Response.reset does not clear session cookie #789

This commit is contained in:
Greg Wilkins 2016-07-29 16:45:09 +10:00
parent ad93923e1d
commit e0a1a1988f
4 changed files with 36 additions and 20 deletions

View File

@ -28,13 +28,11 @@ import org.eclipse.jetty.deploy.bindings.DebugListenerBinding;
import org.eclipse.jetty.deploy.providers.WebAppProvider;
import org.eclipse.jetty.http.HttpVersion;
import org.eclipse.jetty.jmx.MBeanContainer;
import org.eclipse.jetty.rewrite.handler.CompactPathRule;
import org.eclipse.jetty.rewrite.handler.RewriteHandler;
import org.eclipse.jetty.security.HashLoginService;
import org.eclipse.jetty.server.ConnectorStatistics;
import org.eclipse.jetty.server.DebugListener;
import org.eclipse.jetty.server.Handler;
import org.eclipse.jetty.server.HttpChannel;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.LowResourceMonitor;
@ -48,7 +46,6 @@ import org.eclipse.jetty.server.handler.DefaultHandler;
import org.eclipse.jetty.server.handler.HandlerCollection;
import org.eclipse.jetty.server.handler.RequestLogHandler;
import org.eclipse.jetty.server.handler.StatisticsHandler;
import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.eclipse.jetty.util.thread.QueuedThreadPool;
import org.eclipse.jetty.util.thread.ScheduledExecutorScheduler;

View File

@ -30,6 +30,8 @@ import java.util.Map;
import java.util.NoSuchElementException;
import java.util.Set;
import java.util.StringTokenizer;
import java.util.stream.Stream;
import java.util.stream.StreamSupport;
import org.eclipse.jetty.util.ArrayTernaryTrie;
import org.eclipse.jetty.util.QuotedStringTokenizer;
@ -96,6 +98,11 @@ public class HttpFields implements Iterable<HttpField>
{
return new Itr();
}
public Stream<HttpField> stream()
{
return StreamSupport.stream(Arrays.spliterator(_fields,0,_size),false);
}
/**
* Get Collection of header names.

View File

@ -1469,9 +1469,7 @@ public class Request implements HttpServletRequest
}
/* ------------------------------------------------------------ */
/*
* Add @override when 3.1 api is available
*/
@Override
public String changeSessionId()
{
HttpSession session = getSession(false);

View File

@ -27,8 +27,10 @@ import java.util.Collections;
import java.util.EnumSet;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.concurrent.atomic.AtomicInteger;
import java.util.stream.Collectors;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletOutputStream;
@ -1180,14 +1182,24 @@ public class Response implements HttpServletResponse
@Override
public void reset()
{
reset(false);
}
public void reset(boolean preserveCookies)
{
resetForForward();
_status = 200;
_reason = null;
_contentLength = -1;
List<HttpField> cookies = preserveCookies
?_fields.stream()
.filter(f->f.getHeader()==HttpHeader.SET_COOKIE)
.collect(Collectors.toList()):null;
_fields.clear();
String connection = _channel.getRequest().getHeader(HttpHeader.CONNECTION.asString());
String connection = _channel.getRequest().getHeader(HttpHeader.CONNECTION.asString());
if (connection != null)
{
for (String value: StringUtil.csvSplit(null,connection,0,connection.length()))
@ -1214,21 +1226,23 @@ public class Response implements HttpServletResponse
}
}
}
}
public void reset(boolean preserveCookies)
{
if (!preserveCookies)
reset();
if (preserveCookies)
cookies.forEach(f->_fields.add(f));
else
{
ArrayList<String> cookieValues = new ArrayList<String>(5);
Enumeration<String> vals = _fields.getValues(HttpHeader.SET_COOKIE.asString());
while (vals.hasMoreElements())
cookieValues.add(vals.nextElement());
reset();
for (String v:cookieValues)
_fields.add(HttpHeader.SET_COOKIE, v);
Request request = getHttpChannel().getRequest();
HttpSession session = request.getSession(false);
if (session!=null && session.isNew())
{
SessionManager sm = request.getSessionManager();
if (sm!=null)
{
HttpCookie c=sm.getSessionCookie(session,request.getContextPath(),request.isSecure());
if (c!=null)
addCookie(c);
}
}
}
}