* Bumped the rate control rate from 50 events/s to 128.
* Added rate control for all CONTINUATION frames.
* Added rate control for invalid PUSH_PROMISE frames.
* Added rate control for RST_STREAM frames.
* Added rate control for all SETTINGS frames.
* Fixed growth of header block accumulation buffer.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Changed default implementation of Session.Listener.onNewStream() and Stream.Listener.onDataAvailable() to auto-discard DATA frames.
For normal cases, these methods are overridden and the application is in full control.
For test cases, these methods may not be overridden and the default implementation conveniently avoids buffer leaks.
Fixed flaky test RawHTTP2ProxyTest.testRawHTTP2Proxy() due to the bad assumption that the first DATA frame ends the stream (so an aggregator is needed), and a copy/paste error in ServerToProxyToClient while processing DATA frames.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Fixed test case that was racy.
When the DATA frames arrived at the server before the call to consumeAvailable(), they were read and the client flow control window re-opened.
If it happened that the DATA frames arrived at the server after the call to consumeAvailable(), the client flow control window was not re-opened, making the test flaky.
Fixed by avoiding the race in the test.
Added over-release buffer tracking, add leak tracking to H2 tests, fix client leaks in tests.
Also reviewed the places that required re-opening of the flow control window in case the DATA frames are not read.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
Co-authored-by: Ludovic Orban <lorban@bitronix.be>
* Changes the H2 semantic of `Stream.readData()` so that it is `readData()` that enlarges the flow control window, and not anymore the release of the `Stream.Data`.
This allows applications to buffer in memory by retaining the `Stream.Data` instances more than the H2 flow control window.
* Updated `FlowControlStrategyTest` after `Stream.readData()` semantic changes.
* Updated `DataDemandTest` after `Stream.readData()` semantic changes.
* Updated documentation.
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
Co-authored-by: gregw <gregw@webtide.com>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Ludovic Orban <lorban@bitronix.be>
Web functions are currently supported with servlets. These changes add/move utility classes to core to better support direct usage of core APIs
* increase usage of Charset in request
* Added flush mechanism to BufferedContentSink
* Changed default buffer size from 2 GB to 16 KB.
* Make max buffer size configurable.
* Introduce `BufferedContentSink` with all the buffering logic, doing only one buffer copy instead of two, starting with a small buffer and growing it if needed.
* Refactor `BufferedResponseHandler` to delegate all buffering work to `BufferedContentSink`
* Introduced `ByteBufferAggregator` to aggregate ByteBuffers into a single ByteBuffer.
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
Co-authored-by: gregw <gregw@webtide.com>
Reviewed the implementation of RewriteHandler, that was broken for those rules that were overriding `Rule.Handler.handle()`.
The problem was that the handling was not forwarded along the chain of rules, so only the last one was applied.
Now the wrapping at the constructor produces RH3(RH2(RH1(Request))), but the handling is performed from the innermost towards the outermost.
In this way, the order of rules is respected, both in the wrapping at rule application, and in the `Rule.Handler` handling.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Issue #10466 review session documentation.
Also fix session config context init param names and add missing code to
configure SessionHandler via context init params, and added test for
config.
Introduce `Utf8CharacterCodingException` and `Utf8IllegalArgumentException` as a substitutes for the removed `Utf8Appendable.NotUtf8Exception`.
* Updates from review
* Issue #10328 - Review ResourceFactory.newSystemResource
+ Create a new ResourceFactory.newClassLoaderResource(String, boolean)
+ Make .newSystemResource(String) use it
+ Make .newClassPathResource(String) use it
+ Deprecate .newSystemResource(String)
+ Deprecate .newClassPathResource(String)
+ Adjust own codebase to not use deprecated methods
* Using request.getLength() instead of looking up the Content-Length header.
* Jetty Handler vs Servlet pros.
* Using CompletableFuture (not Promise) in examples.
* Removed unused cruft from tests.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Address #10513 ContentSourceInputStream close by making it do a single read looking for EOF
If any content is skipped, then it is an abnormal close.
use Chunk.next in read
* Thread T1 may initialize HttpTester.Message that extends MutableHttpFields, so grabs the lock for the initialization of class MutableHttpFields.
* Thread T2 may initialize HttpFields, so grabs the lock for HttpFields and initializes field EMPTY, which calls new MutableHttpFields.
* To initialize MutableHttpFields, T1 must initialize HttpFields, but sees that its lock is taken and waits.
* To initialize HttpFields, T2 must create an instance and therefore initialize MutableHttpFields, but sees that its lock is taken and waits.
* Deadlock.
The solution is to use another class, EmptyHttpFields, to initialize HttpFields.EMPTY, so that there is no deadlock.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Improved parsing of JSESSIONID cookies and jsessionid parameters.
Better handling of invalid and duplicate session IDs
Co-authored-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Co-authored-by: Jan Bartel <janb@webtide.com>
* Issue #10500 - preserve request header quoting when accessed through JettyHttpExchangeDelegate
* improve test cases with quoted-pair feature in RFC
* add skip of value lists on specific headers known to not have value lists
* Remove URL usage
* Changes from review
* Refactored domain checks into overridable method.
* Added support for IPv6, and clarified domain checks.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Added SetCookieParser interface and RFC6265SetCookieParser implementation to properly parse Set-Cookie values.
* Removed hacky implementation in HttpClient.
* Removed unused methods in HttpCookieUtils.
* Using SetCookieParser for the implementation of newPushBuilder in ee9,ee10.
* Reworked HttpCookieStore.Default implementation.
* Implemented properly cookie path resolution.
* Using URI.getRawPath() to resolve cookie paths.
* Removed secure vs. non-secure scheme distinction when storing cookies.
* Refactored common code in HttpCookieStore.Default to avoid duplications.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Introduced QoSHandler.
* Updated documentation, and removed old documentation.
* Now using dynamic max priority.
The current implementation retains priorities and queue as they are created, but hopefully the priority range is constrained.
* Better algorithm for resuming: rather than releasing a permit and try to acquire it again, keep the permit and resume a request.
This also removes the issue that a request could have been suspended again, therefore remaining suspended much more than maxSuspend.
* Deprecated QoSFilters in ee10 and ee9.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Introduced CompletableResponseListener, a replacement for FutureResponseListener that uses better APIs based on CompletableFuture.
Deprecated FutureResponseListener and replaced its usages.
Updated documentation.
Added tests for zipped request content.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Now the log statement is only emitted when there is no matching setter method, but a mismatched one exists.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Implemented a simpler default environment algorithm where an application that does not specify an environment is always attempted in the default.
Updated documentation.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
Only fail request callback if a failure has not been otherwise notified.
Slight optimisation for failing idle timeouts by avoiding double lock.
Always create a failure if failing the callback.
Use the core response HttpFields directly as the ee9 response headers to avoid copy and retain persistent field behaviour.
Fix#10416 EE9 Response headers
Added EE9 test to show that Persistent fields can be modified
Updated fix for #10339 so that persistent fields revert to original values after a clear operation
* Added direct WebSocket upgrade in the Jetty core WebSocket APIs.
* Updated the WebSocket documentation.
* Optimized WebSocketMappings.getMatchedNegotiator() to avoid allocating a lambda for every invocation.
* Cleaned up core.server.WebSocketUpgradeHandler.
* Expanded websocket docs to mention how the demand mechanism works.
* Fixed code examples with correct demand handling.
* Javadocs for api.Callback.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Fully implement list iterator so that we can efficiently check for the last item in a multi header list.
---------
Signed-off-by: gregw <gregw@webtide.com>
Ludovic Orban
Olivier Lamy
Joakim Erdfelt
Lachlan Roberts
Simone Bordet
Greg Wilkins
Olivier Lamy
Jan Bartel