Author: remy.maucherat(a)jboss.com Date: 2013-12-09 11:18:00 -0500 (Mon, 09 Dec 2013) New Revision: 2323 Modified: branches/7.4.x/src/main/java/org/apache/coyote/Request.java branches/7.4.x/src/main/java/org/apache/coyote/ajp/AjpAprProcessor.java branches/7.4.x/src/main/java/org/apache/coyote/ajp/AjpProcessor.java branches/7.4.x/src/main/java/org/apache/coyote/http11/Http11AprProcessor.java branches/7.4.x/src/main/java/org/apache/coyote/http11/Http11NioProcessor.java branches/7.4.x/src/main/java/org/apache/coyote/http11/Http11Processor.java Log: Port improvements to content-length handling. Modified: branches/7.4.x/src/main/java/org/apache/coyote/Request.java =================================================================== --- branches/7.4.x/src/main/java/org/apache/coyote/Request.java 2013-12-09 15:25:05 UTC (rev 2322) +++ branches/7.4.x/src/main/java/org/apache/coyote/Request.java 2013-12-09 16:18:00 UTC (rev 2323) @@ -288,7 +288,7 @@ } - public void setContentLength(int len) { + public void setContentLength(long len) { this.contentLength = len; } Modified: branches/7.4.x/src/main/java/org/apache/coyote/ajp/AjpAprProcessor.java =================================================================== --- branches/7.4.x/src/main/java/org/apache/coyote/ajp/AjpAprProcessor.java 2013-12-09 15:25:05 UTC (rev 2322) +++ branches/7.4.x/src/main/java/org/apache/coyote/ajp/AjpAprProcessor.java 2013-12-09 16:18:00 UTC (rev 2323) @@ -28,6 +28,8 @@ import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; +import javax.servlet.http.HttpServletResponse; + import org.apache.coyote.ActionCode; import org.apache.coyote.ActionHook; import org.apache.coyote.Adapter; @@ -721,6 +723,7 @@ // Decode headers MimeHeaders headers = request.getMimeHeaders(); + boolean contentLengthSet = false; int hCount = requestHeaderMessage.getInt(); for(int i = 0 ; i < hCount ; i++) { String hName = null; @@ -755,8 +758,15 @@ if (hId == Constants.SC_REQ_CONTENT_LENGTH || (hId == -1 && tmpMB.equalsIgnoreCase("Content-Length"))) { - // just read the content-length header, so set it - request.setContentLength( vMB.getInt() ); + long cl = vMB.getLong(); + if (contentLengthSet) { + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + error = true; + } else { + contentLengthSet = true; + // Set the content-length header for the request + request.setContentLength(cl); + } } else if (hId == Constants.SC_REQ_CONTENT_TYPE || (hId == -1 && tmpMB.equalsIgnoreCase("Content-Type"))) { // just read the content-type header, so set it Modified: branches/7.4.x/src/main/java/org/apache/coyote/ajp/AjpProcessor.java =================================================================== --- branches/7.4.x/src/main/java/org/apache/coyote/ajp/AjpProcessor.java 2013-12-09 15:25:05 UTC (rev 2322) +++ branches/7.4.x/src/main/java/org/apache/coyote/ajp/AjpProcessor.java 2013-12-09 16:18:00 UTC (rev 2323) @@ -30,6 +30,8 @@ import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; +import javax.servlet.http.HttpServletResponse; + import org.apache.coyote.ActionCode; import org.apache.coyote.ActionHook; import org.apache.coyote.Adapter; @@ -735,6 +737,7 @@ // Decode headers MimeHeaders headers = request.getMimeHeaders(); + boolean contentLengthSet = false; int hCount = requestHeaderMessage.getInt(); for(int i = 0 ; i < hCount ; i++) { String hName = null; @@ -769,8 +772,15 @@ if (hId == Constants.SC_REQ_CONTENT_LENGTH || (hId == -1 && tmpMB.equalsIgnoreCase("Content-Length"))) { - // just read the content-length header, so set it - request.setContentLength( vMB.getInt() ); + long cl = vMB.getLong(); + if (contentLengthSet) { + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + error = true; + } else { + contentLengthSet = true; + // Set the content-length header for the request + request.setContentLength(cl); + } } else if (hId == Constants.SC_REQ_CONTENT_TYPE || (hId == -1 && tmpMB.equalsIgnoreCase("Content-Type"))) { // just read the content-type header, so set it Modified: branches/7.4.x/src/main/java/org/apache/coyote/http11/Http11AprProcessor.java =================================================================== --- branches/7.4.x/src/main/java/org/apache/coyote/http11/Http11AprProcessor.java 2013-12-09 15:25:05 UTC (rev 2322) +++ branches/7.4.x/src/main/java/org/apache/coyote/http11/Http11AprProcessor.java 2013-12-09 16:18:00 UTC (rev 2323) @@ -1475,10 +1475,19 @@ // Parse content-length header long contentLength = request.getContentLengthLong(); - if (contentLength >= 0 && !contentDelimitation) { - inputBuffer.addActiveFilter - (inputFilters[Constants.IDENTITY_FILTER]); - contentDelimitation = true; + if (contentLength >= 0) { + if (contentDelimitation) { + // contentDelimitation being true at this point indicates that + // chunked encoding is being used but chunked encoding should + // not be used with a content length. RFC 2616, section 4.4, + // bullet 3 states Content-Length must be ignored in this case - + // so remove it. + headers.removeHeader("content-length"); + request.setContentLength(-1); + } else { + inputBuffer.addActiveFilter(inputFilters[Constants.IDENTITY_FILTER]); + contentDelimitation = true; + } } MessageBytes valueMB = headers.getValue("host"); Modified: branches/7.4.x/src/main/java/org/apache/coyote/http11/Http11NioProcessor.java =================================================================== --- branches/7.4.x/src/main/java/org/apache/coyote/http11/Http11NioProcessor.java 2013-12-09 15:25:05 UTC (rev 2322) +++ branches/7.4.x/src/main/java/org/apache/coyote/http11/Http11NioProcessor.java 2013-12-09 16:18:00 UTC (rev 2323) @@ -1013,12 +1013,22 @@ } } - // Parse content-length header - long contentLength = request.getContentLengthLong(); - if (contentLength >= 0 && !contentDelimitation) { - inputBuffer.addActiveFilter(inputFilters[Constants.IDENTITY_FILTER]); - contentDelimitation = true; - } + // Parse content-length header + long contentLength = request.getContentLengthLong(); + if (contentLength >= 0) { + if (contentDelimitation) { + // contentDelimitation being true at this point indicates that + // chunked encoding is being used but chunked encoding should + // not be used with a content length. RFC 2616, section 4.4, + // bullet 3 states Content-Length must be ignored in this case - + // so remove it. + headers.removeHeader("content-length"); + request.setContentLength(-1); + } else { + inputBuffer.addActiveFilter(inputFilters[Constants.IDENTITY_FILTER]); + contentDelimitation = true; + } + } MessageBytes valueMB = headers.getValue("host"); Modified: branches/7.4.x/src/main/java/org/apache/coyote/http11/Http11Processor.java =================================================================== --- branches/7.4.x/src/main/java/org/apache/coyote/http11/Http11Processor.java 2013-12-09 15:25:05 UTC (rev 2322) +++ branches/7.4.x/src/main/java/org/apache/coyote/http11/Http11Processor.java 2013-12-09 16:18:00 UTC (rev 2323) @@ -1328,10 +1328,19 @@ // Parse content-length header long contentLength = request.getContentLengthLong(); - if (contentLength >= 0 && !contentDelimitation) { - inputBuffer.addActiveFilter - (inputFilters[Constants.IDENTITY_FILTER]); - contentDelimitation = true; + if (contentLength >= 0) { + if (contentDelimitation) { + // contentDelimitation being true at this point indicates that + // chunked encoding is being used but chunked encoding should + // not be used with a content length. RFC 2616, section 4.4, + // bullet 3 states Content-Length must be ignored in this case - + // so remove it. + headers.removeHeader("content-length"); + request.setContentLength(-1); + } else { + inputBuffer.addActiveFilter(inputFilters[Constants.IDENTITY_FILTER]); + contentDelimitation = true; + } } MessageBytes valueMB = headers.getValue("host");