* Fixes#9778 - Jetty 12 - Remove WriteFlusher.Listener.
This listener is not necessary anymore, as the min data rate checks have been moved to a StatisticsHandler.MinimumDataRateHandler.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Refactored length checks so that they are mostly performed once, rather than multiple times, during parsing.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Defaulted showStacks to false, to reduce false positives reported by penetration testing tools.
Deprecated ErrorHandler.badMessageError(), as it was not invoked anymore.
Implemented HttpStreamOverHTTP[2|3].onBadMessage() that was left as TODO.
Simplified the same code for HTTP/1.
Moved invocation of ComplianceViolation.Listener.onRequestEnd() to HandlerInvoker.completeStream().
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Deprecated idle(), acquired(), released() for removal.
Renamed removed(), now deprecated, to onRemoved() to match with onCreated().
Kept onCreated() and onRemoved() as they are the only methods that are not racy.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Fix#10805 zero dynamic table (#11445)
* Added test for #10805 Zero Dynamic Table
* fixed file header
* Added test for #10805 Zero Dynamic Table
* Fix for #10805 Zero Dynamic Table
Set the correct default size for the table.
Always send the max table size on the first encode
* updated file header
Signed-off-by: gregw <gregw@webtide.com>
---------
Signed-off-by: gregw <gregw@webtide.com>
* Added null guard.
* Avoid executing the event actions in case the response is either complete or (new change) terminated.
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
* Introduced oej.io.Transport as the abstraction for the low-level transport of high-level protocols.
Now protocols such as HTTP/1.1 or HTTP/2 can be transported over TCP, QUIC, Unix-Domain, memory, and possibly over other low-level custom protocols too.
* Introduced oej.client.Request.transport(Transport) to specify Transport for each request.
* Introduced Transport to [HTTP2Client|HTTP3Client].connect(...) methods.
* Introduced [Client|Server]QuicConfiguration so that it can be used in other Connectors such as MemoryConnector.
* Introduced oej.server.MemoryConnector and EndPoint.Pipe for memory communication between peers, along with a MemoryTransport.
* Introduced QuicTransport as a wrapper for other Transports, so that QUIC can now also be transported over memory.
* Improved javadocs and documentation.
* Removed usage of ClientConnector.forUnixDomain() from FastCGIProxyServlet (ee10 and ee9).
* Replaced usage of HTTP3ServerConnector with QuicServerConnector in jetty-http3.xml.
* Fixed handling of Instruction notifications in case of re-entrance.
Now first clear the list, then notify to avoid that when re-entering the same instruction is notified multiple times.
* Introduced ContentSourceRequestContent, and updated ProxyHandler to use it.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Now the calls to the upper layer produce tasks that are fed to the ExecutionFactory in HTTP2Connection.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
+ Introduce new events on `ComplianceViolation.Listener`
+ Introduce new `ComplianceViolation.Listener.initialize()` to allow for a new Listener at the appropriate time (to support per-request listeners)
+ Introduce new `ComplianceViolation.CapturingListener`
+ Introduce new `HttpConfiguration.(add/remove/get)ComplianceViolationListener()` methods.
+ Deprecate/Remove handling of `recordComplianceViolations` in `HttpConnection` and `HttpConnectionFactory` classes.
+ Produce warnings if use of `ComplianceViolation.Listener` as beans is still present.
+ Add `ComplianceViolation.Listener` support to `UriCompliance` locations.
+ Add `ComplianceViolation.Listener` support to `MultiPartCompliance` locations.
+ Add `ComplianceViolation.Listener` support to `CookieCompliance` locations.
+ Add `ComplianceViolation.Listener` support to `HttpCompliance` locations in HTTP/2 and HTTP/3
---------
Co-authored-by: gregw <gregw@webtide.com>
* Using @foo.version@ technique and proper
lib lists to allow arbitrary version
updates from properties
* Fix spotless
* Remove duplicate entries
* Only replace System property "jetty.version" with manifest-ver if blank/null
* Fixing bad module definitions
Now upon the second idle timeout, the connection is forcibly closed.
Fixed also similar problem in HTTP/3.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Introduced IteratingCallback.abort(Throwable) to serialize calls to onCompleteFailure().
* HttpSender now uses IC.abort() to serialize the abort of the request.
* Fixed HTTP/2 and HTTP/3 to dispatch the sending of the request to another thread, to free the reader thread that read the server preface.
* HTTP/1.1 does not need this, because just created connections do not need to read.
* Improved handling of request abort, as it can be from two sides: external and internal.
* Calling abort() instead of failed() for WebSocket flushers.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Removed duplicate handling from servlet. Now only handled in core in HttpChannelState and protected it from concurrent writes.
Added additional tests.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
The local/remote SocketAddress is cached within the ConnectionMetaData or Connection instance, so that any changes are not visible during the request lifetime.
Ensure that all server Connection types respect HttpConfiguration#getLocalAddress and that it is not implemented only in servlet layer
Avoid DNS resolution.
---------
Co-authored-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* The Pool is now a list of Holder instances, each with a WeakReference and a strong reference to an Entry.
* Removed thread-local cache from Pool.
* Avoid using deprecated ConcurrentPool constructors.
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Ludovic Orban <lorban@bitronix.be>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
Improve handling of SSL metadata in ConnectionMetaData, proxied connections and forwarded requests
+ Added an Attributes.Synthetic mechanism to better (and mor commonly) handle additional attributes, whilst meeting the new TCK requirement that they can be deleted or replaced.
+ Made SslSessionData a reusable type provided by EndPoint
+ Added the EndPoint.Securable subtype that can provide a SslSessionData instance for secure EndPoints
+ Updated ForwardedRequestCustomizer, SecureRequestCustomizer to understand Securable and SslSessionData
+ Javadocs improvements.
+ Removed unnecessary attribute constants in SecureRequestCustomizer.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
---------
Signed-off-by: Olivier Lamy <olamy@apache.org>
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Olivier Lamy <olamy@apache.org>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
Joakim Erdfelt
Simone Bordet
gregw
Ludovic Orban
Olivier Lamy