diff options
author | Raymond Auge | 2016-06-23 16:12:11 +0000 |
---|---|---|
committer | Raymond Auge | 2016-06-23 16:12:11 +0000 |
commit | d23bbf89565e8655c5380bea72b6344b5710b17f (patch) | |
tree | 4fcc6d6d060e5ae556b5902c8ab4563fa25f8ca2 | |
parent | fdbba6b12e904d3b6bb5992c5b34059127f95930 (diff) | |
download | rt.equinox.bundles-d23bbf89565e8655c5380bea72b6344b5710b17f.tar.gz rt.equinox.bundles-d23bbf89565e8655c5380bea72b6344b5710b17f.tar.xz rt.equinox.bundles-d23bbf89565e8655c5380bea72b6344b5710b17f.zip |
Bug 496669 - [http servlet] overridden special request attributes are not safely handled across app servers
Signed-off-by: Raymond Auge <raymond.auge@liferay.com>
2 files changed, 55 insertions, 12 deletions
diff --git a/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/context/DispatchTargets.java b/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/context/DispatchTargets.java index 9db1bbfff..903166f77 100644 --- a/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/context/DispatchTargets.java +++ b/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/context/DispatchTargets.java @@ -15,6 +15,7 @@ package org.eclipse.equinox.http.servlet.internal.context; import java.io.*; import java.net.URLDecoder; import java.util.*; +import java.util.concurrent.ConcurrentHashMap; import javax.servlet.*; import javax.servlet.http.*; import org.eclipse.equinox.http.servlet.internal.registration.EndpointRegistration; @@ -186,6 +187,10 @@ public class DispatchTargets { return endpointRegistration; } + public Map<String, Object> getSpecialOverides() { + return specialOverides; + } + public void setDispatcherType(DispatcherType dispatcherType) { this.dispatcherType = dispatcherType; } @@ -260,6 +265,7 @@ public class DispatchTargets { private final String requestURI; private final String servletPath; private final String servletName; + private final Map<String, Object> specialOverides = new ConcurrentHashMap<String, Object>(); private final String string; }
\ No newline at end of file diff --git a/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/servlet/HttpServletRequestWrapperImpl.java b/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/servlet/HttpServletRequestWrapperImpl.java index 1abe4efcb..6bcb869f4 100644 --- a/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/servlet/HttpServletRequestWrapperImpl.java +++ b/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/servlet/HttpServletRequestWrapperImpl.java @@ -152,6 +152,8 @@ public class HttpServletRequestWrapperImpl extends HttpServletRequestWrapper { public Object getAttribute(String attributeName) { DispatchTargets current = dispatchTargets.peek(); + Map<String, Object> specialOverides = current.getSpecialOverides(); + if (current.getDispatcherType() == DispatcherType.ERROR) { if ((Arrays.binarySearch(dispatcherAttributes, attributeName) > -1) && !attributeName.startsWith("javax.servlet.error.")) { //$NON-NLS-1$ @@ -164,8 +166,8 @@ public class HttpServletRequestWrapperImpl extends HttpServletRequestWrapper { if (current.getServletName() != null) { return null; } - if (super.getAttribute(RequestDispatcher.INCLUDE_CONTEXT_PATH) != null) { - return super.getAttribute(RequestDispatcher.INCLUDE_CONTEXT_PATH); + if (specialOverides.containsKey(RequestDispatcher.INCLUDE_CONTEXT_PATH)) { + return specialOverides.get(RequestDispatcher.INCLUDE_CONTEXT_PATH); } return current.getContextController().getContextPath(); } @@ -173,8 +175,8 @@ public class HttpServletRequestWrapperImpl extends HttpServletRequestWrapper { if (current.getServletName() != null) { return null; } - if (super.getAttribute(RequestDispatcher.INCLUDE_PATH_INFO) != null) { - return super.getAttribute(RequestDispatcher.INCLUDE_PATH_INFO); + if (specialOverides.containsKey(RequestDispatcher.INCLUDE_PATH_INFO)) { + return specialOverides.get(RequestDispatcher.INCLUDE_PATH_INFO); } return current.getPathInfo(); } @@ -182,8 +184,8 @@ public class HttpServletRequestWrapperImpl extends HttpServletRequestWrapper { if (current.getServletName() != null) { return null; } - if (super.getAttribute(RequestDispatcher.INCLUDE_QUERY_STRING) != null) { - return super.getAttribute(RequestDispatcher.INCLUDE_QUERY_STRING); + if (specialOverides.containsKey(RequestDispatcher.INCLUDE_QUERY_STRING)) { + return specialOverides.get(RequestDispatcher.INCLUDE_QUERY_STRING); } return current.getQueryString(); } @@ -191,8 +193,8 @@ public class HttpServletRequestWrapperImpl extends HttpServletRequestWrapper { if (current.getServletName() != null) { return null; } - if (super.getAttribute(RequestDispatcher.INCLUDE_REQUEST_URI) != null) { - return super.getAttribute(RequestDispatcher.INCLUDE_REQUEST_URI); + if (specialOverides.containsKey(RequestDispatcher.INCLUDE_REQUEST_URI)) { + return specialOverides.get(RequestDispatcher.INCLUDE_REQUEST_URI); } return current.getRequestURI(); } @@ -200,8 +202,8 @@ public class HttpServletRequestWrapperImpl extends HttpServletRequestWrapper { if (current.getServletName() != null) { return null; } - if (super.getAttribute(RequestDispatcher.INCLUDE_SERVLET_PATH) != null) { - return super.getAttribute(RequestDispatcher.INCLUDE_SERVLET_PATH); + if (specialOverides.containsKey(RequestDispatcher.INCLUDE_SERVLET_PATH)) { + return specialOverides.get(RequestDispatcher.INCLUDE_SERVLET_PATH); } return current.getServletPath(); } @@ -217,30 +219,45 @@ public class HttpServletRequestWrapperImpl extends HttpServletRequestWrapper { if (current.getServletName() != null) { return null; } + if (specialOverides.containsKey(RequestDispatcher.FORWARD_CONTEXT_PATH)) { + return specialOverides.get(RequestDispatcher.FORWARD_CONTEXT_PATH); + } return original.getContextController().getContextPath(); } else if (attributeName.equals(RequestDispatcher.FORWARD_PATH_INFO)) { if (current.getServletName() != null) { return null; } + if (specialOverides.containsKey(RequestDispatcher.FORWARD_PATH_INFO)) { + return specialOverides.get(RequestDispatcher.FORWARD_PATH_INFO); + } return original.getPathInfo(); } else if (attributeName.equals(RequestDispatcher.FORWARD_QUERY_STRING)) { if (current.getServletName() != null) { return null; } + if (specialOverides.containsKey(RequestDispatcher.FORWARD_QUERY_STRING)) { + return specialOverides.get(RequestDispatcher.FORWARD_QUERY_STRING); + } return original.getQueryString(); } else if (attributeName.equals(RequestDispatcher.FORWARD_REQUEST_URI)) { if (current.getServletName() != null) { return null; } + if (specialOverides.containsKey(RequestDispatcher.FORWARD_REQUEST_URI)) { + return specialOverides.get(RequestDispatcher.FORWARD_REQUEST_URI); + } return original.getRequestURI(); } else if (attributeName.equals(RequestDispatcher.FORWARD_SERVLET_PATH)) { if (current.getServletName() != null) { return null; } + if (specialOverides.containsKey(RequestDispatcher.FORWARD_SERVLET_PATH)) { + return specialOverides.get(RequestDispatcher.FORWARD_SERVLET_PATH); + } return original.getServletPath(); } @@ -313,7 +330,14 @@ public class HttpServletRequestWrapperImpl extends HttpServletRequestWrapper { } public void removeAttribute(String name) { - request.removeAttribute(name); + if (Arrays.binarySearch(dispatcherAttributes, name) > -1) { + DispatchTargets current = dispatchTargets.peek(); + + current.getSpecialOverides().remove(name); + } + else { + request.removeAttribute(name); + } EventListeners eventListeners = dispatchTargets.peek().getContextController().getEventListeners(); @@ -336,7 +360,20 @@ public class HttpServletRequestWrapperImpl extends HttpServletRequestWrapper { public void setAttribute(String name, Object value) { boolean added = (request.getAttribute(name) == null); - request.setAttribute(name, value); + + if (Arrays.binarySearch(dispatcherAttributes, name) > -1) { + DispatchTargets current = dispatchTargets.peek(); + + if (value == null) { + current.getSpecialOverides().remove(name); + } + else { + current.getSpecialOverides().put(name, value); + } + } + else { + request.setAttribute(name, value); + } EventListeners eventListeners = dispatchTargets.peek().getContextController().getEventListeners(); |