* Fixes#6184 - JEP-411 will deprecate/remove the SecurityManager from the JVM.
Removed usages of `SecurityManager` and `AccessControlller.doPrivileged()`.
In places where they are still necessary, now using reflection via newly introduced `SecurityUtils` class.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Introduced `QueuedThreadPool.maxEvictCount` to be the number of idle threads that are evicted in one idle timeout.
When set to 1 (the default), the old behavior is reproduced: expiring 1 thread every idle timeout.
When set to larger values, allows to keep around the threads for the idle timeout (in case of further load spikes), but allows to quickly recover OS memory when they are truly idle.
For example, with 2000 threads, 30 seconds idle timeout and idleTimeoutMaxShrinkCount=1, it will take 995 minutes (about 16.5 hrs) to shrink the pool back to 10 threads.
By setting idleTimeoutMaxShrinkCount=100, the thread pool can be shrunk to 10 threads in about 10 minutes.
Note also that the new algorithm is more aggressive at shrinking the thread pool.
Previously, a small load might have been sufficient to never evict any thread, because all threads could take turns at executing jobs so that threads were mostly idle but would never really idle time out.
The new algorithm is more aggressive even in presence of a small load, so that if `minThreads` are sufficient to cope with the small load, then the other threads are evicted.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Signed-off-by: gregw <gregw@webtide.com>
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
Co-authored-by: gregw <gregw@webtide.com>
Co-authored-by: Ludovic Orban <lorban@bitronix.be>
Cookie cleanup
+ New Cookie parser with clearer focus on RFC6265.
+ Better compliance modes for RFC2965
+ Introduced CookieParser interface so that old and new parsers can coexist and be selected by compliance mode.
---------
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Co-authored-by: Greg Wilkins <gregw@webtide.com>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
* Introduce HttpCompliance.MISMATCHED_AUTHORITY
* Update HttpCompliance.RFC2616
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Update NcsaRequestLogTest.testAbsolute
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Use RFC2616 mode in RFC2616 tests
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Alternative fix for mismatched host headers
This PR fixes the miss-matched host header issue in the Request.setMetaData method. This requires no change to the HttpParser.
A more comprehensive fix can be considered for jetty-12.
Signed-off-by: gregw <gregw@webtide.com>
* Alternative fix for mismatched host headers
Updates from review
Signed-off-by: gregw <gregw@webtide.com>
---------
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Signed-off-by: gregw <gregw@webtide.com>
Co-authored-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Wrong value of RequestDispatcher.FORWARD_CONTEXT_PATH on root context
* Fixes#9119 - uses proper context path that
satisfies the root context rules of the servlet
spec
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Issue #8973 - Rework KeyStoreScanner handling for symlink related changes
+ Removed changes from #8786 and #8787
+ More test cases
+ revert jetty.sslContext.reload.followLinks boolean
+ Scanner should follow its own linkOptions setting
+ remove bad documentation in module-ssl-reload.adoc
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Co-authored-by: Lachlan Roberts <lachlan@webtide.com>
Now properly coverting to `int`.
Added test.
Also fixed MultiPartInputStreamParser.Base64InputStream for the same issue.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Fixes#8863 - Provide a possibility to name virtual threads
Reworked the VirtualThreads APIs to be based on `Executor` rather than just `boolean`.
Introduced Jetty module `threadpool-virtual-preview`.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Ignore date based headers if etag ones are present.
* Also avoid parsing dates unless necessary.
* Check a resource has a lastModified date
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Fixes#7117 - Timeout with Expect 100 continue when using ProxyServlet.
Now getReader() tests whether it has to send a 100 continue in case getInputStream()
is not called because the reader is reused.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Issue #8716 - Handle bad host/authority headers better
* Remove extra `Host` header in testcase that doesn't deal with bad Host headers
* Create URIUtil.isRegName
* Correcting HostPortTest.testValidAuthority
* Correcting RequestTest.testInvalidHostHeader
* Remove clonable, set to final
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Updating to version 10.0.12
* Updating to version 10.0.13-SNAPSHOT
* VERSION.TXT =+ content of jetty-9.4.49.v20220914 release
* remove strange line and reorder
* Fixes#8532 - Review System.nanoTime() usages.
Introduced o.e.j.util.NanoTime class to deal with nanoTimes.
Now NanoTime.now() should be used instead of System.nanoTime(),
and various <unit>[elapsed|since|until]() methods to calculate nanoTimes.
Furthermore, comparing 2 nanoTimes should be done via isBefore(),
rather than using the < operator, which is wrong as specified in
the System.nanoTime() javadocs.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
When all other sql statements are built, this method is used for including the schema name in front of the table name (if specified). So to make it more consistent, it would be better to also create the table in the specified schema.
PS: Please indulge me for not opening an issue, as i think this optimization is pretty trivial and need no big discussion.
Signed-off-by: Michael Weigmann <michael.weigmann@hsh-berlin.com>
Signed-off-by: Michael Weigmann <michael.weigmann@hsh-berlin.com>
Implemented support for virtual threads for HTTP/1.1, HTTP/2 and HTTP/3.
The virtual thread support is in AdaptiveExecutionStrategy.
When virtual threads are supported and enabled, reserved threads are disabled and
blocking tasks are run in a virtual thread instead that being executed by the Executor.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Ludovic Orban
Greg Wilkins
Joakim Erdfelt
Simone Bordet
Olivier Lamy
Jan Bartel
Lachlan
jluehe
dependabot[bot]
Olivier Lamy
Michael Weigmann