
import java.security.Permission; import java.security.Permission;
import org.eclipse.jetty.util.IO; import org.eclipse.jetty.util.IO;
import org.eclipse.jetty.util.StringUtil;
import org.eclipse.jetty.util.URIUtil; import org.eclipse.jetty.util.URIUtil;
import org.eclipse.jetty.util.log.Log; import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.util.log.Logger; import org.eclipse.jetty.util.log.Logger;
@ -67,6 +69,7 @@ public class FileResource extends Resource
{ {
// Try standard API to convert URL to file. // Try standard API to convert URL to file.
file =new File(url.toURI()); file =new File(url.toURI());
assertValidPath(file.toString());
} }
catch (URISyntaxException e) catch (URISyntaxException e)
{ {
@ -110,6 +113,7 @@ public class FileResource extends Resource
_file=file; _file=file;
URI file_uri=_file.toURI(); URI file_uri=_file.toURI();
_uri=normalizeURI(_file,uri); _uri=normalizeURI(_file,uri);
assertValidPath(file.toString());
// Is it a URI alias? // Is it a URI alias?
if (!URIUtil.equalsIgnoreEncodings(_uri,file_uri.toString())) if (!URIUtil.equalsIgnoreEncodings(_uri,file_uri.toString()))
@ -121,6 +125,7 @@ public class FileResource extends Resource
/* -------------------------------------------------------- */ /* -------------------------------------------------------- */
public FileResource(File file) public FileResource(File file)
{ {
assertValidPath(file.toString());
_file=file; _file=file;
_uri=normalizeURI(_file,_file.toURI()); _uri=normalizeURI(_file,_file.toURI());
_alias=checkFileAlias(_file); _alias=checkFileAlias(_file);
@ -182,6 +187,7 @@ public class FileResource extends Resource
public Resource addPath(String path) public Resource addPath(String path)
throws IOException, MalformedURLException throws IOException, MalformedURLException
{ {
assertValidPath(path);
path = org.eclipse.jetty.util.URIUtil.canonicalPath(path); path = org.eclipse.jetty.util.URIUtil.canonicalPath(path);
if (path==null) if (path==null)
@ -207,7 +213,7 @@ public class FileResource extends Resource
} }
catch (final URISyntaxException e) catch (final URISyntaxException e)
{ {
throw new MalformedURLException(e.getMessage()) throw new InvalidPathException(path, e.getMessage())
{ {
{ {
initCause(e); initCause(e);
@ -218,6 +224,14 @@ public class FileResource extends Resource
return new FileResource(uri); return new FileResource(uri);
} }
private void assertValidPath(String path)
{
int idx = StringUtil.indexOfControlChars(path);
if (idx >= 0)
{
throw new InvalidPathException(path, "Invalid Character at index " + idx);
}
}
/* ------------------------------------------------------------ */ /* ------------------------------------------------------------ */
@Override @Override

View File

@ -39,6 +39,7 @@ import java.util.ArrayList;
import java.util.List; import java.util.List;
import org.eclipse.jetty.util.IO; import org.eclipse.jetty.util.IO;
import org.eclipse.jetty.util.StringUtil;
import org.eclipse.jetty.util.URIUtil; import org.eclipse.jetty.util.URIUtil;
import org.eclipse.jetty.util.log.Log; import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.util.log.Logger; import org.eclipse.jetty.util.log.Logger;
@ -165,6 +166,7 @@ public class PathResource extends Resource
public PathResource(Path path) public PathResource(Path path)
{ {
this.path = path.toAbsolutePath(); this.path = path.toAbsolutePath();
assertValidPath(path);
this.uri = this.path.toUri(); this.uri = this.path.toUri();
this.alias = checkAliasPath(path); this.alias = checkAliasPath(path);
} }
@ -255,6 +257,17 @@ public class PathResource extends Resource
return new PathResource(this.path.getFileSystem().getPath(path.toString(), subpath)); return new PathResource(this.path.getFileSystem().getPath(path.toString(), subpath));
} }
private void assertValidPath(Path path)
{
// TODO merged from 9.2, check if necessary
String str = path.toString();
int idx = StringUtil.indexOfControlChars(str);
if(idx >= 0)
{
throw new InvalidPathException(str, "Invalid Character at index " + idx);
}
}
@Override @Override
public void close() public void close()
{ {

View File

@ -18,20 +18,20 @@
package org.eclipse.jetty.util; package org.eclipse.jetty.util;
import java.nio.charset.StandardCharsets;
import org.junit.Assert;
import org.junit.Test;
import static org.hamcrest.Matchers.arrayContaining; import static org.hamcrest.Matchers.arrayContaining;
import static org.hamcrest.Matchers.emptyArray; import static org.hamcrest.Matchers.emptyArray;
import static org.hamcrest.Matchers.is;
import static org.hamcrest.Matchers.nullValue; import static org.hamcrest.Matchers.nullValue;
import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertThat; import static org.junit.Assert.assertThat;
import static org.junit.Assert.assertTrue; import static org.junit.Assert.assertTrue;
import java.nio.charset.StandardCharsets;
import org.hamcrest.Matchers;
import org.junit.Assert;
import org.junit.Test;
public class StringUtilTest public class StringUtilTest
{ {
@Test @Test
@ -205,6 +205,25 @@ public class StringUtilTest
System.err.println(calc); System.err.println(calc);
} }
@Test
public void testHasControlCharacter()
{
assertThat(StringUtil.indexOfControlChars("\r\n"), is(0));
assertThat(StringUtil.indexOfControlChars("\t"), is(0));
assertThat(StringUtil.indexOfControlChars(";\n"), is(1));
assertThat(StringUtil.indexOfControlChars("abc\fz"), is(3));
assertThat(StringUtil.indexOfControlChars("z\010"), is(1));
assertThat(StringUtil.indexOfControlChars(":\u001c"), is(1));
assertThat(StringUtil.indexOfControlChars(null), is(-1));
assertThat(StringUtil.indexOfControlChars(""), is(-1));
assertThat(StringUtil.indexOfControlChars(" "), is(-1));
assertThat(StringUtil.indexOfControlChars("a"), is(-1));
assertThat(StringUtil.indexOfControlChars("."), is(-1));
assertThat(StringUtil.indexOfControlChars(";"), is(-1));
assertThat(StringUtil.indexOfControlChars("Euro is \u20ac"), is(-1));
}
@Test @Test
public void testIsBlank() public void testIsBlank()
{ {