You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jackrabbit.apache.org by re...@apache.org on 2018/01/16 19:21:52 UTC
svn commit: r1821292 - in /jackrabbit/branches/2.6: ./
jackrabbit-webdav/src/main/java/org/apache/jackrabbit/webdav/server/AbstractWebdavServlet.java
Author: reschke
Date: Tue Jan 16 19:21:52 2018
New Revision: 1821292
URL: http://svn.apache.org/viewvc?rev=1821292&view=rev
Log:
JCR-4165: jackrabbit-server doesn't handle content-codings properly (ported to 2.6)
Reject all requests with non-empty Content-Encoding header fields with status 415.
Modified:
jackrabbit/branches/2.6/ (props changed)
jackrabbit/branches/2.6/jackrabbit-webdav/src/main/java/org/apache/jackrabbit/webdav/server/AbstractWebdavServlet.java
Propchange: jackrabbit/branches/2.6/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Tue Jan 16 19:21:52 2018
@@ -1,4 +1,4 @@
/jackrabbit/branches/2.8:1643783
/jackrabbit/branches/JCR-2272:1173165-1176545
/jackrabbit/sandbox/JCR-2415-lucene-3.0:1060860-1064038
-/jackrabbit/trunk:1437334,1437374,1437384,1437618,1437928,1437933,1437963,1438158,1438541,1439296,1439312,1439346,1439768,1439797,1439927,1440059,1440336,1440456,1440908,1440917,1442061,1443652,1443876,1443885,1443943,1444501,1444515,1444654,1444666,1444683,1444755,1445122,1445134,1453907,1460995,1461064,1461137,1461613,1461646,1462115,1462153,1462205,1462211,1465974,1466060,1466085,1466938,1467255,1467363,1468965,1469312,1469799,1469892,1469940,1470573,1470957,1471286,1475718,1478684,1478719,1478757,1479518,1479527,1479533,1479536,1479691,1479809,1479908,1480574,1481964,1483276,1483286,1484440,1484442,1484444,1484727,1487803,1497243,1497492,1497787,1498840,1498850,1499285,1505795,1505907,1505942,1506594,1506877,1508053,1509101,1513144,1516281,1517602,1517627,1519376,1525629,1525633,1526928,1526945,1530005,1535539,1537027,1539030,1539045,1539050,1555885,1556248,1566668-1566669,1582373,1587619,1590030,1590733,1598035,1598058,1603934,1609712,1634584,1680757,1709811,1717599,1729382,173
2436,1758600,1759865,1761679,1761909,1762422,1763558,1766398,1771741,1773579,1773591,1773745,1779166,1779460,1780208,1786325,1787043,1792193,1793315,1793323,1793327,1793332,1796980,1797209,1797917,1798586,1799429,1811667,1814831,1817097
+/jackrabbit/trunk:1437334,1437374,1437384,1437618,1437928,1437933,1437963,1438158,1438541,1439296,1439312,1439346,1439768,1439797,1439927,1440059,1440336,1440456,1440908,1440917,1442061,1443652,1443876,1443885,1443943,1444501,1444515,1444654,1444666,1444683,1444755,1445122,1445134,1453907,1460995,1461064,1461137,1461613,1461646,1462115,1462153,1462205,1462211,1465974,1466060,1466085,1466938,1467255,1467363,1468965,1469312,1469799,1469892,1469940,1470573,1470957,1471286,1475718,1478684,1478719,1478757,1479518,1479527,1479533,1479536,1479691,1479809,1479908,1480574,1481964,1483276,1483286,1484440,1484442,1484444,1484727,1487803,1497243,1497492,1497787,1498840,1498850,1499285,1505795,1505907,1505942,1506594,1506877,1508053,1509101,1513144,1516281,1517602,1517627,1519376,1525629,1525633,1526928,1526945,1530005,1535539,1537027,1539030,1539045,1539050,1555885,1556248,1566668-1566669,1582373,1587619,1590030,1590733,1598035,1598058,1603934,1609712,1634584,1680757,1709811,1717599,1729382,173
2436,1758600,1759865,1761679,1761909,1762422,1763558,1766398,1771741,1773579,1773591,1773745,1779166,1779460,1780208,1786325,1787043,1792193,1793315,1793323,1793327,1793332,1796980,1797209,1797917,1798586,1799429,1802977,1811667,1814831,1817097
Modified: jackrabbit/branches/2.6/jackrabbit-webdav/src/main/java/org/apache/jackrabbit/webdav/server/AbstractWebdavServlet.java
URL: http://svn.apache.org/viewvc/jackrabbit/branches/2.6/jackrabbit-webdav/src/main/java/org/apache/jackrabbit/webdav/server/AbstractWebdavServlet.java?rev=1821292&r1=1821291&r2=1821292&view=diff
==============================================================================
--- jackrabbit/branches/2.6/jackrabbit-webdav/src/main/java/org/apache/jackrabbit/webdav/server/AbstractWebdavServlet.java (original)
+++ jackrabbit/branches/2.6/jackrabbit-webdav/src/main/java/org/apache/jackrabbit/webdav/server/AbstractWebdavServlet.java Tue Jan 16 19:21:52 2018
@@ -88,6 +88,8 @@ import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Enumeration;
import java.util.List;
/**
@@ -282,6 +284,17 @@ abstract public class AbstractWebdavServ
return;
}
+ // JCR-4165: reject any content-coding in request until we can
+ // support it (see JCR-4166)
+ List<String> ces = getContentCodings(request);
+ if (!ces.isEmpty()) {
+ webdavResponse.setStatus(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE);
+ webdavResponse.setHeader("Accept-Encoding", "identity");
+ webdavResponse.setContentType("text/plain; charset=UTF-8");
+ webdavResponse.getWriter().println("Content-Encodings not supported, but received: " + ces);
+ webdavResponse.getWriter().flush();
+ }
+
// check matching if=header for lock-token relevant operations
DavResource resource = getResourceFactory().createResource(webdavRequest.getRequestLocator(), webdavRequest, webdavResponse);
if (!isPreconditionValid(webdavRequest, resource)) {
@@ -1389,4 +1402,21 @@ abstract public class AbstractWebdavServ
protected OutputContext getOutputContext(DavServletResponse response, OutputStream out) {
return new OutputContextImpl(response, out);
}
+
+ private List<String> getContentCodings(HttpServletRequest request) {
+ List<String> result = Collections.emptyList();
+ for (@SuppressWarnings("unchecked")
+ Enumeration<String> ceh = request.getHeaders("Content-Encoding"); ceh.hasMoreElements();) {
+ for (String h : ceh.nextElement().split(",")) {
+ if (!h.trim().isEmpty()) {
+ if (result.isEmpty()) {
+ result = new ArrayList<String>();
+ }
+ result.add(h.trim());
+ }
+ }
+ }
+
+ return result;
+ }
}