You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@commons.apache.org by og...@apache.org on 2004/09/17 10:00:51 UTC
cvs commit: jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/params HttpMethodParams.java
oglueck 2004/09/17 01:00:51
Modified: httpclient/src/java/org/apache/commons/httpclient
HttpMethodBase.java
httpclient/src/java/org/apache/commons/httpclient/params
HttpMethodParams.java
Log:
add API Doc about buffering
add a warning if the buffered content length is unknown or > 1 MB
add config parameter for the above warning trigger limit
optimization of buffer allocation
PR: 31246, 30388
Reviewed by: Oleg Kalnichevski
Revision Changes Path
1.215 +29 -6 jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/HttpMethodBase.java
Index: HttpMethodBase.java
===================================================================
RCS file: /home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/HttpMethodBase.java,v
retrieving revision 1.214
retrieving revision 1.215
diff -u -r1.214 -r1.215
--- HttpMethodBase.java 16 Sep 2004 06:46:30 -0000 1.214
+++ HttpMethodBase.java 17 Sep 2004 08:00:51 -0000 1.215
@@ -181,6 +181,9 @@
/** Actual cookie policy */
private CookieSpec cookiespec = null;
+
+ /** Default initial size of the response buffer if content length is unknown. */
+ private static final int DEFAULT_INITIAL_BUFFER_SIZE = 4*1024; // 4 kB
// ----------------------------------------------------------- Constructors
@@ -667,6 +670,11 @@
* Returns the response body of the HTTP method, if any, as an array of bytes.
* If response body is not available or cannot be read, returns <tt>null</tt>
*
+ * Note: This will cause the entire response body to be buffered in memory. A
+ * malicious server may easily exhaust all the VM memory. It is strongly
+ * recommended, to use getResponseAsStream if the content length of the response
+ * is unknown or resonably large.
+ *
* @return The response body.
*
* @throws IOException If an I/O (transport) problem occurs while obtaining the
@@ -676,8 +684,18 @@
if (this.responseBody == null) {
InputStream instream = getResponseBodyAsStream();
if (instream != null) {
+ long contentLength = getResponseContentLength();
+ if (contentLength > Integer.MAX_VALUE) { //guard below cast from overflow
+ throw new IOException("Content too large to be buffered: "+ contentLength +" bytes");
+ }
+ int limit = getParams().getIntParameter(HttpMethodParams.BUFFER_WARN_TRIGGER_LIMIT, 1024*1024);
+ if ((contentLength == -1) || (contentLength > limit)) {
+ LOG.warn("Going to buffer response body of large or unknown size. "
+ +"Using getResponseAsStream instead is recommended.");
+ }
LOG.debug("Buffering response body");
- ByteArrayOutputStream outstream = new ByteArrayOutputStream();
+ ByteArrayOutputStream outstream = new ByteArrayOutputStream(
+ contentLength > 0 ? (int) contentLength : DEFAULT_INITIAL_BUFFER_SIZE);
byte[] buffer = new byte[4096];
int len;
while ((len = instream.read(buffer)) > 0) {
@@ -717,7 +735,12 @@
* If response body is not available or cannot be read, returns <tt>null</tt>
* The string conversion on the data is done using the character encoding specified
* in <tt>Content-Type</tt> header.
- *
+ *
+ * Note: This will cause the entire response body to be buffered in memory. A
+ * malicious server may easily exhaust all the VM memory. It is strongly
+ * recommended, to use getResponseAsStream if the content length of the response
+ * is unknown or resonably large.
+ *
* @return The response body.
*
* @throws IOException If an I/O (transport) problem occurs while obtaining the
1.15 +13 -4 jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/params/HttpMethodParams.java
Index: HttpMethodParams.java
===================================================================
RCS file: /home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/params/HttpMethodParams.java,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- HttpMethodParams.java 14 Sep 2004 20:11:32 -0000 1.14
+++ HttpMethodParams.java 17 Sep 2004 08:00:51 -0000 1.15
@@ -249,6 +249,15 @@
public static final String RETRY_HANDLER = "http.method.retry-handler";
/**
+ * Sets the maximum buffered response size (in bytes) that triggers no warning. Buffered
+ * responses exceeding this size will trigger a warning in the log.
+ * <p>
+ * This parameter expects a value if type {@link Integer}.
+ * </p>
+ */
+ public static final String BUFFER_WARN_TRIGGER_LIMIT = "http.method.response.buffer.warnlimit";
+
+ /**
* Creates a new collection of parameters with the collection returned
* by {@link #getDefaultParams()} as a parent. The collection will defer
* to its parent for a default value if a particular parameter is not
---------------------------------------------------------------------
To unsubscribe, e-mail: commons-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-dev-help@jakarta.apache.org