Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
28,870 Commits 70 Branches 462 Tags 370 MiB
Commit Graph

28870 Commits

Author SHA1 Message Date
Ludovic Orban a3adb66a7b
Fix checkstyle after 11.0.x merge (#10544) 
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
 2023-09-18 11:58:00 +02:00
Simone Bordet 32227570e5
Fixed deadlock in class initialization. (#10540) 
* Thread T1 may initialize HttpTester.Message that extends MutableHttpFields, so grabs the lock for the initialization of class MutableHttpFields.
* Thread T2 may initialize HttpFields, so grabs the lock for HttpFields and initializes field EMPTY, which calls new MutableHttpFields.
* To initialize MutableHttpFields, T1 must initialize HttpFields, but sees that its lock is taken and waits.
* To initialize HttpFields, T2 must create an instance and therefore initialize MutableHttpFields, but sees that its lock is taken and waits.
* Deadlock.

The solution is to use another class, EmptyHttpFields, to initialize HttpFields.EMPTY, so that there is no deadlock.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2023-09-18 17:37:03 +10:00
Greg Wilkins 09710c7cb6
Fix jetty 12 javadoc (#10527) 
Fixes for javadoc warnings
 2023-09-18 17:30:02 +10:00
Greg Wilkins 4e27d308df
Fix parsing of JSESSIONID only (#10479) 
Improved parsing of JSESSIONID cookies and jsessionid parameters.
Better handling of invalid and duplicate session IDs

Co-authored-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Co-authored-by: Jan Bartel <janb@webtide.com>
 2023-09-18 17:27:28 +10:00
gregw fb80522675 Merge remote-tracking branch 'origin/jetty-11.0.x' into jetty-12.0.x 2023-09-18 17:25:11 +10:00
gregw 9d96b4fc74 Merge remote-tracking branch 'origin/jetty-10.0.x' into jetty-11.0.x 2023-09-18 16:08:28 +10:00
Greg Wilkins 3c76f82594
Allow session idle timeout to be configured on authentication. (#10511) 
Allow session idle timeout to be configured on authentication.

Signed-off-by: gregw <gregw@webtide.com>
 2023-09-18 15:53:35 +10:00
Olivier Lamy 057e9eee5e
jetty 12.0.x upgrade dependencies (#10507) 
* Junit 5.10.0

Signed-off-by: Olivier Lamy <olamy@apache.org>

* slf4j 2.0.9

Signed-off-by: Olivier Lamy <olamy@apache.org>

* hazecast 5.3.2

Signed-off-by: Olivier Lamy <olamy@apache.org>

* pax exam 4.13.5, pax url 2.6.14

Signed-off-by: Olivier Lamy <olamy@apache.org>

* mariadb client 3.2.0

Signed-off-by: Olivier Lamy <olamy@apache.org>

* logback 1.4.11

Signed-off-by: Olivier Lamy <olamy@apache.org>

* 4.1.97

Signed-off-by: Olivier Lamy <olamy@apache.org>

* add exclusions

Signed-off-by: Olivier Lamy <olamy@apache.org>

---------

Signed-off-by: Olivier Lamy <olamy@apache.org>
 2023-09-17 01:17:53 +02:00
Olivier Lamy b29b452f39
Issue #10441 ee8 jaspi module is missing (#10444) 
* Issue #10441 ee8 jaspi module is missing

Signed-off-by: Olivier Lamy <olamy@apache.org>

* fix parent pom version

Signed-off-by: Olivier Lamy <olamy@apache.org>

---------

Signed-off-by: Olivier Lamy <olamy@apache.org>
 2023-09-16 05:58:40 +02:00
Joakim Erdfelt dfd82a01d4
Issue #10500 - preserve request header quoting when accessed through `JettyHttpExchangeDelegate` (#10503) 
* Issue #10500 - preserve request header quoting when accessed through JettyHttpExchangeDelegate
* improve test cases with quoted-pair feature in RFC
* add skip of value lists on specific headers known to not have value lists
* Remove URL usage
* Changes from review
 2023-09-15 16:54:09 -05:00
Joakim Erdfelt 231eaf8f05
Issue #10475 - update Bundle-Copyright 2023-09-15 10:34:07 -05:00
Joakim Erdfelt fd88723cad
Cleanup of start properties usages in `jetty-10.0.x` (#10365) 
* Cleanup start properties usages

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
 2023-09-15 09:59:06 -05:00
Simone Bordet 293bab9316
Small fix to migration guide documentation. 
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2023-09-15 15:45:23 +02:00
Simone Bordet f47cc15724
Merged branch 'jetty-11.0.x' into 'jetty-12.0.x'. 
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2023-09-15 09:27:48 +02:00
Joakim Erdfelt 1bfe69eeba
Fixing CVE number for CGI servlet deprecation (#10523) 2023-09-15 09:24:20 +02:00
Olivier Lamy 927546309e
do not run this in parallel as some conflicted jdni entries with ServerWithJNDITest (#10526) 
Signed-off-by: Olivier Lamy <olamy@apache.org>
 2023-09-15 08:37:19 +02:00
Olivier Lamy dfc0fc88a1
Add javadoc warning report in Jenkins so we will be able to measure progress with that :) (#10524) 
* add javadoc warning report

Signed-off-by: Olivier Lamy <olamy@apache.org>

* javadoc parser

Signed-off-by: Olivier Lamy <olamy@apache.org>

---------

Signed-off-by: Olivier Lamy <olamy@apache.org>
 2023-09-15 05:27:48 +02:00
Jan Bartel 26fdbe3280
Issue #10474 support application/json for ErrorHandler (#10504) 2023-09-15 03:12:48 +02:00
Olivier Lamy 6d1cfd5a2e
Merge branch 'jetty-10.0.x' into jetty-11.0.x 2023-09-15 10:17:55 +10:00
Olivier Lamy 000a55f78f
upgrade to bouncycastle 1.76 (#10512) 
* upgrade to bouncycastle 1.76

Signed-off-by: Olivier Lamy <olamy@apache.org>

* fix artifact names

Signed-off-by: Olivier Lamy <olamy@apache.org>

---------

Signed-off-by: Olivier Lamy <olamy@apache.org>
 2023-09-15 02:16:41 +02:00
Joakim Erdfelt d7d203d869
Merge pull request #10521 from eclipse/fix/10.0.x/cve-numbers 
Fixing CVE number for CGI servlet deprecation (10.0.x)
 2023-09-14 16:39:48 -05:00
Joakim Erdfelt a5097a0df0
Merge pull request #10522 from eclipse/fix/11.0.x/cve-numbers 
Fixing CVE number for CGI servlet deprecation (11.0.x)
 2023-09-14 16:39:43 -05:00
Joakim Erdfelt c381bfac5a
Fixing CVE number for CGI servlet deprecation 2023-09-14 14:26:55 -05:00
Joakim Erdfelt 96d4d45541
Fixing CVE number for CGI servlet deprecation 2023-09-14 14:26:02 -05:00
Simone Bordet 049cf3a334
Merged branch 'jetty-11.0.x' into 'jetty-12.0.x'. 
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2023-09-14 20:01:13 +02:00
Simone Bordet 1edc8e8bd7
Merged branch 'jetty-10.0.x' into 'jetty-11.0.x'. 
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2023-09-14 19:40:13 +02:00
Joakim Erdfelt 3c495f37cf
Updating 12.x VERSION.txt entries (#10517) 2023-09-14 19:35:45 +02:00
Joakim Erdfelt 83030f4825
Updating 11.x VERSION.txt entries (#10516) 2023-09-14 19:33:17 +02:00
Joakim Erdfelt 52c9dcaee6
Updating jetty-10.0.x VERSION.txt from changes in jetty-9.4.x (#10518) 
* Updating jetty-10.0.x VERSION.txt from changes in jetty-9.4.x
* Making CVE references consistent
 2023-09-14 19:31:09 +02:00
Simone Bordet 08190e1a50
Fixes #9665 - HttpCookieStore incorrectly rejects cookies for domains that are an IPv6 address (#10465) 
* Refactored domain checks into overridable method.
* Added support for IPv6, and clarified domain checks.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2023-09-14 19:27:18 +02:00
Joakim Erdfelt b9cd3216f7
Updating 10.x entries (#10515) 2023-09-14 18:40:52 +02:00
Joakim Erdfelt 0068c91bcd
Issue #10508 - honor Servlet spec behaviors for null in addHeader / setHeader calls (#10510) 
* Refactor ResponseHeadersTest to modern standards
* Issue #10508 - honor Servlet spec behaviors for null in addHeader / setHeader calls
 2023-09-14 11:02:54 -05:00
Simone Bordet 530ed33611
Fixes #10219 - Review HTTP Cookie parsing (#10464) 
* Added SetCookieParser interface and RFC6265SetCookieParser implementation to properly parse Set-Cookie values.
* Removed hacky implementation in HttpClient.
* Removed unused methods in HttpCookieUtils.
* Using SetCookieParser for the implementation of newPushBuilder in ee9,ee10.
* Reworked HttpCookieStore.Default implementation.
* Implemented properly cookie path resolution.
* Using URI.getRawPath() to resolve cookie paths.
* Removed secure vs. non-secure scheme distinction when storing cookies.
* Refactored common code in HttpCookieStore.Default to avoid duplications.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2023-09-14 17:13:05 +02:00
Simone Bordet 388d3e38fa
Fixes #10361 - Introduce QoSHandler (#10480) 
* Introduced QoSHandler.
* Updated documentation, and removed old documentation.
* Now using dynamic max priority.
The current implementation retains priorities and queue as they are created, but hopefully the priority range is constrained.
* Better algorithm for resuming: rather than releasing a permit and try to acquire it again, keep the permit and resume a request.
This also removes the issue that a request could have been suspended again, therefore remaining suspended much more than maxSuspend.
* Deprecated QoSFilters in ee10 and ee9.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2023-09-14 15:46:12 +02:00
Simone Bordet 8684b0a67a
Introduced CompletableResponseListener (#10502) 
Introduced CompletableResponseListener, a replacement for FutureResponseListener that uses better APIs based on CompletableFuture.

Deprecated FutureResponseListener and replaced its usages.

Updated documentation.

Added tests for zipped request content.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2023-09-14 15:33:51 +02:00
Lachlan Roberts c81325492a Issue #10498 - fixes for getUserPrincipal in Jetty WebSocket EE9 & EE10 
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
 2023-09-14 10:26:02 +10:00
Lachlan Roberts 4bdd21f777 Merge remote-tracking branch 'origin/jetty-12.0.x' into jetty-12.0.x-10490-websocketServerUpgradeRequest 2023-09-14 09:57:50 +10:00
Simone Bordet 85c72720fc
Fixes #10442 - Reduce verbosity when JMX finds overloaded setter (#10443) 
Now the log statement is only emitted when there is no matching setter method, but a mismatched one exists.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2023-09-13 15:17:22 +02:00
Olivier Lamy 28f19a5592
get rid of deprecated usage of maven resolver (#10495) 
Signed-off-by: Olivier Lamy <olamy@apache.org>
 2023-09-13 05:43:47 +02:00
Jan Bartel 4bbfa3949b
Issue #10440 fix ClassCastException for <jettyEnvXml> in maven plugin (#10493) 
* Issue #10440 fix ClassCastException for <jettyEnvXml> in maven plugin

* disable H1 client leak tracking for testInputStreamContentProviderThrowingWhileReading

Signed-off-by: Ludovic Orban <lorban@bitronix.be>

---------

Signed-off-by: Ludovic Orban <lorban@bitronix.be>
Co-authored-by: Ludovic Orban <lorban@bitronix.be>
 2023-09-12 07:49:45 +02:00
Ludovic Orban 022c99cd24 #10226 handle review comments 
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
 2023-09-11 11:47:04 +02:00
Ludovic Orban cb68dc92c3 #10226 fix buffer leak in consumeAvailable() when HttpStream.consumeAvailable() leaves unconsumed content 
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
 2023-09-11 11:47:04 +02:00
Ludovic Orban 8b3db91174 #10226 only release the buffer when it could not be propagated to a Content.Source reader 
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
 2023-09-11 11:47:04 +02:00
Ludovic Orban 499816f79c #10226 fix HTTP consumeAvailable() buffer leak and re-enable tests 
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
 2023-09-11 11:47:04 +02:00
Lachlan Roberts 3066737016 Issue #10490 - fixes and testing for websocket JakartaServerUpgradeRequest 
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
 2023-09-11 17:00:02 +10:00
Olivier Lamy c54dacee5c
Merge branch 'jetty-10.0.x' into jetty-11.0.x 2023-09-07 10:39:26 +10:00
dependabot[bot] 08ab9e1629
Merge pull request #10488 from eclipse/dependabot/maven/jetty-10.0.x/org.infinispan.protostream-protostream-4.6.5.Final 2023-09-07 00:38:43 +00:00
dependabot[bot] bb84d6591a
Merge pull request #10487 from eclipse/dependabot/maven/jetty-10.0.x/pax.exam.version-4.13.5 2023-09-07 00:38:27 +00:00
dependabot[bot] 97ae51ee28
Bump org.infinispan.protostream:protostream 
Bumps [org.infinispan.protostream:protostream](https://github.com/infinispan/protostream) from 4.6.4.Final to 4.6.5.Final.
- [Release notes](https://github.com/infinispan/protostream/releases)
- [Commits](https://github.com/infinispan/protostream/compare/4.6.4.Final...4.6.5.Final)

---
updated-dependencies:
- dependency-name: org.infinispan.protostream:protostream
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-06 21:19:57 +00:00
dependabot[bot] a9711042a1
Bump pax.exam.version from 4.13.1 to 4.13.5 
Bumps `pax.exam.version` from 4.13.1 to 4.13.5.

Updates `org.ops4j.pax.exam:pax-exam` from 4.13.1 to 4.13.5

Updates `org.ops4j.pax.exam:pax-exam-inject` from 4.13.1 to 4.13.5

Updates `org.ops4j.pax.exam:pax-exam-container-forked` from 4.13.1 to 4.13.5

Updates `org.ops4j.pax.exam:pax-exam-junit4` from 4.13.1 to 4.13.5

Updates `org.ops4j.pax.exam:pax-exam-link-mvn` from 4.13.1 to 4.13.5

---
updated-dependencies:
- dependency-name: org.ops4j.pax.exam:pax-exam
  dependency-type: direct:development
  update-type: version-update:semver-patch
- dependency-name: org.ops4j.pax.exam:pax-exam-inject
  dependency-type: direct:development
  update-type: version-update:semver-patch
- dependency-name: org.ops4j.pax.exam:pax-exam-container-forked
  dependency-type: direct:development
  update-type: version-update:semver-patch
- dependency-name: org.ops4j.pax.exam:pax-exam-junit4
  dependency-type: direct:development
  update-type: version-update:semver-patch
- dependency-name: org.ops4j.pax.exam:pax-exam-link-mvn
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-06 21:19:40 +00:00