Commit Graph

5495 Commits

Author SHA1 Message Date
Lachlan 2093f3822e Add TRANSFER_ENCODING violation for MultiPart RFC7578 parser. (#7976)
* Add TRANSFER_ENCODING violation for MultiPart RFC7578 parser.
* Ignore TRANSFER_ENCODING violation for 8bit and binary.

Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-05-12 15:51:53 +10:00
Lachlan 7a5ea2bac0
Merge pull request #7873 from eclipse/jetty-10.0.x-4414-gzipInflationExclusion
Issue #4414 - add option to exclude paths from GzipHandler request inflation
2022-05-09 15:58:19 +10:00
Joakim Erdfelt fcd0222d2c
Issue #7837 - fix compilation error
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-05-04 06:59:17 -05:00
Lachlan Roberts 39c478461b Fix StatisticsHandler in the case a Handler throws exception.
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-05-04 16:01:40 +10:00
Greg Wilkins 75f5cc68e4
Fixed flaky ssl fullMethod test (#7896)
* Fixed flaky test
2022-05-01 09:05:09 +02:00
Padraic Renaghan 1369693a99 Fix #7929 requestlog format string commented default
Signed-off-by: Padraic Renaghan <padraic@renaghan.com>
2022-04-27 18:40:07 -04:00
Greg Wilkins efd9f26024
Fix #7891 regex pathInfo (#7892)
Fix 7891 regex pathInfo

+ Use the pathSpec methods to set servletPath and pathInfo when possible

Signed-off-by: Greg Wilkins <gregw@webtide.com>
2022-04-25 08:30:31 +02:00
Lachlan Roberts 5c760ae5a3 Issue #4414 - add option to exclude paths from GzipHandler request inflation.
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-04-12 14:53:53 +10:00
markslater 8bcb842fbb
#7863 Include value of first accept-encoding header where multiple accept-encoding headers are given. (#7864)
Signed-off-by: markslater <mark.slater@mail.com>
2022-04-11 10:09:18 -05:00
Joakim Erdfelt 16420f0181
Set version to `10.0.10-SNAPSHOT` (#7823)
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-04-03 20:33:44 +10:00
Joakim Erdfelt f079949a35
Merge Release 10.0.9 (#7821)
* Updating to version 10.0.9

* Updating to version 10.0.10
2022-04-02 08:43:44 -05:00
jiang-cao 5117a58974
Fixes #7688 - Read data to native memory from HttpInput
Added `HttpInput.read(ByteBuffer buffer)`, so that applications can provide a native memory mapped `ByteBuffer` to read into.
2022-03-25 17:57:52 +01:00
Jaroslaw Rzeszotko a35719367b
Issue #7683 - Use direct buffers for gzip input/output, if configured.
Use direct buffers for gzip input/output, if configured.
Code cleanups.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2022-03-24 17:59:49 +01:00
Greg Wilkins e0788ab056
Fix #7615 encode relative URIs (#7765)
* Fix #7615 encode relative URIs

cherry-picked from 9c30caf247

Signed-off-by: Greg Wilkins <gregw@webtide.com>

* Fix #7615 encode relative URIs

fixed checkstyle

Signed-off-by: Greg Wilkins <gregw@webtide.com>
2022-03-22 13:45:27 -05:00
Joakim Erdfelt ae5c8e34e7
Issue #7617 - RequestLog content params extraction prevention (#7618) 2022-03-22 10:02:32 -05:00
Greg Wilkins cab9945430
Issue #7748 - allow override of path mapping behavior in ServletContextHandler (#7614)
Added protected method to ServletHandler to allow other servlet mappings (eg regex) in embedded/extended usage

Signed-off-by: Greg Wilkins <gregw@webtide.com>
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-03-22 09:48:09 +01:00
Lachlan Roberts 1d539c74c5 Merge remote-tracking branch 'origin/jetty-10.0.x' into jetty-10.0.x-well-known-listing 2022-02-22 17:13:28 +11:00
Lachlan Roberts 90f7d97dd2 PR #7544 - changes from review
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-02-22 17:12:33 +11:00
Jan Bartel 0b33877040
Issue #7344 - wait for forked jetty process (#7374)
* Issue #7344 Make plugin wait for forked jetty process to stop

Signed-off-by: Jan Bartel <janb@webtide.com>
2022-02-21 13:45:54 +01:00
Lachlan 533f2b1b56
Merge pull request #7576 from eclipse/jetty-10.0.x-7567-MultiPartGzip
Issue #7567 - don't compare params when checking MIME type for GzipHandler
2022-02-17 09:07:38 +11:00
Joakim Erdfelt f2e9680431
Honor parameters order when parsing query and form parameters (#7599) (#7605)
* Honor parameters order when parsing query and form parameters

When parsing the query or form parameters in Request, the values are stored in a MultiMap. This class extends HashMap which does not preserve the order of insertion so a request with parameters "first=1&second=2" might end up in a map where "second" will come first when iterating on the entry set. 

The order is necessary in some case where the request is signed off the body and/or the query parameters. When the order is not preserved, it is impossible to reconstruct the original request sent, unless using the Request::getInputStream which consumes the stream and makes subsequent calls to Request::getParameters to don't return the form parameters which can be misleading. The same behavior applied to query parameters, by using Request::getQueryString, you get the correct order but Request::getParameters will not.

Moreoever, if the application is behind a reverse proxy using Jetty that is proxying using Request::getParameters which consume the request InputStream, it will be completely impossible to reconstruct the original request.

* Added a test with parameter merging

Co-authored-by: Jacques-Etienne Beaudet <jebeaudet@gmail.com>
2022-02-16 11:34:30 -06:00
Joakim Erdfelt 292d6cda9f
Issue #7572 - make legit test exception less noisy (#7596) 2022-02-16 04:54:30 -06:00
Lachlan Roberts 21ec2f072f Issue #7567 - don't need to convert to lowercase with a AsciiLowerCaseSet
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-02-14 12:23:55 +11:00
Lachlan Roberts 0aa307db64 Issue #7567 - don't compare params when checking MIME type for GzipHandler
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-02-14 12:13:14 +11:00
Lachlan Roberts 16b070db01 Add option to allow well-known directories to be listed.
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-02-08 11:27:00 +11:00
Simone Bordet a4fda96f49
Updating to version 10.0.9-SNAPSHOT 2022-02-07 12:02:02 +01:00
Simone Bordet 716c7afd8e
Updating to version 10.0.8 2022-02-07 11:34:12 +01:00
Simone Bordet 9181457013
Updated copyright years.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2022-01-27 18:20:41 +01:00
Dell Green fba2ef09e9
Issue #6282 - Allow SecuredRedirectHandler status code to be configurable (#7441)
Signed-off-by: Dell Green <dell.green@ideaworks.co.uk>
2022-01-27 10:50:38 -06:00
Joakim Erdfelt cb127793e5
Happy New Year 2022 (#7459)
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-01-27 10:42:30 -06:00
mszabo-wikia fd2407c72f
Clarify that requestHeaderSize is a cumulative limit (#7417)
* Clarify that requestHeaderSize is a cumulative limit

HttpConfiguration documents the requestHeaderSize configuration option
as being a limit on the size of a single request header, but it is in
fact a limit on the cumulative size of all request headers as well as
the request URI. This patch updates the documentation accordingly, and
adds test cases for the HTTP/1.x and HTTP/2 parsers to verify the
behavior.

NB.: the HTTP/3 parser and configuration seem to correctly document this
option as being a global limit on header size.

* Improve requestHeaderSize tests and documentation per review

Signed-off-by: Máté Szabó <mszabo@wikia-inc.com>
2022-01-19 11:56:27 -06:00
Jan Bartel 0613818c5e
Issue #7375 Request scoped sessions (#7390)
Signed-off-by: Jan Bartel <janb@webtide.com>
2022-01-14 15:39:38 +11:00
Ludovic Orban f0810c0fa4 #7281 review test suite to improve code coverage
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2022-01-13 15:06:32 +01:00
Ludovic Orban 09c1b06399 #7281 add special case for zero-length content
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2022-01-13 15:06:32 +01:00
Ludovic Orban 5a551a832b #7281 check that at least one byte of raw content is consumed by the interceptor and clarify its javadoc
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2022-01-13 15:06:32 +01:00
Ludovic Orban 0fb3079c90 #7281 improve isSpecial javadoc
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2022-01-13 15:06:32 +01:00
Ludovic Orban 5cad97e134 #7281 rewrite nextTransformedContent
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2022-01-13 15:06:32 +01:00
Ludovic Orban 1682265a00 #7281 add more tests and fix shortcomings
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2022-01-13 15:06:32 +01:00
Ludovic Orban ec9846c116 #7281 add Interceptor javadoc
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2022-01-13 15:06:32 +01:00
Ludovic Orban 91f29a04a9 #7281 pass special content to interceptors
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2022-01-13 15:06:32 +01:00
Simone Bordet b51465f91a
Fixes #7369 - Document CustomRequestLog (#7370)
* Fixes #7369 - Document CustomRequestLog

Introduced `JavadocIncludeExtension` to include javadoc snippets in the documentation.
Added documentation about request logging.
Updated `CustomRequestLog` javadocs.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2022-01-12 10:27:53 +01:00
Joakim Erdfelt 1984d2de11
Issue #7277 - Allow `Request.getLocalName()` and `.getLocalPort()` to be overridden (#7357)
* Issue #7277 - Allow `Request.getLocalName()` and `.getLocalPort()` to be overridden (#7316)

* Introduce `HttpConfiguration.setServerAuthority(HostPort)`
  to influence `ServletRequest.getServerName()` and `ServletRequest.getServerPort()`
* Introduce `HttpConfiguration.setLocalAddress(SocketAddress)`
  to influence `ServletRequest.getLocalName()`, `ServletRequest.getLocalPort()`, and `ServletRequest.getLocalAddr()`
* Correcting Request URI logic on abs-uri without authority
* Adding test cases

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-01-06 08:01:08 -06:00
Jan Bartel 5aa598efd5
Issue #7313 Add AttributeContainerMap as bean to server for all constructors. (#7317)
Signed-off-by: Jan Bartel <janb@webtide.com>
2022-01-04 14:10:58 +11:00
Joakim Erdfelt 3c02a03a38
Issue #6973 - Setup Request/Response objects for success with RequestLog (#7183)
* Issue #6973 - Setup Request/Response objects for success with RequestLog

+ Prevents reading of Request body parameters
+ Still allows raw Request.getInputStream() and
  Request.getReader() usage
+ Restores committed response status code.
+ Does not rest committed response headers.
+ Adding testcase for post-commit response header
  issue. (currently disabled)
+ Remove Request.onRequestLog()
+ Move requestlog calling from HttpChannel to Request.onCompleted
+ address scenario where HttpChannel is null

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-12-28 20:11:52 -06:00
Simone Bordet dc5ffe1a8e Issue #6728 - QUIC and HTTP/3
- Made HttpChannelOverHTTP3.needContent() to look for content if none is immediately available.
- Improved javadocs.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-12-20 09:33:38 +01:00
Simone Bordet 23111b744f Issue #6728 - QUIC and HTTP/3
- Made BlockingContentProducer.onContentProducible() idempotent by checking if the input
is unready before releasing the semaphore.
This is necessary because HTTP/3 will call onContentProducible() just after receiving the request,
while other protocols assume that content is producible and only call onContentProducible()
when they read all the available content.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-12-20 09:33:38 +01:00
Ludovic Orban 44fb63e541 #7284 cleanup HttpInput reopen/recycle
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2021-12-16 14:19:56 +01:00
Ludovic Orban 12b14c5850 #7280 destroy interceptor when content producer gets recycled
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2021-12-15 11:13:58 +01:00
Lachlan e345ee28a5
Issue #7059 - prevent an internal NPE in AllowedResourceAliasChecker doStart (#7076)
- prevent an internal NPE in AllowedResourceAliasChecker doStart
- Fix LifeCycle issues with AllowedResourceAliasChecker
- add null check for protected targets in toString.
- improve warning message for AllowedResourceAliasChecker
- add AllowedResourceAliasCheckerTest
2021-12-07 09:37:11 +11:00
Lachlan 9b501022d5
Merge pull request #7166 from eclipse/jetty-10.0.x-6974-ByteBufferPool
Issue #6974 - improvements & fixes to ByteBufferPool implementations (#7017)
2021-12-03 14:46:16 +11:00