You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@juneau.apache.org by ja...@apache.org on 2019/11/17 14:45:46 UTC

[juneau] branch master updated: JUNEAU-163 Request Exception-Message response header should be truncated to some reasonable value.

This is an automated email from the ASF dual-hosted git repository.

jamesbognar pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/juneau.git


The following commit(s) were added to refs/heads/master by this push:
     new 44441a3  JUNEAU-163 Request Exception-Message response header should be truncated to some reasonable value.
44441a3 is described below

commit 44441a3818c7d082d258a723d8d0876a22956861
Author: JamesBognar <ja...@apache.org>
AuthorDate: Sun Nov 17 09:45:33 2019 -0500

    JUNEAU-163 Request Exception-Message response header should be truncated
    to some reasonable value.
---
 .../java/org/apache/juneau/utils/StringUtilsTest.java | 12 ++++++++++++
 .../java/org/apache/juneau/internal/StringUtils.java  | 12 ++++++++++++
 .../java/org/apache/juneau/rest/RestResponse.java     | 19 +++++++++++++++++--
 3 files changed, 41 insertions(+), 2 deletions(-)

diff --git a/juneau-core/juneau-core-utest/src/test/java/org/apache/juneau/utils/StringUtilsTest.java b/juneau-core/juneau-core-utest/src/test/java/org/apache/juneau/utils/StringUtilsTest.java
index 427a33e..1a985e8 100755
--- a/juneau-core/juneau-core-utest/src/test/java/org/apache/juneau/utils/StringUtilsTest.java
+++ b/juneau-core/juneau-core-utest/src/test/java/org/apache/juneau/utils/StringUtilsTest.java
@@ -994,4 +994,16 @@ public class StringUtilsTest {
 		assertEquals("xxx", stripInvalidHttpHeaderChars("xxx"));
 		assertEquals("\t []^x", stripInvalidHttpHeaderChars("\u0000\u0001\u0002\u0003\u0004\u0005\u0006\u0007\u0008\u0009\u0010\u0011\u0012\u0013\u0014\u0015\u0016\u0017\u0018\u0019\u0020\\[]^x"));
 	}
+
+	//====================================================================================================
+	// abbreviate(String,int)
+	//====================================================================================================
+	@Test
+	public void testAbbrevate() throws Exception {
+		assertNull("xxx", abbreviate(null, 0));
+		assertEquals("foo", abbreviate("foo", 3));
+		assertEquals("...", abbreviate("fooo", 3));
+		assertEquals("f...", abbreviate("foooo", 4));
+		assertEquals("foo", abbreviate("foo", 2));
+	}
 }
diff --git a/juneau-core/juneau-marshall/src/main/java/org/apache/juneau/internal/StringUtils.java b/juneau-core/juneau-marshall/src/main/java/org/apache/juneau/internal/StringUtils.java
index 9735bd7..ff73a76 100644
--- a/juneau-core/juneau-marshall/src/main/java/org/apache/juneau/internal/StringUtils.java
+++ b/juneau-core/juneau-marshall/src/main/java/org/apache/juneau/internal/StringUtils.java
@@ -2716,4 +2716,16 @@ public final class StringUtils {
 		return sb.toString();
 	}
 
+	/**
+	 * Abbreviates a String using ellipses.
+	 *
+	 * @param in The input string.
+	 * @param length The max length of the resulting string.
+	 * @return The abbreviated string.
+	 */
+	public static String abbreviate(String in, int length) {
+		if (in == null || in.length() <= length || in.length() <= 3)
+			return in;
+		return in.substring(0, length-3) + "...";
+	}
 }
diff --git a/juneau-rest/juneau-rest-server/src/main/java/org/apache/juneau/rest/RestResponse.java b/juneau-rest/juneau-rest-server/src/main/java/org/apache/juneau/rest/RestResponse.java
index e9940e7..47e38d0 100644
--- a/juneau-rest/juneau-rest-server/src/main/java/org/apache/juneau/rest/RestResponse.java
+++ b/juneau-rest/juneau-rest-server/src/main/java/org/apache/juneau/rest/RestResponse.java
@@ -27,7 +27,6 @@ import org.apache.juneau.html.annotation.*;
 import org.apache.juneau.http.*;
 import org.apache.juneau.httppart.*;
 import org.apache.juneau.httppart.bean.*;
-import org.apache.juneau.internal.*;
 import org.apache.juneau.rest.annotation.*;
 import org.apache.juneau.http.exception.*;
 import org.apache.juneau.rest.util.*;
@@ -550,18 +549,34 @@ public final class RestResponse extends HttpServletResponseWrapper {
 	 * Same as {@link #setHeader(String, String)} but strips invalid characters from the value if present.
 	 *
 	 * These include CTRL characters, newlines, and non-ISO8859-1 characters.
+	 * Also limits the string length to 1024 characters.
 	 *
 	 * @param name Header name.
 	 * @param value Header value.
 	 */
 	public void setHeaderSafe(String name, String value) {
+		setHeaderSafe(name, value, 1024);
+	}
+
+	/**
+	 * Same as {@link #setHeader(String, String)} but strips invalid characters from the value if present.
+	 *
+	 * These include CTRL characters, newlines, and non-ISO8859-1 characters.
+	 *
+	 * @param name Header name.
+	 * @param value Header value.
+	 * @param maxLength
+	 * 	The maximum length of the header value.
+	 * 	Will be truncated with <js>"..."</js> added if the value exceeds the length.
+	 */
+	public void setHeaderSafe(String name, String value, int maxLength) {
 
 		// Jetty doesn't set the content type correctly if set through this method.
 		// Tomcat/WAS does.
 		if (name.equalsIgnoreCase("Content-Type"))
 			super.setContentType(value);
 		else
-			super.setHeader(name, StringUtils.stripInvalidHttpHeaderChars(value));
+			super.setHeader(name, abbreviate(stripInvalidHttpHeaderChars(value), maxLength));
 	}
 
 	/**