From fb06b821725a1c58b00cf927a0a70df6fb3a82d1 Mon Sep 17 00:00:00 2001 From: Greg Wilkins Date: Thu, 13 Dec 2018 13:42:08 +1100 Subject: [PATCH] Issue #3030 ignore identity content encoding during parameter extraction Signed-off-by: Greg Wilkins --- .../org/eclipse/jetty/server/Request.java | 9 ++++-- .../org/eclipse/jetty/server/RequestTest.java | 28 +++++++++++++------ 2 files changed, 26 insertions(+), 11 deletions(-) diff --git a/jetty-server/src/main/java/org/eclipse/jetty/server/Request.java b/jetty-server/src/main/java/org/eclipse/jetty/server/Request.java index d29d0431d54..314242ec218 100644 --- a/jetty-server/src/main/java/org/eclipse/jetty/server/Request.java +++ b/jetty-server/src/main/java/org/eclipse/jetty/server/Request.java @@ -68,6 +68,7 @@ import org.eclipse.jetty.http.HttpCookie; import org.eclipse.jetty.http.HttpField; import org.eclipse.jetty.http.HttpFields; import org.eclipse.jetty.http.HttpHeader; +import org.eclipse.jetty.http.HttpHeaderValue; import org.eclipse.jetty.http.HttpMethod; import org.eclipse.jetty.http.HttpScheme; import org.eclipse.jetty.http.HttpStatus; @@ -468,8 +469,12 @@ public class Request implements HttpServletRequest if (MimeTypes.Type.FORM_ENCODED.is(contentType) && _channel.getHttpConfiguration().isFormEncodedMethod(getMethod())) { - if (_metaData!=null && getHttpFields().contains(HttpHeader.CONTENT_ENCODING)) - throw new BadMessageException(HttpStatus.NOT_IMPLEMENTED_501,"Unsupported Content-Encoding"); + if (_metaData!=null) + { + String contentEncoding = getHttpFields().get(HttpHeader.CONTENT_ENCODING); + if (contentEncoding!=null && !HttpHeaderValue.IDENTITY.is(contentEncoding)) + throw new BadMessageException(HttpStatus.NOT_IMPLEMENTED_501, "Unsupported Content-Encoding"); + } extractFormParameters(_contentParameters); } else if (MimeTypes.Type.MULTIPART_FORM_DATA.is(contentType) && diff --git a/jetty-server/src/test/java/org/eclipse/jetty/server/RequestTest.java b/jetty-server/src/test/java/org/eclipse/jetty/server/RequestTest.java index 802e7b10a28..4b8ec31ac4f 100644 --- a/jetty-server/src/test/java/org/eclipse/jetty/server/RequestTest.java +++ b/jetty-server/src/test/java/org/eclipse/jetty/server/RequestTest.java @@ -647,18 +647,29 @@ public class RequestTest assertThat(responses,startsWith("HTTP/1.1 200")); } + @Test + public void testIdentityParamExtraction() throws Exception + { + _handler._checker = (request, response) -> "bar".equals(request.getParameter("foo")); + + //Send a request with encoded form content + String request="POST / HTTP/1.1\r\n"+ + "Host: whatever\r\n"+ + "Content-Type: application/x-www-form-urlencoded; charset=utf-8\n"+ + "Content-Length: 7\n"+ + "Content-Encoding: identity\n"+ + "Connection: close\n"+ + "\n"+ + "foo=bar\n"; + + String responses=_connector.getResponse(request); + assertThat(responses,startsWith("HTTP/1.1 200")); + } @Test public void testEncodedNotParams() throws Exception { - _handler._checker = new RequestTester() - { - @Override - public boolean check(HttpServletRequest request,HttpServletResponse response) - { - return request.getParameter("param")==null; - } - }; + _handler._checker = (request, response) -> request.getParameter("param")==null; //Send a request with encoded form content String request="POST / HTTP/1.1\r\n"+ @@ -674,7 +685,6 @@ public class RequestTest assertThat(responses,startsWith("HTTP/1.1 200")); } - @Test public void testInvalidHostHeader() throws Exception {