f045b5a3ba
Issue #6473 - Improve alias checking in PathResource. ( #6477 )
...
* Issue #6473 - Improve alias checking in PathResource.
* Reverted %-escape handling for URI query parts.
* Performing canonicalization in ServletContext.getResource(),
and improving alias checking in ContextHandler.getResource().
* Performing canonicalization checks in Resource.addPath() to avoid
navigation above of the root.
* Test added and fixed.
* Various cleanups.
* Improved javadoc and comments
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Greg Wilkins <gregw@webtide.com>
2021-06-29 15:40:45 +02:00
16d8b239cf
#6455 disable MaxDuration mechanism in testConnectionMaxUsage as it clashes with the test's assertions
...
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2021-06-28 11:01:17 +02:00
122a78aafc
Issue #6473 - canonicalPath refactor & fix alias check in PathResource ( #6474 )
...
Reduce multiple canonicalPath calls with single alias check in PathResource
Revert to decoding and the normalizing URLs so that subsequent canonicalPath calls are noops.
Co-authored-by: Lachlan Roberts <lachlan@webtide.com>
2021-06-28 17:10:11 +10:00
a02ade7709
Merge pull request #6456 from eclipse/jetty-9.4.x-6383-FileBufferedResponseHandler
...
Merge fix to BufferedResponseHandlerTest to 9.4.x
2021-06-28 10:52:46 +10:00
a3effb19c4
Issue #6447 - Deprecate support for UTF16 encoding in URIs ( #6467 )
...
- Merge from PR #6457 .
- Also brought some other ComplianceModes back to disable ambiguous empty segments, and ambiguous encodings.
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-06-24 17:16:56 +10:00
97b52e4e23
Merge pull request #6462 from eclipse/jetty-9.4.x-documentationFix
...
fix documentation format in community.adoc
2021-06-23 22:50:29 +10:00
4289716807
fix documentation format in community.adoc
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-06-23 15:02:25 +10:00
152217a939
Merge pull request #6459 from eclipse/jetty-9.4.x-remove-irc
...
Fix #6442 Remove IRC
2021-06-23 15:00:01 +10:00
7f0b69a9d5
Issue #6426 Upgrade to spifly 1.3.3 ( #6449 ) ( #6458 )
...
Signed-off-by: Jan Bartel <janb@webtide.com>
2021-06-23 08:43:51 +10:00
7fde68d1d1
Update community.adoc
2021-06-22 17:14:59 +10:00
678af90623
Fix #6442 Remove IRC
...
Fix #6442 Remove IRC from contributing documentation
2021-06-22 16:45:43 +10:00
e14047839d
Issue #6383 - Make FileBufferedInterceptor package private
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-06-22 10:03:57 +10:00
c490a10621
Issue #6383 - Fix flaky test FileBufferedResponseHandlerTest
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-06-22 10:03:08 +10:00
52a72eea85
Issue #6425 Upgrade to asm 9.1 ( #6439 ) ( #6448 )
...
Signed-off-by: Jan Bartel <janb@webtide.com>
2021-06-22 09:46:29 +10:00
734d3b672c
Fixes #6382 - HttpClient TimeoutException message reports transient values.
...
Now using consistently HttpConversation.getTimeout() to report the accurate value.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-06-21 17:10:47 +02:00
738d3a9f80
Merge pull request #6420 from eclipse/jetty-9.4.x-minidev-version-bump
...
Bump (test scoped) net.minidev:json-smart version from 2.3 to 2.4.7
2021-06-17 07:44:45 -05:00
265886543f
QueuedThreadPool always interrupts threads in doStop
...
Fix #6400 QueuedThreadPool always interrupts threads in stop
Even if there is no timeout, always interrupt pool threads to attempt to stop them.
+ Refactored exit condition for Runner main loop to make it clearer that it always checks running status
+ More comments to explain counts
+ Fixed inner loop of ReservedThread to ensure it always checks running status
+ Adjusted timing of the test to make it less flakey. Still a worry!
2021-06-17 07:54:21 +10:00
b30fee93d5
Bump (test scoped) net.minidev:json-smart version from 2.3 to 2.4.7 due to security alert.
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-06-16 16:23:14 -05:00
f19b6fa5a3
#6379 : requeue at the tail to reduce contention + use a simpler concurrent queue implementation
...
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2021-06-10 12:54:58 +02:00
6ccf9b98de
Merge pull request #6378 from eclipse/jetty-9.4.x-CVE-2021-28169
...
Update VERSION.txt with CVE number. (Jetty-9.4)
2021-06-10 11:36:59 +10:00
0530c73877
Update VERSION.txt with CVE number.
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-06-09 16:05:14 +10:00
5c130e400a
Updating to version 9.4.43-SNAPSHOT
2021-06-04 12:49:12 -05:00
5cd5e6d237
Updating to version 9.4.42.v20210604
2021-06-04 12:24:37 -05:00
9b6b95601d
Fixes #6330 - CustomRequestLog is missing HTTP version format option. ( #6361 )
...
Improved javadocs for %H.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-06-04 16:12:10 +02:00
40a9fa7995
Explain EatWhatYouKill naming ( #6342 )
...
Explained EatWhatYouKill naming.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
2021-06-04 15:13:21 +02:00
2e7d17400f
Fixes #6323 - HttpClient requests with redirects gets stuck/never cal… ( #6334 )
...
Fixes #6323 - HttpClient requests with redirects gets stuck/never calls onComplete()
* Reworked the total timeout handling.
* Now a CyclicTimeouts handles the exchanges in each HttpDestination,
and a CyclicTimeouts handles the exchanges in each HttpConnection
(rather than in HttpChannel).
* Now adjusting the total timeout for copied requests generated by
redirects and authentication.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-06-03 15:20:42 +02:00
f902d12fe8
Fixes #5931 - SslConnection should implement getBytesIn()/getBytesOut(). ( #6335 )
...
* Fixes #5931 - SslConnection should implement getBytesIn()/getBytesOut().
Updated ConnectionStatistics to report both the stats of all connections,
and the stats grouped by connection class.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-06-03 11:57:10 +02:00
121d8c27ef
Merge pull request #6325 from eclipse/jetty-9.4.x-6287-WebSocketClientClassLoading
...
Issue #6287 - fix classloading for WebSocketClient in webapp
2021-06-03 15:22:05 +10:00
76f516263e
Issue #6118 Warn if hazelcast cfg file is missing SessionDataSerializer ( #6321 ) ( #6345 )
...
* Issue #6118 Warn if hazelcast cfg file is missing SessionDataSerializer
Signed-off-by: Jan Bartel <janb@webtide.com>
2021-06-03 11:34:23 +10:00
8f0bb8149c
align names with jetty-10
...
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2021-05-29 11:36:40 +10:00
01c35feb49
do not trim surefire stack trace
...
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2021-05-29 11:36:40 +10:00
44bc0e80c0
add null check
...
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2021-05-29 11:36:40 +10:00
20b618d3ac
add more add-opens to fix java 16 tests
...
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2021-05-29 11:36:40 +10:00
59441bde87
add-opens for jdk16
...
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2021-05-29 11:36:40 +10:00
b5833acf0f
add-opens for jdk16
...
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2021-05-29 11:36:40 +10:00
29c534daca
add-opens to fix infinispan with java16
...
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2021-05-29 11:36:40 +10:00
fc2b666ad0
Updated CI builds to use Java 16.
...
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-05-29 11:36:40 +10:00
b90ac0ccae
Merge pull request #6308 from eclipse/jetty-9.4.x-MessageInputStreamBuffers
...
Ensure buffers are returned to pool by MessageInputStream
2021-05-28 11:28:50 +10:00
c2c5ec406f
Issue #5684 Re-enable ValidUrlRuleTest.test(In)ValidShamrock ( #6316 ) ( #6320 )
...
Signed-off-by: Jan Bartel <janb@webtide.com>
2021-05-27 13:06:03 +10:00
cabb49a349
Release MessageInputStream buffer directly after it is fully consumed.
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-05-26 15:57:30 +10:00
816b326373
Issue #6287 - fix classloading for WebSocketClient in webapp
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-05-26 14:31:33 +10:00
5a5c0114a4
Issue #6287 - test classloader for WebSocketClient within webapp
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-05-26 10:47:31 +10:00
a5bd1ced8d
Issue #6138 Fix flakey DuplicateCookieTest ( #6307 ) ( #6315 )
...
* Issue #6138 Fix flakey DuplicateCookieTest
Signed-off-by: Jan Bartel <janb@webtide.com>
2021-05-25 11:12:57 +10:00
6f148bb057
Issue #6268 Log max form size exceeded msg. ( #6301 )
...
* Issue #6268 Log max form size exceeded msg.
Signed-off-by: Jan Bartel <janb@webtide.com>
2021-05-25 10:00:34 +10:00
487e4e4f36
Issue #6309 remove duplicate commented out session test ( #6310 ) ( #6318 )
...
Signed-off-by: Jan Bartel <janb@webtide.com>
2021-05-25 09:57:59 +10:00
04df6d4ec2
Fixes #6276 - Support non-standard domains in SNI and X509. ( #6296 )
...
* Fixes #6276 - Support non-standard domains in SNI and X509.
Backported support for IP addresses in X509 (from #5379 ).
Introduced SslContextFactory.Client.SniProvider to allow applications to specify the SNI names to send to the server.
Improved logging of SNI processing.
Skip X509 matching over IP addresses when the host does
not look like an IP address, to avoid reverse DNS lookup.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-05-21 19:02:43 +02:00
90d90cb8f5
add jetty-9.4.41.v20210516 infos in VERSION.TXT ( #6300 )
...
* add jetty-9.4.41.v20210516 infos in VERSION.TXT
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
* add missing issue #6280
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2021-05-21 12:12:15 +10:00
ea51ba43c9
Ensure buffers are returned to pool by MessageInputStream
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-05-21 10:59:12 +10:00
fabfa3832e
Issue #6291 Fix FileSessionDataStoreTest.testCleanOrphans ( #6292 ) ( #6299 )
...
Signed-off-by: Jan Bartel <janb@webtide.com>
2021-05-20 10:31:00 +10:00
e69dff237d
fix maven warning with duplicate plugin declaration ( #6298 )
...
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2021-05-19 20:28:39 +10:00
Simone Bordet
Ludovic Orban
Greg Wilkins
Lachlan
Jan Bartel
Joakim Erdfelt
olivier lamy