You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by da...@apache.org on 2020/12/18 07:17:34 UTC
[camel] branch master updated: CAMEL-15290: camel-cxf - RS producer
should not leak over HTTP headers from org.apache.cxf when sending to REST
server.
This is an automated email from the ASF dual-hosted git repository.
davsclaus pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/camel.git
The following commit(s) were added to refs/heads/master by this push:
new a264adb CAMEL-15290: camel-cxf - RS producer should not leak over HTTP headers from org.apache.cxf when sending to REST server.
a264adb is described below
commit a264adb0569f619a75bc65fbb653201e92cb39be
Author: Claus Ibsen <cl...@gmail.com>
AuthorDate: Fri Dec 18 08:16:10 2020 +0100
CAMEL-15290: camel-cxf - RS producer should not leak over HTTP headers from org.apache.cxf when sending to REST server.
---
.../cxf/common/header/CxfHeaderHelper.java | 6 ++
.../apache/camel/component/cxf/CXFTestSupport.java | 6 ++
.../jaxrs/CxfRsProducerHttpMethodHeaderTest.java | 80 ++++++++++++++++++++++
3 files changed, 92 insertions(+)
diff --git a/components/camel-cxf-transport/src/main/java/org/apache/camel/component/cxf/common/header/CxfHeaderHelper.java b/components/camel-cxf-transport/src/main/java/org/apache/camel/component/cxf/common/header/CxfHeaderHelper.java
index 1b2fd19..eb05b4f 100644
--- a/components/camel-cxf-transport/src/main/java/org/apache/camel/component/cxf/common/header/CxfHeaderHelper.java
+++ b/components/camel-cxf-transport/src/main/java/org/apache/camel/component/cxf/common/header/CxfHeaderHelper.java
@@ -89,6 +89,12 @@ public final class CxfHeaderHelper {
return;
}
+ // drop this header as we do not want to propagate the http method/path into the CXF request message
+ if (Exchange.HTTP_METHOD.equalsIgnoreCase(entry.getKey())
+ || Exchange.HTTP_PATH.equalsIgnoreCase(entry.getKey())) {
+ return;
+ }
+
// we need to make sure the entry value is not null
if (entry.getValue() == null) {
LOG.trace("Drop Camel header: {}={}", entry.getKey(), entry.getValue());
diff --git a/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/CXFTestSupport.java b/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/CXFTestSupport.java
index c4622b7..f5ab6fc 100644
--- a/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/CXFTestSupport.java
+++ b/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/CXFTestSupport.java
@@ -30,6 +30,7 @@ public final class CXFTestSupport {
static final int PORT4 = AvailablePortFinder.getNextAvailable();
static final int PORT5 = AvailablePortFinder.getNextAvailable();
static final int PORT6 = AvailablePortFinder.getNextAvailable();
+ static final int PORT7 = AvailablePortFinder.getNextAvailable();
static final int SSL_PORT = AvailablePortFinder.getNextAvailable();
static {
@@ -41,6 +42,7 @@ public final class CXFTestSupport {
System.setProperty("CXFTestSupport.port4", Integer.toString(PORT4));
System.setProperty("CXFTestSupport.port5", Integer.toString(PORT5));
System.setProperty("CXFTestSupport.port6", Integer.toString(PORT6));
+ System.setProperty("CXFTestSupport.port7", Integer.toString(PORT7));
System.setProperty("CXFTestSupport.sslPort", Integer.toString(SSL_PORT));
System.setProperty("org.apache.cxf.transports.http_jetty.DontClosePort", "true");
}
@@ -78,6 +80,10 @@ public final class CXFTestSupport {
return PORT6;
}
+ public static int getPort7() {
+ return PORT7;
+ }
+
public static int getSslPort() {
return SSL_PORT;
}
diff --git a/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/jaxrs/CxfRsProducerHttpMethodHeaderTest.java b/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/jaxrs/CxfRsProducerHttpMethodHeaderTest.java
new file mode 100644
index 0000000..b95279c
--- /dev/null
+++ b/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/jaxrs/CxfRsProducerHttpMethodHeaderTest.java
@@ -0,0 +1,80 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.component.cxf.jaxrs;
+
+import javax.ws.rs.core.Response;
+
+import org.apache.camel.Exchange;
+import org.apache.camel.ExchangePattern;
+import org.apache.camel.Message;
+import org.apache.camel.Processor;
+import org.apache.camel.RoutesBuilder;
+import org.apache.camel.builder.RouteBuilder;
+import org.apache.camel.component.cxf.CXFTestSupport;
+import org.apache.camel.test.junit5.CamelTestSupport;
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+
+public class CxfRsProducerHttpMethodHeaderTest extends CamelTestSupport {
+
+ @Test
+ public void testHttpMethodHeader() throws Exception {
+ getMockEndpoint("mock:result").expectedMessageCount(1);
+ // should not leak internal cxf headers
+ getMockEndpoint("mock:result").message(0).header("org.apache.cxf.request.uri").isNull();
+ getMockEndpoint("mock:result").message(0).header("org.apache.cxf.request.method").isNull();
+
+ Exchange exchange = context.createProducerTemplate().send(
+ "cxfrs://http://localhost:" + CXFTestSupport.getPort7() + "/CxfRsProducerHttpMethodHeaderTest",
+ new Processor() {
+ public void process(Exchange exchange) throws Exception {
+ exchange.setPattern(ExchangePattern.InOut);
+ Message inMessage = exchange.getIn();
+ inMessage.setHeader(Exchange.HTTP_METHOD, "GET");
+ inMessage.setHeader(Exchange.HTTP_PATH, "/CxfRsProducerHttpMethodHeaderTest/");
+ inMessage.setHeader(Exchange.CONTENT_TYPE, "application/text");
+ inMessage.setBody("Hello World");
+ }
+
+ });
+
+ // get the response message
+ Response response = (Response) exchange.getMessage().getBody();
+
+ // check the response code on the Response object as set by the "HttpProcess"
+ assertEquals(200, response.getStatus());
+
+ Exchange e1 = getMockEndpoint("mock:result").getReceivedExchanges().get(0);
+ // should not contain CXF headers
+ assertFalse(() -> e1.getMessage().getHeaders().keySet().stream().anyMatch(k -> k.startsWith("org.apache.cxf")),
+ "Should not contain CXF headers");
+ }
+
+ @Override
+ protected RoutesBuilder createRouteBuilder() throws Exception {
+ return new RouteBuilder() {
+ @Override
+ public void configure() throws Exception {
+ fromF("jetty://http://localhost:%s/CxfRsProducerHttpMethodHeaderTest/?matchOnUriPrefix=true",
+ CXFTestSupport.getPort7())
+ .to("mock:result");
+ }
+ };
+ }
+}