Commit Graph

1414 Commits

Author SHA1 Message Date
Gary Gregory 0efee0bf95 Use String#isEmpty() 2023-11-28 17:46:42 -05:00
Ludovic Orban 65c8b58843 #9900 backport Accurate implementation of H2 Request.beginNanoTime()
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2023-11-27 15:30:56 +01:00
Simone Bordet f82844e2a2 Fixes #10891 - Support the "Partitioned" cookie attribute.
Added support in oej.http.HttpCookie.
Bridged support for Servlet cookies via the cookie Comment attribute.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2023-11-19 17:37:18 +01:00
Joakim Erdfelt 43eb08b146
Backport #10540 to `jetty-10.0.x` Fixed deadlock in class initialization. (#10545)
* Fixed deadlock in class initialization. (#10540)

* Thread T1 may initialize HttpTester.Message that extends MutableHttpFields, so grabs the lock for the initialization of class MutableHttpFields.
* Thread T2 may initialize HttpFields, so grabs the lock for HttpFields and initializes field EMPTY, which calls new MutableHttpFields.
* To initialize MutableHttpFields, T1 must initialize HttpFields, but sees that its lock is taken and waits.
* To initialize HttpFields, T2 must create an instance and therefore initialize MutableHttpFields, but sees that its lock is taken and waits.
* Deadlock.

The solution is to use another class, EmptyHttpFields, to initialize HttpFields.EMPTY, so that there is no deadlock.

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
2023-09-18 13:00:11 -05:00
Ludovic Orban 1965a943f9 #9928 backport Request.beginNanoTime() from 12.0.x
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2023-08-31 09:25:54 +02:00
Greg Wilkins 003e46cae4
Various cleanups in HttpParser (#10329)
Various cleanups in HttpParser
Signed-off-by: gregw <gregw@webtide.com>

---------

Signed-off-by: gregw <gregw@webtide.com>
2023-08-18 17:09:17 +10:00
yokotaso e33d026259 chore: Fix javadoc following the source code 2023-08-17 17:01:14 +02:00
Basil Crow 73dfac9732
Use non-deprecated WOFF MIME type (#9922)
Signed-off-by: Basil Crow <me@basilcrow.com>
2023-06-22 11:47:53 +02:00
Lachlan Roberts c855f4ca55 PR #9798 - changes from review
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2023-05-26 17:19:54 +10:00
Lachlan Roberts dca4e9832e review and cleanup of HTTP/3 Integer and String encoding
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2023-05-25 23:09:24 +10:00
Lachlan a8c9eea75b
Merge pull request #9634 from eclipse/jetty-10.0.x-9554-qpack-hpack
Issue #9554 - move common hpack/qpack code to jetty-http (jetty-10)
2023-05-08 12:48:48 +10:00
Lachlan Roberts 03d6afae91 Issue #9554 - rename NBitIntegerParser and NBitStringParser to decoders
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2023-05-04 09:31:20 +10:00
Lachlan Roberts 2d935efe4d Issue #9554 - changes from review
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2023-05-04 09:26:31 +10:00
Simone Bordet d4e9f6a520
Fixes #7091 - Add SOCKS5 support.
Spin-off of the work in #9653.
Simplified the implementation, fixed a few mistakes, added more tests.
Made the implementation of Socks5.Authentication more extensible (for example to implement GSSAPI authentication).
Updated documentation.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2023-05-03 19:40:55 +02:00
Lachlan Roberts 0e5a8d6bc0 align the vchar javadoc in HttpTokens.sanitizeFieldVchar
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2023-05-02 12:10:09 +10:00
Lachlan Roberts c2d2c1eadb Issue #9554 - changes from review
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2023-05-01 19:23:57 +10:00
Lachlan Roberts d0294fc10c Issue #9554 - changes from review
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2023-05-01 18:05:55 +10:00
Lachlan Roberts a7b0b727dd Issue #9554 - add javadoc for huffman / n-bit integer classes and remove static decode methods
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2023-04-18 15:24:59 +10:00
Lachlan Roberts 09e6e6b211 Issue #9554 - add javadoc for illegal vchar methods and move to HttpTokens
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2023-04-18 10:46:29 +10:00
Lachlan Roberts c3b6b47915 Use ISO-8859-1 for encoding/decoding in huffman/hpack/qpack
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2023-04-17 17:11:14 +10:00
Lachlan Roberts ebec7d2ea3 Issue #9554 - move common hpack/qpack code to jetty-http
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2023-04-11 16:51:37 +10:00
Joakim Erdfelt 17aa0c5ab9
Fixing #9517 - bad url-pattern prefix match behavior (#9518)
* Fixing #9517 - bad url-pattern prefix match behavior

Fixed regression where `/foo/*` was incorrectly matching `/foobar`.

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Signed-off-by: gregw <gregw@webtide.com>
Co-authored-by: gregw <gregw@webtide.com>
2023-03-20 17:53:40 +01:00
Greg Wilkins 659f16d1c0
Fix #9468 Space in Cookie name (#9471)
Added a violation to allow unquoted spaces in cookie values

Signed-off-by: gregw <gregw@webtide.com>
2023-03-08 21:07:14 +01:00
Greg Wilkins 4d146412c8
Fix #9334 Cookie Compliance (#9402)
Fix incorrect change to RFC6265 to not support dollars in cookie names.

Signed-off-by: gregw <gregw@webtide.com>
2023-02-21 21:31:43 +11:00
gregw 7a7d69a69f Happy no year
Remove modification date from copyright notice and instead just have the
project inception year.

Signed-off-by: gregw <gregw@webtide.com>
2023-02-15 15:22:32 +11:00
gregw 53fa2489b2 fixed commented out test in CookieCutterTest
Signed-off-by: gregw <gregw@webtide.com>
2023-02-15 08:55:23 +11:00
Simone Bordet 7b8c2c1bf0
Fix/jetty 10 9334 review cookie cutter (#9339)
Cookie cleanup
+ New Cookie parser with clearer focus on RFC6265.
+ Better compliance modes for RFC2965
+ Introduced CookieParser interface so that old and new parsers can coexist and be selected by compliance mode.

---------

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Co-authored-by: Greg Wilkins <gregw@webtide.com>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
2023-02-15 08:38:24 +11:00
Greg Wilkins 3a7865546c
Updated javascript mimetypes (#9347)
+ Updated js to text/javascript
 + added mjs extension

Signed-off-by: gregw <gregw@webtide.com>
2023-02-14 18:07:48 +11:00
Greg Wilkins 5f25f5b389
Fix/jetty 10.0.x/uri host mismatch alt (#9343)
* Introduce HttpCompliance.MISMATCHED_AUTHORITY

* Update HttpCompliance.RFC2616

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>

* Update NcsaRequestLogTest.testAbsolute

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>

* Use RFC2616 mode in RFC2616 tests

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>

* Alternative fix for mismatched host headers

This PR fixes the miss-matched host header issue in the Request.setMetaData method. This requires no change to the HttpParser.
A more comprehensive fix can be considered for jetty-12.

Signed-off-by: gregw <gregw@webtide.com>

* Alternative fix for mismatched host headers

Updates from review

Signed-off-by: gregw <gregw@webtide.com>

---------

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Signed-off-by: gregw <gregw@webtide.com>
Co-authored-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2023-02-14 07:43:19 +11:00
Joakim Erdfelt 016de2faeb
Jetty 10 - Configurable Unsafe Host Header (#9283)
* Adding HttpCompliance.DUPLICATE_HOST_HEADERS
  + Optional compliance that allowance duplicate host headers.
* Adding HttpCompliance.UNSAFE_HOST_HEADER
  + Optional compliance that allows unsafe host headers.
* Adding warning logging for bad Host / authority situations

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2023-02-03 08:30:07 -06:00
Greg Wilkins 4916377686
PathMappings optimizations (#9055)
* Avoid iterations if only ServletPathSpec instances
* Avoid tests for empty mappings.
* Better reset implementation
* More test coverage
2022-12-20 11:08:40 +11:00
Joakim Erdfelt 793bee9e14
Issue #8716 - Handle bad host/authority headers better (#8717)
* Issue #8716 - Handle bad host/authority headers better
* Remove extra `Host` header in testcase that doesn't deal with bad Host headers
* Create URIUtil.isRegName
* Correcting HostPortTest.testValidAuthority
* Correcting RequestTest.testInvalidHostHeader
* Remove clonable, set to final

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-11-08 18:08:20 -06:00
Joakim Erdfelt 3faa2fcd16
Issue #8628 - pseudo restore PathMappings.getMatch(String)
+ This returns a MappedResource, but not
  the stored instance, but a new instance
  of MappedResource every time.

+ Flagged deprecated APIs for removal
  as well

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-09-28 11:25:16 -05:00
Simone Bordet 77ad0189ba
Fixes #8532 - Review System.nanoTime() usages. (#8535)
* Fixes #8532 - Review System.nanoTime() usages.

Introduced o.e.j.util.NanoTime class to deal with nanoTimes.

Now NanoTime.now() should be used instead of System.nanoTime(),
and various <unit>[elapsed|since|until]() methods to calculate nanoTimes.

Furthermore, comparing 2 nanoTimes should be done via isBefore(),
rather than using the < operator, which is wrong as specified in
the System.nanoTime() javadocs.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2022-09-06 09:30:02 +02:00
Joakim Erdfelt 5fddbf9bb1
Issue #8184 - Correcting match logic for multiple servlet suffix url-pattern (#8185)
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-06-21 15:24:39 -05:00
Joakim Erdfelt 1b4f941942
RegexPathSpec documentation and MatchedPath improvements (#8163)
* More documentation

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-06-16 13:53:04 -05:00
Joakim Erdfelt d63569d025
Migrate code from jetty-util Logger to slf4j Logger (#8162)
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-06-15 20:01:48 +02:00
Joakim Erdfelt 8de55150fe
Cherry-pick of Improvements to PathSpec for Jetty 10.0.x (#8136)
* Cherry-pick of Improvements to PathSpec.
* From commit: 5b4d1dd1c6
* Fixing ConstraintSecurityHandler usage of PathMappings
* Fixing bad INCLUDE logic from cherry-pick in ServletHandler.doScope()
* Cleanup of non ServletPathSpec behaviors in ServletPathMapping class
* Skip optional group name/info lookup if regex fails.
* Prevent NPE on static servletPathMappings
* Update WebSocketMappings to use new PathMappings.getMatched(String)

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-06-08 12:36:30 -05:00
Greg Wilkins 7a1c165677
Implement #8057 103 Early Hint (#8058)
Co-authored-by: Ludovic Orban <lorban@bitronix.be>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
2022-06-01 11:56:54 +10:00
Simone Bordet d1e64f4693
Fixes #8014 - Review HttpRequest URI construction. (#8015)
Fixes #8014 - Review HttpRequest URI construction.

Now always adding a "/" before the path, if not already present.
Disabled flakey HTTP/3 test.
Parse CONNECT URIs as Authority

Co-authored-by: Greg Wilkins <gregw@webtide.com>
2022-05-26 18:13:17 +10:00
Greg Wilkins e12d5d58b6
Jetty 10 7918 root pathspec (#7920)
Fix #7918 Root path spec
Handle root pathspec in PathMappings.asPathSpec
Introduce protected asPathSpec to allow for extensibility

Signed-off-by: Greg Wilkins <gregw@webtide.com>
2022-04-26 19:04:17 +02:00
Greg Wilkins 5fc63bf8e8
Issue #7748 - Merge PathSpec improvements made in 9.4.x (#7845)
* Fixes to backport of #7748

+ Backport of #7748
+ Fix RegexPathSpec pathInfo
+ Fix UriTemplatePathSpec pathInfo
+ Test regression option to 93 behaviour

* small optimization

Signed-off-by: Greg Wilkins <gregw@webtide.com>
2022-04-06 11:14:52 +02:00
Jaroslaw Rzeszotko a35719367b
Issue #7683 - Use direct buffers for gzip input/output, if configured.
Use direct buffers for gzip input/output, if configured.
Code cleanups.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2022-03-24 17:59:49 +01:00
Joakim Erdfelt cb127793e5
Happy New Year 2022 (#7459)
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-01-27 10:42:30 -06:00
mszabo-wikia fd2407c72f
Clarify that requestHeaderSize is a cumulative limit (#7417)
* Clarify that requestHeaderSize is a cumulative limit

HttpConfiguration documents the requestHeaderSize configuration option
as being a limit on the size of a single request header, but it is in
fact a limit on the cumulative size of all request headers as well as
the request URI. This patch updates the documentation accordingly, and
adds test cases for the HTTP/1.x and HTTP/2 parsers to verify the
behavior.

NB.: the HTTP/3 parser and configuration seem to correctly document this
option as being a global limit on header size.

* Improve requestHeaderSize tests and documentation per review

Signed-off-by: Máté Szabó <mszabo@wikia-inc.com>
2022-01-19 11:56:27 -06:00
Simone Bordet 3042f2b2bf
Fixes #7348 - Slow CONNECT request causes NPE (#7349) (#7352)
* Fixes #7348 - Slow CONNECT request causes NPE (#7349)

Added NPE guard in `HttpReceiverOverHTTP.onUpgradeFrom()`.
Expanded logic in `HttpReceiverOverHTTP.parse()` to return true in case of CONNECT + 200.

Fixed `ProxyConnection.toConnectionString()` to avoid NPEs.

Fixed `HttpClientTest.testCONNECTWithHTTP10()` logic
after changes to fix this issue.

Now a tunneled connection is not put back into the connection pool,
and if applications explicitly want to use it, they must re-enable
fill interest, similarly to what should be done after upgrade+101.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
(cherry picked from commit 5eb7b70df7)
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2022-01-06 11:08:12 +01:00
Simone Bordet 578ae30311 Issue #6728 - QUIC and HTTP/3
Added http3 Jetty module and distribution test.
Implemented simple logic to send the Alt-Svc header in HTTP/2 responses.
Updated JNA dependency to use jna-jpms.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-12-20 09:33:38 +01:00
Lachlan Roberts a95fe3bfb8 Improvements & bug fixes from testing
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-12-20 09:33:38 +01:00
Lachlan Roberts 3a6a3e094d Use MetaData instead of HttpFields for QPACK
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-12-20 09:33:38 +01:00
Lachlan Roberts da50072cc8 The QpackEncoder should be able to use PreEncodedHttpFields.
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-12-20 09:33:38 +01:00