Commit Graph

5514 Commits

Author SHA1 Message Date
Joakim Erdfelt 64d12e2a5a
Merge Release 10.0.11 back into `jetty-10.0.x` branch (#8194)
* Updating to version 10.0.11

* Updating to version 10.0.12-SNAPSHOT
2022-06-22 16:24:48 -05:00
Joakim Erdfelt c2bc103cb9
Merge Release 10.0.10 back into `jetty-10.0.x` (#8180)
* Updating to version 10.0.11-SNAPSHOT
2022-06-21 14:41:41 +02:00
Joakim Erdfelt ad757df736
Removing invalid maxConnections references (#8175)
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-06-17 15:56:04 -05:00
Joakim Erdfelt d63569d025
Migrate code from jetty-util Logger to slf4j Logger (#8162)
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-06-15 20:01:48 +02:00
Lachlan 0699bc5326
Use static exceptions for closing websocket flushers and in ContentProducer (#8155)
* Use StaticException class in jetty-util for websocket flushers.
* Use StaticException class for ContentProducer recycle and consumeAll

Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
Co-authored-by: Ludovic Orban <lorban@bitronix.be>
2022-06-13 14:11:31 +02:00
Jan Bartel d725855194
Issue #8088 Add STOP.EXIT System property to configure ShutdownMonitor.exitVm (#8133)
* Issue #8088 Add STOP.EXIT System property to configure ShutdownMonitor.exitVm (#8089)

* Issue #8088 Add STOP.EXIT System property to configure ShutdownMonitor.exitVM

* Ensure missing STOP.EXIT doesn't override default exitVm=true

* Disable another test

* Disable test that might not work, depending on test execution order.
2022-06-09 08:06:55 +10:00
Joakim Erdfelt 8de55150fe
Cherry-pick of Improvements to PathSpec for Jetty 10.0.x (#8136)
* Cherry-pick of Improvements to PathSpec.
* From commit: 5b4d1dd1c6
* Fixing ConstraintSecurityHandler usage of PathMappings
* Fixing bad INCLUDE logic from cherry-pick in ServletHandler.doScope()
* Cleanup of non ServletPathSpec behaviors in ServletPathMapping class
* Skip optional group name/info lookup if regex fails.
* Prevent NPE on static servletPathMappings
* Update WebSocketMappings to use new PathMappings.getMatched(String)

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-06-08 12:36:30 -05:00
Jan Bartel 3caee26742
Jetty 10.0.x 7801 duplicate set session cookie (#7808)
* Issue #7801 Duplicate set session cookie after id change.

Signed-off-by: Jan Bartel <janb@webtide.com>
2022-06-08 10:15:24 +10:00
Joakim Erdfelt 944ce6354f
Fixing #7975 - ForwardedRequestCustomizer should clear old MethodHandles when renaming headers. (#8102)
* Adding test case to prove report
* Fixing updateHandles() to clear the stored handles list.

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-06-02 14:17:26 -05:00
Joakim Erdfelt 2850db13e2
Fixes #7818 - Regression: allow HttpChannel.Listener.onResponseBegin to modify response headers (#7850)
* allow HttpChannel.Listener.onResponseBegin to modify response headers

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-06-01 13:12:40 -05:00
Greg Wilkins 7a1c165677
Implement #8057 103 Early Hint (#8058)
Co-authored-by: Ludovic Orban <lorban@bitronix.be>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
2022-06-01 11:56:54 +10:00
Lachlan 94e40a93cc
Merge pull request #7983 from eclipse/jetty-10.0.x-1771-secureRedirectHandler
Issue #1771 - add module for secure redirect
2022-05-30 11:58:52 +10:00
Simone Bordet d1e64f4693
Fixes #8014 - Review HttpRequest URI construction. (#8015)
Fixes #8014 - Review HttpRequest URI construction.

Now always adding a "/" before the path, if not already present.
Disabled flakey HTTP/3 test.
Parse CONNECT URIs as Authority

Co-authored-by: Greg Wilkins <gregw@webtide.com>
2022-05-26 18:13:17 +10:00
Lachlan Roberts a61f1458e6 Merge remote-tracking branch 'origin/jetty-10.0.x' into jetty-10.0.x-legacyMultipartParser 2022-05-25 16:56:54 +10:00
Lachlan Roberts ed122dfa3c update description in secure-redirect.mod
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-05-25 15:22:08 +10:00
Lachlan Roberts 32ed6fab9c Issue #1771 - changes from review
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-05-24 16:53:20 +10:00
Lachlan Roberts 365fa76db3 Issue #1771 - add module for secure redirect
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-05-24 16:53:20 +10:00
Joakim Erdfelt 546c382255
Issue #7858 - GzipHandler request.isHandled support (#8013)
* Better conditional logic in GzipHandler
* Correct test expectations
* Use super.handle() where appropriate

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-05-18 15:12:16 -05:00
Lachlan Roberts f2e59a01b1 Add compliance mode for LEGACY multipart parser in Jetty 10+
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-05-17 10:58:12 +10:00
Lachlan 2093f3822e Add TRANSFER_ENCODING violation for MultiPart RFC7578 parser. (#7976)
* Add TRANSFER_ENCODING violation for MultiPart RFC7578 parser.
* Ignore TRANSFER_ENCODING violation for 8bit and binary.

Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-05-12 15:51:53 +10:00
Lachlan 7a5ea2bac0
Merge pull request #7873 from eclipse/jetty-10.0.x-4414-gzipInflationExclusion
Issue #4414 - add option to exclude paths from GzipHandler request inflation
2022-05-09 15:58:19 +10:00
Joakim Erdfelt fcd0222d2c
Issue #7837 - fix compilation error
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-05-04 06:59:17 -05:00
Lachlan Roberts 39c478461b Fix StatisticsHandler in the case a Handler throws exception.
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-05-04 16:01:40 +10:00
Greg Wilkins 75f5cc68e4
Fixed flaky ssl fullMethod test (#7896)
* Fixed flaky test
2022-05-01 09:05:09 +02:00
Padraic Renaghan 1369693a99 Fix #7929 requestlog format string commented default
Signed-off-by: Padraic Renaghan <padraic@renaghan.com>
2022-04-27 18:40:07 -04:00
Greg Wilkins efd9f26024
Fix #7891 regex pathInfo (#7892)
Fix 7891 regex pathInfo

+ Use the pathSpec methods to set servletPath and pathInfo when possible

Signed-off-by: Greg Wilkins <gregw@webtide.com>
2022-04-25 08:30:31 +02:00
Lachlan Roberts 5c760ae5a3 Issue #4414 - add option to exclude paths from GzipHandler request inflation.
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-04-12 14:53:53 +10:00
markslater 8bcb842fbb
#7863 Include value of first accept-encoding header where multiple accept-encoding headers are given. (#7864)
Signed-off-by: markslater <mark.slater@mail.com>
2022-04-11 10:09:18 -05:00
Joakim Erdfelt 16420f0181
Set version to `10.0.10-SNAPSHOT` (#7823)
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-04-03 20:33:44 +10:00
Joakim Erdfelt f079949a35
Merge Release 10.0.9 (#7821)
* Updating to version 10.0.9

* Updating to version 10.0.10
2022-04-02 08:43:44 -05:00
jiang-cao 5117a58974
Fixes #7688 - Read data to native memory from HttpInput
Added `HttpInput.read(ByteBuffer buffer)`, so that applications can provide a native memory mapped `ByteBuffer` to read into.
2022-03-25 17:57:52 +01:00
Jaroslaw Rzeszotko a35719367b
Issue #7683 - Use direct buffers for gzip input/output, if configured.
Use direct buffers for gzip input/output, if configured.
Code cleanups.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2022-03-24 17:59:49 +01:00
Greg Wilkins e0788ab056
Fix #7615 encode relative URIs (#7765)
* Fix #7615 encode relative URIs

cherry-picked from 9c30caf247

Signed-off-by: Greg Wilkins <gregw@webtide.com>

* Fix #7615 encode relative URIs

fixed checkstyle

Signed-off-by: Greg Wilkins <gregw@webtide.com>
2022-03-22 13:45:27 -05:00
Joakim Erdfelt ae5c8e34e7
Issue #7617 - RequestLog content params extraction prevention (#7618) 2022-03-22 10:02:32 -05:00
Greg Wilkins cab9945430
Issue #7748 - allow override of path mapping behavior in ServletContextHandler (#7614)
Added protected method to ServletHandler to allow other servlet mappings (eg regex) in embedded/extended usage

Signed-off-by: Greg Wilkins <gregw@webtide.com>
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-03-22 09:48:09 +01:00
Lachlan Roberts 1d539c74c5 Merge remote-tracking branch 'origin/jetty-10.0.x' into jetty-10.0.x-well-known-listing 2022-02-22 17:13:28 +11:00
Lachlan Roberts 90f7d97dd2 PR #7544 - changes from review
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-02-22 17:12:33 +11:00
Jan Bartel 0b33877040
Issue #7344 - wait for forked jetty process (#7374)
* Issue #7344 Make plugin wait for forked jetty process to stop

Signed-off-by: Jan Bartel <janb@webtide.com>
2022-02-21 13:45:54 +01:00
Lachlan 533f2b1b56
Merge pull request #7576 from eclipse/jetty-10.0.x-7567-MultiPartGzip
Issue #7567 - don't compare params when checking MIME type for GzipHandler
2022-02-17 09:07:38 +11:00
Joakim Erdfelt f2e9680431
Honor parameters order when parsing query and form parameters (#7599) (#7605)
* Honor parameters order when parsing query and form parameters

When parsing the query or form parameters in Request, the values are stored in a MultiMap. This class extends HashMap which does not preserve the order of insertion so a request with parameters "first=1&second=2" might end up in a map where "second" will come first when iterating on the entry set. 

The order is necessary in some case where the request is signed off the body and/or the query parameters. When the order is not preserved, it is impossible to reconstruct the original request sent, unless using the Request::getInputStream which consumes the stream and makes subsequent calls to Request::getParameters to don't return the form parameters which can be misleading. The same behavior applied to query parameters, by using Request::getQueryString, you get the correct order but Request::getParameters will not.

Moreoever, if the application is behind a reverse proxy using Jetty that is proxying using Request::getParameters which consume the request InputStream, it will be completely impossible to reconstruct the original request.

* Added a test with parameter merging

Co-authored-by: Jacques-Etienne Beaudet <jebeaudet@gmail.com>
2022-02-16 11:34:30 -06:00
Joakim Erdfelt 292d6cda9f
Issue #7572 - make legit test exception less noisy (#7596) 2022-02-16 04:54:30 -06:00
Lachlan Roberts 21ec2f072f Issue #7567 - don't need to convert to lowercase with a AsciiLowerCaseSet
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-02-14 12:23:55 +11:00
Lachlan Roberts 0aa307db64 Issue #7567 - don't compare params when checking MIME type for GzipHandler
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-02-14 12:13:14 +11:00
Lachlan Roberts 16b070db01 Add option to allow well-known directories to be listed.
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-02-08 11:27:00 +11:00
Simone Bordet a4fda96f49
Updating to version 10.0.9-SNAPSHOT 2022-02-07 12:02:02 +01:00
Simone Bordet 716c7afd8e
Updating to version 10.0.8 2022-02-07 11:34:12 +01:00
Simone Bordet 9181457013
Updated copyright years.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2022-01-27 18:20:41 +01:00
Dell Green fba2ef09e9
Issue #6282 - Allow SecuredRedirectHandler status code to be configurable (#7441)
Signed-off-by: Dell Green <dell.green@ideaworks.co.uk>
2022-01-27 10:50:38 -06:00
Joakim Erdfelt cb127793e5
Happy New Year 2022 (#7459)
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-01-27 10:42:30 -06:00
mszabo-wikia fd2407c72f
Clarify that requestHeaderSize is a cumulative limit (#7417)
* Clarify that requestHeaderSize is a cumulative limit

HttpConfiguration documents the requestHeaderSize configuration option
as being a limit on the size of a single request header, but it is in
fact a limit on the cumulative size of all request headers as well as
the request URI. This patch updates the documentation accordingly, and
adds test cases for the HTTP/1.x and HTTP/2 parsers to verify the
behavior.

NB.: the HTTP/3 parser and configuration seem to correctly document this
option as being a global limit on header size.

* Improve requestHeaderSize tests and documentation per review

Signed-off-by: Máté Szabó <mszabo@wikia-inc.com>
2022-01-19 11:56:27 -06:00