Initialized PEM directories for both client and server.
Added [lib] section that was missing due to #11263.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Defaulted showStacks to false, to reduce false positives reported by penetration testing tools.
Deprecated ErrorHandler.badMessageError(), as it was not invoked anymore.
Implemented HttpStreamOverHTTP[2|3].onBadMessage() that was left as TODO.
Simplified the same code for HTTP/1.
Moved invocation of ComplianceViolation.Listener.onRequestEnd() to HandlerInvoker.completeStream().
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Introduced oej.io.Transport as the abstraction for the low-level transport of high-level protocols.
Now protocols such as HTTP/1.1 or HTTP/2 can be transported over TCP, QUIC, Unix-Domain, memory, and possibly over other low-level custom protocols too.
* Introduced oej.client.Request.transport(Transport) to specify Transport for each request.
* Introduced Transport to [HTTP2Client|HTTP3Client].connect(...) methods.
* Introduced [Client|Server]QuicConfiguration so that it can be used in other Connectors such as MemoryConnector.
* Introduced oej.server.MemoryConnector and EndPoint.Pipe for memory communication between peers, along with a MemoryTransport.
* Introduced QuicTransport as a wrapper for other Transports, so that QUIC can now also be transported over memory.
* Improved javadocs and documentation.
* Removed usage of ClientConnector.forUnixDomain() from FastCGIProxyServlet (ee10 and ee9).
* Replaced usage of HTTP3ServerConnector with QuicServerConnector in jetty-http3.xml.
* Fixed handling of Instruction notifications in case of re-entrance.
Now first clear the list, then notify to avoid that when re-entering the same instruction is notified multiple times.
* Introduced ContentSourceRequestContent, and updated ProxyHandler to use it.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
#10226
- fix HttpClientIdleTimeoutTest to wait for server's idle timeout before checking for leaks
- improve HttpClientIdleTimeoutTest by making it upload some content
- fix FCGI server leak caused by idle timeout
- fix H3 server leak caused by idle timeout
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
+ Introduce new events on `ComplianceViolation.Listener`
+ Introduce new `ComplianceViolation.Listener.initialize()` to allow for a new Listener at the appropriate time (to support per-request listeners)
+ Introduce new `ComplianceViolation.CapturingListener`
+ Introduce new `HttpConfiguration.(add/remove/get)ComplianceViolationListener()` methods.
+ Deprecate/Remove handling of `recordComplianceViolations` in `HttpConnection` and `HttpConnectionFactory` classes.
+ Produce warnings if use of `ComplianceViolation.Listener` as beans is still present.
+ Add `ComplianceViolation.Listener` support to `UriCompliance` locations.
+ Add `ComplianceViolation.Listener` support to `MultiPartCompliance` locations.
+ Add `ComplianceViolation.Listener` support to `CookieCompliance` locations.
+ Add `ComplianceViolation.Listener` support to `HttpCompliance` locations in HTTP/2 and HTTP/3
---------
Co-authored-by: gregw <gregw@webtide.com>
* Using @foo.version@ technique and proper
lib lists to allow arbitrary version
updates from properties
* Fix spotless
* Remove duplicate entries
* Only replace System property "jetty.version" with manifest-ver if blank/null
* Fixing bad module definitions
Now upon the second idle timeout, the connection is forcibly closed.
Fixed also similar problem in HTTP/3.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Introduced IteratingCallback.abort(Throwable) to serialize calls to onCompleteFailure().
* HttpSender now uses IC.abort() to serialize the abort of the request.
* Fixed HTTP/2 and HTTP/3 to dispatch the sending of the request to another thread, to free the reader thread that read the server preface.
* HTTP/1.1 does not need this, because just created connections do not need to read.
* Improved handling of request abort, as it can be from two sides: external and internal.
* Calling abort() instead of failed() for WebSocket flushers.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Removed duplicate handling from servlet. Now only handled in core in HttpChannelState and protected it from concurrent writes.
Added additional tests.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
The local/remote SocketAddress is cached within the ConnectionMetaData or Connection instance, so that any changes are not visible during the request lifetime.
Ensure that all server Connection types respect HttpConfiguration#getLocalAddress and that it is not implemented only in servlet layer
Avoid DNS resolution.
---------
Co-authored-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Ludovic Orban
Joakim Erdfelt
Olivier Lamy
Greg Wilkins
Lachlan Roberts
Simone Bordet
Jan Bartel