You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by ri...@apache.org on 2008/02/27 16:10:09 UTC
svn commit: r631610 - in /geronimo/sandbox/async-http-client-mina2/src:
main/java/org/apache/ahc/ main/java/org/apache/ahc/codec/
main/java/org/apache/ahc/proxy/ test/java/org/apache/ahc/
Author: rickmcguire
Date: Wed Feb 27 07:10:05 2008
New Revision: 631610
URL: http://svn.apache.org/viewvc?rev=631610&view=rev
Log:
GERONIMO-3861 cookies need to be validated and filtered
Patch provided by Sangjin Lee
Modified:
geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/AsyncHttpClient.java
geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/codec/HttpDecoder.java
geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/codec/HttpMessage.java
geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/codec/HttpRequestMessage.java
geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/codec/HttpResponseDecoder.java
geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/codec/HttpResponseMessage.java
geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/proxy/ProxyFilter.java
geronimo/sandbox/async-http-client-mina2/src/test/java/org/apache/ahc/ChunkedTest.java
geronimo/sandbox/async-http-client-mina2/src/test/java/org/apache/ahc/FakeIoSession.java
geronimo/sandbox/async-http-client-mina2/src/test/java/org/apache/ahc/ResponseHeaderParsingTest.java
Modified: geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/AsyncHttpClient.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/AsyncHttpClient.java?rev=631610&r1=631609&r2=631610&view=diff
==============================================================================
--- geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/AsyncHttpClient.java (original)
+++ geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/AsyncHttpClient.java Wed Feb 27 07:10:05 2008
@@ -30,6 +30,8 @@
import javax.net.ssl.SSLContext;
+import org.apache.ahc.codec.CookiePolicy;
+import org.apache.ahc.codec.DefaultCookiePolicy;
import org.apache.ahc.codec.HttpDecoder;
import org.apache.ahc.codec.HttpIoHandler;
import org.apache.ahc.codec.HttpProtocolCodecFactory;
@@ -121,6 +123,9 @@
/** The cache for session reuse */
private SessionCache sessionCache;
+
+ /** The cookie policy */
+ private volatile CookiePolicy cookiePolicy = new DefaultCookiePolicy();
/** The Reuse Address Socket Parameter. */
private boolean reuseAddress = DEFAULT_REUSE_ADDRESS;
@@ -415,6 +420,21 @@
}
/**
+ * Sets the current cookie policy.
+ */
+ public void setCookiePolicy(CookiePolicy cookiePolicy) {
+ this.cookiePolicy = cookiePolicy;
+ }
+
+ /**
+ * Returns the current cookie policy. It is <tt>DefaultCookiePolicy</tt> by
+ * default.
+ */
+ public CookiePolicy getCookiePolicy() {
+ return cookiePolicy;
+ }
+
+ /**
* Sends a request. The call is non-blocking, and returns a future object
* with which the caller can synchronize on the completion of the request.
* This does not use a completion queue as provided by the other version of
@@ -464,6 +484,9 @@
if (message.getResponseFuture() == null) {
message.setResponseFuture(new ResponseFuture(message, queue));
}
+
+ // set the cookie policy onto the request
+ message.setCookiePolicy(cookiePolicy);
// *IF* connection reuse is enabled, we should see if we have a cached
// connection first; if not, always open a new one
Modified: geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/codec/HttpDecoder.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/codec/HttpDecoder.java?rev=631610&r1=631609&r2=631610&view=diff
==============================================================================
--- geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/codec/HttpDecoder.java (original)
+++ geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/codec/HttpDecoder.java Wed Feb 27 07:10:05 2008
@@ -245,7 +245,7 @@
msg.addHeader(nvp);
if (name.equalsIgnoreCase(SET_COOKIE)) {
- Cookie cookie = decodeCookie(value);
+ Cookie cookie = decodeCookie(value, msg);
if (cookie != null) {
msg.addCookie(cookie);
}
@@ -405,7 +405,7 @@
* @throws Exception if any exception occurs
* @see Cookie
*/
- public Cookie decodeCookie(String cookieStr) throws Exception {
+ public Cookie decodeCookie(String cookieStr, HttpResponseMessage msg) throws Exception {
Cookie cookie = null;
@@ -449,6 +449,26 @@
if (name.equalsIgnoreCase(COOKIE_DOMAIN)) {
cookie.setDomain(nameValue[1]);
}
+ }
+
+ // supply the hostname as the domain if it is missing
+ if (cookie.getDomain() == null) {
+ cookie.setDomain(msg.getRequestURL().getHost());
+ }
+
+ // use the path (up to the rightmost "/") as the path attribute if it is
+ // missing
+ if (cookie.getPath() == null) {
+ String path = msg.getRequestURL().getPath();
+ int lastSlash = path.lastIndexOf('/');
+ if (lastSlash == -1) {
+ // if the slash is absent, treat it as the root context
+ path = "/";
+ } else if (lastSlash < path.length() - 1) {
+ // get it up to the rightmost slash
+ path = path.substring(0, lastSlash+1);
+ }
+ cookie.setPath(path);
}
return cookie;
Modified: geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/codec/HttpMessage.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/codec/HttpMessage.java?rev=631610&r1=631609&r2=631610&view=diff
==============================================================================
--- geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/codec/HttpMessage.java (original)
+++ geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/codec/HttpMessage.java Wed Feb 27 07:10:05 2008
@@ -118,7 +118,7 @@
}
/**
- * Gets the cookies.
+ * Gets the cookies. Returns all existing cookies without filtering.
*
* @return the cookies
*/
@@ -128,7 +128,8 @@
/**
* Sets the cookies on the message. Any existing cookies will be completely
- * discarded.
+ * discarded. Checks on whether the cookies are acceptable may be
+ * performed.
*
* @param cookies the new cookies
* @see #addCookies(Collection)
@@ -140,14 +141,17 @@
Map<String,Cookie> newCookies = new HashMap<String,Cookie>();
for (Cookie cookie : cookies) {
- newCookies.put(cookie.getName(), cookie);
+ if (canAcceptCookie(cookie)) {
+ newCookies.put(cookie.getName(), cookie);
+ }
}
this.cookies = newCookies;
}
/**
- * Adds the cookies to the message. Only the existing cookies with the same
- * names are replaced by the ones in the argument.
+ * Adds the cookies to the message. If the cookie with the same name
+ * already exists, the cookie will be replaced. Checks on whether the
+ * cookies are acceptable may be performed.
*
* @see #setCookies(Collection)
*/
@@ -171,9 +175,17 @@
return;
}
- this.cookies.put(cookie.getName(), cookie);
+ if (canAcceptCookie(cookie)) {
+ this.cookies.put(cookie.getName(), cookie);
+ }
}
+ /**
+ * Returns whether the cookie can be accepted. Returns true by default.
+ */
+ protected boolean canAcceptCookie(Cookie cookie) {
+ return true;
+ }
/**
* Returns all headers.
Modified: geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/codec/HttpRequestMessage.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/codec/HttpRequestMessage.java?rev=631610&r1=631609&r2=631610&view=diff
==============================================================================
--- geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/codec/HttpRequestMessage.java (original)
+++ geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/codec/HttpRequestMessage.java Wed Feb 27 07:10:05 2008
@@ -21,7 +21,10 @@
import java.net.ProtocolException;
import java.net.URL;
+import java.util.ArrayList;
+import java.util.Collection;
import java.util.HashMap;
+import java.util.List;
import java.util.Map;
import java.util.concurrent.ScheduledFuture;
@@ -158,6 +161,8 @@
private ProxyConfiguration proxyConfig;
+ private CookiePolicy cookiePolicy;
+
private volatile long requestStartTime = 0L;
private volatile long connectStartTime = 0L;
@@ -579,6 +584,56 @@
*/
public boolean isProxyEnabled() {
return proxyConfig != null && !proxyConfig.isExcluded(getUrl());
+ }
+
+ /**
+ * Returns the current cookie policy.
+ */
+ public CookiePolicy getCookiePolicy() {
+ return cookiePolicy;
+ }
+
+ /**
+ * Sets the current cookie policy.
+ */
+ public void setCookiePolicy(CookiePolicy policy) {
+ cookiePolicy = policy;
+ }
+
+ /**
+ * Returns whether the cookie can be accepted for the request. Uses the
+ * current cookie policy to evaluate the cookie against the request. If the
+ * current cookie policy is null, it always returns true.
+ *
+ * @see CookiePolicy
+ */
+ @Override
+ protected boolean canAcceptCookie(Cookie cookie) {
+ CookiePolicy policy = getCookiePolicy();
+ return policy == null || policy.accept(cookie, url);
+ }
+
+ /**
+ * Returns the set of cookies as filtered by the cookie policy. Cookies
+ * returned by this method are suitable for including in the Cookie header.
+ * If the current cookie policy is null, all stored cookies are returned.
+ *
+ * @see CookiePolicy
+ */
+ @Override
+ public Collection<Cookie> getCookies() {
+ CookiePolicy policy = getCookiePolicy();
+ if (policy == null) {
+ return cookies.values();
+ }
+
+ List<Cookie> list = new ArrayList<Cookie>();
+ for (Cookie cookie : cookies.values()) {
+ if (policy.matches(cookie, url)) {
+ list.add(cookie);
+ }
+ }
+ return list;
}
/**
Modified: geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/codec/HttpResponseDecoder.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/codec/HttpResponseDecoder.java?rev=631610&r1=631609&r2=631610&view=diff
==============================================================================
--- geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/codec/HttpResponseDecoder.java (original)
+++ geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/codec/HttpResponseDecoder.java Wed Feb 27 07:10:05 2008
@@ -50,7 +50,8 @@
try {
HttpResponseMessage response = (HttpResponseMessage)ioSession.getAttribute(HttpIoHandler.CURRENT_RESPONSE);
if (response == null) {
- response = new HttpResponseMessage();
+ HttpRequestMessage request = (HttpRequestMessage)ioSession.getAttribute(HttpIoHandler.CURRENT_REQUEST);
+ response = new HttpResponseMessage(request.getUrl());
ioSession.setAttribute(HttpIoHandler.CURRENT_RESPONSE, response);
}
@@ -132,7 +133,7 @@
// specified, in which case connection close marks the end of the body
if (response != null &&
!response.isChunked() &&
- response.getContentLength() <= 0 &&
+ response.getContentLength() < 0 &&
response.getState() == HttpResponseMessage.STATE_HEADERS_READ) {
completeResponse(session, out, response);
}
Modified: geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/codec/HttpResponseMessage.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/codec/HttpResponseMessage.java?rev=631610&r1=631609&r2=631610&view=diff
==============================================================================
--- geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/codec/HttpResponseMessage.java (original)
+++ geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/codec/HttpResponseMessage.java Wed Feb 27 07:10:05 2008
@@ -19,6 +19,7 @@
*/
package org.apache.ahc.codec;
+import java.net.URL;
import java.util.ArrayList;
import org.apache.ahc.util.NameValuePair;
@@ -51,6 +52,8 @@
/** The Constant STATE_FINISHED. */
static final int STATE_FINISHED = 6;
+
+ private final URL url;
/** The status code. */
private int statusCode;
@@ -78,6 +81,14 @@
/** The challenge list **/
private ArrayList<NameValuePair> challenges = new ArrayList<NameValuePair>();
+
+ public HttpResponseMessage(URL url) {
+ this.url = url;
+ }
+
+ public URL getRequestURL() {
+ return url;
+ }
/**
* Gets the HTTP status code.
Modified: geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/proxy/ProxyFilter.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/proxy/ProxyFilter.java?rev=631610&r1=631609&r2=631610&view=diff
==============================================================================
--- geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/proxy/ProxyFilter.java (original)
+++ geronimo/sandbox/async-http-client-mina2/src/main/java/org/apache/ahc/proxy/ProxyFilter.java Wed Feb 27 07:10:05 2008
@@ -13,7 +13,6 @@
public class ProxyFilter extends IoFilterAdapter {
public static final String PROXY_AUTHORIZATION_HEADER = "Proxy-Authorization";
- private volatile boolean connectHandshakeComplete;
private final SslFilter sslFilter;
/**
Modified: geronimo/sandbox/async-http-client-mina2/src/test/java/org/apache/ahc/ChunkedTest.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/async-http-client-mina2/src/test/java/org/apache/ahc/ChunkedTest.java?rev=631610&r1=631609&r2=631610&view=diff
==============================================================================
--- geronimo/sandbox/async-http-client-mina2/src/test/java/org/apache/ahc/ChunkedTest.java (original)
+++ geronimo/sandbox/async-http-client-mina2/src/test/java/org/apache/ahc/ChunkedTest.java Wed Feb 27 07:10:05 2008
@@ -19,14 +19,17 @@
*/
package org.apache.ahc;
+import java.util.Arrays;
+
import junit.framework.TestCase;
+
+import org.apache.ahc.codec.HttpIoHandler;
+import org.apache.ahc.codec.HttpRequestMessage;
import org.apache.ahc.codec.HttpResponseDecoder;
import org.apache.ahc.codec.HttpResponseMessage;
import org.apache.mina.common.IoBuffer;
import org.apache.mina.common.IoSession;
-import java.util.Arrays;
-
public class ChunkedTest extends TestCase {
private static final String FAKE_HTTP =
@@ -55,7 +58,9 @@
buffer.put(FAKE_HTTP.getBytes());
buffer.flip();
+ HttpRequestMessage request = new HttpRequestMessage(null, null);
IoSession session = new FakeIoSession();
+ session.setAttribute(HttpIoHandler.CURRENT_REQUEST, request);
HttpResponseDecoder decoder = new HttpResponseDecoder();
FakeProtocolDecoderOutput out = new FakeProtocolDecoderOutput();
decoder.decode(session, buffer, out);
@@ -70,7 +75,9 @@
buffer.put(FAKE_HTTP.getBytes());
buffer.flip();
+ HttpRequestMessage request = new HttpRequestMessage(null, null);
IoSession session = new FakeIoSession();
+ session.setAttribute(HttpIoHandler.CURRENT_REQUEST, request);
HttpResponseDecoder decoder = new HttpResponseDecoder();
FakeProtocolDecoderOutput out = new FakeProtocolDecoderOutput();
decoder.decode(session, buffer, out);
Modified: geronimo/sandbox/async-http-client-mina2/src/test/java/org/apache/ahc/FakeIoSession.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/async-http-client-mina2/src/test/java/org/apache/ahc/FakeIoSession.java?rev=631610&r1=631609&r2=631610&view=diff
==============================================================================
--- geronimo/sandbox/async-http-client-mina2/src/test/java/org/apache/ahc/FakeIoSession.java (original)
+++ geronimo/sandbox/async-http-client-mina2/src/test/java/org/apache/ahc/FakeIoSession.java Wed Feb 27 07:10:05 2008
@@ -95,7 +95,7 @@
}
public Object getAttribute(Object o) {
- return null; //To change body of implemented methods use File | Settings | File Templates.
+ return attributes.get(o);
}
public Object getAttribute(Object o, Object o1) {
@@ -103,11 +103,11 @@
}
public Object setAttribute(Object o, Object o1) {
- return null; //To change body of implemented methods use File | Settings | File Templates.
+ return attributes.put(o, o1);
}
public Object setAttribute(Object o) {
- return null; //To change body of implemented methods use File | Settings | File Templates.
+ return attributes.put(o, Boolean.TRUE);
}
public Object setAttributeIfAbsent(Object o, Object o1) {
@@ -119,7 +119,7 @@
}
public Object removeAttribute(Object o) {
- return null; //To change body of implemented methods use File | Settings | File Templates.
+ return attributes.remove(o);
}
public boolean removeAttribute(Object o, Object o1) {
@@ -131,43 +131,7 @@
}
public boolean containsAttribute(Object o) {
- return false; //To change body of implemented methods use File | Settings | File Templates.
- }
-
- public Object getAttribute(String string) {
- return attributes.get(string);
- }
-
- public Object getAttribute(String key, Object defaultValue) {
- return null; //To change body of implemented methods use File | Settings | File Templates.
- }
-
- public Object setAttribute(String string, Object object) {
- return attributes.put(string, object);
- }
-
- public Object setAttribute(String string) {
- return attributes.put(string, null);
- }
-
- public Object setAttributeIfAbsent(String key, Object value) {
- return null; //To change body of implemented methods use File | Settings | File Templates.
- }
-
- public Object removeAttribute(String string) {
- return attributes.remove(string);
- }
-
- public boolean removeAttribute(String key, Object value) {
- return false; //To change body of implemented methods use File | Settings | File Templates.
- }
-
- public boolean replaceAttribute(String key, Object oldValue, Object newValue) {
- return false; //To change body of implemented methods use File | Settings | File Templates.
- }
-
- public boolean containsAttribute(String string) {
- return attributes.containsKey(string);
+ return attributes.containsKey(o);
}
public Set<Object> getAttributeKeys() {
Modified: geronimo/sandbox/async-http-client-mina2/src/test/java/org/apache/ahc/ResponseHeaderParsingTest.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/async-http-client-mina2/src/test/java/org/apache/ahc/ResponseHeaderParsingTest.java?rev=631610&r1=631609&r2=631610&view=diff
==============================================================================
--- geronimo/sandbox/async-http-client-mina2/src/test/java/org/apache/ahc/ResponseHeaderParsingTest.java (original)
+++ geronimo/sandbox/async-http-client-mina2/src/test/java/org/apache/ahc/ResponseHeaderParsingTest.java Wed Feb 27 07:10:05 2008
@@ -4,6 +4,8 @@
import junit.framework.TestCase;
+import org.apache.ahc.codec.HttpIoHandler;
+import org.apache.ahc.codec.HttpRequestMessage;
import org.apache.ahc.codec.HttpResponseDecoder;
import org.apache.ahc.codec.HttpResponseMessage;
import org.apache.mina.common.IoBuffer;
@@ -28,8 +30,9 @@
buffer.put(TEST_RESPONSE.getBytes());
buffer.flip();
+ HttpRequestMessage request = new HttpRequestMessage(null, null);
IoSession session = new FakeIoSession();
-// session.setAttribute(HttpIoHandler.CURRENT_REQUEST, new HttpRequestMessage(null, null));
+ session.setAttribute(HttpIoHandler.CURRENT_REQUEST, request);
HttpResponseDecoder decoder = new HttpResponseDecoder();
FakeProtocolDecoderOutput out = new FakeProtocolDecoderOutput();
decoder.decode(session, buffer, out);