Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

353073 removed old origin handling

This commit is contained in:
Greg Wilkins 2011-08-15 16:16:34 +10:00
parent 2cb0cd377e
commit bfda9e0523
7 changed files with 46 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
jetty-websocket/src/main/java/org/eclipse/jetty/websocket/WebSocketConnection.java
View File

@ -14,7 +14,7 @@ public interface WebSocketConnection extends Connection
{
void fillBuffersFrom(Buffer buffer);
void handshake(HttpServletRequest request, HttpServletResponse response, String origin, String subprotocol) throws IOException;
void handshake(HttpServletRequest request, HttpServletResponse response, String subprotocol) throws IOException;
List<Extension> getExtensions();

4
jetty-websocket/src/main/java/org/eclipse/jetty/websocket/WebSocketConnectionD00.java
View File

@ -362,7 +362,7 @@ public class WebSocketConnectionD00 extends AbstractConnection implements WebSoc
void access(EndPoint endp);
}
public void handshake(HttpServletRequest request, HttpServletResponse response, String origin, String subprotocol) throws IOException
public void handshake(HttpServletRequest request, HttpServletResponse response, String subprotocol) throws IOException
{
String uri=request.getRequestURI();
String query=request.getQueryString();
@ -370,7 +370,9 @@ public class WebSocketConnectionD00 extends AbstractConnection implements WebSoc
uri+="?"+query;
String host=request.getHeader("Host");
String origin=request.getHeader("Host");
String key1 = request.getHeader("Sec-WebSocket-Key1");
if (key1!=null)
{
String key2 = request.getHeader("Sec-WebSocket-Key2");

2
jetty-websocket/src/main/java/org/eclipse/jetty/websocket/WebSocketConnectionD06.java
View File

@ -710,7 +710,7 @@ public class WebSocketConnectionD06 extends AbstractConnection implements WebSoc
}
/* ------------------------------------------------------------ */
public void handshake(HttpServletRequest request, HttpServletResponse response, String origin, String subprotocol) throws IOException
public void handshake(HttpServletRequest request, HttpServletResponse response, String subprotocol) throws IOException
{
String uri=request.getRequestURI();
String query=request.getQueryString();

2
jetty-websocket/src/main/java/org/eclipse/jetty/websocket/WebSocketConnectionD10.java
View File

@ -806,7 +806,7 @@ public class WebSocketConnectionD10 extends AbstractConnection implements WebSoc
}
/* ------------------------------------------------------------ */
public void handshake(HttpServletRequest request, HttpServletResponse response, String origin, String subprotocol) throws IOException
public void handshake(HttpServletRequest request, HttpServletResponse response, String subprotocol) throws IOException
{
String uri=request.getRequestURI();
String query=request.getQueryString();

46
jetty-websocket/src/main/java/org/eclipse/jetty/websocket/WebSocketFactory.java
View File

@ -38,9 +38,21 @@ public class WebSocketFactory
{
public interface Acceptor
{
/* ------------------------------------------------------------ */
/**
* @param request
* @param protocol
* @return
*/
WebSocket doWebSocketConnect(HttpServletRequest request, String protocol);
String checkOrigin(HttpServletRequest request, String host, String origin);
/* ------------------------------------------------------------ */
/** Check the origin of an incoming WebSocket handshake request
* @param request
* @param origin
* @return boolean to indicate that the origin is acceptable.
*/
boolean checkOrigin(HttpServletRequest request, String origin);
}
private final Map<String,Class<? extends Extension>> _extensionClasses = new HashMap<String, Class<? extends Extension>>();
@ -128,7 +140,7 @@ public class WebSocketFactory
* @param protocol The websocket protocol
* @throws IOException in case of I/O errors
*/
public void upgrade(HttpServletRequest request, HttpServletResponse response, WebSocket websocket, String origin, String protocol)
public void upgrade(HttpServletRequest request, HttpServletResponse response, WebSocket websocket, String protocol)
throws IOException
{
if (!"websocket".equalsIgnoreCase(request.getHeader("Upgrade")))
@ -176,7 +188,7 @@ public class WebSocketFactory
}
// Let the connection finish processing the handshake
connection.handshake(request, response, origin, protocol);
connection.handshake(request, response, protocol);
response.flushBuffer();
// Give the connection any unused data from the HTTP connection.
@ -205,11 +217,20 @@ public class WebSocketFactory
{
if ("websocket".equalsIgnoreCase(request.getHeader("Upgrade")))
{
String origin = request.getHeader("Sec-WebSocket-Origin");
if (origin==null)
origin = request.getHeader("Origin");
if (!_acceptor.checkOrigin(request,origin))
{
response.sendError(HttpServletResponse.SC_FORBIDDEN);
return false;
}
// Try each requested protocol
WebSocket websocket = null;
String protocol = request.getHeader("Sec-WebSocket-Protocol");
if (protocol == null) // TODO remove once draft period is over
protocol = request.getHeader("WebSocket-Protocol");
WebSocket websocket = null;
for (String p : parseProtocols(protocol))
{
websocket = _acceptor.doWebSocketConnect(request, p);
@ -220,17 +241,16 @@ public class WebSocketFactory
}
}
String host = request.getHeader("Host");
String origin = request.getHeader("Origin");
origin = _acceptor.checkOrigin(request, host, origin);
if (websocket != null)
// Did we get a websocket?
if (websocket == null)
{
upgrade(request, response, websocket, origin, protocol);
return true;
response.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE);
return false;
}
response.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE);
// Send the upgrade
upgrade(request, response, websocket, protocol);
return true;
}
return false;

6
jetty-websocket/src/main/java/org/eclipse/jetty/websocket/WebSocketHandler.java
View File

@ -100,11 +100,9 @@ public abstract class WebSocketHandler extends HandlerWrapper implements WebSock
}
/* ------------------------------------------------------------ */
public String checkOrigin(HttpServletRequest request, String host, String origin)
public boolean checkOrigin(HttpServletRequest request, String origin)
{
if (origin==null)
origin=host;
return origin;
return true;
}
}

9
jetty-websocket/src/main/java/org/eclipse/jetty/websocket/WebSocketServlet.java
View File

@ -14,6 +14,8 @@
package org.eclipse.jetty.websocket;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
@ -65,11 +67,10 @@ public abstract class WebSocketServlet extends HttpServlet implements WebSocketF
super.service(request,response);
}
public String checkOrigin(HttpServletRequest request, String host, String origin)
/* ------------------------------------------------------------ */
public boolean checkOrigin(HttpServletRequest request, String origin)
{
if (origin==null)
origin=host;
return origin;
return true;
}