Eclipse/jetty.project
1
0
Fork 0
mirror of https://github.com/jetty/jetty.project.git synced 2025-02-24 00:17:18 +00:00
Code Issues Packages Projects Releases Wiki Activity
24,656 Commits 55 Branches 466 Tags
Commit Graph

5557 Commits

Author SHA1 Message Date
Jan Bartel
3caee26742
Jetty 10.0.x 7801 duplicate set session cookie (#7808) 
* Issue #7801 Duplicate set session cookie after id change.

Signed-off-by: Jan Bartel <janb@webtide.com>
 2022-06-08 10:15:24 +10:00
Joakim Erdfelt
944ce6354f
Fixing #7975 - ForwardedRequestCustomizer should clear old MethodHandles when renaming headers. (#8102) 
* Adding test case to prove report
* Fixing updateHandles() to clear the stored handles list.

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
 2022-06-02 14:17:26 -05:00
Joakim Erdfelt
2850db13e2
Fixes #7818 - Regression: allow HttpChannel.Listener.onResponseBegin to modify response headers (#7850) 
* allow HttpChannel.Listener.onResponseBegin to modify response headers

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
 2022-06-01 13:12:40 -05:00
Greg Wilkins
7a1c165677
Implement #8057 103 Early Hint (#8058) 
Co-authored-by: Ludovic Orban <lorban@bitronix.be>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
 2022-06-01 11:56:54 +10:00
Lachlan
94e40a93cc
Merge pull request #7983 from eclipse/jetty-10.0.x-1771-secureRedirectHandler 
Issue #1771 - add module for secure redirect
 2022-05-30 11:58:52 +10:00
Simone Bordet
d1e64f4693
Fixes #8014 - Review HttpRequest URI construction. (#8015) 
Fixes #8014 - Review HttpRequest URI construction.

Now always adding a "/" before the path, if not already present.
Disabled flakey HTTP/3 test.
Parse CONNECT URIs as Authority

Co-authored-by: Greg Wilkins <gregw@webtide.com>
 2022-05-26 18:13:17 +10:00
Lachlan Roberts
a61f1458e6 Merge remote-tracking branch 'origin/jetty-10.0.x' into jetty-10.0.x-legacyMultipartParser 2022-05-25 16:56:54 +10:00
Lachlan Roberts
ed122dfa3c update description in secure-redirect.mod 
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
 2022-05-25 15:22:08 +10:00
Lachlan Roberts
32ed6fab9c Issue #1771 - changes from review 
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
 2022-05-24 16:53:20 +10:00
Lachlan Roberts
365fa76db3 Issue #1771 - add module for secure redirect 
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
 2022-05-24 16:53:20 +10:00
Joakim Erdfelt
546c382255
Issue #7858 - GzipHandler request.isHandled support (#8013) 
* Better conditional logic in GzipHandler
* Correct test expectations
* Use super.handle() where appropriate

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
 2022-05-18 15:12:16 -05:00
Lachlan Roberts
f2e59a01b1 Add compliance mode for LEGACY multipart parser in Jetty 10+ 
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
 2022-05-17 10:58:12 +10:00
Lachlan
2093f3822e Add TRANSFER_ENCODING violation for MultiPart RFC7578 parser. (#7976) 
* Add TRANSFER_ENCODING violation for MultiPart RFC7578 parser.
* Ignore TRANSFER_ENCODING violation for 8bit and binary.

Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
 2022-05-12 15:51:53 +10:00
Lachlan
7a5ea2bac0
Merge pull request #7873 from eclipse/jetty-10.0.x-4414-gzipInflationExclusion 
Issue #4414 - add option to exclude paths from GzipHandler request inflation
 2022-05-09 15:58:19 +10:00
Joakim Erdfelt
fcd0222d2c
Issue #7837 - fix compilation error 
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
 2022-05-04 06:59:17 -05:00
Lachlan Roberts
39c478461b Fix StatisticsHandler in the case a Handler throws exception. 
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
 2022-05-04 16:01:40 +10:00
Greg Wilkins
75f5cc68e4
Fixed flaky ssl fullMethod test (#7896) 
* Fixed flaky test
 2022-05-01 09:05:09 +02:00
Padraic Renaghan
1369693a99 Fix #7929 requestlog format string commented default 
Signed-off-by: Padraic Renaghan <padraic@renaghan.com>
 2022-04-27 18:40:07 -04:00
Greg Wilkins
efd9f26024
Fix #7891 regex pathInfo (#7892) 
Fix 7891 regex pathInfo

+ Use the pathSpec methods to set servletPath and pathInfo when possible

Signed-off-by: Greg Wilkins <gregw@webtide.com>
 2022-04-25 08:30:31 +02:00
Lachlan Roberts
5c760ae5a3 Issue #4414 - add option to exclude paths from GzipHandler request inflation. 
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
 2022-04-12 14:53:53 +10:00
markslater
8bcb842fbb
#7863 Include value of first accept-encoding header where multiple accept-encoding headers are given. (#7864) 
Signed-off-by: markslater <mark.slater@mail.com>
 2022-04-11 10:09:18 -05:00
Joakim Erdfelt
16420f0181
Set version to 10.0.10-SNAPSHOT (#7823) 
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
 2022-04-03 20:33:44 +10:00
Joakim Erdfelt
f079949a35
Merge Release 10.0.9 (#7821) 
* Updating to version 10.0.9

* Updating to version 10.0.10
 2022-04-02 08:43:44 -05:00
jiang-cao
5117a58974
Fixes #7688 - Read data to native memory from HttpInput 
Added `HttpInput.read(ByteBuffer buffer)`, so that applications can provide a native memory mapped `ByteBuffer` to read into.
 2022-03-25 17:57:52 +01:00
Jaroslaw Rzeszotko
a35719367b
Issue #7683 - Use direct buffers for gzip input/output, if configured. 
Use direct buffers for gzip input/output, if configured.
Code cleanups.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2022-03-24 17:59:49 +01:00
Greg Wilkins
e0788ab056
Fix #7615 encode relative URIs (#7765) 
* Fix #7615 encode relative URIs

cherry-picked from 9c30caf2478ba144ec6a61e7c2a4da791963ce9d

Signed-off-by: Greg Wilkins <gregw@webtide.com>

* Fix #7615 encode relative URIs

fixed checkstyle

Signed-off-by: Greg Wilkins <gregw@webtide.com>
 2022-03-22 13:45:27 -05:00
Joakim Erdfelt
ae5c8e34e7
Issue #7617 - RequestLog content params extraction prevention (#7618) 2022-03-22 10:02:32 -05:00
Greg Wilkins
cab9945430
Issue #7748 - allow override of path mapping behavior in ServletContextHandler (#7614) 
Added protected method to ServletHandler to allow other servlet mappings (eg regex) in embedded/extended usage

Signed-off-by: Greg Wilkins <gregw@webtide.com>
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
 2022-03-22 09:48:09 +01:00
Lachlan Roberts
1d539c74c5 Merge remote-tracking branch 'origin/jetty-10.0.x' into jetty-10.0.x-well-known-listing 2022-02-22 17:13:28 +11:00
Lachlan Roberts
90f7d97dd2 PR #7544 - changes from review 
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
 2022-02-22 17:12:33 +11:00
Jan Bartel
0b33877040
Issue #7344 - wait for forked jetty process (#7374) 
* Issue #7344 Make plugin wait for forked jetty process to stop

Signed-off-by: Jan Bartel <janb@webtide.com>
 2022-02-21 13:45:54 +01:00
Lachlan
533f2b1b56
Merge pull request #7576 from eclipse/jetty-10.0.x-7567-MultiPartGzip 
Issue #7567 - don't compare params when checking MIME type for GzipHandler
 2022-02-17 09:07:38 +11:00
Joakim Erdfelt
f2e9680431
Honor parameters order when parsing query and form parameters (#7599) (#7605) 
* Honor parameters order when parsing query and form parameters

When parsing the query or form parameters in Request, the values are stored in a MultiMap. This class extends HashMap which does not preserve the order of insertion so a request with parameters "first=1&second=2" might end up in a map where "second" will come first when iterating on the entry set. 

The order is necessary in some case where the request is signed off the body and/or the query parameters. When the order is not preserved, it is impossible to reconstruct the original request sent, unless using the Request::getInputStream which consumes the stream and makes subsequent calls to Request::getParameters to don't return the form parameters which can be misleading. The same behavior applied to query parameters, by using Request::getQueryString, you get the correct order but Request::getParameters will not.

Moreoever, if the application is behind a reverse proxy using Jetty that is proxying using Request::getParameters which consume the request InputStream, it will be completely impossible to reconstruct the original request.

* Added a test with parameter merging

Co-authored-by: Jacques-Etienne Beaudet <jebeaudet@gmail.com>
 2022-02-16 11:34:30 -06:00
Joakim Erdfelt
292d6cda9f
Issue #7572 - make legit test exception less noisy (#7596) 2022-02-16 04:54:30 -06:00
Lachlan Roberts
21ec2f072f Issue #7567 - don't need to convert to lowercase with a AsciiLowerCaseSet 
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
 2022-02-14 12:23:55 +11:00
Lachlan Roberts
0aa307db64 Issue #7567 - don't compare params when checking MIME type for GzipHandler 
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
 2022-02-14 12:13:14 +11:00
Lachlan Roberts
16b070db01 Add option to allow well-known directories to be listed. 
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
 2022-02-08 11:27:00 +11:00
Simone Bordet
a4fda96f49
Updating to version 10.0.9-SNAPSHOT 2022-02-07 12:02:02 +01:00
Simone Bordet
716c7afd8e
Updating to version 10.0.8 2022-02-07 11:34:12 +01:00
Simone Bordet
9181457013
Updated copyright years. 
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2022-01-27 18:20:41 +01:00
Dell Green
fba2ef09e9
Issue #6282 - Allow SecuredRedirectHandler status code to be configurable (#7441) 
Signed-off-by: Dell Green <dell.green@ideaworks.co.uk>
 2022-01-27 10:50:38 -06:00
Joakim Erdfelt
cb127793e5
Happy New Year 2022 (#7459) 
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
 2022-01-27 10:42:30 -06:00
mszabo-wikia
fd2407c72f
Clarify that requestHeaderSize is a cumulative limit (#7417) 
* Clarify that requestHeaderSize is a cumulative limit

HttpConfiguration documents the requestHeaderSize configuration option
as being a limit on the size of a single request header, but it is in
fact a limit on the cumulative size of all request headers as well as
the request URI. This patch updates the documentation accordingly, and
adds test cases for the HTTP/1.x and HTTP/2 parsers to verify the
behavior.

NB.: the HTTP/3 parser and configuration seem to correctly document this
option as being a global limit on header size.

* Improve requestHeaderSize tests and documentation per review

Signed-off-by: Máté Szabó <mszabo@wikia-inc.com>
 2022-01-19 11:56:27 -06:00
Jan Bartel
0613818c5e
Issue #7375 Request scoped sessions (#7390) 
Signed-off-by: Jan Bartel <janb@webtide.com>
 2022-01-14 15:39:38 +11:00
Ludovic Orban
f0810c0fa4 #7281 review test suite to improve code coverage 
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
 2022-01-13 15:06:32 +01:00
Ludovic Orban
09c1b06399 #7281 add special case for zero-length content 
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
 2022-01-13 15:06:32 +01:00
Ludovic Orban
5a551a832b #7281 check that at least one byte of raw content is consumed by the interceptor and clarify its javadoc 
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
 2022-01-13 15:06:32 +01:00
Ludovic Orban
0fb3079c90 #7281 improve isSpecial javadoc 
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
 2022-01-13 15:06:32 +01:00
Ludovic Orban
5cad97e134 #7281 rewrite nextTransformedContent 
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
 2022-01-13 15:06:32 +01:00
Ludovic Orban
1682265a00 #7281 add more tests and fix shortcomings 
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
 2022-01-13 15:06:32 +01:00