* Now `HttpClient` removed the `Expect` header if there is no request content.
* Changed AbstractProxyServlet and ProxyHandler check for request content: now the Content-Type header is not taken into consideration.
* Now the server avoids sending the 100 Continue response if there is no request content.
* Now the request body is not defaulted if missing, but just kept null.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Changed ContentSender demand from iterate()+IDLE to succeeded()+SCHEDULED.
This ensures that there is no re-iteration in case a 100 Continue response arrives.
This, in turn, avoids that the demand is performed multiple times, causing ISE to be thrown.
* Changed the 100 Continue action of the proxy Servlet/Handler, that provides the request content, to be executed by the HttpSender, rather than by the HttpReceiver.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Issue #11495 - Add UriCompliance rules that follow the HTTP / URI / Servlet specs for illegal & suspicious characters
* more illegalPathCharacterData test cases
* Correcting SUSPICIOUS_PATH_CHARACTERS semantic (encoded and decoded)
* Check for illegal and suspicious characters as we are parsing the path.
* Only look for ambiguous paths if we know there are dots or encodings.
---------
Co-authored-by: gregw <gregw@webtide.com>
* Issue #11414 - use HttpURI instead of URIUtil to have a single point of spec behavior
* Issue #11414 - enforce lowercase scheme in HttpConfiguration.secureScheme
* Issue #11414 - Scheme produced on `Location` header is lowercase
* Issue #11414 - Scheme to lowercase
* Issue #11414 - Scheme to lowercase
* Revert change to HttpClient
* Added schema port knowledge to URIUtil
* Fixed tests for normalized URIs
* updates from review
* updates from review
* Fix tests
* Restored methods as deprecated
* More testing
---------
Co-authored-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Reworked the ServletChannel.handle() SEND_ERROR case.
Now using the proper state changes to call ErrorHandler.handle(), which is asynchronous, so that IllegalStateExceptions are avoided.
Restored idle timeout tests in ee9/ee10 AsyncMiddleManServletTest.
Fixed notification of request destroyed in ErrorHandler: must be before completing the callback, since listener may call Servlet APIs that should see the ServletChannel state before the ErrorHandler callback changes it.
Updated ServletChannelState.isAsync() and isAsyncStarted().
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Fixes#10234
* Introduced transient failures in reads where a failure chunk has last=false.
* Transient failure now do not fail the handler callback.
* Improve eeN ContentProducer to more carefully assert transient and terminal errors + enable HttpInputIntegrationTest
* Do not add connection: close to the response when the error is transient
* Rework ChunksContentSource to support null chunks
* Added tests to verify the new transient failure cases
* Review all code that handles failure, and handling correctly transient failure, either by making them fatal, and/or by failing Content.Source.
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
Signed-off-by: Olivier Lamy <olamy@apache.org>
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Ludovic Orban <lorban@bitronix.be>
Co-authored-by: Olivier Lamy <olamy@apache.org>
Co-authored-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Co-authored-by: Chad Wilson <chadw@thoughtworks.com>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
Improve handling of SSL metadata in ConnectionMetaData, proxied connections and forwarded requests
+ Added an Attributes.Synthetic mechanism to better (and mor commonly) handle additional attributes, whilst meeting the new TCK requirement that they can be deleted or replaced.
+ Made SslSessionData a reusable type provided by EndPoint
+ Added the EndPoint.Securable subtype that can provide a SslSessionData instance for secure EndPoints
+ Updated ForwardedRequestCustomizer, SecureRequestCustomizer to understand Securable and SslSessionData
+ Javadocs improvements.
+ Removed unnecessary attribute constants in SecureRequestCustomizer.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
---------
Signed-off-by: Olivier Lamy <olamy@apache.org>
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Olivier Lamy <olamy@apache.org>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
Introduced CompletableResponseListener, a replacement for FutureResponseListener that uses better APIs based on CompletableFuture.
Deprecated FutureResponseListener and replaced its usages.
Updated documentation.
Added tests for zipped request content.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Updating various old/moved URL references found across project (`jetty-10.0.x`) (#10098)
+ Now that the migration of `https://eclipse.org/jetty/` to `https://eclipse.dev/jetty/` has occurred, it is time to review the URI use in our project
+ Updated URLs in poms
+ Added more URIs to XmlConfiguration
+ Updated URLs in module files
+ Updated URLs in documentation
+ Updated URLs in HTML
+ Correcting bad double-scheme URLs (eg: `http://https://www.eclipse...`)
+ Updating text in *.mod files
+ Removing `/current/` from path `/jetty/documentation/current/`
+ Fixing mailing list URL
+ Fixing github URL references in jsps
---------
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Remove usage of instanceof Content.Chunk.Error
* Updated AsyncContent to accept a transient failures
* Updated AsyncContent to accept a transient failure with inputstream
* Deleted the Ut8fStringBuffer and Utf8Appendable classes in favour of just having Utf8StringBuilder
* Simplified the Utf8StringBuilder and CharsetStringBuilder APIs and improved their exception throwing.
* Allow for replacement characters without throwing
---------
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Signed-off-by: gregw <gregw@webtide.com>
Co-authored-by: Lachlan Roberts <lachlan@webtide.com>
Co-authored-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Removed requestlog attributes that were never used.
* Code cleanups to remove usage of deprecated methods.
* Using MavenPaths.findTestResource* in ee9/ee10 tests to allow ee8 translation to function
* Fixed ClientCertAuthenticatorTest in both ee9 and ee10.
* Removed deprecated ClientCertAuthenticator in both ee9 and ee10.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Introduced ResponseListeners to reduce per-request allocation.
* Removed ResponseNotifier in favor of ResponseListeners.
* Introduced RequestListeners to reduce the per-request allocation.
* Removed RequestNotifier in favor of RequestListeners.
* Removed unnecessary sharing of HttpRequest.requestListeners.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Olivier Lamy
Simone Bordet
Joakim Erdfelt
Ludovic Orban
Greg Wilkins
Steffen Nießing
Olivier Lamy