diff options
28 files changed, 487 insertions, 86 deletions
diff --git a/bundles/org.eclipse.equinox.http.jetty/src/org/eclipse/equinox/http/jetty/internal/HttpServerManager.java b/bundles/org.eclipse.equinox.http.jetty/src/org/eclipse/equinox/http/jetty/internal/HttpServerManager.java index 68f4fd307..0b8bad686 100644 --- a/bundles/org.eclipse.equinox.http.jetty/src/org/eclipse/equinox/http/jetty/internal/HttpServerManager.java +++ b/bundles/org.eclipse.equinox.http.jetty/src/org/eclipse/equinox/http/jetty/internal/HttpServerManager.java @@ -1,5 +1,5 @@ /******************************************************************************* - * Copyright (c) 2007, 2020 IBM Corporation and others. + * Copyright (c) 2007, 2021 IBM Corporation and others. * * This program and the accompanying materials * are made available under the terms of the Eclipse Public License 2.0 @@ -26,6 +26,7 @@ import javax.servlet.http.*; import org.eclipse.equinox.http.jetty.JettyConstants; import org.eclipse.equinox.http.jetty.JettyCustomizer; import org.eclipse.equinox.http.servlet.HttpServiceServlet; +import org.eclipse.jetty.http.HttpCompliance; import org.eclipse.jetty.server.*; import org.eclipse.jetty.server.session.HouseKeeper; import org.eclipse.jetty.server.session.SessionHandler; @@ -183,7 +184,7 @@ public class HttpServerManager implements ManagedServiceFactory { https_config.addCustomizer(new SecureRequestCustomizer()); // HTTPS connector - httpsConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(https_config)); //$NON-NLS-1$ + httpsConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(https_config, HttpCompliance.LEGACY)); //$NON-NLS-1$ httpsConnector.setPort(Details.getInt(dictionary, JettyConstants.HTTPS_PORT, 443)); httpsConnector.setHost(Details.getString(dictionary, JettyConstants.HTTPS_HOST, null)); } @@ -199,7 +200,7 @@ public class HttpServerManager implements ManagedServiceFactory { http_config.setSecurePort(Details.getInt(dictionary, JettyConstants.HTTPS_PORT, 443)); } // HTTP connector - httpConnector = new ServerConnector(server, new HttpConnectionFactory(http_config)); + httpConnector = new ServerConnector(server, new HttpConnectionFactory(http_config, HttpCompliance.LEGACY)); httpConnector.setPort(Details.getInt(dictionary, JettyConstants.HTTP_PORT, 80)); httpConnector.setHost(Details.getString(dictionary, JettyConstants.HTTP_HOST, null)); httpConnector.setIdleTimeout(DEFAULT_IDLE_TIMEOUT); diff --git a/bundles/org.eclipse.equinox.http.servlet.tests/META-INF/MANIFEST.MF b/bundles/org.eclipse.equinox.http.servlet.tests/META-INF/MANIFEST.MF index d4af11026..792e4007b 100644 --- a/bundles/org.eclipse.equinox.http.servlet.tests/META-INF/MANIFEST.MF +++ b/bundles/org.eclipse.equinox.http.servlet.tests/META-INF/MANIFEST.MF @@ -2,7 +2,7 @@ Manifest-Version: 1.0 Bundle-ManifestVersion: 2 Bundle-Name: org.eclipse.equinox.http.servlet.tests Bundle-SymbolicName: org.eclipse.equinox.http.servlet.tests -Bundle-Version: 1.6.300.qualifier +Bundle-Version: 1.6.301.qualifier Bundle-RequiredExecutionEnvironment: JavaSE-1.7 Eclipse-BundleShape: dir Require-Bundle: org.junit;bundle-version="4.0" diff --git a/bundles/org.eclipse.equinox.http.servlet.tests/pom.xml b/bundles/org.eclipse.equinox.http.servlet.tests/pom.xml index cd5ef8970..bd30126f9 100644 --- a/bundles/org.eclipse.equinox.http.servlet.tests/pom.xml +++ b/bundles/org.eclipse.equinox.http.servlet.tests/pom.xml @@ -19,7 +19,7 @@ </parent> <groupId>org.eclipse.equinox</groupId> <artifactId>org.eclipse.equinox.http.servlet.tests</artifactId> - <version>1.6.300-SNAPSHOT</version> + <version>1.6.301-SNAPSHOT</version> <packaging>eclipse-test-plugin</packaging> <build> diff --git a/bundles/org.eclipse.equinox.http.servlet.tests/src/org/eclipse/equinox/http/servlet/testbase/AllTests.java b/bundles/org.eclipse.equinox.http.servlet.tests/src/org/eclipse/equinox/http/servlet/testbase/AllTests.java index 64a3c7722..2f8c87f40 100644 --- a/bundles/org.eclipse.equinox.http.servlet.tests/src/org/eclipse/equinox/http/servlet/testbase/AllTests.java +++ b/bundles/org.eclipse.equinox.http.servlet.tests/src/org/eclipse/equinox/http/servlet/testbase/AllTests.java @@ -1,5 +1,5 @@ /******************************************************************************* - * Copyright (c) 2016, 2019 IBM Corporation and others. + * Copyright (c) 2016, 2020 IBM Corporation and others. * * This program and the accompanying materials * are made available under the terms of the Eclipse Public License 2.0 @@ -15,6 +15,11 @@ package org.eclipse.equinox.http.servlet.testbase; import org.eclipse.equinox.http.servlet.tests.AuthenticationTest; import org.eclipse.equinox.http.servlet.tests.Bug500783_Test; +import org.eclipse.equinox.http.servlet.tests.Bug562440_Test; +import org.eclipse.equinox.http.servlet.tests.Bug562843_2_Test; +import org.eclipse.equinox.http.servlet.tests.Bug562843_Test; +import org.eclipse.equinox.http.servlet.tests.Bug564747_Test; +import org.eclipse.equinox.http.servlet.tests.Bug569406_Test; import org.eclipse.equinox.http.servlet.tests.ContextHelperCustomizerTests; import org.eclipse.equinox.http.servlet.tests.DispatchingTest; import org.eclipse.equinox.http.servlet.tests.PreprocessorTestCase; @@ -96,7 +101,12 @@ import org.junit.runners.Suite.SuiteClasses; TestHttpServiceAndNamedServlet.class, TestUpload.class, ContextHelperCustomizerTests.class, - Bug500783_Test.class + Bug500783_Test.class, + Bug562843_Test.class, + Bug562843_2_Test.class, + Bug564747_Test.class, + Bug562440_Test.class, + Bug569406_Test.class }) public class AllTests { // see @SuiteClasses diff --git a/bundles/org.eclipse.equinox.http.servlet.tests/src/org/eclipse/equinox/http/servlet/tests/Bug562440_Test.java b/bundles/org.eclipse.equinox.http.servlet.tests/src/org/eclipse/equinox/http/servlet/tests/Bug562440_Test.java new file mode 100644 index 000000000..5308705e7 --- /dev/null +++ b/bundles/org.eclipse.equinox.http.servlet.tests/src/org/eclipse/equinox/http/servlet/tests/Bug562440_Test.java @@ -0,0 +1,105 @@ +/******************************************************************************* + * Copyright (c) 2020 IBM Corporation and others. + * + * This program and the accompanying materials + * are made available under the terms of the Eclipse Public License 2.0 + * which accompanies this distribution, and is available at + * https://www.eclipse.org/legal/epl-2.0/ + * + * SPDX-License-Identifier: EPL-2.0 + * + * Contributors: + * IBM Corporation - initial API and implementation + *******************************************************************************/ + +package org.eclipse.equinox.http.servlet.tests; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertTrue; + +import java.io.IOException; +import java.util.Dictionary; +import java.util.Hashtable; +import java.util.List; +import java.util.Map; +import java.util.concurrent.atomic.AtomicReference; + +import javax.servlet.Servlet; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.eclipse.equinox.http.servlet.testbase.BaseTest; +import org.junit.Test; +import org.osgi.service.http.whiteboard.HttpWhiteboardConstants; + +public class Bug562440_Test extends BaseTest { + + @Test + public void test_ServletGetStatus() throws Exception { + final AtomicReference<String> status = new AtomicReference<>(); + final AtomicReference<Boolean> error = new AtomicReference<>(false); + Servlet servlet = new HttpServlet() { + private static final long serialVersionUID = 1L; + + @Override + protected void doGet( + HttpServletRequest req, HttpServletResponse resp) throws IOException { + if (error.get()) { + resp.sendError(404); + } + status.set(Integer.toString(resp.getStatus())); + } + }; + + Dictionary<String, Object> props = new Hashtable<>(); + props.put(HttpWhiteboardConstants.HTTP_WHITEBOARD_SERVLET_NAME, "S1"); + props.put(HttpWhiteboardConstants.HTTP_WHITEBOARD_SERVLET_PATTERN, "/S1/*"); + registrations.add(getBundleContext().registerService(Servlet.class, servlet, props)); + + requestAdvisor.request("S1/a"); + + assertEquals("200", status.get()); + + error.set(true); + try { + requestAdvisor.request("S1/a"); + } catch (IOException e) { + assertEquals("404", status.get()); + } + } + + @Test + public void test_ServletFlushBuffer() throws Exception { + final AtomicReference<Boolean> flushBuffer = new AtomicReference<>(false); + Servlet servlet = new HttpServlet() { + private static final long serialVersionUID = 1L; + + @Override + protected void doGet( + HttpServletRequest req, HttpServletResponse resp) + throws IOException { + + resp.sendError(404, "NOT FOUND"); + if (flushBuffer.get()) { + resp.flushBuffer(); + } else { + resp.getOutputStream().flush(); + } + } + }; + + Dictionary<String, Object> props = new Hashtable<>(); + props.put(HttpWhiteboardConstants.HTTP_WHITEBOARD_SERVLET_NAME, "S1"); + props.put(HttpWhiteboardConstants.HTTP_WHITEBOARD_SERVLET_PATTERN, "/S1/*"); + registrations.add(getBundleContext().registerService(Servlet.class, servlet, props)); + + Map<String, List<String>> response = requestAdvisor.request("S1/a", null); + assertEquals("404", response.get("responseCode").get(0)); + + flushBuffer.set(true); + response = requestAdvisor.request("S1/a", null); + assertEquals("404", response.get("responseCode").get(0)); + assertTrue(response.get("responseBody").get(0).contains("NOT FOUND")); + } +} diff --git a/bundles/org.eclipse.equinox.http.servlet.tests/src/org/eclipse/equinox/http/servlet/tests/Bug562843_2_Test.java b/bundles/org.eclipse.equinox.http.servlet.tests/src/org/eclipse/equinox/http/servlet/tests/Bug562843_2_Test.java new file mode 100644 index 000000000..29cd10497 --- /dev/null +++ b/bundles/org.eclipse.equinox.http.servlet.tests/src/org/eclipse/equinox/http/servlet/tests/Bug562843_2_Test.java @@ -0,0 +1,83 @@ +package org.eclipse.equinox.http.servlet.tests; + +import java.io.IOException; +import java.io.PrintWriter; +import java.net.URLEncoder; +import java.util.Dictionary; +import java.util.Hashtable; +import java.util.concurrent.atomic.AtomicReference; + +import javax.servlet.Servlet; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.eclipse.equinox.http.servlet.testbase.BaseTest; +import org.junit.Assert; +import org.junit.Test; +import org.osgi.service.http.whiteboard.HttpWhiteboardConstants; + +public class Bug562843_2_Test extends BaseTest { + + @Test + public void test_Bug562843_testEncodedSpace() throws Exception { + final AtomicReference<String> requestURI = new AtomicReference<>(); + final AtomicReference<String> servletPath = new AtomicReference<>(); + final AtomicReference<String> pathInfo = new AtomicReference<>(); + Servlet servlet = new HttpServlet() { + private static final long serialVersionUID = 1L; + @Override + protected void doGet( + final HttpServletRequest req, final HttpServletResponse resp) + throws IOException { + requestURI.set(req.getRequestURI()); + servletPath.set(req.getServletPath()); + pathInfo.set(req.getPathInfo()); + PrintWriter writer = resp.getWriter(); + writer.write("OK"); + } + }; + Dictionary<String, Object> props = new Hashtable<>(); + props.put(HttpWhiteboardConstants.HTTP_WHITEBOARD_SERVLET_NAME, "Bug 562843"); + props.put(HttpWhiteboardConstants.HTTP_WHITEBOARD_SERVLET_PATTERN, "/Bug562843/*"); + registrations.add(getBundleContext().registerService(Servlet.class, servlet, props)); + String path = "Bug562843/" + URLEncoder.encode("topic .html", "UTF-8"); + String result = requestAdvisor.request(path); + Assert.assertEquals("OK", result); + Assert.assertEquals("/Bug562843/topic+.html", requestURI.get()); + Assert.assertEquals("/Bug562843", servletPath.get()); + Assert.assertEquals("/topic .html", pathInfo.get()); + } + + + @Test + public void test_Bug562843_testEncodedPercentSign() throws Exception { + final AtomicReference<String> requestURI = new AtomicReference<>(); + final AtomicReference<String> servletPath = new AtomicReference<>(); + final AtomicReference<String> pathInfo = new AtomicReference<>(); + Servlet servlet = new HttpServlet() { + private static final long serialVersionUID = 1L; + @Override + protected void doGet( + final HttpServletRequest req, final HttpServletResponse resp) + throws IOException { + requestURI.set(req.getRequestURI()); + servletPath.set(req.getServletPath()); + pathInfo.set(req.getPathInfo()); + PrintWriter writer = resp.getWriter(); + writer.write("OK"); + } + }; + Dictionary<String, Object> props = new Hashtable<>(); + props.put(HttpWhiteboardConstants.HTTP_WHITEBOARD_SERVLET_NAME, "Bug 562843"); + props.put(HttpWhiteboardConstants.HTTP_WHITEBOARD_SERVLET_PATTERN, "/Bug562843/*"); + registrations.add(getBundleContext().registerService(Servlet.class, servlet, props)); + String path = "Bug562843/" + URLEncoder.encode("topic%.html", "UTF-8"); + String result = requestAdvisor.request(path); + Assert.assertEquals("OK", result); + Assert.assertEquals("/Bug562843/topic%25.html", requestURI.get()); + Assert.assertEquals("/Bug562843", servletPath.get()); + Assert.assertEquals("/topic%.html", pathInfo.get()); + } + +} diff --git a/bundles/org.eclipse.equinox.http.servlet.tests/src/org/eclipse/equinox/http/servlet/tests/Bug562843_Test.java b/bundles/org.eclipse.equinox.http.servlet.tests/src/org/eclipse/equinox/http/servlet/tests/Bug562843_Test.java new file mode 100644 index 000000000..8cc2a8a11 --- /dev/null +++ b/bundles/org.eclipse.equinox.http.servlet.tests/src/org/eclipse/equinox/http/servlet/tests/Bug562843_Test.java @@ -0,0 +1,50 @@ +package org.eclipse.equinox.http.servlet.tests; + +import java.io.IOException; +import java.io.PrintWriter; +import java.util.Dictionary; +import java.util.Hashtable; +import java.util.concurrent.atomic.AtomicReference; + +import javax.servlet.Servlet; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.eclipse.equinox.http.servlet.testbase.BaseTest; +import org.junit.Assert; +import org.junit.Test; +import org.osgi.service.http.whiteboard.HttpWhiteboardConstants; + +public class Bug562843_Test extends BaseTest { + + @Test + public void test_Bug562843() throws Exception { + final AtomicReference<String> requestURI = new AtomicReference<>(); + final AtomicReference<String> servletPath = new AtomicReference<>(); + final AtomicReference<String> pathInfo = new AtomicReference<>(); + Servlet servlet = new HttpServlet() { + private static final long serialVersionUID = 1L; + @Override + protected void doGet( + final HttpServletRequest req, final HttpServletResponse resp) + throws IOException { + requestURI.set(req.getRequestURI()); + servletPath.set(req.getServletPath()); + pathInfo.set(req.getPathInfo()); + PrintWriter writer = resp.getWriter(); + writer.write("OK"); + } + }; + Dictionary<String, Object> props = new Hashtable<>(); + props.put(HttpWhiteboardConstants.HTTP_WHITEBOARD_SERVLET_NAME, "Bug 562843"); + props.put(HttpWhiteboardConstants.HTTP_WHITEBOARD_SERVLET_PATTERN, "/Bug 562843/*"); + registrations.add(getBundleContext().registerService(Servlet.class, servlet, props)); + String result = requestAdvisor.request("Bug%20562843/a%20b%20c"); + Assert.assertEquals("OK", result); + Assert.assertEquals("/Bug%20562843/a%20b%20c", requestURI.get()); + Assert.assertEquals("/Bug 562843", servletPath.get()); + Assert.assertEquals("/a b c", pathInfo.get()); + } + +} diff --git a/bundles/org.eclipse.equinox.http.servlet.tests/src/org/eclipse/equinox/http/servlet/tests/Bug564747_Test.java b/bundles/org.eclipse.equinox.http.servlet.tests/src/org/eclipse/equinox/http/servlet/tests/Bug564747_Test.java new file mode 100644 index 000000000..6c415af55 --- /dev/null +++ b/bundles/org.eclipse.equinox.http.servlet.tests/src/org/eclipse/equinox/http/servlet/tests/Bug564747_Test.java @@ -0,0 +1,76 @@ +/******************************************************************************* + * Copyright (c) 2020 IBM Corporation and others. + * + * This program and the accompanying materials + * are made available under the terms of the Eclipse Public License 2.0 + * which accompanies this distribution, and is available at + * https://www.eclipse.org/legal/epl-2.0/ + * + * SPDX-License-Identifier: EPL-2.0 + * + * Contributors: + * IBM Corporation - initial API and implementation + *******************************************************************************/ + +package org.eclipse.equinox.http.servlet.tests; + +import java.io.IOException; +import java.io.PrintWriter; +import java.util.Arrays; +import java.util.Dictionary; +import java.util.Hashtable; + +import javax.servlet.Servlet; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.eclipse.equinox.http.servlet.testbase.BaseTest; +import org.junit.Assert; +import org.junit.Test; +import org.osgi.service.http.whiteboard.HttpWhiteboardConstants; + +public class Bug564747_Test extends BaseTest { + + @Test + public void test() throws Exception { + Servlet servlet = new HttpServlet() { + private static final long serialVersionUID = 1L; + + @Override + protected void doGet( + HttpServletRequest req, HttpServletResponse resp) + throws IOException { + + PrintWriter writer = resp.getWriter(); + writer.write(req.getQueryString()); + writer.write("|"); + writer.write(String.valueOf(req.getParameter("p"))); + writer.write("|"); + writer.write(Arrays.toString(req.getParameterValues("p"))); + writer.write("|"); + writer.write(String.valueOf(req.getParameter("q"))); + writer.write("|"); + writer.write(Arrays.toString(req.getParameterValues("q"))); + writer.write("|"); + writer.write(String.valueOf(req.getParameter("r"))); + writer.write("|"); + writer.write(Arrays.toString(req.getParameterValues("r"))); + writer.write("|"); + writer.write(String.valueOf(req.getParameter("s"))); + writer.write("|"); + writer.write(Arrays.toString(req.getParameterValues("s"))); + } + }; + + Dictionary<String, Object> props = new Hashtable<>(); + props.put(HttpWhiteboardConstants.HTTP_WHITEBOARD_SERVLET_NAME, "S13"); + props.put(HttpWhiteboardConstants.HTTP_WHITEBOARD_SERVLET_PATTERN, "/Servlet13/*"); + registrations.add(getBundleContext().registerService(Servlet.class, servlet, props)); + + String result = requestAdvisor.request("Servlet13/a?p=&q=&q=2&r=3"); + + Assert.assertEquals("Wrong result: " + result, "p=&q=&q=2&r=3||[]||[, 2]|3|[3]|null|null", result); + } + +} diff --git a/bundles/org.eclipse.equinox.http.servlet.tests/src/org/eclipse/equinox/http/servlet/tests/Bug569406_Test.java b/bundles/org.eclipse.equinox.http.servlet.tests/src/org/eclipse/equinox/http/servlet/tests/Bug569406_Test.java new file mode 100644 index 000000000..cce183e53 --- /dev/null +++ b/bundles/org.eclipse.equinox.http.servlet.tests/src/org/eclipse/equinox/http/servlet/tests/Bug569406_Test.java @@ -0,0 +1,78 @@ +package org.eclipse.equinox.http.servlet.tests; + +import java.io.IOException; +import java.io.PrintWriter; +import java.util.Dictionary; +import java.util.Hashtable; +import java.util.concurrent.atomic.AtomicReference; + +import javax.servlet.Servlet; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.eclipse.equinox.http.servlet.testbase.BaseTest; +import org.junit.Assert; +import org.junit.Test; +import org.osgi.service.http.whiteboard.HttpWhiteboardConstants; + +public class Bug569406_Test extends BaseTest { + + @Test + public void test_Bug562843_Encode_Space() throws Exception { + final AtomicReference<String> requestURI = new AtomicReference<>(); + final AtomicReference<String> servletPath = new AtomicReference<>(); + final AtomicReference<String> pathInfo = new AtomicReference<>(); + Servlet servlet = new HttpServlet() { + private static final long serialVersionUID = 1L; + @Override + protected void doGet( + final HttpServletRequest req, final HttpServletResponse resp) + throws IOException { + requestURI.set(req.getRequestURI()); + servletPath.set(req.getServletPath()); + pathInfo.set(req.getPathInfo()); + PrintWriter writer = resp.getWriter(); + writer.write("OK"); + } + }; + Dictionary<String, Object> props = new Hashtable<>(); + props.put(HttpWhiteboardConstants.HTTP_WHITEBOARD_SERVLET_NAME, "Bug 562843"); + props.put(HttpWhiteboardConstants.HTTP_WHITEBOARD_SERVLET_PATTERN, "/Bug 562843/this pat/*"); + registrations.add(getBundleContext().registerService(Servlet.class, servlet, props)); + String result = requestAdvisor.request("Bug%20562843/this%20pat/a%20b%20c/d%20e%20f"); + Assert.assertEquals("OK", result); + Assert.assertEquals("/Bug%20562843/this%20pat/a%20b%20c/d%20e%20f", requestURI.get()); + Assert.assertEquals("/Bug 562843/this pat", servletPath.get()); + Assert.assertEquals("/a b c/d e f", pathInfo.get()); + } + + @Test + public void test_Bug562843_Encode_Slash() throws Exception { + final AtomicReference<String> requestURI = new AtomicReference<>(); + final AtomicReference<String> servletPath = new AtomicReference<>(); + final AtomicReference<String> pathInfo = new AtomicReference<>(); + Servlet servlet = new HttpServlet() { + private static final long serialVersionUID = 1L; + @Override + protected void doGet( + final HttpServletRequest req, final HttpServletResponse resp) + throws IOException { + requestURI.set(req.getRequestURI()); + servletPath.set(req.getServletPath()); + pathInfo.set(req.getPathInfo()); + PrintWriter writer = resp.getWriter(); + writer.write("OK"); + } + }; + Dictionary<String, Object> props = new Hashtable<>(); + props.put(HttpWhiteboardConstants.HTTP_WHITEBOARD_SERVLET_NAME, "Bug 562843"); + props.put(HttpWhiteboardConstants.HTTP_WHITEBOARD_SERVLET_PATTERN, "/Bug 562843/this pat/*"); + registrations.add(getBundleContext().registerService(Servlet.class, servlet, props)); + String result = requestAdvisor.request("Bug%20562843/this%20pat/aa%2Fb%2Fc/d%2Fe%2Ff"); + Assert.assertEquals("OK", result); + Assert.assertEquals("/Bug%20562843/this%20pat/aa%2Fb%2Fc/d%2Fe%2Ff", requestURI.get()); + Assert.assertEquals("/Bug 562843/this pat", servletPath.get()); + Assert.assertEquals("/aa/b/c/d/e/f", pathInfo.get()); + } +} diff --git a/bundles/org.eclipse.equinox.http.servlet.tests/src/org/eclipse/equinox/http/servlet/tests/util/ServletRequestAdvisor.java b/bundles/org.eclipse.equinox.http.servlet.tests/src/org/eclipse/equinox/http/servlet/tests/util/ServletRequestAdvisor.java index 453ad66c9..9fc74c6b8 100644 --- a/bundles/org.eclipse.equinox.http.servlet.tests/src/org/eclipse/equinox/http/servlet/tests/util/ServletRequestAdvisor.java +++ b/bundles/org.eclipse.equinox.http.servlet.tests/src/org/eclipse/equinox/http/servlet/tests/util/ServletRequestAdvisor.java @@ -235,11 +235,14 @@ public class ServletRequestAdvisor extends Object { } try { - map.put("responseBody", Arrays.asList(drain(stream))); - return map; + String drainedStream = drain(stream); + map.put("responseBody", Arrays.asList(drainedStream)); + } catch (IOException e){ + map.put("responseBody", Arrays.asList(e.getMessage())); } finally { stream.close(); } + return map; } public Map<String, List<String>> eventSource(String value, Map<String, List<String>> headers, final EventHandler handler) throws IOException { diff --git a/bundles/org.eclipse.equinox.http.servlet/META-INF/MANIFEST.MF b/bundles/org.eclipse.equinox.http.servlet/META-INF/MANIFEST.MF index f956008c0..6cdfda920 100644 --- a/bundles/org.eclipse.equinox.http.servlet/META-INF/MANIFEST.MF +++ b/bundles/org.eclipse.equinox.http.servlet/META-INF/MANIFEST.MF @@ -3,7 +3,7 @@ Bundle-ManifestVersion: 2 Bundle-Name: %bundleName Bundle-Vendor: %providerName Bundle-SymbolicName: org.eclipse.equinox.http.servlet -Bundle-Version: 1.6.400.qualifier +Bundle-Version: 1.6.401.qualifier Bundle-Activator: org.eclipse.equinox.http.servlet.internal.Activator Bundle-Localization: plugin Bundle-RequiredExecutionEnvironment: JavaSE-1.7 diff --git a/bundles/org.eclipse.equinox.http.servlet/pom.xml b/bundles/org.eclipse.equinox.http.servlet/pom.xml index beeadbc5e..e9fac42b5 100644 --- a/bundles/org.eclipse.equinox.http.servlet/pom.xml +++ b/bundles/org.eclipse.equinox.http.servlet/pom.xml @@ -20,6 +20,6 @@ </parent> <groupId>org.eclipse.equinox</groupId> <artifactId>org.eclipse.equinox.http.servlet</artifactId> - <version>1.6.400-SNAPSHOT</version> + <version>1.6.401-SNAPSHOT</version> <packaging>eclipse-plugin</packaging> </project> diff --git a/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/HttpServiceRuntimeImpl.java b/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/HttpServiceRuntimeImpl.java index 8d07030b8..f4d58671a 100644 --- a/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/HttpServiceRuntimeImpl.java +++ b/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/HttpServiceRuntimeImpl.java @@ -18,6 +18,9 @@ import static org.osgi.service.http.runtime.HttpServiceRuntimeConstants.HTTP_SER import static org.osgi.service.http.whiteboard.HttpWhiteboardConstants.*; import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.net.URLDecoder; +import java.nio.charset.StandardCharsets; import java.util.*; import java.util.Map.Entry; import java.util.concurrent.*; @@ -511,7 +514,7 @@ public class HttpServiceRuntimeImpl int pos = requestURI.lastIndexOf('/'); - String servletPath = requestURI; + String servletPath = decode(requestURI); String pathInfo = null; if (match == Match.CONTEXT_ROOT) { @@ -537,9 +540,9 @@ public class HttpServiceRuntimeImpl if (pos > -1) { String newServletPath = requestURI.substring(0, pos); - pathInfo = requestURI.substring(pos); - servletPath = newServletPath; - pos = servletPath.lastIndexOf('/'); + pathInfo = decode(requestURI.substring(pos)); + servletPath = decode(newServletPath); + pos = newServletPath.lastIndexOf('/'); continue; } @@ -1092,7 +1095,7 @@ public class HttpServiceRuntimeImpl sb.append("(objectClass=").append(HttpSessionListener.class.getName()).append(")"); //$NON-NLS-1$ //$NON-NLS-2$ sb.append("(objectClass=").append(HttpSessionAttributeListener.class.getName()).append(")"); //$NON-NLS-1$ //$NON-NLS-2$ if ((servletContext.getMajorVersion() >= 3) && (servletContext.getMinorVersion() > 0)) { - sb.append("(objectClass=").append(HttpSessionIdListener.class.getName()).append(")"); //$NON-NLS-1$ //$NON-NLS-2$ + sb.append("(objectClass=").append(HttpSessionIdListener.class.getName()).append(")"); //$NON-NLS-1$ //$NON-NLS-2$ } sb.append(")"); //$NON-NLS-1$ sb.append(")"); //$NON-NLS-1$ @@ -1281,6 +1284,15 @@ public class HttpServiceRuntimeImpl return semaphore; } + private String decode(String urlEncoded) { + try { + return URLDecoder.decode(urlEncoded, StandardCharsets.UTF_8.name()); + } + catch (UnsupportedEncodingException e) { + return urlEncoded; + } + } + private final Map<String, Object> attributes; private final String targetFilter; final ServiceRegistration<ServletContextHelper> defaultContextReg; diff --git a/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/context/DispatchTargets.java b/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/context/DispatchTargets.java index 14a1beb53..d29238420 100644 --- a/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/context/DispatchTargets.java +++ b/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/context/DispatchTargets.java @@ -1,5 +1,5 @@ /******************************************************************************* - * Copyright (c) 2014, 2016 Raymond Augé and others. + * Copyright (c) 2014, 2020 Raymond Augé and others. * * This program and the accompanying materials * are made available under the terms of the Eclipse Public License 2.0 @@ -221,7 +221,7 @@ public class DispatchTargets { if (values == null) { values = new String[0]; } - String value = ((index > 0) && (parameter.length() > index + 1)) ? URLDecoder.decode(parameter.substring(index + 1), Const.UTF8) : null; + String value = ((index > 0) && (parameter.length() > index + 1)) ? URLDecoder.decode(parameter.substring(index + 1), Const.UTF8) : ""; //$NON-NLS-1$ values = Params.append(values, value); parameterMap.put(name, values); } diff --git a/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/registration/ErrorPageRegistration.java b/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/registration/ErrorPageRegistration.java index d833b2b4b..f3b33a443 100644 --- a/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/registration/ErrorPageRegistration.java +++ b/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/registration/ErrorPageRegistration.java @@ -1,5 +1,5 @@ /******************************************************************************* - * Copyright (c) Feb. 1, 2019 Liferay, Inc. + * Copyright (c) 2019, 2020 Liferay, Inc. * * This program and the accompanying materials * are made available under the terms of the Eclipse Public License 2.0 @@ -57,11 +57,6 @@ public class ErrorPageRegistration extends EndpointRegistration<ExtendedErrorPag } @Override - public boolean needDecode() { - return false; - } - - @Override public String match( String name, String servletPath, String pathInfo, String extension, Match match) { diff --git a/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/registration/FilterRegistration.java b/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/registration/FilterRegistration.java index 491305aa4..1ace14f4d 100644 --- a/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/registration/FilterRegistration.java +++ b/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/registration/FilterRegistration.java @@ -1,5 +1,5 @@ /******************************************************************************* - * Copyright (c) 2011, 2019 IBM Corporation and others. + * Copyright (c) 2011, 2020 IBM Corporation and others. * * This program and the accompanying materials * are made available under the terms of the Eclipse Public License 2.0 @@ -41,7 +41,6 @@ public class FilterRegistration private final ContextController contextController; private final boolean initDestoyWithContextController; private final Pattern[] compiledRegexs; - private final boolean needDecode; public FilterRegistration( ServiceHolder<Filter> filterHolder, FilterDTO filterDTO, int priority, @@ -74,7 +73,6 @@ public class FilterRegistration } else { initDestoyWithContextController = true; } - needDecode = MatchableRegistration.patternsRequireDecode(filterDTO.patterns); } @Override @@ -281,9 +279,4 @@ public class FilterRegistration return patterns; } - @Override - public boolean needDecode() { - return needDecode; - } - } diff --git a/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/registration/MatchableRegistration.java b/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/registration/MatchableRegistration.java index 4fc27ff39..aef016add 100644 --- a/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/registration/MatchableRegistration.java +++ b/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/registration/MatchableRegistration.java @@ -1,5 +1,5 @@ /******************************************************************************* - * Copyright (c) 2014, 2019 Raymond Augé and others. + * Copyright (c) 2014, 2020 Raymond Augé and others. * * This program and the accompanying materials * are made available under the terms of the Eclipse Public License 2.0 @@ -14,9 +14,6 @@ package org.eclipse.equinox.http.servlet.internal.registration; -import java.io.UnsupportedEncodingException; -import java.net.URLDecoder; -import java.net.URLEncoder; import org.eclipse.equinox.http.servlet.internal.servlet.Match; import org.eclipse.equinox.http.servlet.internal.util.Const; import org.osgi.dto.DTO; @@ -31,8 +28,6 @@ public abstract class MatchableRegistration<T, D extends DTO> super(t, d); } - public abstract boolean needDecode(); - public abstract String match( String name, String servletPath, String pathInfo, String extension, Match match); @@ -59,14 +54,6 @@ public abstract class MatchableRegistration<T, D extends DTO> String pattern, String servletPath, String pathInfo, String extension, Match match) throws IllegalArgumentException { - if (needDecode()) { - try { - servletPath = URLDecoder.decode(servletPath, "UTF-8"); //$NON-NLS-1$ - } - catch (UnsupportedEncodingException e) { - // do nothing - } - } if (match == Match.EXACT) { return pattern.equals(servletPath); } @@ -108,19 +95,4 @@ public abstract class MatchableRegistration<T, D extends DTO> return false; } - - static boolean patternsRequireDecode(String[] patterns) { - for (String pattern : patterns) { - try { - String encode = URLEncoder.encode(pattern, "UTF-8"); //$NON-NLS-1$ - if (!encode.equals(pattern)) { - return true; - } - } - catch (UnsupportedEncodingException e) { - // do nothing - } - } - return false; - } } diff --git a/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/registration/ResourceRegistration.java b/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/registration/ResourceRegistration.java index 671f7d49f..557e86c03 100644 --- a/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/registration/ResourceRegistration.java +++ b/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/registration/ResourceRegistration.java @@ -1,5 +1,5 @@ /******************************************************************************* - * Copyright (c) 2014, 2019 Raymond Augé and others. + * Copyright (c) 2014, 2020 Raymond Augé and others. * * This program and the accompanying materials * are made available under the terms of the Eclipse Public License 2.0 @@ -34,7 +34,6 @@ public class ResourceRegistration extends EndpointRegistration<ResourceDTO> { this.serviceReference = serviceReference; name = servletHolder.get().getClass().getName().concat("#").concat(getD().prefix); //$NON-NLS-1$ - needDecode = MatchableRegistration.patternsRequireDecode(resourceDTO.patterns); } @Override @@ -57,12 +56,6 @@ public class ResourceRegistration extends EndpointRegistration<ResourceDTO> { return serviceReference; } - @Override - public boolean needDecode() { - return needDecode; - } - - private final boolean needDecode; private final String name; private final ServiceReference<?> serviceReference; diff --git a/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/registration/ServletRegistration.java b/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/registration/ServletRegistration.java index 761a39146..b40942dcb 100644 --- a/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/registration/ServletRegistration.java +++ b/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/registration/ServletRegistration.java @@ -1,5 +1,5 @@ /******************************************************************************* - * Copyright (c) 2005, 2019 Cognos Incorporated, IBM Corporation and others + * Copyright (c) 2005, 2020 Cognos Incorporated, IBM Corporation and others * * This program and the accompanying materials * are made available under the terms of the Eclipse Public License 2.0 @@ -66,7 +66,6 @@ public class ServletRegistration extends EndpointRegistration<ServletDTO> { else { multipartSupport = null; } - needDecode = MatchableRegistration.patternsRequireDecode(servletDTO.patterns); } @Override @@ -96,11 +95,6 @@ public class ServletRegistration extends EndpointRegistration<ServletDTO> { return multipartSupport.parseRequest(request); } - @Override - public boolean needDecode() { - return needDecode; - } - private final boolean needDecode; private final MultipartSupport multipartSupport; } diff --git a/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/servlet/HttpServletResponseWrapperImpl.java b/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/servlet/HttpServletResponseWrapperImpl.java index ede5cefe8..07b8cc320 100644 --- a/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/servlet/HttpServletResponseWrapperImpl.java +++ b/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/servlet/HttpServletResponseWrapperImpl.java @@ -48,6 +48,13 @@ public class HttpServletResponseWrapperImpl extends HttpServletResponseWrapper { @Override public int getStatus() { + if (status == -1) { + return super.getStatus(); + } + return status; + } + + public int getInternalStatus() { return status; } @@ -67,6 +74,15 @@ public class HttpServletResponseWrapperImpl extends HttpServletResponseWrapper { return writer; } + @Override + public void flushBuffer() throws IOException { + if (status != -1) { + HttpServletResponse wrappedResponse = (HttpServletResponse)this.getResponse(); + wrappedResponse.sendError(status, getMessage()); + } + super.flushBuffer(); + } + public boolean isCompleted() { return completed; } @@ -108,6 +124,10 @@ public class HttpServletResponseWrapperImpl extends HttpServletResponseWrapper { @Override public void flush() throws IOException { + if (getInternalStatus() != -1) { + HttpServletResponse wrappedResponse = (HttpServletResponse) HttpServletResponseWrapperImpl.this.getResponse(); + wrappedResponse.sendError(getInternalStatus(), getMessage()); + } originalOutputStream.flush(); } diff --git a/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/servlet/ResponseStateHandler.java b/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/servlet/ResponseStateHandler.java index 6c2c88dbb..149375a74 100644 --- a/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/servlet/ResponseStateHandler.java +++ b/bundles/org.eclipse.equinox.http.servlet/src/org/eclipse/equinox/http/servlet/internal/servlet/ResponseStateHandler.java @@ -296,7 +296,7 @@ public class ResponseStateHandler { throw new IllegalStateException("Can't locate response impl"); //$NON-NLS-1$ } - final int status = responseWrapper.getStatus(); + final int status = responseWrapper.getInternalStatus(); if (status < HttpServletResponse.SC_BAD_REQUEST) { return; @@ -310,8 +310,6 @@ public class ResponseStateHandler { HttpServletResponse wrappedResponse = (HttpServletResponse)responseWrapper.getResponse(); if (wrappedResponse.isCommitted()) { - // the response is committed already, but we need to propagate the error code anyway - wrappedResponse.sendError(status, responseWrapper.getMessage()); // There's nothing more we can do here. return; } diff --git a/features/org.eclipse.equinox.sdk/feature.xml b/features/org.eclipse.equinox.sdk/feature.xml index 9b3f6d7e8..a0b7ac446 100644 --- a/features/org.eclipse.equinox.sdk/feature.xml +++ b/features/org.eclipse.equinox.sdk/feature.xml @@ -2,7 +2,7 @@ <feature id="org.eclipse.equinox.sdk" label="%featureName" - version="3.20.100.qualifier" + version="3.20.101.qualifier" provider-name="%providerName" license-feature="org.eclipse.license" license-feature-version="0.0.0"> diff --git a/features/org.eclipse.equinox.sdk/pom.xml b/features/org.eclipse.equinox.sdk/pom.xml index e744c12e4..c9dfeaff0 100644 --- a/features/org.eclipse.equinox.sdk/pom.xml +++ b/features/org.eclipse.equinox.sdk/pom.xml @@ -19,6 +19,6 @@ </parent> <groupId>org.eclipse.equinox.feature</groupId> <artifactId>org.eclipse.equinox.sdk</artifactId> - <version>3.20.100-SNAPSHOT</version> + <version>3.20.101-SNAPSHOT</version> <packaging>eclipse-feature</packaging> </project> diff --git a/features/org.eclipse.equinox.server.jetty/feature.xml b/features/org.eclipse.equinox.server.jetty/feature.xml index 28d72bba2..e2ef4e497 100644 --- a/features/org.eclipse.equinox.server.jetty/feature.xml +++ b/features/org.eclipse.equinox.server.jetty/feature.xml @@ -2,7 +2,7 @@ <feature id="org.eclipse.equinox.server.jetty" label="%featureName" - version="1.10.200.qualifier" + version="1.10.203.qualifier" provider-name="%providerName" license-feature="org.eclipse.license" license-feature-version="0.0.0"> diff --git a/features/org.eclipse.equinox.server.jetty/forceQualifierUpdate.txt b/features/org.eclipse.equinox.server.jetty/forceQualifierUpdate.txt index 5e2c82884..d70364059 100644 --- a/features/org.eclipse.equinox.server.jetty/forceQualifierUpdate.txt +++ b/features/org.eclipse.equinox.server.jetty/forceQualifierUpdate.txt @@ -30,4 +30,8 @@ Bug 552395 - Update platform to Jetty 9.4.22 Bug 553238 - Unanticipated comparator errors in I20191119-1800 Bug 553363 - Update platform to Jetty 9.4.24 Bug 559005 - Update platform to Jetty 9.4.25 -Bug 559370 - Update platform to Jetty 9.4.26
\ No newline at end of file +Bug 559370 - Update platform to Jetty 9.4.26 +Bug 560655 - Update Jetty to 9.4.27 +Bug Bug 564984 (CVE-2019-17638) - CVE Request: Jetty Corrupt Response Buffer (Update to Jetty 9.4.31) +Bug 568292 - Update to Jetty 9.4.33 +Bug 569227 - Update to Jetty 9.4.35
\ No newline at end of file diff --git a/features/org.eclipse.equinox.server.jetty/pom.xml b/features/org.eclipse.equinox.server.jetty/pom.xml index ad2788522..19cabc356 100644 --- a/features/org.eclipse.equinox.server.jetty/pom.xml +++ b/features/org.eclipse.equinox.server.jetty/pom.xml @@ -19,6 +19,6 @@ </parent> <groupId>org.eclipse.equinox.feature</groupId> <artifactId>org.eclipse.equinox.server.jetty</artifactId> - <version>1.10.200-SNAPSHOT</version> + <version>1.10.203-SNAPSHOT</version> <packaging>eclipse-feature</packaging> </project> diff --git a/features/org.eclipse.equinox.serverside.sdk/feature.xml b/features/org.eclipse.equinox.serverside.sdk/feature.xml index 2aa11add6..0184f1726 100644 --- a/features/org.eclipse.equinox.serverside.sdk/feature.xml +++ b/features/org.eclipse.equinox.serverside.sdk/feature.xml @@ -2,7 +2,7 @@ <feature id="org.eclipse.equinox.serverside.sdk" label="%featureName" - version="3.19.200.qualifier" + version="3.19.201.qualifier" provider-name="%providerName" license-feature="org.eclipse.license" license-feature-version="0.0.0"> @@ -254,6 +254,20 @@ install-size="0" version="0.0.0" unpack="false"/> + + <plugin + id="org.eclipse.jetty.util.ajax" + download-size="0" + install-size="0" + version="0.0.0" + unpack="false"/> + + <plugin + id="org.eclipse.jetty.util.ajax.source" + download-size="0" + install-size="0" + version="0.0.0" + unpack="false"/> <plugin id="org.eclipse.equinox.jsp.jasper.registry" diff --git a/features/org.eclipse.equinox.serverside.sdk/pom.xml b/features/org.eclipse.equinox.serverside.sdk/pom.xml index 4e712c226..bcca8d2be 100644 --- a/features/org.eclipse.equinox.serverside.sdk/pom.xml +++ b/features/org.eclipse.equinox.serverside.sdk/pom.xml @@ -19,6 +19,6 @@ </parent> <groupId>org.eclipse.equinox.feature</groupId> <artifactId>org.eclipse.equinox.serverside.sdk</artifactId> - <version>3.19.200-SNAPSHOT</version> + <version>3.19.201-SNAPSHOT</version> <packaging>eclipse-feature</packaging> </project> |