* Issue #4247 SameSite Session Cookie
Allows sameSite cookie settings to be configured in SessionCookieConfig comments
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4247 SameSite Session Cookies
Use non versioned cookie
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4247 SameSite Session Cookies
Added test and fixed getCommentWithAttributes
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4247 - Updating unit tests for HttpCookie
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Issue #4247 SameSite Session Cookie
While it may be best practise to always use Secure cookies when SameSite is None, there is nothing in the RFC that mandates it and thus I don't believe we should prevent such a configuration. If browsers enforce this, then users will find out soon enough... and if browsers change, then we are not required to do a new release to match.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4247 SameSite Session Cookie
For cookie comments with multiple SameSite attributes, the most strict
value is used. So `Strict` has precedence over `Lax` which has
precedence over `None`.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4161 - TestCase that can replicate problem on OSX
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Issue #4161 - Naming Server threadpool (to help with debugging)
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Issue #4161 - bumping up test file size to 10 MB
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Issue #4161 Write LifeCycleViolation
Do not callback on write completion until after state has been changed and notifications made.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4161 Write LifeCycleViolation
Added a unit test that replicated the problem.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4161 - `EofException: request lifecycle violation` in stderr.
Moved notifications of commit and content listeners back to succeeded().
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Issue #4161 - Improved Logging for test-integration
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Issue #4161 - Reducing size of test file
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Issue #3863 - Enforce use of SNI.
Introduced SslContextFactory.rejectUnmatchedSNIHost (default false)
so that if no SNI is sent, or SNI does not match a certificate,
then the TLS handshake is aborted.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Issue #3863 - Enforce use of SNI.
Updates after review.
Introduced SslContextFactory.SNISelector to allow application to write
their custom logic to select a certificate based on SNI information.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Issue #3863 Enforce SNI
Added two sniRequired fields - one at SslContextLevel and the other at the SecureRequestCustomizer. This allows rejection either at TLS handshake or by 400 response.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #3863 Enforce SNI
cleanups from review
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #3863 Enforce SNI
improved comments
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #3863 Enforce SNI
syntax sugar
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #3863 SNI
Updates from review. Extra test for sniSelector function
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4265 Remove doError
The doError method and the ErrorDispatchHandler class were
hang overs from when we needed to dispatch into a context to get sendError called, which would then generate the error page.
Now sendError doesn't do any generation, rather it changes state that arranges either for a minimal error page to be generated or an ERROR dispatch to a real handler/servlet to generate the error page.
Thus the ErrorDispatchHandler and doError methods can now be removed.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4265 Remove doError
Moved the error page dispatching logic back to the ErrorHandler class to assist with backwards compatibility
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4265 Remove doError
Moved the error page dispatching logic back to the ErrorHandler class to assist with backwards compatibility
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4265 doError
Updates from review.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4203 - Updating test to verify report on Transfer-Encoding
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Fixes#4203 - Transfer-Encoding + Content-Length is 400 Bad Request
+ Fixing validation to not be header order dependent.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Issue #4203 - Fixing hasTransferEncoding reset and testcase assumption
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Issue #4204 - Transfer-Encoding RFC7230 behaviors
+ More test cases and implementation.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Issue #4204 - Transfer-Encoding RFC7230 behaviors
+ Adjusting HttpParser to handle the case where we have multiple
Transfer-Encoding headers and none declare the 'chunked' token.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Issue #4204 - Transfer-Encoding RFC7230 behaviors
+ Making changes from PR review
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Issue #4203 Transfer Encoding
request with TE and no chunking is a Bad Request
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* issue exclude/include con name InetAccesHandler - add better unit test
this logic:
String name =
baseRequest.getHttpChannel().getConnector().getName();
return _names.test(name) && _addrs.test(addr);
Is not correct. it's treating the connector name exactly like the
filter. But that's not what it's intended to do. It's supposed to tell
what connectors are applicable to this filter. And what connectors are
not affected.
For example in the unit test there exists 2 connectors:
http
tls
We want to restrict the http connector, but we want to leave tls
connector alone.
So we would specify:
include = 192.168.1.1-192.168.1.254
includeConnector = http
The way the logic is above, it is treating the connector name as if it's
the filter itself. Which is not what I intended.
What i need in psuedo-code is this:
if (there are no "include connectors" OR if this connector is
included) AND (if this connector is not in the excluded list)
---> Then apply the IP filter.
Signed-off-by: Nicholas DiPiazza <nicholas.dipiazza@lucidworks.com>
* exclude should take precedence over include
Signed-off-by: Nicholas DiPiazza <nicholas.dipiazza@lucidworks.com>
* Issue #4193 InetAccessHandler
reverted changes to IncludeExcludeSet
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4193 InetAccessHandler
updates from review
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4208 Content-Length in 304
Added tests for RFC7230 section 3.3.2 for 304 and HEAD responses with content length.
Fixed HttpGenerator to set content-length in 304 response
Fixed insufficient content written check for 304
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4208 Content-Length in 304
Use contentLengthField
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4188 Spin in close of GzipHandler
Cleanup and simplify code
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4188 Spin in close of GzipHandler
Fix slice code. Added unit test for it.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4188 Spin in close of GzipHandler
Fixed last slice.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* cleanup from review
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4156 - Adding test to replicate issue
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Issue #4156 Session already in cache
+ check validity of sessions in getSession(SessionHandler)
+ do not replace session in doScope if SessionHandler is the same.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4176 setHeader after sendError
SendError now makes the response immutable for headers and status.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4176 setHeader after sendError
cleanup after review
better names
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4176 setHeader after sendError
better name
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4176 setHeader after sendError
even better name
Signed-off-by: Greg Wilkins <gregw@webtide.com>
The HttpConnection.SendCallback nulls it's reference to buffers and callbacks after completion to assist with easy GC, since the connection callback is a long lived instance.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
The connection upgrade check is necessary both after the parsing and
after the handling. After the parsing covers HTTP/2 prior knowledge
"PRI * HTTP/2" case; after the handling covers the WebSocket case.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Added test to reproduce issue
Fixed bug from #2772 where output was shutdown on DONE without checking for END.
Fixed aggregation logic to aggregate last write if aggregation already started
Improved comments and clarify conditions
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Introduced module `jdbc` and made other modules that require JDBC depend on it.
Modified demo.ini to enable the `jdbc` module because some webapp descriptor
of the demo requires JDBC classes.
Now the demo can be run fine on the module-path just by adding --jpms.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Added test for servlet component lifecycle
Fixed bug where we were destroying listeners before calling them.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4025 Add flushOnCommit mode to sessions.
Added flushOnCommit mode to write a session to the backing store as the
response commits, before any bytes are returned to the client.
Signed-off-by: Jan Bartel <janb@webtide.com>
+ Also made ContextHandler warning message about features
that are unimplemented (and you should use ServletContextHandler)
more clear. (this helped with diagnosing where the bug was
in ServletHolder)
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Issue #3964
* Avoid creating listener list for rarely used requestAttributeListener
* AbstractConnector keeps a specific list of HttpChannel.Listeners
to avoid Connection.Listeners and MBean listeners being added to
the HttpChannel listener list.
* Simplified listener handling by avoiding null connector, previously
only needed for testing.
* Fixed test that assumed HttpChannel listeners were not cleared by a recycle
* Separated out durable vs cyclic HttpChannel.Listeners, so as to
simplify handling.
* Deprecated cyclic HttpChannel.Listeners, as I'm not sure the channel is
the right place for them.
* Added improved method to combine multiple HttpChannel Listeners
into a single Listener.
* Fixed MockConnector
* Added benchmark
* Improved benchmark
* Updates from review
* Removed benchmark and alternate implementations.
* Updated javadoc
* Updates from review
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* per servlet api javadoc getLastAccessedTime should throw IllegalStateException if session has been invalidated
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
* isInvalid test should be done within lock
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
* Issue #3806 async sendError
Avoid using isHandled as a test withing sendError as this can be
called asynchronously and is in a race with the normal dispatch of the
request, which could also be setting handled status.
The ErrorHandler was dispatching directly to a context from within
sendError. This meant that an async thread can call sendError and be
dispatched to within the servlet container at the same time that the
original thread was still dispatched to the container.
This commit fixes that problem by using an async dispatch for error
pages within the ErrorHandler. However, this introduces a new problem
that a well behaved async app will call complete after calling
sendError. Thus we have ignore complete ISEs for the remainder of
the current async cycle.
Fixed the closing of the output after calling sendError. Do not
close if the request was async (and thus might be dispatched to an
async error) or if it is now async because the error page itself is
async.
* updates from review
* better tests
* revert ignore complete
* added some TODOs
* more TODOs
* fixed rename
* cleanup ISE and more TODOs
* refactored to call sendError for uncaught exceptions rather than onError
* more of the refactor
* extra tests for sendError from completing state
Reworked HttpChannelState and sendError so that sendError is now
just a change of state. All the work is done in the ErrorDispatch
action, including calling the ErrorHandler. Async not yet working.
Additional tests
Converted ERRORED state to a separate boolean so it can be used for
both Sync and Async dispatches.
Removed ASYNC_IO state as it was just the same as DISPATCHED
The async onError listener handling is now most likely broken.
WIP making sendError simpler and more tests pass
WIP handling async and thrown exceptions
WIP passing tests
Improved thread handling
removed bad test
Implemented error dispatch on complete properly
more fixed tests
sendError state looks committed
- Added resetContent method to leave more non-content headers during sendError
- Fixed security tests
- simplified the non dispatch error page writing. Moved towards being able to write async
* fixed gzipHandlerTest
* Updated handling of timeout errors. According to servlet spec,
exceptions thrown from onTimeout should not be passed to onError, but
just logged and ignored:
If an exception is thrown while invoking methods in an AsyncListener,
it is logged and will not affect the invocation of any other AsyncListeners.
* This changes several tests.
* Dispatcher/ContextHandler changes for new ERROR dispatch handling. Feels a bit fragile!
* Fixed tests in jetty-servlets
* Fixed tests in jetty-proxy
* more test fixes
* Fixed head handling
reverted unnecessary changes
Improved reason handling
WIP on fully async error handling.
Simplified HttpChannelState state machines to allow for async actions
during completing
more WIP on fully async error handling.
sendError and completion are not both non-blocking, without using
a startAsync operation. However we are lacking unit tests that actually
exercise those code paths.
* Simplified name of states
Added test for async completion
* Cleanups and javadoc
* Cleanups and javadoc
* remove snake case
* feedback from review
* Write error page into fixed pooled buffer
Use the response to get/release a pooled buffer into which the error
page can be written. Make it a fixed sized buffer and if it overflows
then no error page is generated (first overflow turns off showstacks
to save space).
The ErrorHandler badly needs to be refactored, but we cannot change
API in jetty-9
* More test fixes for different error page format
* minor cleanups
* Cleanup from Review
* Fixed javadoc
* cleanups and simplifications
* Cleanup from Review
* renaming and some TODOs
* Cleanup from Review
* Checkstyle fixes
* Cleanup from Review
* Code cleanups and simplifications
* fixed debug
* Cleanup from Review
* Ensure response sent before server shutdown
* removed unnecessary optimisation
* fixed duplicate from merge
* Updates from review
Signed-off-by: Greg Wilkins <gregw@webtide.com>
+ Adding SameFileAliasChecker to help with environments
where the Alias and the Path point to the same file,
by relying on the FileSystem and Path implementation
to make the determination if the two Path references
truly point to the same file.
+ Minor cleanup of FileSystemResourceTest
+ Additional DefaultServletTest for this UTF-8 differences
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* according to Javadoc and failing tck tests
ServletContext#setSessionTrackingModes
IllegalArgumentException - if sessionTrackingModes specifies a combination of SessionTrackingMode.SSL with a session tracking mode other than SessionTrackingMode.SSL
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
* test adding only SSL
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
* fixes from Jan review
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
* fix package order
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
* If a cookie has no value it is rejected and not stored.
- `name` is rejected
- `name=` is accepted, with empty value
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Changed the logic to lookup server attributes if there is no context.
This fixes a failing test that was explicitly setting the server
attributes after start.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Updated code to reflect reviews.
Now lookup of system properties and server attributes is done in
ContextHandler.doStart(), so that the getter always return the
actual value (and this is good for JMX too).
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
+ Reset progress on any positive skip value
+ Throw IOException(EOF) for any negative skip value
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
+ Reverting toFile().getInputStream() on PathResource
+ Adding RangeWriter concept for managing open resource
across multiple range writes
+ RangeWriter implementation delegates to HttpContent behaviors
Lookup is :
- Direct Buffer
- Indirect Buffer
- ReadableByteChannel (as SeekableByteChannel)
- InputStream
+ Adding unit tests for all RangeWriter implementation to ensure
that they behave the same way everywhere.
+ Making ResourceService use new RangeWriter implementation
+ Existing DefaultServletRangeTest still works as-is
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
+ ResourceCacheTest identified a bug in CachedContentFactory
(a bad/reversed if statement)
+ Updated ResourceCacheTest to not rely on jetty-util src/test/resources
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
+ Allowing CachedHttpContent._contentLengthValue actually hold
the `long` resource size (for the 4G variant on test)
+ Allowing BufferUtil to not throw Exception if resource length
is a positive value, but exceeds Integer.MAX_VALUE, opting instead
to return a null to prevent excessive memory usage. (fixes the 10G
variant of test)
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Issue #3806 async sendError
This is a minimal fix for the async race of sendError using isHandled
at the same time as the normal dispatch is exiting.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #3806 async sendError
Fixed isStreaming method in minimal fix (showing the need for actual
test harnesses).
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #3799 Programmatic listeners from ServletContextListeners.
Ensure programmatic listeners added from ServletContextListeners are
called.
Signed-off-by: Jan Bartel <janb@webtide.com>
* Issue #3799 add distribution test
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
* Removing Legacy Method Separators
* Restyling branch `jetty-9.4.x`
* Applying changes highlighted by checkstyle
* Applying XML restyling
* Fixing XML codestyle for IntelliJ
* Fixing XML style mistakes
* Revert "Applying XML restyling"
* Updating checkstyle for XML codestyle
* Reformatting pom.xml files
* Fixed empty string from line wraps
* Update intellij style to not do expression relative formatting. Reformatted code based on that.
* Increasing line split on Eclipse IDE Formatter to 512
* Restoring setting on internal default value.
+ IntelliJ will not export settings on things that set to their
internal default values.
We want to keep those values as a hedge against future default
value changes in future releases of IntelliJ.
* Fixing intellij codestyle
* do not allow single line simple methods
* misc checkstyle fixes
* re-exported with correct name and all values
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #3755 Annotation example cleanup
+ Created JettyDistribution class as common utility to locate a jetty distribution for examples.
+ Fixed ServerWithAnnotations to correctly use the test-spec-webapp
+ Added AttributeContainerMap as a better way to treat attribute values as beans. This avoids them appearing twice in a dump and always associates them with their key.
+ Added NamingDump and use it in EnvConfiguration and jetty-plus.xml so that a server dump will contain dumps of the server local tree and each contexts java:comp/env tree
+ Improved the dump format of NamingContext and WebAppContext
+ Improved the toString format of several associated classes
Signed-off-by: Greg Wilkins <gregw@webtide.com>
+ Updating testcases to test requestURL as well.
+ Adding new testcases for X-Forwarded-Port modifying only
the port of an existing `Host:` header.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
+ StringUtil.replace()
+ StringUtil.replaceFirst()
+ StringUtil.sanitizeFileSystemPath()
Change existing usages of String.replace() to either
use new StringUtil.replace() or other methods elsewhere
that better suit that specific need.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
- do not parse MultiParts in constructor so the attribute can be set
- deleteParts in MultiPartFormInputStream from _parts MultiMap
- only add the MultiPartCleanerListener once per context
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Added support for the X-Forwarded-Port header.
Reimplemented header scanning using more efficient Trie and MethodHandles
Signed-off-by: Greg Wilkins <gregw@webtide.com>
## Ports the `ipaccess` being added as a module from jetty 10
you can now do `java -jar start.jar --add-to-start=inetaccess` to add
the inetaccess handler to your jetty config.
## Allows you to specify a list of connector names that the
`InetAccessHandler` applies to
This is important for those who run jetty using `start.jar` to make it
possible to do things like have an open HTTPS connector but a whitelist
restricted HTTP connector.
Example:
`etc/jetty-inetaccess.xml`
```
<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN"
"http://www.eclipse.org/jetty/configure_9_3.dtd">
<Configure id="Server" class="org.eclipse.jetty.server.Server">
<Call name="insertHandler">
<Arg>
<New id="InetAccessHandler"
class="org.eclipse.jetty.server.handler.InetAccessHandler">
<Call name="exclude"><Arg>127.0.0.128-127.0.0.129</Arg></Call>
<Call name="includeConnectorName"><Arg>http</Arg></Call>
</New>
</Arg>
</Call>
</Configure>
```
You can now
`java -jar start.jar --add-to-start=https`
and
`java -jar start.jar --add-to-start=inetaccess`
And you can now choose what inetaccess handler rules apply to http
versus https.
## Adds a basic `InetAccessHandler` Unit Test
Cover a few of the basic features of InetAccessHandler so it can have
some coverage.
Signed-off-by: Nicholas DiPiazza <nicholas.dipiazza@lucidworks.com>
+ If optional Security Provider is configured, then use it consistently
for all security objects that take a Provider argument.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* exclude ipv6 test as currently failing on kubernetes, using junit tag and ci profile activated via Jenkinsfile
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
* upgrade surefire to 3.0.0-M3
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
Introduced SslContextFactory subclasses Client and Server.
Replaced all usages of SslContextFactory with either Client or Server
as required.
Refactored configuration checking so that warnings are not emitted
when non necessary.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
+ Any schedulers created are named (for ease of debug) and daemon
so they do not stop the JVM exiting.
+ If the server.doStart() fails, it calls server.doStop to ensure
connectors are stopped, ports are free etc.
+ cleanup of addBean handling of scheduler in proxy
Signed-off-by: Greg Wilkins <gregw@webtide.com>