Commit Graph

2078 Commits

Author SHA1 Message Date
Joakim Erdfelt 5dcc14b114
Merge pull request #6551 from eclipse/jetty-10.0.x-6545-refresh-mimetypes
Issue #6545 - Add more mime-types
2021-07-28 05:47:36 -05:00
Ludovic Orban bd11d6f682 #6491 add defensive check and introduce HttpParser.isTerminated()
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2021-07-28 10:14:19 +02:00
Joakim Erdfelt 8971ea991f
Issue #6545 - Add more mime-types
+ Adding webp + avif + apng based on current
  `Accept` header offerings from current browsers.

Firefox 90.0
`Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8`

Chrome 92.0.4515.107
`Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9`

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-07-27 11:48:39 -05:00
Joakim Erdfelt 92b6f336b6
Merge pull request #6503 from eclipse/release-10.0.6
Merge Release 10.0.6
2021-07-07 08:21:20 -05:00
Greg Wilkins 8945a58ffc
Reduce header cache memory usage on non persistent requests (#6494)
Delay creating a header cache until a second request on a parser.
Refactored cache code into subclass

Signed-off-by: Greg Wilkins <gregw@webtide.com>
2021-07-07 12:51:06 +10:00
Lachlan 259f9af9c9
Merge pull request #6490 from eclipse/jetty-10.0.x-6489-UriCompliance
Issue #6489 - fix RFC3986_UNAMBIGUOUS and UNSAFE UriCompliance modes.
2021-07-06 15:58:51 +10:00
Lachlan Roberts 76ab749aca Issue #6489 - fix RFC3986_UNAMBIGUOUS and UNSAFE UriCompliance modes.
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-07-01 17:52:07 +10:00
Lachlan Roberts b82b46243d Issue #6489 - fix RFC3986_UNAMBIGUOUS and UNSAFE UriCompliance modes.
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-07-01 17:27:17 +10:00
Joakim Erdfelt c245a70893 Updating to version 10.0.7-SNAPSHOT 2021-06-29 10:51:22 -05:00
Joakim Erdfelt 37e7731b4b Updating to version 10.0.6 2021-06-29 10:27:56 -05:00
Lachlan 3c32afa05c
Issue #6473 - canonicalPath refactor & fix alias check in PathResource (Jetty-10) (#6478)
Issue #6473 - canonicalPath refactor & fix alias check in PathResource

* Reverted %-escape handling for URI query parts.
* Performing canonicalization in ServletContext.getResource(),
  and improving alias checking in ContextHandler.getResource().
* Performing canonicalization checks in Resource.addPath() to avoid
  navigation above of the root.
* Test added and fixed.
* Various cleanups.
* Improved javadoc and comments
* Compliance mode HttpURI uses UriCompliance.Violation

Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Greg Wilkins <gregw@webtide.com>
2021-06-29 15:42:39 +02:00
Lachlan bc0fbbb5c1
Revert logic in Request.setMetaData, clear emptySegment on HttpUri.clear() (#6468)
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Manually merged as ECA checks are broken
2021-06-24 17:18:49 +10:00
Greg Wilkins 4673846635
Compliance modes documentation (#6312)
Added doco on compliance modes

Signed-off-by: Greg Wilkins <gregw@webtide.com>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
2021-06-24 15:20:05 +10:00
Lachlan d233f3be02
Issue #6447 - Deprecate support for UTF16 encoding in URIs (#6457)
Deprecate support for UTF16 encoding in URIs.
Add compliance mode to allow UTF16 encodings.
Improve testing.
2021-06-23 22:58:49 +10:00
Joakim Erdfelt 9d2d1e29b7 Updating to version 10.0.6-SNAPSHOT 2021-06-11 09:42:42 -05:00
Joakim Erdfelt dc21b2d73c Updating to version 10.0.5 2021-06-11 09:18:00 -05:00
Lachlan b4d7e5117d
Issue #6302 - Treat empty path segments as ambiguous. (#6304)
Issue #6302 - Treat empty path segments are ambiguous.

* Fix false empty segments being reported.
* Add HttpUriTests for the empty segment as ambiguous

Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Co-authored-by: Greg Wilkins <gregw@webtide.com>
2021-06-10 15:12:59 +02:00
Joakim Erdfelt 987066aac1 Updating to version 10.0.5-SNAPSHOT 2021-06-04 13:28:47 -05:00
Joakim Erdfelt 5523480c54 Updating to version 10.0.4 2021-06-04 13:09:44 -05:00
Simone Bordet 9ace21992e Updated POM versions to 10.0.4-SNAPSHOT.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-05-21 17:07:46 +02:00
Lachlan f58dbedcd0
Fixes #6263 - Review URI encoding in ConcatServlet & WelcomeFilter.
Review URI encoding in ConcatServlet & WelcomeFilter and improve testing.

Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
2021-05-12 17:14:43 +02:00
Lachlan 4c98990cd9
Create FileBufferedResponseHandler to buffer responses into a file. (#6010)
FileBufferedResponseHandler adds an HttpOutput.Interceptor to buffer all responses into a file until the output is closed. This allows the commit to be delayed until the response is complete and thus headers and response status can be changed while writing the body.

Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-04-19 11:02:44 +10:00
Greg Wilkins b56edf511a
UriCompliance mode improvements #6132 (#6137)
Resolve #6132

Improve configuration of ambiguous URI handling.
Added NON_CANONICAL_AMBIGUOUS_PATHS
2021-04-08 12:03:30 +10:00
Guilherme Amaral e3c87fc2af
Changed exception check by JUnit API usage (#6133) 2021-04-06 08:51:50 +10:00
Olivier Lamy a0796d1055 Updating to version 10.0.3-SNAPSHOT 2021-03-26 06:31:31 +00:00
Olivier Lamy 7bd207b309 Updating to version 10.0.2 2021-03-26 06:13:42 +00:00
Olivier Lamy d27363fa55 back to 10.0.2-SNAPSHOT
Signed-off-by: Olivier Lamy <oliver.lamy@gmail.com>
2021-03-26 06:10:47 +00:00
Jesse McConnell 7a9e01ac56
Updating to version 10.0.3-SNAPSHOT 2021-03-25 10:38:15 -05:00
Jesse McConnell aac6bfbd48
Updating to version 10.0.2 2021-03-25 10:21:44 -05:00
Simone Bordet 6fca106160 Reverted version to 10.0.2-SNAPSHOT.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-03-25 16:02:45 +01:00
Olivier Lamy 3d0574d64c Updating to version 10.0.3-SNAPSHOT 2021-03-25 04:10:39 +00:00
Olivier Lamy ab235ad687 Updating to version 10.0.2 2021-03-25 03:57:25 +00:00
Greg Wilkins 06e1a7e88d
URI compliance modes for #6001 (#6006)
* Fix #4275 separate compliance modes for ambiguous URI segments and separators

default modes allows both ambiguous separators and segments, but still forbids ambiguous parameters

Co-authored-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-03-02 11:59:16 +01:00
gregw c4dbf9748e Merge remote-tracking branch 'origin/jetty-9.4.x' into jetty-10.0.x
Signed-off-by: gregw <gregw@webtide.com>
2021-02-24 11:58:55 +01:00
Greg Wilkins 49e73dfb75
Fix #4275 #6001 separate compliance modes for ambiguous URI segments and se… (#6003)
Fix #4275 separate compliance modes for ambiguous URI segments and separators
2021-02-24 10:05:05 +01:00
Joakim Erdfelt fa6c617069
Fixing checkstyle warning
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-02-23 16:28:09 -06:00
gregw bc3e1dc94e Merge remote-tracking branch 'origin/jetty-9.4.x' into jetty-10.0.x
Signed-off-by: gregw <gregw@webtide.com>
2021-02-23 20:06:30 +01:00
Greg Wilkins 8bd4a9fad8
Fix #5999 ArrayIndexOutOfBounds for unicode in HttpURI segment (#6000)
Fixed ArrayTrie to not throw if passed a unicode character.
2021-02-23 20:03:45 +01:00
Joakim Erdfelt 8ed8dc62e3 Updating to version 10.0.2-SNAPSHOT 2021-02-19 13:06:42 -06:00
Joakim Erdfelt d0bfd9145d Updating to version 10.0.1 2021-02-19 12:43:50 -06:00
Joakim Erdfelt ea2a76ed3b Updating to version 9.4.38-SNAPSHOT 2021-02-19 09:44:28 -06:00
Joakim Erdfelt 27afab2bd3 Updating to version 9.4.37.v20210219 2021-02-19 09:03:57 -06:00
gregw bb5fefdaeb Merge remote-tracking branch 'origin/jetty-9.4.x' into jetty-10.0.x
Signed-off-by: gregw <gregw@webtide.com>
2021-02-18 17:44:46 +01:00
Greg Wilkins 324ab668de
More optional etag gzip fixes for #5979 (#5986)
* More optional etag gzip fixes for #5979

IF no separator defined, do not add a suffix to an etag.
Some cleanup of the implementation.

* More optional etag gzip fixes for #5979

updates from review
2021-02-18 17:24:16 +01:00
gregw 1113b15110 Merge remote-tracking branch 'origin/jetty-9.4.x' into jetty-10.0.x 2021-02-18 14:18:31 +01:00
Joakim Erdfelt 10e531756b
Merge pull request from GHSA-m394-8rww-3jr7
Use comparator based sort
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Signed-off-by: gregw <gregw@webtide.com>

Co-authored-by: gregw <gregw@webtide.com>
2021-02-18 14:14:38 +01:00
olivier lamy 1d5662f841 Merge branch 'jetty-9.4.x' into jetty-10.0.x 2021-02-18 07:44:37 +10:00
Greg Wilkins a8b4927427
Fix #5979 by allowing a configurable etag separator. (#5980)
* Fix #5979 by allowing a configurable etag separator.

Fix #5979 by allowing a configurable etag separator

* updates from review

* Updates from review

Signed-off-by: Greg Wilkins <gregw@webtide.com>
2021-02-17 22:19:23 +01:00
gregw 97ee0fd527 fixed bad merge 2021-02-17 18:49:37 +01:00
gregw 349b89d7e4 Merge remote-tracking branch 'origin/jetty-9.4.x' into jetty-10.0.x
Signed-off-by: gregw <gregw@webtide.com>
2021-02-17 18:11:02 +01:00