77ad0189ba
Fixes #8532 - Review System.nanoTime() usages. ( #8535 )
...
* Fixes #8532 - Review System.nanoTime() usages.
Introduced o.e.j.util.NanoTime class to deal with nanoTimes.
Now NanoTime.now() should be used instead of System.nanoTime(),
and various <unit>[elapsed|since|until]() methods to calculate nanoTimes.
Furthermore, comparing 2 nanoTimes should be done via isBefore(),
rather than using the < operator, which is wrong as specified in
the System.nanoTime() javadocs.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2022-09-06 09:30:02 +02:00
64d12e2a5a
Merge Release 10.0.11 back into `jetty-10.0.x` branch ( #8194 )
...
* Updating to version 10.0.11
* Updating to version 10.0.12-SNAPSHOT
2022-06-22 16:24:48 -05:00
5fddbf9bb1
Issue #8184 - Correcting match logic for multiple servlet suffix url-pattern ( #8185 )
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-06-21 15:24:39 -05:00
c2bc103cb9
Merge Release 10.0.10 back into `jetty-10.0.x` ( #8180 )
...
* Updating to version 10.0.11-SNAPSHOT
2022-06-21 14:41:41 +02:00
1b4f941942
RegexPathSpec documentation and MatchedPath improvements ( #8163 )
...
* More documentation
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-06-16 13:53:04 -05:00
d63569d025
Migrate code from jetty-util Logger to slf4j Logger ( #8162 )
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-06-15 20:01:48 +02:00
8de55150fe
Cherry-pick of Improvements to PathSpec for Jetty 10.0.x ( #8136 )
...
* Cherry-pick of Improvements to PathSpec.
* From commit: 5b4d1dd1c6
2022-06-08 12:36:30 -05:00
7a1c165677
Implement #8057 103 Early Hint ( #8058 )
...
Co-authored-by: Ludovic Orban <lorban@bitronix.be>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
2022-06-01 11:56:54 +10:00
d1e64f4693
Fixes #8014 - Review HttpRequest URI construction. ( #8015 )
...
Fixes #8014 - Review HttpRequest URI construction.
Now always adding a "/" before the path, if not already present.
Disabled flakey HTTP/3 test.
Parse CONNECT URIs as Authority
Co-authored-by: Greg Wilkins <gregw@webtide.com>
2022-05-26 18:13:17 +10:00
e12d5d58b6
Jetty 10 7918 root pathspec ( #7920 )
...
Fix #7918 Root path spec
Handle root pathspec in PathMappings.asPathSpec
Introduce protected asPathSpec to allow for extensibility
Signed-off-by: Greg Wilkins <gregw@webtide.com>
2022-04-26 19:04:17 +02:00
5fc63bf8e8
Issue #7748 - Merge PathSpec improvements made in 9.4.x ( #7845 )
...
* Fixes to backport of #7748
+ Backport of #7748
+ Fix RegexPathSpec pathInfo
+ Fix UriTemplatePathSpec pathInfo
+ Test regression option to 93 behaviour
* small optimization
Signed-off-by: Greg Wilkins <gregw@webtide.com>
2022-04-06 11:14:52 +02:00
16420f0181
Set version to `10.0.10-SNAPSHOT` ( #7823 )
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-04-03 20:33:44 +10:00
f079949a35
Merge Release 10.0.9 ( #7821 )
...
* Updating to version 10.0.9
* Updating to version 10.0.10
2022-04-02 08:43:44 -05:00
a35719367b
Issue #7683 - Use direct buffers for gzip input/output, if configured.
...
Use direct buffers for gzip input/output, if configured.
Code cleanups.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2022-03-24 17:59:49 +01:00
a4fda96f49
Updating to version 10.0.9-SNAPSHOT
2022-02-07 12:02:02 +01:00
716c7afd8e
Updating to version 10.0.8
2022-02-07 11:34:12 +01:00
cb127793e5
Happy New Year 2022 ( #7459 )
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-01-27 10:42:30 -06:00
fd2407c72f
Clarify that requestHeaderSize is a cumulative limit ( #7417 )
...
* Clarify that requestHeaderSize is a cumulative limit
HttpConfiguration documents the requestHeaderSize configuration option
as being a limit on the size of a single request header, but it is in
fact a limit on the cumulative size of all request headers as well as
the request URI. This patch updates the documentation accordingly, and
adds test cases for the HTTP/1.x and HTTP/2 parsers to verify the
behavior.
NB.: the HTTP/3 parser and configuration seem to correctly document this
option as being a global limit on header size.
* Improve requestHeaderSize tests and documentation per review
Signed-off-by: Máté Szabó <mszabo@wikia-inc.com>
2022-01-19 11:56:27 -06:00
3042f2b2bf
Fixes #7348 - Slow CONNECT request causes NPE ( #7349 ) ( #7352 )
...
* Fixes #7348 - Slow CONNECT request causes NPE (#7349 )
Added NPE guard in `HttpReceiverOverHTTP.onUpgradeFrom()`.
Expanded logic in `HttpReceiverOverHTTP.parse()` to return true in case of CONNECT + 200.
Fixed `ProxyConnection.toConnectionString()` to avoid NPEs.
Fixed `HttpClientTest.testCONNECTWithHTTP10()` logic
after changes to fix this issue.
Now a tunneled connection is not put back into the connection pool,
and if applications explicitly want to use it, they must re-enable
fill interest, similarly to what should be done after upgrade+101.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
(cherry picked from commit 5eb7b70df7
2022-01-06 11:08:12 +01:00
578ae30311
Issue #6728 - QUIC and HTTP/3
...
Added http3 Jetty module and distribution test.
Implemented simple logic to send the Alt-Svc header in HTTP/2 responses.
Updated JNA dependency to use jna-jpms.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-12-20 09:33:38 +01:00
a95fe3bfb8
Improvements & bug fixes from testing
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-12-20 09:33:38 +01:00
3a6a3e094d
Use MetaData instead of HttpFields for QPACK
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-12-20 09:33:38 +01:00
da50072cc8
The QpackEncoder should be able to use PreEncodedHttpFields.
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-12-20 09:33:38 +01:00
bdf44b8e22
Work through examples B.1. and B.2. from spec and fix bugs.
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-12-20 09:33:38 +01:00
7abb1e62f2
Issue #7160- Add AMBIGUOUS_PATH_ENCODING to default UriCompliance mode.
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-11-30 16:51:58 +11:00
ec221865b6
Merge pull request #6978 from eclipse/jetty-10.0.x-4275-ambiguousparam
...
Improve #4275 ambiguous URIs (#6939 )
2021-10-21 17:48:33 +11:00
866f4517db
Improve #4275 ambiguous URIs ( #6939 )
...
* Improve #4275 ambiguous URIs
A URI like `/foo/%2e%2e;/bar` should be ambiguous both because of the encoded dots and because of the parameters. This means that the default setting of jetty-9 is a bit more secure as this path is considered ambiguous if either Violation.SEGMENT or Violation.PARAM is set.
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-10-12 18:22:12 +11:00
cfc67f86d2
Updating to version 10.0.8-SNAPSHOT
2021-10-06 14:51:32 -05:00
da8a4553af
Updating to version 10.0.7
2021-10-06 14:32:37 -05:00
0412bdc3d9
Fixes #6938 - module-info.java file do not use the canonical order for the elements
...
Changed order of entries in module-info.java to be canonical
(cherry picked from commit 02691171d5
2021-10-01 09:25:55 +02:00
51d44a3401
use dependencyManagement for internal dependencies ( #6940 )
...
Signed-off-by: Olivier Lamy <oliver.lamy@gmail.com>
2021-09-30 16:57:19 +10:00
b44dde6098
Bump maven-enforcer-plugin from 3.0.0-M3 to 3.0.0 ( #6755 )
...
* Bump maven-enforcer-plugin from 3.0.0-M3 to 3.0.0
Bumps [maven-enforcer-plugin](https://github.com/apache/maven-enforcer ) from 3.0.0-M3 to 3.0.0.
- [Release notes](https://github.com/apache/maven-enforcer/releases )
- [Commits](https://github.com/apache/maven-enforcer/compare/enforcer-3.0.0-M3...enforcer-3.0.0 )
---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-enforcer-plugin
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* fix some upper bound issues and exclude more javax
Signed-off-by: Olivier Lamy <oliver.lamy@gmail.com>
* fix upperbound dependencies issue with enforcer plugin upgrade
Signed-off-by: Olivier Lamy <oliver.lamy@gmail.com>
* exclude this wrong which makes enforcer plugin fail and btw it's not used
Signed-off-by: Olivier Lamy <oliver.lamy@gmail.com>
* fix last enforcer upperbound issues
Signed-off-by: Olivier Lamy <oliver.lamy@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Olivier Lamy <oliver.lamy@gmail.com>
2021-09-14 06:10:48 +10:00
0a78b9845d
Merge pull request #6657 from eclipse/jetty-10.0.x-6642-WebSocketConnectionHeaders
...
Issue #6642 - WebSocket handling of Connection: upgrade,close.
2021-08-31 14:25:47 +10:00
949aa6c342
Issue #6642 - move shutdown logic into HttpChannelOverHTTP and HttpConnection
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-08-27 11:53:54 +10:00
fa316fc20d
Issue #6642 - never shutdown output after generating a request.
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-08-26 13:09:36 +10:00
cb9a8d4060
Issue #6642 - change HttpGenerator state to END before returning
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-08-25 11:27:56 +10:00
f7d9d8fcf8
Issue #6642 - prevent connection close after websocket upgrade
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-08-24 19:39:34 +10:00
5dcc14b114
Merge pull request #6551 from eclipse/jetty-10.0.x-6545-refresh-mimetypes
...
Issue #6545 - Add more mime-types
2021-07-28 05:47:36 -05:00
bd11d6f682
#6491 add defensive check and introduce HttpParser.isTerminated()
...
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2021-07-28 10:14:19 +02:00
8971ea991f
Issue #6545 - Add more mime-types
...
+ Adding webp + avif + apng based on current
`Accept` header offerings from current browsers.
Firefox 90.0
`Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8`
Chrome 92.0.4515.107
`Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9`
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-07-27 11:48:39 -05:00
92b6f336b6
Merge pull request #6503 from eclipse/release-10.0.6
...
Merge Release 10.0.6
2021-07-07 08:21:20 -05:00
8945a58ffc
Reduce header cache memory usage on non persistent requests ( #6494 )
...
Delay creating a header cache until a second request on a parser.
Refactored cache code into subclass
Signed-off-by: Greg Wilkins <gregw@webtide.com>
2021-07-07 12:51:06 +10:00
259f9af9c9
Merge pull request #6490 from eclipse/jetty-10.0.x-6489-UriCompliance
...
Issue #6489 - fix RFC3986_UNAMBIGUOUS and UNSAFE UriCompliance modes.
2021-07-06 15:58:51 +10:00
76ab749aca
Issue #6489 - fix RFC3986_UNAMBIGUOUS and UNSAFE UriCompliance modes.
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-07-01 17:52:07 +10:00
b82b46243d
Issue #6489 - fix RFC3986_UNAMBIGUOUS and UNSAFE UriCompliance modes.
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-07-01 17:27:17 +10:00
c245a70893
Updating to version 10.0.7-SNAPSHOT
2021-06-29 10:51:22 -05:00
37e7731b4b
Updating to version 10.0.6
2021-06-29 10:27:56 -05:00
3c32afa05c
Issue #6473 - canonicalPath refactor & fix alias check in PathResource (Jetty-10) ( #6478 )
...
Issue #6473 - canonicalPath refactor & fix alias check in PathResource
* Reverted %-escape handling for URI query parts.
* Performing canonicalization in ServletContext.getResource(),
and improving alias checking in ContextHandler.getResource().
* Performing canonicalization checks in Resource.addPath() to avoid
navigation above of the root.
* Test added and fixed.
* Various cleanups.
* Improved javadoc and comments
* Compliance mode HttpURI uses UriCompliance.Violation
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Greg Wilkins <gregw@webtide.com>
2021-06-29 15:42:39 +02:00
bc0fbbb5c1
Revert logic in Request.setMetaData, clear emptySegment on HttpUri.clear() ( #6468 )
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Manually merged as ECA checks are broken
2021-06-24 17:18:49 +10:00
4673846635
Compliance modes documentation ( #6312 )
...
Added doco on compliance modes
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
2021-06-24 15:20:05 +10:00
d233f3be02
Issue #6447 - Deprecate support for UTF16 encoding in URIs ( #6457 )
...
Deprecate support for UTF16 encoding in URIs.
Add compliance mode to allow UTF16 encodings.
Improve testing.
2021-06-23 22:58:49 +10:00
9d2d1e29b7
Updating to version 10.0.6-SNAPSHOT
2021-06-11 09:42:42 -05:00
dc21b2d73c
Updating to version 10.0.5
2021-06-11 09:18:00 -05:00
b4d7e5117d
Issue #6302 - Treat empty path segments as ambiguous. ( #6304 )
...
Issue #6302 - Treat empty path segments are ambiguous.
* Fix false empty segments being reported.
* Add HttpUriTests for the empty segment as ambiguous
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Co-authored-by: Greg Wilkins <gregw@webtide.com>
2021-06-10 15:12:59 +02:00
987066aac1
Updating to version 10.0.5-SNAPSHOT
2021-06-04 13:28:47 -05:00
5523480c54
Updating to version 10.0.4
2021-06-04 13:09:44 -05:00
9ace21992e
Updated POM versions to 10.0.4-SNAPSHOT.
...
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-05-21 17:07:46 +02:00
f58dbedcd0
Fixes #6263 - Review URI encoding in ConcatServlet & WelcomeFilter.
...
Review URI encoding in ConcatServlet & WelcomeFilter and improve testing.
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
2021-05-12 17:14:43 +02:00
4c98990cd9
Create FileBufferedResponseHandler to buffer responses into a file. ( #6010 )
...
FileBufferedResponseHandler adds an HttpOutput.Interceptor to buffer all responses into a file until the output is closed. This allows the commit to be delayed until the response is complete and thus headers and response status can be changed while writing the body.
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-04-19 11:02:44 +10:00
b56edf511a
UriCompliance mode improvements #6132 ( #6137 )
...
Resolve #6132
Improve configuration of ambiguous URI handling.
Added NON_CANONICAL_AMBIGUOUS_PATHS
2021-04-08 12:03:30 +10:00
e3c87fc2af
Changed exception check by JUnit API usage ( #6133 )
2021-04-06 08:51:50 +10:00
a0796d1055
Updating to version 10.0.3-SNAPSHOT
2021-03-26 06:31:31 +00:00
7bd207b309
Updating to version 10.0.2
2021-03-26 06:13:42 +00:00
d27363fa55
back to 10.0.2-SNAPSHOT
...
Signed-off-by: Olivier Lamy <oliver.lamy@gmail.com>
2021-03-26 06:10:47 +00:00
7a9e01ac56
Updating to version 10.0.3-SNAPSHOT
2021-03-25 10:38:15 -05:00
aac6bfbd48
Updating to version 10.0.2
2021-03-25 10:21:44 -05:00
6fca106160
Reverted version to 10.0.2-SNAPSHOT.
...
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-03-25 16:02:45 +01:00
3d0574d64c
Updating to version 10.0.3-SNAPSHOT
2021-03-25 04:10:39 +00:00
ab235ad687
Updating to version 10.0.2
2021-03-25 03:57:25 +00:00
06e1a7e88d
URI compliance modes for #6001 ( #6006 )
...
* Fix #4275 separate compliance modes for ambiguous URI segments and separators
default modes allows both ambiguous separators and segments, but still forbids ambiguous parameters
Co-authored-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-03-02 11:59:16 +01:00
c4dbf9748e
Merge remote-tracking branch 'origin/jetty-9.4.x' into jetty-10.0.x
...
Signed-off-by: gregw <gregw@webtide.com>
2021-02-24 11:58:55 +01:00
49e73dfb75
Fix #4275 #6001 separate compliance modes for ambiguous URI segments and se… ( #6003 )
...
Fix #4275 separate compliance modes for ambiguous URI segments and separators
2021-02-24 10:05:05 +01:00
fa6c617069
Fixing checkstyle warning
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-02-23 16:28:09 -06:00
bc3e1dc94e
Merge remote-tracking branch 'origin/jetty-9.4.x' into jetty-10.0.x
...
Signed-off-by: gregw <gregw@webtide.com>
2021-02-23 20:06:30 +01:00
8bd4a9fad8
Fix #5999 ArrayIndexOutOfBounds for unicode in HttpURI segment ( #6000 )
...
Fixed ArrayTrie to not throw if passed a unicode character.
2021-02-23 20:03:45 +01:00
8ed8dc62e3
Updating to version 10.0.2-SNAPSHOT
2021-02-19 13:06:42 -06:00
d0bfd9145d
Updating to version 10.0.1
2021-02-19 12:43:50 -06:00
ea2a76ed3b
Updating to version 9.4.38-SNAPSHOT
2021-02-19 09:44:28 -06:00
27afab2bd3
Updating to version 9.4.37.v20210219
2021-02-19 09:03:57 -06:00
bb5fefdaeb
Merge remote-tracking branch 'origin/jetty-9.4.x' into jetty-10.0.x
...
Signed-off-by: gregw <gregw@webtide.com>
2021-02-18 17:44:46 +01:00
324ab668de
More optional etag gzip fixes for #5979 ( #5986 )
...
* More optional etag gzip fixes for #5979
IF no separator defined, do not add a suffix to an etag.
Some cleanup of the implementation.
* More optional etag gzip fixes for #5979
updates from review
2021-02-18 17:24:16 +01:00
1113b15110
Merge remote-tracking branch 'origin/jetty-9.4.x' into jetty-10.0.x
2021-02-18 14:18:31 +01:00
10e531756b
Merge pull request from GHSA-m394-8rww-3jr7
...
Use comparator based sort
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Signed-off-by: gregw <gregw@webtide.com>
Co-authored-by: gregw <gregw@webtide.com>
2021-02-18 14:14:38 +01:00
1d5662f841
Merge branch 'jetty-9.4.x' into jetty-10.0.x
2021-02-18 07:44:37 +10:00
a8b4927427
Fix #5979 by allowing a configurable etag separator. ( #5980 )
...
* Fix #5979 by allowing a configurable etag separator.
Fix #5979 by allowing a configurable etag separator
* updates from review
* Updates from review
Signed-off-by: Greg Wilkins <gregw@webtide.com>
2021-02-17 22:19:23 +01:00
97ee0fd527
fixed bad merge
2021-02-17 18:49:37 +01:00
349b89d7e4
Merge remote-tracking branch 'origin/jetty-9.4.x' into jetty-10.0.x
...
Signed-off-by: gregw <gregw@webtide.com>
2021-02-17 18:11:02 +01:00
ea3f3a5b93
Update merge to 10 comment
2021-02-17 18:09:37 +01:00
ad6fc62bb5
Cleanup setPathQuery from #5954 ( #5981 )
...
Cleanup setPathQuery from #5954 so that it does not retain an old query if the passed string does not contain a query
2021-02-17 18:05:12 +01:00
1e364eccf8
Re re Fix rewrite tests for #5954
...
Re re Fix rewrite tests for #5954 . Restore setPathQuery behaviour to preserve queries if none are set.
2021-02-17 12:41:55 +01:00
dd5a565c08
Re re Fix rewrite tests for #5954
...
Re re Fix rewrite tests for #5954 . Restore setPathQuery behaviour to preserve queries if none are set.
2021-02-17 12:12:56 +01:00
472f04c1eb
fix checkstyle
2021-02-16 17:01:46 +01:00
7769f61242
Fixed checkstyle
2021-02-16 16:55:14 +01:00
ff3d5656a2
fix test style
2021-02-16 16:54:05 +01:00
172cd61878
merge from 9.4.x
...
Signed-off-by: gregw <gregw@webtide.com>
2021-02-16 16:35:57 +01:00
20ef71fe5d
Fix #4275 fail URIs with ambiguous segments ( #5954 )
...
Handle URIs by first resolving relative paths and then decoding.
Added compliance mode to return 400 if there are ambiguous path segments.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
2021-02-16 14:47:41 +01:00
d6ec96fe1b
Merge remote-tracking branch 'origin/jetty-9.4.x' into jetty-10.0.x
2021-02-15 14:18:08 -06:00
5dd987779c
Adding `WhitespaceAfter` checkstyle rule.
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-02-15 12:48:24 -06:00
421ed6bf8d
implementation of HttpServletRequest.upgrade
...
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2021-02-03 13:10:38 +01:00
e81c847998
Happy New Year 2021 (Jetty 10 edition)
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-01-21 15:05:57 -06:00
Simone Bordet
Joakim Erdfelt
Greg Wilkins
Jaroslaw Rzeszotko
mszabo-wikia
Lachlan Roberts
Olivier Lamy
dependabot[bot]
Ludovic Orban
Guilherme Amaral
Jesse McConnell