You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jackrabbit.apache.org by re...@apache.org on 2017/07/25 16:29:52 UTC
svn commit: r1802977 - in /jackrabbit/trunk/jackrabbit-webdav/src:
main/java/org/apache/jackrabbit/webdav/server/AbstractWebdavServlet.java
test/java/org/apache/jackrabbit/webdav/server/ContentCodingTest.java
Author: reschke
Date: Tue Jul 25 16:29:52 2017
New Revision: 1802977
URL: http://svn.apache.org/viewvc?rev=1802977&view=rev
Log:
JCR-4158: jackrabbit-server doesn't handle content-codings properly
Reject all requests with non-empty Content-Encoding header fields with status 415.
Modified:
jackrabbit/trunk/jackrabbit-webdav/src/main/java/org/apache/jackrabbit/webdav/server/AbstractWebdavServlet.java
jackrabbit/trunk/jackrabbit-webdav/src/test/java/org/apache/jackrabbit/webdav/server/ContentCodingTest.java
Modified: jackrabbit/trunk/jackrabbit-webdav/src/main/java/org/apache/jackrabbit/webdav/server/AbstractWebdavServlet.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-webdav/src/main/java/org/apache/jackrabbit/webdav/server/AbstractWebdavServlet.java?rev=1802977&r1=1802976&r2=1802977&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-webdav/src/main/java/org/apache/jackrabbit/webdav/server/AbstractWebdavServlet.java (original)
+++ jackrabbit/trunk/jackrabbit-webdav/src/main/java/org/apache/jackrabbit/webdav/server/AbstractWebdavServlet.java Tue Jul 25 16:29:52 2017
@@ -88,6 +88,8 @@ import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Enumeration;
import java.util.List;
/**
@@ -283,6 +285,17 @@ abstract public class AbstractWebdavServ
return;
}
+ // JCR-4165: reject any content-coding in request until we can
+ // support it (see JCR-4166)
+ List<String> ces = getContentCodings(request);
+ if (!ces.isEmpty()) {
+ webdavResponse.setStatus(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE);
+ webdavResponse.setHeader("Accept-Encoding", "identity");
+ webdavResponse.setContentType("text/plain; charset=UTF-8");
+ webdavResponse.getWriter().println("Content-Encodings not supported, but received: " + ces);
+ webdavResponse.getWriter().flush();
+ }
+
// check matching if=header for lock-token relevant operations
DavResource resource = getResourceFactory().createResource(webdavRequest.getRequestLocator(), webdavRequest, webdavResponse);
if (!isPreconditionValid(webdavRequest, resource)) {
@@ -1397,4 +1410,21 @@ abstract public class AbstractWebdavServ
protected OutputContext getOutputContext(DavServletResponse response, OutputStream out) {
return new OutputContextImpl(response, out);
}
+
+ private List<String> getContentCodings(HttpServletRequest request) {
+ List<String> result = Collections.emptyList();
+ for (@SuppressWarnings("unchecked")
+ Enumeration<String> ceh = request.getHeaders("Content-Encoding"); ceh.hasMoreElements();) {
+ for (String h : ceh.nextElement().split(",")) {
+ if (!h.trim().isEmpty()) {
+ if (result.isEmpty()) {
+ result = new ArrayList<String>();
+ }
+ result.add(h.trim());
+ }
+ }
+ }
+
+ return result;
+ }
}
Modified: jackrabbit/trunk/jackrabbit-webdav/src/test/java/org/apache/jackrabbit/webdav/server/ContentCodingTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-webdav/src/test/java/org/apache/jackrabbit/webdav/server/ContentCodingTest.java?rev=1802977&r1=1802976&r2=1802977&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-webdav/src/test/java/org/apache/jackrabbit/webdav/server/ContentCodingTest.java (original)
+++ jackrabbit/trunk/jackrabbit-webdav/src/test/java/org/apache/jackrabbit/webdav/server/ContentCodingTest.java Tue Jul 25 16:29:52 2017
@@ -54,7 +54,7 @@ public class ContentCodingTest extends W
entity.setContentEncoding(new BasicHeader("Content-Encoding", "qux"));
put.setEntity(entity);
status = this.client.execute(put, this.context).getStatusLine().getStatusCode();
- assertTrue("server must signal error for unknown content coding", status >= 400);
+ assertTrue("server must signal error for unknown content coding", status == 415);
} finally {
if (status / 2 == 100) {
delete(testUri);
@@ -77,7 +77,7 @@ public class ContentCodingTest extends W
entity.setContentEncoding(new BasicHeader("Content-Encoding", "gzip"));
put.setEntity(entity);
status = this.client.execute(put, this.context).getStatusLine().getStatusCode();
- assertTrue("server create or signal error", status == 201 || status >= 400);
+ assertTrue("server create or signal error", status == 201 || status == 415);
if (status / 2 == 100) {
// check length
HttpHead head = new HttpHead(testUri);
@@ -105,6 +105,6 @@ public class ContentCodingTest extends W
entity.setContentEncoding(new BasicHeader("Content-Encoding", "qux"));
propfind.setEntity(entity);
int status = this.client.execute(propfind, this.context).getStatusLine().getStatusCode();
- assertTrue("server must signal error for unknown content coding", status >= 400);
+ assertTrue("server must signal error for unknown content coding", status == 415);
}
}