Author: remy.maucherat(a)jboss.com
Date: 2009-11-01 20:33:52 -0500 (Sun, 01 Nov 2009)
New Revision: 1235
Modified:
trunk/java/javax/servlet/http/Cookie.java
trunk/java/javax/servlet/http/LocalStrings.properties
trunk/java/org/apache/catalina/connector/Response.java
trunk/java/org/apache/jasper/compiler/Validator.java
trunk/java/org/apache/tomcat/util/http/ServerCookie.java
Log:
- Port patches.
- Error for deferred syntax in template text.
- Filter out null in headers.
- Cookie defaults to version switch.
Modified: trunk/java/javax/servlet/http/Cookie.java
===================================================================
--- trunk/java/javax/servlet/http/Cookie.java 2009-10-31 23:31:38 UTC (rev 1234)
+++ trunk/java/javax/servlet/http/Cookie.java 2009-11-02 01:33:52 UTC (rev 1235)
@@ -88,9 +88,8 @@
private String path; // ;Path=VALUE ... URLs that see the cookie
private boolean secure; // ;Secure ... e.g. use SSL
private int version = 0; // ;Version=1 ... means RFC 2109++ style
- private boolean isHttpOnly = false;
+ private boolean httpOnly; // Not in cookie specs, but supported by browsers
-
/**
* Constructs a cookie with a specified name and value.
@@ -124,26 +123,30 @@
*/
public Cookie(String name, String value) {
- if (!isToken(name)
- || name.equalsIgnoreCase("Comment") // rfc2019
- || name.equalsIgnoreCase("Discard") // 2019++
- || name.equalsIgnoreCase("Domain")
- || name.equalsIgnoreCase("Expires") // (old cookies)
- || name.equalsIgnoreCase("Max-Age") // rfc2019
- || name.equalsIgnoreCase("Path")
- || name.equalsIgnoreCase("Secure")
- || name.equalsIgnoreCase("Version")
- || name.startsWith("$")
- ) {
- String errMsg = lStrings.getString("err.cookie_name_is_token");
- Object[] errArgs = new Object[1];
- errArgs[0] = name;
- errMsg = MessageFormat.format(errMsg, errArgs);
- throw new IllegalArgumentException(errMsg);
- }
+ if (name == null || name.length() == 0) {
+ throw new IllegalArgumentException(
+ lStrings.getString("err.cookie_name_blank"));
+ }
+ if (!isToken(name)
+ || name.equalsIgnoreCase("Comment") // rfc2019
+ || name.equalsIgnoreCase("Discard") // 2019++
+ || name.equalsIgnoreCase("Domain")
+ || name.equalsIgnoreCase("Expires") // (old cookies)
+ || name.equalsIgnoreCase("Max-Age") // rfc2019
+ || name.equalsIgnoreCase("Path")
+ || name.equalsIgnoreCase("Secure")
+ || name.equalsIgnoreCase("Version")
+ || name.startsWith("$")
+ ) {
+ String errMsg = lStrings.getString("err.cookie_name_is_token");
+ Object[] errArgs = new Object[1];
+ errArgs[0] = name;
+ errMsg = MessageFormat.format(errMsg, errArgs);
+ throw new IllegalArgumentException(errMsg);
+ }
- this.name = name;
- this.value = value;
+ this.name = name;
+ this.value = value;
}
@@ -595,7 +598,7 @@
* @since Servlet 3.0
*/
public boolean isHttpOnly() {
- return isHttpOnly;
+ return httpOnly;
}
/**
@@ -604,7 +607,7 @@
* @since Servlet 3.0
*/
public void setHttpOnly(boolean httpOnly) {
- this.isHttpOnly = httpOnly;
+ this.httpOnly = httpOnly;
}
}
Modified: trunk/java/javax/servlet/http/LocalStrings.properties
===================================================================
--- trunk/java/javax/servlet/http/LocalStrings.properties 2009-10-31 23:31:38 UTC (rev
1234)
+++ trunk/java/javax/servlet/http/LocalStrings.properties 2009-11-02 01:33:52 UTC (rev
1235)
@@ -56,6 +56,7 @@
# Localized for Locale en_US
err.cookie_name_is_token=Cookie name \"{0}\" is a reserved token
+err.cookie_name_blank=Cookie name may not be null or zero length
err.io.negativelength=Negative length given in write method
err.io.short_read=Short Read
err.ise.getWriter=Illegal to call getWriter() after getOutputStream() has been called
Modified: trunk/java/org/apache/catalina/connector/Response.java
===================================================================
--- trunk/java/org/apache/catalina/connector/Response.java 2009-10-31 23:31:38 UTC (rev
1234)
+++ trunk/java/org/apache/catalina/connector/Response.java 2009-11-02 01:33:52 UTC (rev
1235)
@@ -1040,6 +1040,10 @@
*/
public void addDateHeader(String name, long value) {
+ if (name == null || name.length() == 0) {
+ return;
+ }
+
if (isCommitted())
return;
@@ -1067,6 +1071,10 @@
*/
public void addHeader(String name, String value) {
+ if (name == null || name.length() == 0 || value == null) {
+ return;
+ }
+
if (isCommitted())
return;
@@ -1087,6 +1095,10 @@
*/
public void addIntHeader(String name, int value) {
+ if (name == null || name.length() == 0) {
+ return;
+ }
+
if (isCommitted())
return;
@@ -1312,6 +1324,10 @@
*/
public void setDateHeader(String name, long value) {
+ if (name == null || name.length() == 0) {
+ return;
+ }
+
if (isCommitted())
return;
@@ -1339,6 +1355,10 @@
*/
public void setHeader(String name, String value) {
+ if (name == null || name.length() == 0 || value == null) {
+ return;
+ }
+
if (isCommitted())
return;
@@ -1359,6 +1379,10 @@
*/
public void setIntHeader(String name, int value) {
+ if (name == null || name.length() == 0) {
+ return;
+ }
+
if (isCommitted())
return;
Modified: trunk/java/org/apache/jasper/compiler/Validator.java
===================================================================
--- trunk/java/org/apache/jasper/compiler/Validator.java 2009-10-31 23:31:38 UTC (rev
1234)
+++ trunk/java/org/apache/jasper/compiler/Validator.java 2009-11-02 01:33:52 UTC (rev
1235)
@@ -738,10 +738,16 @@
int attrSize = attrs.getLength();
Node.JspAttribute[] jspAttrs = new Node.JspAttribute[attrSize];
for (int i = 0; i < attrSize; i++) {
+ // JSP.2.2 - '#{' not allowed in template text
+ String value = attrs.getValue(i);
+ if (!pageInfo.isDeferredSyntaxAllowedAsLiteral()) {
+ if (containsDeferredSyntax(value)) {
+ err.jspError(n, "jsp.error.el.template.deferred");
+ }
+ }
jspAttrs[i] = getJspAttribute(null, attrs.getQName(i),
- attrs.getURI(i), attrs.getLocalName(i), attrs
- .getValue(i), java.lang.Object.class, n,
- false);
+ attrs.getURI(i), attrs.getLocalName(i), value,
+ java.lang.Object.class, n, false);
}
n.setJspAttributes(jspAttrs);
}
@@ -749,6 +755,31 @@
visitBody(n);
}
+ /**
+ * Look for a #{ sequence that isn't preceded by \.
+ */
+ private boolean containsDeferredSyntax(String value) {
+ if (value == null) {
+ return false;
+ }
+
+ int i = 0;
+ int len = value.length();
+ boolean prevCharIsEscape = false;
+ while (i < value.length()) {
+ char c = value.charAt(i);
+ if (c == '#' && (i+1) < len &&
value.charAt(i+1) == '{' && !prevCharIsEscape) {
+ return true;
+ } else if (c == '\\') {
+ prevCharIsEscape = true;
+ } else {
+ prevCharIsEscape = false;
+ }
+ i++;
+ }
+ return false;
+ }
+
public void visit(Node.CustomTag n) throws JasperException {
TagInfo tagInfo = n.getTagInfo();
Modified: trunk/java/org/apache/tomcat/util/http/ServerCookie.java
===================================================================
--- trunk/java/org/apache/tomcat/util/http/ServerCookie.java 2009-10-31 23:31:38 UTC (rev
1234)
+++ trunk/java/org/apache/tomcat/util/http/ServerCookie.java 2009-11-02 01:33:52 UTC (rev
1235)
@@ -108,7 +108,7 @@
String allowVersionSwitch = System.getProperty(
"org.apache.tomcat.util.http.ServerCookie.ALLOW_VERSION_SWITCH");
if (allowVersionSwitch == null) {
- ALLOW_VERSION_SWITCH = STRICT_SERVLET_COMPLIANCE;
+ ALLOW_VERSION_SWITCH = true;
} else {
ALLOW_VERSION_SWITCH =
Boolean.valueOf(allowVersionSwitch).booleanValue();