Response.reset does not clear session cookie #789

2016-07-29 16:45:09 +10:00 · 2016-07-29 16:45:09 +10:00 · e0a1a1988f
parent ad93923e1d
commit e0a1a1988f
4 changed files with 36 additions and 20 deletions
--- a/examples/embedded/src/main/java/org/eclipse/jetty/embedded/LikeJettyXml.java
+++ b/examples/embedded/src/main/java/org/eclipse/jetty/embedded/LikeJettyXml.java
@ -28,13 +28,11 @@ import org.eclipse.jetty.deploy.bindings.DebugListenerBinding;
 import org.eclipse.jetty.deploy.providers.WebAppProvider;
 import org.eclipse.jetty.http.HttpVersion;
 import org.eclipse.jetty.jmx.MBeanContainer;
-import org.eclipse.jetty.rewrite.handler.CompactPathRule;
 import org.eclipse.jetty.rewrite.handler.RewriteHandler;
 import org.eclipse.jetty.security.HashLoginService;
 import org.eclipse.jetty.server.ConnectorStatistics;
 import org.eclipse.jetty.server.DebugListener;
 import org.eclipse.jetty.server.Handler;
-import org.eclipse.jetty.server.HttpChannel;
 import org.eclipse.jetty.server.HttpConfiguration;
 import org.eclipse.jetty.server.HttpConnectionFactory;
 import org.eclipse.jetty.server.LowResourceMonitor;
@ -48,7 +46,6 @@ import org.eclipse.jetty.server.handler.DefaultHandler;
 import org.eclipse.jetty.server.handler.HandlerCollection;
 import org.eclipse.jetty.server.handler.RequestLogHandler;
 import org.eclipse.jetty.server.handler.StatisticsHandler;
-import org.eclipse.jetty.util.log.Log;
 import org.eclipse.jetty.util.ssl.SslContextFactory;
 import org.eclipse.jetty.util.thread.QueuedThreadPool;
 import org.eclipse.jetty.util.thread.ScheduledExecutorScheduler;
--- a/jetty-http/src/main/java/org/eclipse/jetty/http/HttpFields.java
+++ b/jetty-http/src/main/java/org/eclipse/jetty/http/HttpFields.java
@ -30,6 +30,8 @@ import java.util.Map;
 import java.util.NoSuchElementException;
 import java.util.Set;
 import java.util.StringTokenizer;
+import java.util.stream.Stream;
+import java.util.stream.StreamSupport;

 import org.eclipse.jetty.util.ArrayTernaryTrie;
 import org.eclipse.jetty.util.QuotedStringTokenizer;
@ -96,6 +98,11 @@ public class HttpFields implements Iterable<HttpField>
    {
        return new Itr();
    }
+    
+    public Stream<HttpField> stream()
+    {
+        return StreamSupport.stream(Arrays.spliterator(_fields,0,_size),false);
+    }

    /**
     * Get Collection of header names.
--- a/jetty-server/src/main/java/org/eclipse/jetty/server/Request.java
+++ b/jetty-server/src/main/java/org/eclipse/jetty/server/Request.java
@ -1469,9 +1469,7 @@ public class Request implements HttpServletRequest
    }

    /* ------------------------------------------------------------ */
-    /*
-     * Add @override when 3.1 api is available
-     */
+    @Override
    public String changeSessionId()
    {
        HttpSession session = getSession(false);
--- a/jetty-server/src/main/java/org/eclipse/jetty/server/Response.java
+++ b/jetty-server/src/main/java/org/eclipse/jetty/server/Response.java
@ -27,8 +27,10 @@ import java.util.Collections;
 import java.util.EnumSet;
 import java.util.Enumeration;
 import java.util.Iterator;
+import java.util.List;
 import java.util.Locale;
 import java.util.concurrent.atomic.AtomicInteger;
+import java.util.stream.Collectors;

 import javax.servlet.RequestDispatcher;
 import javax.servlet.ServletOutputStream;
@ -1180,14 +1182,24 @@ public class Response implements HttpServletResponse
    @Override
    public void reset()
    {
+        reset(false);
+    }
+
+    public void reset(boolean preserveCookies)
+    { 
        resetForForward();
        _status = 200;
        _reason = null;
        _contentLength = -1;
+        
+        List<HttpField> cookies = preserveCookies
+            ?_fields.stream()
+            .filter(f->f.getHeader()==HttpHeader.SET_COOKIE)
+            .collect(Collectors.toList()):null;
+        
        _fields.clear();

-        String connection = _channel.getRequest().getHeader(HttpHeader.CONNECTION.asString());
-                
+        String connection = _channel.getRequest().getHeader(HttpHeader.CONNECTION.asString());  
        if (connection != null)
        {
            for (String value: StringUtil.csvSplit(null,connection,0,connection.length()))
@ -1214,21 +1226,23 @@ public class Response implements HttpServletResponse
                }
            }
        }
-    }

-    public void reset(boolean preserveCookies)
-    { 
-        if (!preserveCookies)
-            reset();
+        if (preserveCookies)
+            cookies.forEach(f->_fields.add(f));
        else
        {
-            ArrayList<String> cookieValues = new ArrayList<String>(5);
-            Enumeration<String> vals = _fields.getValues(HttpHeader.SET_COOKIE.asString());
-            while (vals.hasMoreElements())
-                cookieValues.add(vals.nextElement());
-            reset();
-            for (String v:cookieValues)
-                _fields.add(HttpHeader.SET_COOKIE, v);
+            Request request = getHttpChannel().getRequest();
+            HttpSession session = request.getSession(false);
+            if (session!=null && session.isNew())
+            {
+                SessionManager sm = request.getSessionManager();
+                if (sm!=null)
+                {
+                    HttpCookie c=sm.getSessionCookie(session,request.getContextPath(),request.isSecure());
+                    if (c!=null)
+                        addCookie(c);
+                }
+            }
        }
    }