November 2007 - jbossweb-commits - Jboss List Archives

JBossWeb SVN: r356 - trunk/java/org/apache/catalina/core.

by jbossweb-commits＠lists.jboss.org

Author: remy.maucherat(a)jboss.com Date: 2007-11-29 11:10:02 -0500 (Thu, 29 Nov 2007) New Revision: 356 Modified: trunk/java/org/apache/catalina/core/StandardContext.java Log: - Expose filesystem flag, just in case it becomes needed. Modified: trunk/java/org/apache/catalina/core/StandardContext.java =================================================================== --- trunk/java/org/apache/catalina/core/StandardContext.java 2007-11-28 17:03:09 UTC (rev 355) +++ trunk/java/org/apache/catalina/core/StandardContext.java 2007-11-29 16:10:02 UTC (rev 356) @@ -854,6 +854,16 @@ /** + * Force setting if filesystem based. + */ + public void setFilesystemBased(boolean filesystemBased) { + + this.filesystemBased = filesystemBased; + + } + + + /** * Return the set of initialized application event listener objects, * in the order they were specified in the web application deployment * descriptor, for this application.

17 years

1
0
0 / 0

JBossWeb SVN: r355 - trunk/java/org/apache/catalina/authenticator.

by jbossweb-commits＠lists.jboss.org

Author: remy.maucherat(a)jboss.com Date: 2007-11-28 12:03:09 -0500 (Wed, 28 Nov 2007) New Revision: 355 Modified: trunk/java/org/apache/catalina/authenticator/SingleSignOn.java Log: - For no logical technical reason, update is now public. Modified: trunk/java/org/apache/catalina/authenticator/SingleSignOn.java =================================================================== --- trunk/java/org/apache/catalina/authenticator/SingleSignOn.java 2007-11-27 16:36:27 UTC (rev 354) +++ trunk/java/org/apache/catalina/authenticator/SingleSignOn.java 2007-11-28 17:03:09 UTC (rev 355) @@ -605,7 +605,7 @@ * @param username the username (if any) used for the authentication * @param password the password (if any) used for the authentication */ - protected void update(String ssoId, Principal principal, String authType, + public void update(String ssoId, Principal principal, String authType, String username, String password) { SingleSignOnEntry sso = lookup(ssoId);

17 years

1
0
0 / 0

JBossWeb SVN: r354 - trunk/jboss/org/apache/catalina/startup.

by jbossweb-commits＠lists.jboss.org

Author: remy.maucherat(a)jboss.com Date: 2007-11-27 11:36:27 -0500 (Tue, 27 Nov 2007) New Revision: 354 Modified: trunk/jboss/org/apache/catalina/startup/catalina.properties Log: - Fix bad default flag value for JBoss. Modified: trunk/jboss/org/apache/catalina/startup/catalina.properties =================================================================== --- trunk/jboss/org/apache/catalina/startup/catalina.properties 2007-11-26 15:24:43 UTC (rev 353) +++ trunk/jboss/org/apache/catalina/startup/catalina.properties 2007-11-27 16:36:27 UTC (rev 354) @@ -2,6 +2,7 @@ org.apache.catalina.STRICT_SERVLET_COMPLIANCE=true org.apache.catalina.core.StandardService.DELAY_CONNECTOR_STARTUP=true org.apache.jasper.runtime.BodyContentImpl.LIMIT_BUFFER=true +org.apache.catalina.connector.Request.SESSION_ID_CHECK=true # String cache configuration. tomcat.util.buf.StringCache.byte.enabled=true

17 years

1
0
0 / 0

JBossWeb SVN: r353 - in trunk: webapps/docs and 1 other directory.

by jbossweb-commits＠lists.jboss.org

Author: remy.maucherat(a)jboss.com Date: 2007-11-26 10:24:43 -0500 (Mon, 26 Nov 2007) New Revision: 353 Modified: trunk/java/org/apache/catalina/connector/CoyoteAdapter.java trunk/webapps/docs/changelog.xml Log: - Improve error codes when no host or no context is matched. Modified: trunk/java/org/apache/catalina/connector/CoyoteAdapter.java =================================================================== --- trunk/java/org/apache/catalina/connector/CoyoteAdapter.java 2007-11-26 13:20:42 UTC (rev 352) +++ trunk/java/org/apache/catalina/connector/CoyoteAdapter.java 2007-11-26 15:24:43 UTC (rev 353) @@ -444,6 +444,17 @@ request.setContext((Context) request.getMappingData().context); request.setWrapper((Wrapper) request.getMappingData().wrapper); + if (request.getMappingData().host == null) { + res.setStatus(400); + res.setMessage("Host not mapped"); + return false; + } + if (request.getMappingData().context == null) { + res.setStatus(404); + res.setMessage("Context not mapped"); + return false; + } + // Filter trace method if (!connector.getAllowTrace() && req.method().equalsIgnoreCase("TRACE")) { Modified: trunk/webapps/docs/changelog.xml =================================================================== --- trunk/webapps/docs/changelog.xml 2007-11-26 13:20:42 UTC (rev 352) +++ trunk/webapps/docs/changelog.xml 2007-11-26 15:24:43 UTC (rev 353) @@ -77,6 +77,9 @@ <fix> Fix invoking CometEvent.close during begin. (remm) </fix> + <fix> + Improve error codes returned when no host or no context is matched. (remm) + </fix> </changelog> </subsection> <subsection name="Coyote">

17 years, 1 month

1
0
0 / 0

JBossWeb SVN: r352 - in trunk: java/org/apache/catalina/startup and 3 other directories.

by jbossweb-commits＠lists.jboss.org

Author: jfrederic.clere(a)jboss.com Date: 2007-11-26 08:20:42 -0500 (Mon, 26 Nov 2007) New Revision: 352 Modified: trunk/java/org/apache/catalina/core/StandardServer.java trunk/java/org/apache/catalina/startup/Catalina.java trunk/java/org/apache/tomcat/util/net/AprEndpoint.java trunk/java/org/apache/tomcat/util/net/JIoEndpoint.java trunk/res/tomcat.nsi trunk/webapps/docs/changelog.xml Log: Fix BZ 43588. Modified: trunk/java/org/apache/catalina/core/StandardServer.java =================================================================== --- trunk/java/org/apache/catalina/core/StandardServer.java 2007-11-26 11:56:55 UTC (rev 351) +++ trunk/java/org/apache/catalina/core/StandardServer.java 2007-11-26 13:20:42 UTC (rev 352) @@ -371,7 +371,7 @@ try { serverSocket = new ServerSocket(port, 1, - InetAddress.getByName("127.0.0.1")); + InetAddress.getByName("localhost")); } catch (IOException e) { log.error("StandardServer.await: create[" + port + "]: ", e); Modified: trunk/java/org/apache/catalina/startup/Catalina.java =================================================================== --- trunk/java/org/apache/catalina/startup/Catalina.java 2007-11-26 11:56:55 UTC (rev 351) +++ trunk/java/org/apache/catalina/startup/Catalina.java 2007-11-26 13:20:42 UTC (rev 352) @@ -412,7 +412,7 @@ // Stop the existing server try { - Socket socket = new Socket("127.0.0.1", server.getPort()); + Socket socket = new Socket("localhost", server.getPort()); OutputStream stream = socket.getOutputStream(); String shutdown = server.getShutdown(); for (int i = 0; i < shutdown.length(); i++) Modified: trunk/java/org/apache/tomcat/util/net/AprEndpoint.java =================================================================== --- trunk/java/org/apache/tomcat/util/net/AprEndpoint.java 2007-11-26 11:56:55 UTC (rev 351) +++ trunk/java/org/apache/tomcat/util/net/AprEndpoint.java 2007-11-26 13:20:42 UTC (rev 352) @@ -773,7 +773,7 @@ try { // Need to create a connection to unlock the accept(); if (address == null) { - s = new java.net.Socket("127.0.0.1", port); + s = new java.net.Socket("localhost", port); } else { s = new java.net.Socket(address, port); // setting soLinger to a small value will help shutdown the Modified: trunk/java/org/apache/tomcat/util/net/JIoEndpoint.java =================================================================== --- trunk/java/org/apache/tomcat/util/net/JIoEndpoint.java 2007-11-26 11:56:55 UTC (rev 351) +++ trunk/java/org/apache/tomcat/util/net/JIoEndpoint.java 2007-11-26 13:20:42 UTC (rev 352) @@ -581,7 +581,7 @@ try { // Need to create a connection to unlock the accept(); if (address == null) { - s = new Socket("127.0.0.1", port); + s = new Socket("localhost", port); } else { s = new Socket(address, port); // setting soLinger to a small value will help shutdown the Modified: trunk/res/tomcat.nsi =================================================================== --- trunk/res/tomcat.nsi 2007-11-26 11:56:55 UTC (rev 351) +++ trunk/res/tomcat.nsi 2007-11-26 13:20:42 UTC (rev 352) @@ -228,18 +228,18 @@ "http://tomcat.apache.org/" CreateShortCut "$SMPROGRAMS\Apache Tomcat 6.0\Welcome.lnk" \ - "http://127.0.0.1:$R0/" + "http://localhost:$R0/" ; IfFileExists "$INSTDIR\webapps\admin" 0 NoAdminApp ; ; CreateShortCut "$SMPROGRAMS\Apache Tomcat 6.0\Tomcat Administration.lnk" \ -; "http://127.0.0.1:$R0/admin/" +; "http://localhost:$R0/admin/" ;NoAdminApp: IfFileExists "$INSTDIR\webapps\manager" 0 NoManagerApp CreateShortCut "$SMPROGRAMS\Apache Tomcat 6.0\Tomcat Manager.lnk" \ - "http://127.0.0.1:$R0/manager/html" + "http://localhost:$R0/manager/html" NoManagerApp: Modified: trunk/webapps/docs/changelog.xml =================================================================== --- trunk/webapps/docs/changelog.xml 2007-11-26 11:56:55 UTC (rev 351) +++ trunk/webapps/docs/changelog.xml 2007-11-26 13:20:42 UTC (rev 352) @@ -30,6 +30,9 @@ <subsection name="Catalina"> <changelog> <fix> + Fix BZ 43588 - hard coded 127.0.0.1 for localhost. It requires localhost to be defined correctly in the machine. (jfclere) + </fix> + <fix> Prevent cookie logic to escape quotes where the value is already a quoted-string. (jfclere) </fix> <fix>

17 years, 1 month

1
0
0 / 0

JBossWeb SVN: r351 - in trunk: webapps/docs and 1 other directory.

by jbossweb-commits＠lists.jboss.org

Author: remy.maucherat(a)jboss.com Date: 2007-11-26 06:56:55 -0500 (Mon, 26 Nov 2007) New Revision: 351 Modified: trunk/java/org/apache/catalina/core/StandardWrapperValve.java trunk/webapps/docs/changelog.xml Log: - Fix possible Comet bug (which I did not try to reproduce). Modified: trunk/java/org/apache/catalina/core/StandardWrapperValve.java =================================================================== --- trunk/java/org/apache/catalina/core/StandardWrapperValve.java 2007-11-16 21:42:44 UTC (rev 350) +++ trunk/java/org/apache/catalina/core/StandardWrapperValve.java 2007-11-26 11:56:55 UTC (rev 351) @@ -213,8 +213,8 @@ try { SystemLogHandler.startCapture(); if (comet) { + request.setComet(true); filterChain.doFilterEvent(request.getEvent()); - request.setComet(true); } else { filterChain.doFilter(request.getRequest(), response.getResponse()); @@ -227,8 +227,8 @@ } } else { if (comet) { + request.setComet(true); filterChain.doFilterEvent(request.getEvent()); - request.setComet(true); } else { filterChain.doFilter (request.getRequest(), response.getResponse()); Modified: trunk/webapps/docs/changelog.xml =================================================================== --- trunk/webapps/docs/changelog.xml 2007-11-16 21:42:44 UTC (rev 350) +++ trunk/webapps/docs/changelog.xml 2007-11-26 11:56:55 UTC (rev 351) @@ -71,6 +71,9 @@ <fix> Fix a bug that causes CGI Servlet to fail when it is included. (markt) </fix> + <fix> + Fix invoking CometEvent.close during begin. (remm) + </fix> </changelog> </subsection> <subsection name="Coyote">

17 years, 1 month

1
0
0 / 0

JBossWeb SVN: r350 - in trunk: java/org/apache/jasper/compiler and 1 other directories.

by jbossweb-commits＠lists.jboss.org

Author: remy.maucherat(a)jboss.com Date: 2007-11-16 16:42:44 -0500 (Fri, 16 Nov 2007) New Revision: 350 Modified: trunk/java/org/apache/catalina/servlets/CGIServlet.java trunk/java/org/apache/jasper/compiler/Generator.java trunk/webapps/docs/changelog.xml Log: - Port CGI inclusion fix. - Port generation of shorter inner classes. Modified: trunk/java/org/apache/catalina/servlets/CGIServlet.java =================================================================== --- trunk/java/org/apache/catalina/servlets/CGIServlet.java 2007-11-16 17:20:12 UTC (rev 349) +++ trunk/java/org/apache/catalina/servlets/CGIServlet.java 2007-11-16 21:42:44 UTC (rev 350) @@ -235,7 +235,7 @@ * * @author Martin T Dengler [root(a)martindengler.com] * @author Amy Roh - * @version $Revision: 505743 $, $Date: 2007-02-10 19:55:08 +0100 (sam., 10 févr. 2007) $ + * @version $Revision: 595801 $, $Date: 2007-11-16 21:07:07 +0100 (Fri, 16 Nov 2007) $ * @since Tomcat 4.0 * */ @@ -267,7 +267,7 @@ static Object expandFileLock = new Object(); /** the shell environment variables to be passed to the CGI script */ - static Hashtable shellEnv = new Hashtable(); + static Hashtable<String,String> shellEnv = new Hashtable<String,String>(); /** * Sets instance variables. @@ -644,8 +644,8 @@ * See <a href="http://www.rgagnon.com/javadetails/java-0150.html">Read environment * variables from an application</a> for original source and article. */ - private Hashtable getShellEnvironment() throws IOException { - Hashtable envVars = new Hashtable(); + private Hashtable<String,String> getShellEnvironment() throws IOException { + Hashtable<String,String> envVars = new Hashtable<String,String>(); Process p = null; Runtime r = Runtime.getRuntime(); String OS = System.getProperty("os.name").toLowerCase(); @@ -694,7 +694,7 @@ * <p> * </p> * - * @version $Revision: 505743 $, $Date: 2007-02-10 19:55:08 +0100 (sam., 10 févr. 2007) $ + * @version $Revision: 595801 $, $Date: 2007-11-16 21:07:07 +0100 (Fri, 16 Nov 2007) $ * @since Tomcat 4.0 * */ @@ -729,7 +729,7 @@ private File workingDirectory = null; /** cgi command's command line parameters */ - private ArrayList cmdLineParameters = new ArrayList(); + private ArrayList<String> cmdLineParameters = new ArrayList<String>(); /** whether or not this object is valid or not */ private boolean valid = false; @@ -784,16 +784,31 @@ */ protected void setupFromRequest(HttpServletRequest req) throws UnsupportedEncodingException { - - this.contextPath = req.getContextPath(); - this.servletPath = req.getServletPath(); - this.pathInfo = req.getPathInfo(); + + boolean isIncluded = false; + + // Look to see if this request is an include + if (req.getAttribute(Globals.INCLUDE_REQUEST_URI_ATTR) != null) { + isIncluded = true; + } + if (isIncluded) { + this.contextPath = (String) req.getAttribute( + Globals.INCLUDE_CONTEXT_PATH_ATTR); + this.servletPath = (String) req.getAttribute( + Globals.INCLUDE_SERVLET_PATH_ATTR); + this.pathInfo = (String) req.getAttribute( + Globals.INCLUDE_PATH_INFO_ATTR); + } else { + this.contextPath = req.getContextPath(); + this.servletPath = req.getServletPath(); + this.pathInfo = req.getPathInfo(); + } // If getPathInfo() returns null, must be using extension mapping // In this case, pathInfo should be same as servletPath if (this.pathInfo == null) { this.pathInfo = this.servletPath; } - + // If the request method is GET, POST or HEAD and the query string // does not contain an unencoded "=" this is an indexed query. // The parsed query string becomes the command line parameters @@ -801,7 +816,13 @@ if (req.getMethod().equals("GET") || req.getMethod().equals("POST") || req.getMethod().equals("HEAD")) { - String qs = req.getQueryString(); + String qs; + if (isIncluded) { + qs = (String) req.getAttribute( + Globals.INCLUDE_QUERY_STRING_ATTR); + } else { + qs = req.getQueryString(); + } if (qs != null && qs.indexOf("=") == -1) { StringTokenizer qsTokens = new StringTokenizer(qs, "+"); while ( qsTokens.hasMoreTokens() ) { @@ -961,7 +982,7 @@ * (apologies to Marv Albert regarding MJ) */ - Hashtable envp = new Hashtable(); + Hashtable<String,String> envp = new Hashtable<String,String>(); // Add the shell environment variables (if any) envp.putAll(shellEnv); @@ -1415,7 +1436,7 @@ * and <code>setResponse</code> methods, respectively. * </p> * - * @version $Revision: 505743 $, $Date: 2007-02-10 19:55:08 +0100 (sam., 10 févr. 2007) $ + * @version $Revision: 595801 $, $Date: 2007-11-16 21:07:07 +0100 (Fri, 16 Nov 2007) $ */ protected class CGIRunner { @@ -1539,7 +1560,7 @@ */ protected String[] hashToStringArray(Hashtable h) throws NullPointerException { - Vector v = new Vector(); + Vector<String> v = new Vector<String>(); Enumeration e = h.keys(); while (e.hasMoreElements()) { String k = e.nextElement().toString(); Modified: trunk/java/org/apache/jasper/compiler/Generator.java =================================================================== --- trunk/java/org/apache/jasper/compiler/Generator.java 2007-11-16 17:20:12 UTC (rev 349) +++ trunk/java/org/apache/jasper/compiler/Generator.java 2007-11-16 21:42:44 UTC (rev 350) @@ -3310,9 +3310,7 @@ charArrayBuffer = null; err = compiler.getErrorDispatcher(); ctxt = compiler.getCompilationContext(); - fragmentHelperClass = new FragmentHelperClass(ctxt - .getServletClassName() - + "Helper"); + fragmentHelperClass = new FragmentHelperClass("Helper"); pageInfo = compiler.getPageInfo(); /* Modified: trunk/webapps/docs/changelog.xml =================================================================== --- trunk/webapps/docs/changelog.xml 2007-11-16 17:20:12 UTC (rev 349) +++ trunk/webapps/docs/changelog.xml 2007-11-16 21:42:44 UTC (rev 350) @@ -68,6 +68,9 @@ <fix> More extensible SSO. (remm) </fix> + <fix> + Fix a bug that causes CGI Servlet to fail when it is included. (markt) + </fix> </changelog> </subsection> <subsection name="Coyote"> @@ -89,6 +92,9 @@ <fix> Remove log field for XML handlers. (remm) </fix> + <fix> + <bug>43702</bug>: Inner class files have unnecessarily long names. (markt) + </fix> </changelog> </subsection> </section>

17 years, 1 month

1
0
0 / 0

JBossWeb SVN: r349 - tags.

by jbossweb-commits＠lists.jboss.org

Author: remy.maucherat(a)jboss.com Date: 2007-11-16 12:20:12 -0500 (Fri, 16 Nov 2007) New Revision: 349 Added: tags/JBOSSWEB_2_1_0_CR8/ Log: - Port fixes for the 2 cookie tests before people start throwing jiras at me. Copied: tags/JBOSSWEB_2_1_0_CR8 (from rev 348, trunk)

17 years, 1 month

1
0
0 / 0

JBossWeb SVN: r348 - in trunk: java/org/apache/tomcat/util/http and 1 other directories.

by jbossweb-commits＠lists.jboss.org

Author: remy.maucherat(a)jboss.com Date: 2007-11-16 12:16:52 -0500 (Fri, 16 Nov 2007) New Revision: 348 Modified: trunk/java/org/apache/catalina/connector/Request.java trunk/java/org/apache/catalina/connector/Response.java trunk/java/org/apache/tomcat/util/http/ServerCookie.java trunk/webapps/docs/changelog.xml Log: - Port additional cookie fixes. Modified: trunk/java/org/apache/catalina/connector/Request.java =================================================================== --- trunk/java/org/apache/catalina/connector/Request.java 2007-11-16 14:51:34 UTC (rev 347) +++ trunk/java/org/apache/catalina/connector/Request.java 2007-11-16 17:16:52 UTC (rev 348) @@ -2385,6 +2385,25 @@ } } + protected String unescape(String s) { + if (s==null) + return null; + if (s.indexOf('\\') == -1) + return s; + StringBuffer buf = new StringBuffer(); + for (int i=0; i<s.length(); i++) { + char c = s.charAt(i); + if (c!='\\') buf.append(c); + else { + if (++i >= s.length()) + throw new IllegalArgumentException();//invalid escape, hence invalid cookie + c = s.charAt(i); + buf.append(c); + } + } + return buf.toString(); + } + /** * Parse cookies. */ @@ -2403,14 +2422,19 @@ for (int i = 0; i < count; i++) { ServerCookie scookie = serverCookies.getCookie(i); try { - Cookie cookie = new Cookie(scookie.getName().toString(), - scookie.getValue().toString()); - cookie.setPath(scookie.getPath().toString()); - cookie.setVersion(scookie.getVersion()); + /* + we must unescape the '\\' escape character + */ + Cookie cookie = new Cookie(scookie.getName().toString(),null); + int version = scookie.getVersion(); + cookie.setVersion(version); + cookie.setValue(unescape(scookie.getValue().toString())); + cookie.setPath(unescape(scookie.getPath().toString())); String domain = scookie.getDomain().toString(); - if (domain != null) { - cookie.setDomain(scookie.getDomain().toString()); - } + if (domain!=null) + cookie.setDomain(unescape(domain));//avoid NPE + String comment = scookie.getComment().toString(); + cookie.setComment(version==1?unescape(comment):null); cookies[idx++] = cookie; } catch(IllegalArgumentException e) { // Ignore bad cookie Modified: trunk/java/org/apache/catalina/connector/Response.java =================================================================== --- trunk/java/org/apache/catalina/connector/Response.java 2007-11-16 14:51:34 UTC (rev 347) +++ trunk/java/org/apache/catalina/connector/Response.java 2007-11-16 17:16:52 UTC (rev 348) @@ -963,9 +963,9 @@ if (isCommitted()) return; - cookies.add(cookie); - final StringBuffer sb = new StringBuffer(); + // web application code can receive a IllegalArgumentException + // from the appendCookieValue invocation if (SecurityUtil.isPackageProtectionEnabled()) { AccessController.doPrivileged(new PrivilegedAction() { public Object run(){ @@ -983,12 +983,13 @@ cookie.getPath(), cookie.getDomain(), cookie.getComment(), cookie.getMaxAge(), cookie.getSecure()); } - + // if we reached here, no exception, cookie is valid // the header name is Set-Cookie for both "old" and v.1 ( RFC2109 ) // RFC2965 is not supported by browsers and the Servlet spec // asks for 2109. addHeader("Set-Cookie", sb.toString()); + cookies.add(cookie); } Modified: trunk/java/org/apache/tomcat/util/http/ServerCookie.java =================================================================== --- trunk/java/org/apache/tomcat/util/http/ServerCookie.java 2007-11-16 14:51:34 UTC (rev 347) +++ trunk/java/org/apache/tomcat/util/http/ServerCookie.java 2007-11-16 17:16:52 UTC (rev 348) @@ -145,20 +145,34 @@ for (int i = 0; i < len; i++) { char c = value.charAt(i); - if (c < 0x20 || c >= 0x7f || tspecials.indexOf(c) != -1) + if (tspecials.indexOf(c) != -1) return false; } return true; } + public static boolean containsCTL(String value, int version) { + if( value==null) return false; + int len = value.length(); + for (int i = 0; i < len; i++) { + char c = value.charAt(i); + if (c < 0x20 || c >= 0x7f) { + if (c == 0x09) + continue; //allow horizontal tabs + return true; + } + } + return false; + } + + public static boolean isToken2(String value) { if( value==null) return true; int len = value.length(); for (int i = 0; i < len; i++) { char c = value.charAt(i); - - if (c < 0x20 || c >= 0x7f || tspecials2.indexOf(c) != -1) + if (tspecials2.indexOf(c) != -1) return false; } return true; @@ -218,7 +232,7 @@ DateTool.formatOldCookie(new Date(10000)); // TODO RFC2965 fields also need to be passed - public static void appendCookieValue( StringBuffer buf, + public static void appendCookieValue( StringBuffer headerBuf, int version, String name, String value, @@ -228,6 +242,7 @@ int maxAge, boolean isSecure ) { + StringBuffer buf = new StringBuffer(); // Servlet implementation checks name buf.append( name ); buf.append("="); @@ -285,39 +300,27 @@ buf.append ("; Secure"); } - + headerBuf.append(buf); } /** * @deprecated - Not used */ - public static void maybeQuote (int version, StringBuffer buf, - String value) { + @Deprecated + public static void maybeQuote (int version, StringBuffer buf,String value) { // special case - a \n or \r shouldn't happen in any case if (isToken(value)) { buf.append(value); } else { - if (alreadyQuoted(value)) - buf.append(value); - else { - buf.append('"'); - buf.append(escapeDoubleQuotes(value)); - buf.append('"'); - } + buf.append('"'); + buf.append(escapeDoubleQuotes(value,0,value.length())); + buf.append('"'); } } + public static boolean alreadyQuoted (String value) { - if (value.startsWith("\"") && value.endsWith("\"")) { - int len = value.length(); - for (int i = 1; i < len-1; i++) { - char c = value.charAt(i); - // Make sure there aren't unescaped controls in value. - if (c < 0x20 || c >= 0x7f) - return false; // We will escape the " and controls. - } - return true; - } - return false; + if (value==null || value.length()==0) return false; + return (value.charAt(0)=='\"' && value.charAt(value.length()-1)=='\"'); } /** @@ -326,19 +329,25 @@ * @param buf * @param value */ - public static void maybeQuote2 (int version, StringBuffer buf, - String value) { - // special case - a \n or \r shouldn't happen in any case - if (version == 0 && isToken(value) || version == 1 && isToken2(value)) { + public static void maybeQuote2 (int version, StringBuffer buf, String value) { + if (value==null || value.length()==0) { + buf.append("\"\""); + }else if (containsCTL(value,version)) + throw new IllegalArgumentException("Control character in cookie value, consider BASE64 encoding your value"); + else if (alreadyQuoted(value)) { + buf.append('"'); + buf.append(escapeDoubleQuotes(value,1,value.length()-1)); + buf.append('"'); + } else if (version==0 && !isToken(value)) { + buf.append('"'); + buf.append(escapeDoubleQuotes(value,0,value.length())); + buf.append('"'); + } else if (version==1 && !isToken2(value)) { + buf.append('"'); + buf.append(escapeDoubleQuotes(value,0,value.length())); + buf.append('"'); + }else { buf.append(value); - } else { - if (alreadyQuoted(value)) - buf.append(value); - else { - buf.append('"'); - buf.append(escapeDoubleQuotes(value)); - buf.append('"'); - } } } @@ -347,19 +356,25 @@ * Escapes any double quotes in the given string. * * @param s the input string - * + * @param beginIndex start index inclusive + * @param endIndex exclusive * @return The (possibly) escaped string */ - private static String escapeDoubleQuotes(String s) { + private static String escapeDoubleQuotes(String s, int beginIndex, int endIndex) { if (s == null || s.length() == 0 || s.indexOf('"') == -1) { return s; } StringBuffer b = new StringBuffer(); - for (int i = 0; i < s.length(); i++) { + for (int i = beginIndex; i < endIndex; i++) { char c = s.charAt(i); - if (c == '"') + if (c == '\\' ) { + b.append(c); + //ignore the character after an escape, just append it + if (++i>=endIndex) throw new IllegalArgumentException("Invalid escape character in cookie value."); + b.append(s.charAt(i)); + } else if (c == '"') b.append('\\').append('"'); else b.append(c); @@ -395,3 +410,4 @@ bc.setEnd(dest); } } + Modified: trunk/webapps/docs/changelog.xml =================================================================== --- trunk/webapps/docs/changelog.xml 2007-11-16 14:51:34 UTC (rev 347) +++ trunk/webapps/docs/changelog.xml 2007-11-16 17:16:52 UTC (rev 348) @@ -79,6 +79,9 @@ Remove legacy org.apache.jk AJP connector and utility components, replaced by the org.apache.coyote.ajp connector. (remm) </update> + <fix> + Additional cookie fixes. (jfclere) + </fix> </changelog> </subsection> <subsection name="Jasper">

17 years, 1 month

1
0
0 / 0

JBossWeb SVN: r347 - tags/JBOSSWEB_2_0_0_GA_CP04.

by jbossweb-commits＠lists.jboss.org

Author: remy.maucherat(a)jboss.com Date: 2007-11-16 09:51:34 -0500 (Fri, 16 Nov 2007) New Revision: 347 Added: tags/JBOSSWEB_2_0_0_GA_CP04/build.properties Log: - Add a build.properties file, which is a better way to set the version number for tags. Added: tags/JBOSSWEB_2_0_0_GA_CP04/build.properties =================================================================== --- tags/JBOSSWEB_2_0_0_GA_CP04/build.properties (rev 0) +++ tags/JBOSSWEB_2_0_0_GA_CP04/build.properties 2007-11-16 14:51:34 UTC (rev 347) @@ -0,0 +1,5 @@ +# ----- Vesion Control Flags ----- +version.major=2 +version.minor=0 +version.build=0 +version.patch=GA_CP04 Property changes on: tags/JBOSSWEB_2_0_0_GA_CP04/build.properties ___________________________________________________________________ Name: svn:eol-style + native

17 years, 1 month

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

jbossweb-commits November 2007