When `HttpChannelState._onIdleTimeout` was introduced, it was forgotten to null it out in recycle().
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
The handling of reads in MultiPartByteRanges.PathContentSource was broken for ranges that were larger than the read buffer size.
Fixed by properly counting how many bytes are left to read.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Updating various old/moved URL references found across project (`jetty-10.0.x`) (#10098)
+ Now that the migration of `https://eclipse.org/jetty/` to `https://eclipse.dev/jetty/` has occurred, it is time to review the URI use in our project
+ Updated URLs in poms
+ Added more URIs to XmlConfiguration
+ Updated URLs in module files
+ Updated URLs in documentation
+ Updated URLs in HTML
+ Correcting bad double-scheme URLs (eg: `http://https://www.eclipse...`)
+ Updating text in *.mod files
+ Removing `/current/` from path `/jetty/documentation/current/`
+ Fixing mailing list URL
+ Fixing github URL references in jsps
---------
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Added DefaultServlet combinations tests.
* Removed pathInfoOnly handling present in Jetty 11, because it is always true for mapping to "/", and always false for other mappings.
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
In case of `request.onComplete(Response.CompleteListener l)`, only the complete event should be delivered to `l`, not all the events (in case `l` implements other listener interfaces).
Only `Response.CompleteListener` passed to `request.send(Response.CompleteListener)` should receive all events.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Fixes#10087 - Flaky EventsHandlerTest due to trailers.
HTTP/2 trailers may arrive and be processed before the application reads request chunks.
Avoid the race condition by storing the trailers aside and returning them during reads.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Various cleanups of StringUtil and TypeUtil
Removed deprecated and unused methods
Moved charset handling to MimeTypes
resolve IDE warnings
* updates from review
* Issue #10084 - Directory entries on return of getResourcePaths(String) should include trailing slash
* Issue #10084 - Fixing test case order of entries in collection expectation
* Issue #10084 - Implementing fix for ee9
* Issue #10084 - Fixing bug in ServletContext.getRealPath() impl
* Issue #10084 - Fixing tests in ee9 to make them compatible with ee8 conversion
* Bring Resource.getFileName in alignment with other JVM methods of the same name. (eg: Path.getFileName)
* Simplified URLResource cleaner
The reference to the InputStream does not need to be soft/weak as a hard reference to it does not prevent the URLResource itself from being collected. Also by making a runnable record, there is one less allocation per input stream creation.
* Simplified URLResource cleaner
Use AtomicReference for the inputstream, so that if it is taken, then it is nulled and will not be closed.
* Simplified URLResource cleaner
Improved tests
A fully async ContentSourceCompletableFuture for use by MultiPartFormData and MultiPartByteRanges
Restructure MultiPartFormData to have a Parser class
---------
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
* Add zone id to DateTimeFormatter
Inline the call to withZone(ZoneId) because it returns a new DateTimeFormatter instead of modifying the current one in-place
Signed-off-by: Steffen Nießing <zuniquex@protonmail.com>
* Remove redundant null-check
The array already was null-checked, so remove the redundant check
Signed-off-by: Steffen Nießing <zuniquex@protonmail.com>
* Cleanup ArrayUtil
ArrayUtil provides static methods only -> Prevent instantiation and remove unused interfaces
Signed-off-by: Steffen Nießing <zuniquex@protonmail.com>
* Remove dead assignment
The charset variable isn't accessed after the assignment anymore
Signed-off-by: Steffen Nießing <zuniquex@protonmail.com>
* Prevent instantiation
TypeUtil contains static members only and should not be instantiated
Signed-off-by: Steffen Nießing <zuniquex@protonmail.com>
* Remove redundant null-check
The loader variable is checked to be non-null before
Signed-off-by: Steffen Nießing <zuniquex@protonmail.com>
* Restrict charset to ascii
The JavaDoc describes the byte array to contain ascii characters only
Signed-off-by: Steffen Nießing <zuniquex@protonmail.com>
* Prevent instantiation
StringUtil contains static members only
Signed-off-by: Steffen Nießing <zuniquex@protonmail.com>
* Prevent instantiation
IO contains static members only
Signed-off-by: Steffen Nießing <zuniquex@protonmail.com>
---------
Signed-off-by: Steffen Nießing <zuniquex@protonmail.com>
* Deflake ReservedThreadExecutorTest
Use awaitability with longer times to avoid short optimistic waits in tests.
* Deflake ReservedThreadExecutorTest
Use awaitability with longer times to avoid short optimistic waits in tests.
* Fix#9953 handled HEAD
Fix#9953 so that if a Handler self handles HEAD by not writing content, then the length checks do not fire if 0 bytes have been written.
* updates from review
* Remove usage of instanceof Content.Chunk.Error
* Updated AsyncContent to accept a transient failures
* Updated AsyncContent to accept a transient failure with inputstream
This PR refactors the ee10 handing of servlet API request and response objects:
+ The ServletContextHandler matches the request to a servlet and creates a one time only ServletContextRequest and a ServletContextResponse
+ A reusable ServletChannel object with all the heavy weight HttpInput and HttpOutput object is associated with the ServletContextRequest and ServletContextResponse.
+ Once the handling reaches the ServletHandler, the possibly wrapped request, response and callback are associated with the ServletChannel before handling.
+ Were possible the ServletApiRequest and ServletApiResponse use the possibly wrapped request/response
Added tests to check that GzipHandler can now be nested inside of an EE10 context.
---------
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
Signed-off-by: gregw <gregw@webtide.com>
Co-authored-by: Ludovic Orban <lorban@bitronix.be>
* Make a test case to resemble a failing tck test
* Add more test cases more like the tck test
* Fixed processing of EOF frames for pushed requests.
Before, the EOF frame was not added to the HTTP2Stream queue.
When the pushed request was completing it tried to consume the available content, but it was not finding EOF and so was emitting a reset frame, causing the TCK failure.
Now the EOF frame is always added to the HTTP2Stream queue, so it is properly consumed when completing the pushed request.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Fix H2 trailers frames
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
---------
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Ludovic Orban <lorban@bitronix.be>
* IdleTimeout review
+ pass TimeoutException through all APIs
+ HttpConnection now passes on TimeoutException to HttpChannel.onFailure
* More ServerTests for idletimeout
* Recreated a ServerTimeoutsTest for multiple transports
* more robust tests
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* merged work from @sbordet and @gregw
* Various improvements to CyclicTimeouts.
* Improved reset of the earliest timeout before iteration.
* Removed check for getExpireNanoTime() == -1, since it's a valid value.
* When onExpired(Expirable) returns false, the Expirable should arrange to move its timeout in the future.
* fix keystore to please BoringSSL + use correct temp path
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
* Fixed ErrorResponseAndCallback succeeded() and failed() to call super.failed() in all cases to complete the wrapped callback.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Revert "Fixed ErrorResponseAndCallback succeeded() and failed() to call super.failed() in all cases to complete the wrapped callback."
This reverts commit 5ac57c13e0.
* WIP idleTimeout
* WIP idleTimeout
* Added context wrapper for idle timeout listener
* updates from review
---------
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Ludovic Orban <lorban@bitronix.be>
* Resolve#8819 CustomRequestLog improvement
Resolves#8819 CustomRequestLog improvements:
+ only add extra detail if the log is a CustomRequestLog
+ add extra detail as a record
+ get authentication state directly from request attribute
* protect against null core request
* protect against null core request
* Use nanotime for logged latency
* Improved reset of the earliest timeout before iteration.
* Removed check for getExpireNanoTime() == -1, since it's a valid value.
* When onExpired(Expirable) returns false, the Expirable should arrange to move its timeout in the future.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Issue #9072 refactor jetty-ee module to remove it
* Remove old ee imports in module-info.javas
* Remove jetty-ee from deps
* Fix references to jetty-ee for osgi
* Update jetty-core/jetty-server/src/main/java/org/eclipse/jetty/server/Deployable.java
Co-authored-by: Greg Wilkins <gregw@webtide.com>
---------
Co-authored-by: Greg Wilkins <gregw@webtide.com>
* Fixed FCGI content parsing.
WordPress sends the initial content in the same frame as the response headers.
StreamContentParser was receiving the frame, delegating to HttpParser to parse the headers,
but the buffer was still containing some content, that was lost.
Now the content after the headers is correctly retained.
For the direct FastCGI APIs, now a read-only version of the buffer is passed to the listener,
and the original buffer is consumed as the caller expects.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Improved logging and variable naming in related classes.
Previously, a 404 received from a child handler would have resulted in an infinite loop trying to write the 404 response. However, `TryPathsHandler` should just delegate to other handlers.
Replaced the `IteratingCallback` loop with a simple `for` loop over the paths to try, returning if the path was handled by a child `Handler`.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Simplified QuotedStringTokenizer #9729
* Now implements a simple subset of `quoted-string` from RFC9110
* introduced builder
* Extracted QuotedStringTokenizer interface and re-introduced the legacy implementation
* Re-introduced the ability to have unescaped \ in filenames
* Whitespace is Character.isWhiteSpace
* Disable test pending RFC8187
* No OWS around =
Removed assumption that returning a null stream listener implies that the stream input must be shut down,
because the reads may be performed in a spin loop in another thread, without demanding.
Rewritten the test to avoid blocking the thread that called onRequest(), otherwise the data frames cannot
be read from the network.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Restored dispatch=true for pushed requests.
* Restored tests that use the Servlet APIs to push.
* Ensured that pushed streams have request content EOF.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Fixes#9684
+ Restore LargeHeaderTest Test
+ Fix Bad Content-Length produced if write + error occurs
+ Fix race between callback failure and error handling failure
+ Introduce new ResponseCompleteTest to attempt to capture complete race issue
+ More DEBUG + ignoring failure for completeStream
+ Removed ErrorResponse in favour or an errorMode
---------
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: gregw <gregw@webtide.com>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
* Optimize Content-Length: 0 handling
Create and use a pre-encoded HttpFields.CONTENT_LENGTH_0 constant
Used the constant in more places
renamed the `putLongField` methods of HttpFields.Mutable to just `put`
Fixed wrong docs examples
* Removed unnecessary classes, among which `BatchMode`, `CloseStatus`, etc.
* Coalesced all listener interfaces into `Session.Listener`.
* Moved `RemoteEndpoint` functionality to `Session`.
* Renamed `WebSocketPolicy` to `Configurable`.
* Renamed `WriteCallback` to just `Callback`, as it is now also used for some listener methods.
* Renamed `@OnWebSocketConnect` to `@OnWebSocketOpen`
* Renamed `Session.Listener.onWebSocketConnect()` to `onWebSocketOpen()`.
* Removed `@WebSocket` annotation attributes, because they were just a subset of the configurable ones and they can be configured directly on the Session instance.
* Removed `Session.suspend()` and `SuspendToken`, and introduced `Session.demand()`.
* Introduced `@WebSocket.autoDemand` and `Session.Listener.AutoDemanding` to support automatic demand upon exit of WebSocket handler methods.
* Removed `FrameHandler.isAutoDemanding()` and `CoreSession.isAutoDemanding()`.
* Changed the responsibility of demand from `WebSocketCoreSession` to `FrameHandler`, which in turn may delegate to `MessageSink`.
* Updated MessageInputStream to fail if an exception is thrown by the application.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Simplified the use of reflection.
* Improved `setShutdownContainer()` to take into account multiple web applications,
so it is now a `Map<ClassLoader, ContainerLifeCycle>` so that each web application
has its own container to register `JakartaWebSocketClientContainer` instances.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Introduced WelcomeMode so that now welcome files can be redirected, served, or rehandled.
* Updated ResourceHandler and DefaultServlet accordingly.
* Introduced WelcomeServletMode to replace 2 booleans.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Removed unnecessary constructors from MetaData, MetaData.Request and MetaData.Response.
* Removed MetaData.Request.getURIString() (available as getHttpURI().toString()).
* Renamed MetaData.getFields() -> getHttpFields(), as they can be headers or trailers.
* Renamed MetaData.Request.getURI() -> getHttpURI().
* Normalized handling of contentLength, now always -1 (rather than Long.MIN_VALUE) if unknown.
* Permutated MetaData.Response constructor parameters to be consistent with MetaData.Request.
* MetaData.Request's method and httpURI must be non-null.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
The fix is to make WebSocketUpgradeHandler.invocationType=BLOCKING, because the current semantic of the Jetty WebSocket APIs is that it is possible to call blocking APIs from within WebSocket event handler methods.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Deleted the Ut8fStringBuffer and Utf8Appendable classes in favour of just having Utf8StringBuilder
* Simplified the Utf8StringBuilder and CharsetStringBuilder APIs and improved their exception throwing.
* Allow for replacement characters without throwing
---------
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Signed-off-by: gregw <gregw@webtide.com>
Co-authored-by: Lachlan Roberts <lachlan@webtide.com>
Co-authored-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
The problem was that the retain/release idiom in HTTP2Session.onData()
was not respected.
Now after the call to HTTP2Stream.process(), the Data object is released.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Removed requestlog attributes that were never used.
* Code cleanups to remove usage of deprecated methods.
* Using MavenPaths.findTestResource* in ee9/ee10 tests to allow ee8 translation to function
* Fixed ClientCertAuthenticatorTest in both ee9 and ee10.
* Removed deprecated ClientCertAuthenticator in both ee9 and ee10.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
HTTP3Session.onClose() was calling failStreams(), which allocated
an IOException to fail the streams and eventually fail the response.
Since the failure was not a QuietException, it was logged at WARN level.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Moved -api, -common, -client to jetty-core/jetty-websocket.
* Implemented jetty-core/jetty-websocket/jetty-websocket-jetty-server using only Jetty core APIs, not Servlet.
* Fixed Graceful shutdown order.
* Fixed mistakes in HttpFieldsWrapper, wrongly calling HttpHeader.name() instead of asString().
* Updated tests to pass cleanly.
* Fixed BOMs and POM dependencies.
* Introduced websocket-jetty.mod and websocket-jetty-client.mod, now used by ee10's Jetty WebSocket.
* Fixed OSGi references to old artifactIds.
* Added test to show how to lookup and use ServerWebSocketContainer from a Handler.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
getServletPath and getPathInfo will never return an encoded path segment. Instead, they will throw an IllegalArgumentException if they are called when there is a URI with violations.
Signed-off-by: gregw <gregw@webtide.com>
Co-authored-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Convert class BadMessageException to a HttpMessage.RuntimeException to allows different types of HttpExceptions exceptions.
This follows the pattern of the QuietException interface.
Added URIUtil.decodeSafePath for EE10, to allow for %2F and %25 to remain encoded in the servlet API.
Fixed async dispatch to also safeDecode
Updated tests to expect decoded space
Apply suggestions from code review
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
#9408: restored HugeResourceTest:
- fixed double-release bug in MultiPartFormData
- used ByteBufferPool.NonPooling pool to work around #9311
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
Now only using whether the scheme is secure in the key used to store cookies,
not the scheme string.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Improved handling of CookieCompliance.from method
Added tests for request and response cookie handling
Use from in jetty.xml
Signed-off-by: gregw <gregw@webtide.com>
* Introduced ResponseListeners to reduce per-request allocation.
* Removed ResponseNotifier in favor of ResponseListeners.
* Introduced RequestListeners to reduce the per-request allocation.
* Removed RequestNotifier in favor of RequestListeners.
* Removed unnecessary sharing of HttpRequest.requestListeners.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Replaced usages of java.net.HttpCookie with oej.http.HttpCookie.
* Moved server-side only methods from HttpCookie to HttpCookieUtils.
* Introduced and implemented oej.http.HttpCookieStore.
* Removed now obsolete oej.util.HttpCookieStore.
* Introduced HttpScheme.isSecure(String), to avoid code duplication.
* Fixed handling of cookie "localhost" domain in HttpClient.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
There is now a Handler interface hierarchy:
+ Container is a Handler that has 1 or more contained Handlers.
+ Wrapper is a Container with only 1 handler and a setHandler method.
+ Collection is a Container with n handlers and a addHandler method
class are now:
+ Abstract implements Handler
+ AbstractContainer extends Abstract implements Container
+ BaseWrapper extends AbstractContainer implements Wrapper
+ Sequence extends AbstractContainer implements Collection
Lots of other associated cleanups
With issue #9166, ByteBufferPool was removed and replaced by
RetainableByteBufferPool. Since ByteBufferPool was used by
AbstractConnector, this change broke backwards compatibility with
third-party connectors such as junixsocket-jetty.
Since there's no longer any other ByteBufferPool, rename the
RetainableByteBufferPool interface, and thereby not only reinstate
compatibility with existing third-party libraries but also save a few
keystrokes.
https://github.com/eclipse/jetty.project/issues/9284
Signed-off-by: Christian Kohlschütter <christian@kohlschutter.com>
Relaxed jetty-fcgi JPMS dependencies.
Packages generator and parser were not internal,
was just matters of exporting them.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* rename sessions tests with eeX version in package name as it, we can indentify which test is failing with junit result
* get rid of some duplicate classes
Signed-off-by: Olivier Lamy <olamy@apache.org>
* Added a core Session abstraction
Sessions were already a core mechanism, but there was no API for them.
There is now a new Session interface that is available via the Request API. It is intended only for users of sessions.
The previous concrete class Session has been renamed to ManagedSession and it is used by classes that extend AbstractSessionManager.
* Fixed tests
* Use static method
* Updates from review
* Updates from review
Improved javadoc
used util Attributes interface.
* silence stack traces in IdleTimeoutTest by refactoring test + avoid execution of handlers over closed streams
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
Simone Bordet
Joakim Erdfelt
Lachlan
Ludovic Orban
Greg Wilkins
Jan Bartel
Steffen Nießing
Olivier Lamy
Olivier Lamy
dependabot[bot]
Christian Kohlschütter