Added `before` section to a module to control ordering
rename `options` section to `after`
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
* add an easy way to configure useInputDirectByteBuffers/useOutputDirectByteBuffers for HttpConfiguration
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
Fix#5835 Durable filters and servlets with a general ServletHandler cleanup
update indexes after updating mapping
update mappings/indexes before destroyed listeners
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Now matching certificates are sorted, non-wildcard first, so that a more specific alias is returned.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Fix#4275 separate compliance modes for ambiguous URI segments and separators
default modes allows both ambiguous separators and segments, but still forbids ambiguous parameters
Co-authored-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* More optional etag gzip fixes for #5979
IF no separator defined, do not add a suffix to an etag.
Some cleanup of the implementation.
* More optional etag gzip fixes for #5979
updates from review
* Fix#5979 by allowing a configurable etag separator.
Fix#5979 by allowing a configurable etag separator
* updates from review
* Updates from review
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Handle URIs by first resolving relative paths and then decoding.
Added compliance mode to return 400 if there are ambiguous path segments.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
refactored the complete method to consider unrecoverable API states no matter what the httpout state
actually is. This avoid duplication of OPEN, CLOSING, CLOSED etc. handling.
Ensure that HttpInput is always closed to EOF, EarlyEOF or Error, so that non container threads doing blocking reads
will not block forever, even if late. Delay recycling of HttpInput until next request is received.
Introduced new properties jetty.sslContext.keyStoreAbsolutePath
and jetty.sslContext.trustStoreAbsolutePath to default to
${jetty.base}/etc/keystore.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Fix#5794 Close socket on bind failure
Fix#5794 Close socket on bind failure
* Fix#5794 Close socket on bind failure
Fix#5794 Close socket on bind failure
* Fix#5794 Close socket on bind failure
Update fix with IO.close()
* enable spotbugs in CI
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
record issues
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
use warning new generation
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
activate errorprone
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
fix Jenkinsfile
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
do not run spotbugs for jetty-runner as we do not want to fix all dependencies bugs :)
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
junit should allow empty results
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
maven console can be use only once...
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
one liner
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
recordissues only once
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
force id
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
aggregate results
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
configure a name for aggregated reports
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
mo more -T3 no need anymore of remote session test profile
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
I want to see what failing tests look like with new report.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
skip spotbugs for jetty-jmh
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
get rid of findbugs as we now have spotbugs
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
Revert "I want to see what failing tests look like with new report."
This reverts commit df0d13e4c53d7461872e1f925ec06bd36e4a66c9.
activate errorProne parser
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
make pmd quiet for CI
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
remove -fae flag and do not display transfer progress
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
try junitParser() to see what it does
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
junit parser is a bad idea...
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
increase timeout
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
no -T2 for javadoc
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
fix skip spotbugs and pmd verbose
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
* remove -T options
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
Removed the jetty-server and jetty-servlet test-jar artifacts.
The only one left is the jetty-maven-plugin test-jar.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
With this minimal change one can provide different cookie configs for the same SessionHandler
without coping the whole method into the inherited class.
Signed-off-by: Dejan Pecar <dejan.pecar@abacus.ch>
* Use File.list and File.walk within a try with resource
The API contract of File.list and File.walk requires them to be closed after use.
* Fix from review
Left out filter
* Fix from review
Factored out deleteFile with better debug
* Fix from review
Can delete files whilst walking
* Fix from review
Restored sweepFile
fixed minor code suggestions
HttpInput.run() now uses contentProvider.isReady() to ensure that
if there is no content, the fill interest is set.
AsyncContentProvider.isReady() is now looping if there is content
but it cannot be transformed (e.g. too few gzipped bytes).
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Writing content in separate writes may result in the server
only reading partial content, producing a response with
`Connection: close` that would cause the client socket to
stop receiving data for the next response, failing the test.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Issue #5605 unconsumed input on sendError
Add Connection:close if content can't be consumed during a sendError. Processed after the request has returned to the container.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Update from review
+ Add close on all uncommitted requests when content cannot be consumed.
* Update from review
+ fixed comment
+ space comma
* Only consume input in COMPLETE if response is >=200 (ie not an upgrade or similar)
* Updated to be less adventurous
I do not think it was valid to always consumeAll in COMPLETE as this could break upgrades with both 101s and 200s
Instead I have reverted to having this consumeAll logic only:
+ in sendError once control has passed back to the container and we are about to generate an error page.
+ in front of all the sendRedirection that we do without calling the application first.
Extra tests also added
* Updated to be less adventurous
reverted test
* Testcase for odd sendError(400) issue.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Fix for odd sendError(400) issue.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Testcase for odd sendError(400) issue.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Always try to consumeAll on all requests
* Refinements after testing in 10
* Refinements after testing in 10
Fixed test
* Fixed comment from review
* Updates from review
+ added redirect methods that consumeAll
+ ensureContentConsumedOrConnectionClose renamed to ensureConsumeAllOrNotPersistent
+ ensureConsumeAllOrNotPersistent now handles HTTP/1.0 and HTTP/1.1 differently
* better consumeAll implementation
* update from review
+ better javadoc
+ filter out keep-alive
+ added more tests
* update from review
+ better javadoc
* update from review
+ fixed form redirection test for http 1.0 and 1.1
* update from review
+ HttpGenerator removes keep-alive if close present
+ Use isRedirection
Co-authored-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
* For #5650 protect from bad SslSession
Better protection from a bad SslSession like seen in #5650
* review indicated that there is too much depth to defend. So just a little cleanup in this PR.
* Cleanup request/response recycle #4711
Reordered recycle in request and response to field order so that we can check that all fields are recycled.
* Fixed ordering of reader consumption
* update from review
* Fix#5562 Improve HTTP Field cache allocation
Fix#5562 by initially putting cacheable fields into a inexpensive arraylist.
Only create the Trie (with space and complexity costs) if a second request is received.
* Fixed NPE
* Feedback from review
Create `HttpHeader.isPseudo()`` method
improved clarity with `createFieldCacheIfNeeded()``
* Feedback from review
Only defer Trie creation to first cacheable field, not until next request.
* Updates from review
* Update from review
+ more javadoc
+ empty set return