You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2019/10/17 17:42:36 UTC
[tomcat] 02/02: Fix
https://bz.apache.org/bugzilla/show_bug.cgi?id=63825
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit 4dd08aeb92b29a1c0578f731816cdfda2d4132be
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Thu Oct 17 18:41:38 2019 +0100
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=63825
The expect header has a single defined value "100-continue" so look for
the exact value rather than a value that starts with "100-continue"
When looking for the "upgrade" token, use an exact match rather than
looking for any token then contains "upgrade"
---
java/org/apache/coyote/http11/Http11Processor.java | 27 +++++-----------------
webapps/docs/changelog.xml | 5 ++++
2 files changed, 11 insertions(+), 21 deletions(-)
diff --git a/java/org/apache/coyote/http11/Http11Processor.java b/java/org/apache/coyote/http11/Http11Processor.java
index 80d427f..faeb762 100644
--- a/java/org/apache/coyote/http11/Http11Processor.java
+++ b/java/org/apache/coyote/http11/Http11Processor.java
@@ -349,16 +349,7 @@ public class Http11Processor extends AbstractProcessor {
}
// Has an upgrade been requested?
- Enumeration<String> connectionValues = request.getMimeHeaders().values("Connection");
- boolean foundUpgrade = false;
- while (connectionValues.hasMoreElements() && !foundUpgrade) {
- String connectionValue = connectionValues.nextElement();
- if (connectionValue != null) {
- foundUpgrade = connectionValue.toLowerCase(Locale.ENGLISH).contains("upgrade");
- }
- }
-
- if (foundUpgrade) {
+ if (isConnectionToken(request.getMimeHeaders(), "upgrade")) {
// Check the protocol
String requestedProtocol = request.getHeader("Upgrade");
@@ -619,7 +610,7 @@ public class Http11Processor extends AbstractProcessor {
if (http11) {
MessageBytes expectMB = headers.getValue("expect");
if (expectMB != null && !expectMB.isNull()) {
- if (expectMB.indexOfIgnoreCase("100-continue", 0) != -1) {
+ if (expectMB.toString().trim().equalsIgnoreCase("100-continue")) {
inputBuffer.setSwallowInput(false);
request.setExpectation(true);
} else {
@@ -904,7 +895,7 @@ public class Http11Processor extends AbstractProcessor {
}
long contentLength = response.getContentLengthLong();
- boolean connectionClosePresent = isConnectionClose(headers);
+ boolean connectionClosePresent = isConnectionToken(headers, Constants.CLOSE);
if (http11 && response.getTrailerFields() != null) {
// If trailer fields are set, always use chunking
outputBuffer.addActiveFilter(outputFilters[Constants.CHUNKED_FILTER]);
@@ -995,25 +986,19 @@ public class Http11Processor extends AbstractProcessor {
outputBuffer.commit();
}
- private static boolean isConnectionClose(MimeHeaders headers) throws IOException {
+ private static boolean isConnectionToken(MimeHeaders headers, String token) throws IOException {
MessageBytes connection = headers.getValue(Constants.CONNECTION);
if (connection == null) {
return false;
}
Enumeration<String> values = headers.values(Constants.CONNECTION);
- Set<String> result = null;
+ Set<String> result = new HashSet<>();
while (values.hasMoreElements()) {
- if (result == null) {
- result = new HashSet<>();
- }
TokenList.parseTokenList(new StringReader(values.nextElement()), result);
}
- if (result == null) {
- return false;
- }
- return result.contains(Constants.CLOSE);
+ return result.contains(token);
}
private void prepareSendfile(OutputFilter[] outputFilters) {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index f3e161c..5998058 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -72,6 +72,11 @@
that started asynchronous processing has completed processing the
current request/response. (markt)
</fix>
+ <fix>
+ <bug>63825</bug>: When processing the <code>Expect</code> and
+ <code>Connection</code> HTTP headers looking for a specific token, be
+ stricter in ensuring that the exact token is present. (markt)
+ </fix>
</changelog>
</subsection>
</section>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org