Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Issue #9459 empty session path in cookie (#9477)

This commit is contained in:
Jan Bartel 2023-03-10 00:38:52 +11:00 committed by GitHub
parent 9f9868b754
commit f9a018105d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 17 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
jetty-core/jetty-session/src/main/java/org/eclipse/jetty/session/AbstractSessionManager.java
View File

@ -239,9 +239,9 @@ public abstract class AbstractSessionManager extends ContainerLifeCycle implemen
_context = ContextHandler.getCurrentContext();
_loader = Thread.currentThread().getContextClassLoader();
// ensure a session path is set for non root contexts
// ensure a session path is set
String contextPath = _context == null ? "/" : _context.getContextPath();
if (!"/".equals(contextPath) && getSessionPath() == null)
if (getSessionPath() == null)
setSessionPath(contextPath);
// Use a coarser lock to serialize concurrent start of many contexts.

8
jetty-ee10/jetty-ee10-servlet/src/test/java/org/eclipse/jetty/ee10/servlet/SessionHandlerTest.java
View File

@ -299,7 +299,7 @@ public class SessionHandlerTest
@Test
public void testSimpleSessionCreation() throws Exception
{
String contextPath = "";
String contextPath = "/";
String servletMapping = "/server";
Server server = new Server();
@ -339,7 +339,8 @@ public class SessionHandlerTest
client.start();
//make a session
String url = "http://localhost:" + port + contextPath + servletMapping + "?action=create";
String path = contextPath + (contextPath.endsWith("/") && servletMapping.startsWith("/") ? servletMapping.substring(1) : servletMapping);
String url = "http://localhost:" + port + path + "?action=create";
//make a request to set up a session on the server
ContentResponse response = client.GET(url);
@ -347,8 +348,9 @@ public class SessionHandlerTest
String sessionCookie = response.getHeaders().get("Set-Cookie");
assertTrue(sessionCookie != null);
assertThat(sessionCookie, containsString("Path=/"));
ContentResponse response2 = client.GET("http://localhost:" + port + contextPath + servletMapping + "?action=test");
ContentResponse response2 = client.GET("http://localhost:" + port + path + "?action=test");
assertEquals(HttpServletResponse.SC_OK, response2.getStatus());
}
finally

13
jetty-ee9/jetty-ee9-nested/src/test/java/org/eclipse/jetty/ee9/nested/SessionHandlerTest.java
View File

@ -60,6 +60,7 @@ public class SessionHandlerTest
private Server _server;
private LocalConnector _connector;
private SessionHandler _sessionHandler;
private ContextHandler _contextHandler;
@BeforeEach
public void beforeEach() throws Exception
@ -67,15 +68,15 @@ public class SessionHandlerTest
_server = new Server();
_connector = new LocalConnector(_server);
_server.addConnector(_connector);
ContextHandler contextHandler = new ContextHandler();
_server.setHandler(contextHandler);
_contextHandler = new ContextHandler();
_server.setHandler(_contextHandler);
_sessionHandler = new SessionHandler();
_sessionHandler.setSessionCookie("JSESSIONID");
_sessionHandler.setUsingCookies(true);
_sessionHandler.setUsingURLs(false);
_sessionHandler.setSessionPath("/");
contextHandler.setHandler(_sessionHandler);
_contextHandler.setHandler(_sessionHandler);
_sessionHandler.setHandler(new AbstractHandler()
{
@ -283,6 +284,10 @@ public class SessionHandlerTest
@Test
public void testCreateSession() throws Exception
{
_server.stop();
_sessionHandler.setSessionPath(null);
_contextHandler.setContextPath("/");
_server.start();
LocalConnector.LocalEndPoint endPoint = _connector.connect();
endPoint.addInput("""
GET / HTTP/1.1
@ -301,6 +306,8 @@ public class SessionHandlerTest
response = HttpTester.parseResponse(endPoint.getResponse());
assertThat(response.getStatus(), equalTo(200));
String setCookie = response.get("SET-COOKIE");
assertThat(setCookie, containsString("Path=/"));
String content = response.getContent();
assertThat(content, startsWith("Session="));
String id = content.substring(content.indexOf('=') + 1, content.indexOf('\n'));