* Issue #8716 - Handle bad host/authority headers better
* Remove extra `Host` header in testcase that doesn't deal with bad Host headers
* Create URIUtil.isRegName
* Correcting HostPortTest.testValidAuthority
* Correcting RequestTest.testInvalidHostHeader
* Remove clonable, set to final
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Updating to version 10.0.12
* Updating to version 10.0.13-SNAPSHOT
* VERSION.TXT =+ content of jetty-9.4.49.v20220914 release
* remove strange line and reorder
* Fixes#8532 - Review System.nanoTime() usages.
Introduced o.e.j.util.NanoTime class to deal with nanoTimes.
Now NanoTime.now() should be used instead of System.nanoTime(),
and various <unit>[elapsed|since|until]() methods to calculate nanoTimes.
Furthermore, comparing 2 nanoTimes should be done via isBefore(),
rather than using the < operator, which is wrong as specified in
the System.nanoTime() javadocs.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Now using Executors.newVirtualThreadPerTaskExecutor() to execute
tasks, so the executor is tracked by the runtime for thread dumps, etc.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Implemented support for virtual threads for HTTP/1.1, HTTP/2 and HTTP/3.
The virtual thread support is in AdaptiveExecutionStrategy.
When virtual threads are supported and enabled, reserved threads are disabled and
blocking tasks are run in a virtual thread instead that being executed by the Executor.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
All `ByteBufferPool` can now be accessed as `RetainableByteBufferPools`.
Users now need to configure only a single buffer pool and there is just the additional retained parameter that needs consideration.
Default buffer pool has been changed to logarithmic, but we may wish to review that before next release.
Default factor size has been increased to 4096.
* Use StaticException class in jetty-util for websocket flushers.
* Use StaticException class for ContentProducer recycle and consumeAll
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
Co-authored-by: Ludovic Orban <lorban@bitronix.be>
* Bump jolokia-war from 1.3.3 to 1.7.1
Bumps jolokia-war from 1.3.3 to 1.7.1.
---
updated-dependencies:
- dependency-name: org.jolokia:jolokia-war
dependency-type: direct:production
update-type: version-update:semver-minor
...
* Adding HashLoginService to jolokia.xml
* Fixing typo in FQCN for Jetty Password utility
* Using logger to print warning, not ServletContext.log() as it causes an NPE.
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Honor parameters order when parsing query and form parameters
When parsing the query or form parameters in Request, the values are stored in a MultiMap. This class extends HashMap which does not preserve the order of insertion so a request with parameters "first=1&second=2" might end up in a map where "second" will come first when iterating on the entry set.
The order is necessary in some case where the request is signed off the body and/or the query parameters. When the order is not preserved, it is impossible to reconstruct the original request sent, unless using the Request::getInputStream which consumes the stream and makes subsequent calls to Request::getParameters to don't return the form parameters which can be misleading. The same behavior applied to query parameters, by using Request::getQueryString, you get the correct order but Request::getParameters will not.
Moreoever, if the application is behind a reverse proxy using Jetty that is proxying using Request::getParameters which consume the request InputStream, it will be completely impossible to reconstruct the original request.
* Added a test with parameter merging
Co-authored-by: Jacques-Etienne Beaudet <jebeaudet@gmail.com>
* Issue #7277 - Allow `Request.getLocalName()` and `.getLocalPort()` to be overridden (#7316)
* Introduce `HttpConfiguration.setServerAuthority(HostPort)`
to influence `ServletRequest.getServerName()` and `ServletRequest.getServerPort()`
* Introduce `HttpConfiguration.setLocalAddress(SocketAddress)`
to influence `ServletRequest.getLocalName()`, `ServletRequest.getLocalPort()`, and `ServletRequest.getLocalAddr()`
* Correcting Request URI logic on abs-uri without authority
* Adding test cases
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
- Moved ExecutionStrategy from ServerQuicConnection to QuicConnection.
For the server the produced task is declared as BLOCKING, but for the
client the produced task is NON_BLOCKING.
- Fixed race condition in QuicSession.process(...).
- Updated quic-quiche pom.xml.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
- Improved configuration of client and server.
- Started implementation of HttpClientTransportOverHTTP3.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Issue #7063 - Remove logging requirement from Password / Credential
+ Adding testcase for Password command line
+ Moved hex/string methods from TypeUtil to StringUtil
so that they can be reused in non-logging applications.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Simone Bordet
Lachlan
Joakim Erdfelt
Olivier Lamy
Ludovic Orban
Greg Wilkins
dependabot[bot]
Jan Bartel