Refactoring and calling new cookie generator
Signed-off-by: Arjan Tijms <arjan.tijms@gmail.com>
diff --git a/appserver/web/web-core/src/main/java/org/apache/catalina/connector/Request.java b/appserver/web/web-core/src/main/java/org/apache/catalina/connector/Request.java
index 4ede460..0bf9345 100644
--- a/appserver/web/web-core/src/main/java/org/apache/catalina/connector/Request.java
+++ b/appserver/web/web-core/src/main/java/org/apache/catalina/connector/Request.java
@@ -2971,7 +2971,6 @@
try {
Cookie cookie = makeCookie(scookie);
cookie.setPath(scookie.getPath());
- cookie.setVersion(scookie.getVersion());
String domain = scookie.getDomain();
if (domain != null) {
cookie.setDomain(scookie.getDomain());
diff --git a/appserver/web/web-core/src/main/java/org/apache/catalina/connector/Response.java b/appserver/web/web-core/src/main/java/org/apache/catalina/connector/Response.java
index 02203d8..593221a 100644
--- a/appserver/web/web-core/src/main/java/org/apache/catalina/connector/Response.java
+++ b/appserver/web/web-core/src/main/java/org/apache/catalina/connector/Response.java
@@ -17,6 +17,21 @@
package org.apache.catalina.connector;
+import static org.apache.catalina.Globals.JREPLICA_PARAMETER;
+import static org.apache.catalina.Globals.JREPLICA_SESSION_NOTE;
+import static org.apache.catalina.Globals.SESSION_PARAMETER_NAME;
+import static org.apache.catalina.Globals.SESSION_VERSION_PARAMETER;
+import static org.apache.catalina.LogFacade.CANNOT_CALL_SEND_ERROR_EXCEPTION;
+import static org.apache.catalina.LogFacade.CANNOT_CALL_SEND_REDIRECT_EXCEPTION;
+import static org.apache.catalina.LogFacade.CANNOT_CHANGE_BUFFER_SIZE_EXCEPTION;
+import static org.apache.catalina.LogFacade.CANNOT_RESET_BUFFER_EXCEPTION;
+import static org.apache.catalina.LogFacade.ERROR_DURING_FINISH_RESPONSE;
+import static org.apache.catalina.LogFacade.GET_WRITER_BEEN_CALLED_EXCEPTION;
+import static org.apache.catalina.Logger.WARNING;
+import static org.apache.catalina.connector.Constants.PROXY_JROUTE;
+import static org.glassfish.common.util.InputValidationUtil.getSafeHeaderName;
+import static org.glassfish.common.util.InputValidationUtil.getSafeHeaderValue;
+import static org.glassfish.web.util.HtmlEntityEncoder.encodeXSS;
import java.io.IOException;
import java.io.OutputStream;
@@ -28,34 +43,36 @@
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.text.SimpleDateFormat;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Locale;
+import java.util.Map;
+import java.util.ResourceBundle;
+import java.util.TimeZone;
import java.util.function.Supplier;
import java.util.logging.Level;
import java.util.logging.Logger;
-import jakarta.servlet.ServletOutputStream;
-import jakarta.servlet.http.Cookie;
-import jakarta.servlet.http.HttpServletResponse;
-import com.sun.appserv.ProxyHandler;
import org.apache.catalina.Connector;
import org.apache.catalina.Context;
-import org.apache.catalina.LogFacade;
-import org.apache.catalina.Globals;
import org.apache.catalina.HttpResponse;
+import org.apache.catalina.LogFacade;
import org.apache.catalina.Session;
import org.apache.catalina.core.StandardContext;
import org.apache.catalina.security.SecurityUtil;
-import org.apache.catalina.util.CharsetMapper;
import org.apache.catalina.util.RequestUtil;
-import org.glassfish.common.util.InputValidationUtil;
import org.glassfish.grizzly.http.util.CharChunk;
-import org.glassfish.grizzly.http.util.CookieSerializerUtils;
-import org.glassfish.grizzly.http.util.CookieUtils;
+import org.glassfish.grizzly.http.util.CookieHeaderGenerator;
import org.glassfish.grizzly.http.util.FastHttpDateFormat;
import org.glassfish.grizzly.http.util.MimeHeaders;
import org.glassfish.grizzly.http.util.UEncoder;
-import org.glassfish.web.util.HtmlEntityEncoder;
-// START S1AS 6170450
+
+import com.sun.appserv.ProxyHandler;
+
+import jakarta.servlet.ServletOutputStream;
+import jakarta.servlet.http.Cookie;
+import jakarta.servlet.http.HttpServletResponse;
// END S1AS 6170450
@@ -67,80 +84,40 @@
* @version $Revision: 1.22 $ $Date: 2007/05/05 05:32:43 $
*/
-public class Response
- implements HttpResponse, HttpServletResponse {
+public class Response implements HttpResponse, HttpServletResponse {
// ------------------------------------------------------ Static variables
- private static final Logger log = LogFacade.getLogger();
- private static final ResourceBundle rb = log.getResourceBundle();
-
-
- /**
- * Whether or not to enforce scope checking of this object.
- */
- private static boolean enforceScope = false;
-
- public static final String HTTP_RESPONSE_DATE_HEADER =
- "EEE, dd MMM yyyy HH:mm:ss zzz";
+ public static final String HTTP_RESPONSE_DATE_HEADER = "EEE, dd MMM yyyy HH:mm:ss zzz";
/**
* Descriptive information about this Response implementation.
*/
- protected static final String info =
- "org.apache.catalina.connector.Response/1.0";
+ protected static final String info = "org.apache.catalina.connector.Response/1.0";
+ private static final Logger log = LogFacade.getLogger();
+ private static final ResourceBundle rb = log.getResourceBundle();
- // ----------------------------------------------------------- Constructors
-
- public Response() {
- // START OF SJSAS 6231069
- outputBuffer = new OutputBuffer();
- outputStream = new CoyoteOutputStream(outputBuffer);
- writer = createWriter(outputBuffer);
- // END OF SJSAS 6231069
- urlEncoder.addSafeCharacter('/');
- }
-
- // START OF SJSAS 6231069
- public Response(boolean chunkingDisabled) {
- outputBuffer = new OutputBuffer();
- outputStream = new CoyoteOutputStream(outputBuffer);
- writer = createWriter(outputBuffer);
- urlEncoder.addSafeCharacter('/');
- }
- // END OF SJSAS 6231069
-
+ /**
+ * Whether or not to enforce scope checking of this object.
+ */
+ private static boolean enforceScope;
// ----------------------------------------------------- Instance Variables
- // BEGIN S1AS 4878272
private String detailErrorMsg;
- // END S1AS 4878272
/**
* The date format we will use for creating date headers.
*/
- protected SimpleDateFormat format = null;
+ protected SimpleDateFormat format;
/**
* Associated context.
*/
- protected Context context = null;
+ protected Context context;
- protected boolean upgrade = false;
-
- // ------------------------------------------------------------- Properties
-
- /**
- * Set whether or not to enforce scope checking of this object.
- */
- public static void setEnforceScope(boolean enforce) {
-
- enforceScope = enforce;
-
- }
-
+ protected boolean upgrade;
/**
* Associated Catalina connector.
@@ -148,8 +125,49 @@
protected Connector connector;
/**
+ * The request with which this response is associated.
+ */
+ protected Request connectorRequest;
+
+ /**
+ * The facade associated with this response.
+ */
+ protected ResponseFacade connectorResponsefacade;
+
+ /**
+ * Grizzly response.
+ */
+ protected org.glassfish.grizzly.http.server.Response grizzlyResponse;
+
+ // ----------------------------------------------------------- Constructors
+
+ public Response() {
+ outputBuffer = new OutputBuffer();
+ outputStream = new CoyoteOutputStream(outputBuffer);
+ writer = createWriter(outputBuffer);
+ urlEncoder.addSafeCharacter('/');
+ }
+
+ public Response(boolean chunkingDisabled) {
+ outputBuffer = new OutputBuffer();
+ outputStream = new CoyoteOutputStream(outputBuffer);
+ writer = createWriter(outputBuffer);
+ urlEncoder.addSafeCharacter('/');
+ }
+
+ // ------------------------------------------------------------- Properties
+
+ /**
+ * Set whether or not to enforce scope checking of this object.
+ */
+ public static void setEnforceScope(boolean enforce) {
+ enforceScope = enforce;
+ }
+
+ /**
* Return the Connector through which this Request was received.
*/
+ @Override
public Connector getConnector() {
return this.connector;
}
@@ -159,23 +177,18 @@
*
* @param connector The new connector
*/
+ @Override
public void setConnector(Connector connector) {
this.connector = connector;
}
-
- /**
- * Coyote response.
- */
- protected org.glassfish.grizzly.http.server.Response coyoteResponse;
-
/**
* Set the Coyote response.
*
* @param coyoteResponse The Coyote response
*/
public void setCoyoteResponse(org.glassfish.grizzly.http.server.Response coyoteResponse) {
- this.coyoteResponse = coyoteResponse;
+ this.grizzlyResponse = coyoteResponse;
outputBuffer.setCoyoteResponse(this);
}
@@ -183,127 +196,97 @@
* Get the Coyote response.
*/
public org.glassfish.grizzly.http.server.Response getCoyoteResponse() {
- return coyoteResponse;
+ return grizzlyResponse;
}
-
/**
* Return the Context within which this Request is being processed.
*/
+ @Override
public Context getContext() {
/*
- * Ideally, we would call CoyoteResponse.setContext() from
- * CoyoteAdapter (the same way we call it for CoyoteRequest), and
- * have getContext() return this context. However, for backwards
- * compatibility with WS 7.0's NSAPIProcessor, which does not call
- * CoyoteResponse.setContext(), we must delegate to the getContext()
- * method of the linked request object.
+ * Ideally, we would call CoyoteResponse.setContext() from CoyoteAdapter (the same way we call it for CoyoteRequest),
+ * and have getContext() return this context. However, for backwards compatibility with WS 7.0's NSAPIProcessor, which
+ * does not call CoyoteResponse.setContext(), we must delegate to the getContext() method of the linked request object.
*/
- return request.getContext();
+ return connectorRequest.getContext();
}
/**
- * Set the Context within which this Request is being processed. This
- * must be called as soon as the appropriate Context is identified, because
- * it identifies the value to be returned by <code>getContextPath()</code>,
- * and thus enables parsing of the request URI.
+ * Set the Context within which this Request is being processed. This must be called as soon as the appropriate Context
+ * is identified, because it identifies the value to be returned by <code>getContextPath()</code>, and thus enables
+ * parsing of the request URI.
*
* @param context The newly associated Context
*/
+ @Override
public void setContext(Context context) {
this.context = context;
}
-
/**
* The associated output buffer.
*/
- // START OF SJSAS 6231069
- //protected OutputBuffer outputBuffer = new OutputBuffer();
protected OutputBuffer outputBuffer;
- // END OF SJSAS 6231069
/**
* The associated output stream.
*/
- // START OF SJSAS 6231069
- /*protected CoyoteOutputStream outputStream =
- new CoyoteOutputStream(outputBuffer);*/
protected CoyoteOutputStream outputStream;
- // END OF SJSAS 6231069
/**
* The associated writer.
*/
- // START OF SJSAS 6231069
- // protected CoyoteWriter writer = new CoyoteWriter(outputBuffer);
protected CoyoteWriter writer;
- // END OF SJSAS 6231069
-
/**
* The application commit flag.
*/
- protected boolean appCommitted = false;
-
+ protected boolean appCommitted;
/**
* The included flag.
*/
- protected boolean included = false;
-
+ protected boolean included;
/**
* The characterEncoding flag
*/
- private boolean isCharacterEncodingSet = false;
-
- /**
- * The contextType flag
- */
- private boolean isContentTypeSet = false;
-
+ private boolean isCharacterEncodingSet;
/**
* The error flag.
*/
- protected boolean error = false;
-
+ protected boolean error;
/**
* Using output stream flag.
*/
- protected boolean usingOutputStream = false;
-
+ protected boolean usingOutputStream;
/**
* Using writer flag.
*/
- protected boolean usingWriter = false;
-
+ protected boolean usingWriter;
/**
* URL encoder.
*/
protected UEncoder urlEncoder = new UEncoder();
-
/**
* Recyclable buffer to hold the redirect URL.
*/
- protected CharChunk redirectURLCC = new CharChunk();
-
+ protected CharChunk redirectURLCharChunk = new CharChunk();
// --------------------------------------------------------- Public Methods
-
/**
- * Release all object references, and initialize instance variables, in
- * preparation for reuse of this object.
+ * Release all object references, and initialize instance variables, in preparation for reuse of this object.
*/
+ @Override
public void recycle() {
-
- if (request != null && request.isAsyncStarted()) {
+ if (connectorRequest != null && connectorRequest.isAsyncStarted()) {
return;
}
@@ -314,14 +297,13 @@
appCommitted = false;
included = false;
error = false;
- isContentTypeSet = false;
isCharacterEncodingSet = false;
detailErrorMsg = null;
if (enforceScope) {
- if (facade != null) {
- facade.clear();
- facade = null;
+ if (connectorResponsefacade != null) {
+ connectorResponsefacade.clear();
+ connectorResponsefacade = null;
}
if (outputStream != null) {
outputStream.clear();
@@ -337,77 +319,67 @@
}
-
// ------------------------------------------------------- Response Methods
-
/**
* Return the number of bytes actually written to the output stream.
*/
+ @Override
public int getContentCount() {
return outputBuffer.getContentWritten();
}
-
/**
* Set the application commit flag.
*
* @param appCommitted The new application committed flag value
*/
+ @Override
public void setAppCommitted(boolean appCommitted) {
this.appCommitted = appCommitted;
}
-
/**
* Application commit flag accessor.
*/
+ @Override
public boolean isAppCommitted() {
- return this.appCommitted || isCommitted() || isSuspended()
- || getContentLength() > 0
- && getContentCount() >= getContentLength();
+ return appCommitted || isCommitted() || isSuspended() || getContentLength() > 0 && getContentCount() >= getContentLength();
}
-
/**
* Return the "processing inside an include" flag.
*/
+ @Override
public boolean getIncluded() {
return included;
}
-
/**
* Set the "processing inside an include" flag.
*
- * @param included <code>true</code> if we are currently inside a
- * RequestDispatcher.include(), else <code>false</code>
+ * @param included <code>true</code> if we are currently inside a RequestDispatcher.include(), else <code>false</code>
*/
+ @Override
public void setIncluded(boolean included) {
this.included = included;
}
-
/**
- * Return descriptive information about this Response implementation and
- * the corresponding version number, in the format
+ * Return descriptive information about this Response implementation and the corresponding version number, in the format
* <code><description>/<version></code>.
*/
+ @Override
public String getInfo() {
return info;
}
-
- /**
- * The request with which this response is associated.
- */
- protected Request request = null;
-
/**
* Return the Request with which this Response is associated.
*/
+ @Override
public org.apache.catalina.Request getRequest() {
- return this.request;
+ return connectorRequest;
}
/**
@@ -415,33 +387,28 @@
*
* @param request The new associated request
*/
+ @Override
public void setRequest(org.apache.catalina.Request request) {
if (request instanceof Request) {
- this.request = (Request) request;
+ this.connectorRequest = (Request) request;
}
}
-
/**
- * The facade associated with this response.
+ * Return the <code>ServletResponse</code> for which this object is the facade.
*/
- protected ResponseFacade facade = null;
-
- /**
- * Return the <code>ServletResponse</code> for which this object
- * is the facade.
- */
+ @Override
public HttpServletResponse getResponse() {
- if (facade == null) {
- facade = new ResponseFacade(this);
+ if (connectorResponsefacade == null) {
+ connectorResponsefacade = new ResponseFacade(this);
}
- return facade;
+ return connectorResponsefacade;
}
-
/**
* Return the output stream associated with this Response.
*/
+ @Override
public OutputStream getStream() {
if (outputStream == null) {
outputStream = new CoyoteOutputStream(outputBuffer);
@@ -449,81 +416,77 @@
return outputStream;
}
-
/**
* Set the output stream associated with this Response.
*
* @param stream The new output stream
*/
+ @Override
public void setStream(OutputStream stream) {
// This method is evil
}
-
/**
* Set the suspended flag.
*
* @param suspended The new suspended flag value
*/
+ @Override
public void setSuspended(boolean suspended) {
outputBuffer.setSuspended(suspended);
}
-
/**
* Suspended flag accessor.
*/
+ @Override
public boolean isSuspended() {
return outputBuffer.isSuspended();
}
-
/**
* Set the error flag.
*/
+ @Override
public void setError() {
error = true;
}
-
/**
* Error flag accessor.
*/
+ @Override
public boolean isError() {
return error;
}
-
- // BEGIN S1AS 4878272
/**
* Sets detail error message.
*
* @param message detail error message
*/
+ @Override
public void setDetailMessage(String message) {
this.detailErrorMsg = message;
}
-
/**
* Gets detail error message.
*
* @return the detail error message
*/
+ @Override
public String getDetailMessage() {
return this.detailErrorMsg;
}
- // END S1AS 4878272
-
/**
- * Create and return a ServletOutputStream to write the content
- * associated with this Response.
+ * Create and return a ServletOutputStream to write the content associated with this Response.
*
* @exception IOException if an input/output error occurs
*/
- public ServletOutputStream createOutputStream()
- throws IOException {
+ @Override
+ public ServletOutputStream createOutputStream() throws IOException {
// Probably useless
if (outputStream == null) {
outputStream = new CoyoteOutputStream(outputBuffer);
@@ -531,179 +494,158 @@
return outputStream;
}
-
/**
- * Perform whatever actions are required to flush and close the output
- * stream or writer, in a single operation.
+ * Perform whatever actions are required to flush and close the output stream or writer, in a single operation.
*
* @exception IOException if an input/output error occurs
*/
- public void finishResponse()
- throws IOException {
-
+ @Override
+ public void finishResponse() throws IOException {
// Writing leftover bytes
try {
outputBuffer.close();
- } catch(IOException e) {
- ;
- } catch(Throwable t) {
- log(rb.getString(LogFacade.ERROR_DURING_FINISH_RESPONSE), t);
+ } catch (IOException e) {
+
+ } catch (Throwable t) {
+ log(rb.getString(ERROR_DURING_FINISH_RESPONSE), t);
}
}
-
/**
* Return the content length that was set or calculated for this Response.
*/
+ @Override
public int getContentLength() {
- return coyoteResponse.getContentLength();
+ return grizzlyResponse.getContentLength();
}
-
/**
- * Return the content type that was set or calculated for this response,
- * or <code>null</code> if no content type was set.
+ * Return the content type that was set or calculated for this response, or <code>null</code> if no content type was
+ * set.
*/
+ @Override
public String getContentType() {
- return coyoteResponse.getContentType();
+ return grizzlyResponse.getContentType();
}
-
/**
- * Return a PrintWriter that can be used to render error messages,
- * regardless of whether a stream or writer has already been acquired.
+ * Return a PrintWriter that can be used to render error messages, regardless of whether a stream or writer has already
+ * been acquired.
*
- * @return Writer which can be used for error reports. If the response is
- * not an error report returned using sendError or triggered by an
- * unexpected exception thrown during the servlet processing
- * (and only in that case), null will be returned if the response stream
- * has already been used.
+ * @return Writer which can be used for error reports. If the response is not an error report returned using sendError
+ * or triggered by an unexpected exception thrown during the servlet processing (and only in that case), null will be
+ * returned if the response stream has already been used.
*
* @exception IOException if an input/output error occurs
*/
+ @Override
public PrintWriter getReporter() throws IOException {
- if (outputBuffer.isNew()) {
- outputBuffer.checkConverter();
- if (writer == null) {
- writer = createWriter(outputBuffer);
- }
- return writer;
- } else {
+ if (!outputBuffer.isNew()) {
return null;
}
+
+ outputBuffer.checkConverter();
+ if (writer == null) {
+ writer = createWriter(outputBuffer);
+ }
+
+ return writer;
}
-
// ------------------------------------------------ ServletResponse Methods
-
/**
* Flush the buffer and commit this response.
*
* @exception IOException if an input/output error occurs
*/
- public void flushBuffer()
- throws IOException {
+ @Override
+ public void flushBuffer() throws IOException {
outputBuffer.flush();
}
-
/**
* Return the actual buffer size used for this Response.
*/
+ @Override
public int getBufferSize() {
return outputBuffer.getBufferSize();
}
-
/**
* Return the character encoding used for this Response.
*/
+ @Override
public String getCharacterEncoding() {
- return coyoteResponse.getCharacterEncoding();
+ return grizzlyResponse.getCharacterEncoding();
}
-
/*
- * Overrides the name of the character encoding used in the body
- * of the request. This method must be called prior to reading
- * request parameters or reading input using getReader().
+ * Overrides the name of the character encoding used in the body of the request. This method must be called prior to
+ * reading request parameters or reading input using getReader().
*
* @param charset String containing the name of the character encoding.
*/
+ @Override
public void setCharacterEncoding(String charset) {
- if (isCommitted())
- return;
-
// Ignore any call from an included servlet
- if (included)
- return;
-
// Ignore any call made after the getWriter has been invoked
// The default should be used
- if (usingWriter)
+ if (isCommitted() || included || usingWriter) {
return;
+ }
- coyoteResponse.setCharacterEncoding(charset);
+ grizzlyResponse.setCharacterEncoding(charset);
isCharacterEncodingSet = true;
}
-
/**
* Return the servlet output stream associated with this Response.
*
- * @exception IllegalStateException if <code>getWriter</code> has
- * already been called for this response
+ * @exception IllegalStateException if <code>getWriter</code> has already been called for this response
* @exception IOException if an input/output error occurs
*/
- public ServletOutputStream getOutputStream()
- throws IOException {
-
- if (usingWriter)
- throw new IllegalStateException
- (rb.getString(LogFacade.GET_WRITER_BEEN_CALLED_EXCEPTION));
+ @Override
+ public ServletOutputStream getOutputStream() throws IOException {
+ if (usingWriter) {
+ throw new IllegalStateException(rb.getString(GET_WRITER_BEEN_CALLED_EXCEPTION));
+ }
usingOutputStream = true;
if (outputStream == null) {
outputStream = new CoyoteOutputStream(outputBuffer);
}
+
return outputStream;
-
}
-
/**
* Return the Locale assigned to this response.
*/
+ @Override
public Locale getLocale() {
- return coyoteResponse.getLocale();
+ return grizzlyResponse.getLocale();
}
-
/**
* Return the writer associated with this Response.
*
- * @exception IllegalStateException if <code>getOutputStream</code> has
- * already been called for this response
+ * @exception IllegalStateException if <code>getOutputStream</code> has already been called for this response
* @exception IOException if an input/output error occurs
*/
- public PrintWriter getWriter()
- throws IOException {
-
- if (usingOutputStream)
+ @Override
+ public PrintWriter getWriter() throws IOException {
+ if (usingOutputStream) {
throw new IllegalStateException(rb.getString(LogFacade.GET_OUTPUT_STREAM_BEEN_CALLED_EXCEPTION));
+ }
/*
- * If the response's character encoding has not been specified as
- * described in <code>getCharacterEncoding</code> (i.e., the method
- * just returns the default value <code>ISO-8859-1</code>),
- * <code>getWriter</code> updates it to <code>ISO-8859-1</code>
- * (with the effect that a subsequent call to getContentType() will
- * include a charset=ISO-8859-1 component which will also be
- * reflected in the Content-Type response header, thereby satisfying
- * the Servlet spec requirement that containers must communicate the
- * character encoding used for the servlet response's writer to the
+ * If the response's character encoding has not been specified as described in <code>getCharacterEncoding</code> (i.e.,
+ * the method just returns the default value <code>ISO-8859-1</code>), <code>getWriter</code> updates it to
+ * <code>ISO-8859-1</code> (with the effect that a subsequent call to getContentType() will include a charset=ISO-8859-1
+ * component which will also be reflected in the Content-Type response header, thereby satisfying the Servlet spec
+ * requirement that containers must communicate the character encoding used for the servlet response's writer to the
* client).
*/
setCharacterEncoding(getCharacterEncoding());
@@ -713,144 +655,125 @@
if (writer == null) {
writer = createWriter(outputBuffer);
}
+
return writer;
-
}
-
/**
* Has the output of this response already been committed?
*/
+ @Override
public boolean isCommitted() {
- return coyoteResponse.isCommitted();
+ return grizzlyResponse.isCommitted();
}
-
/**
* Clear any content written to the buffer.
*
- * @exception IllegalStateException if this response has already
- * been committed
+ * @exception IllegalStateException if this response has already been committed
*/
+ @Override
public void reset() {
+ if (included) {
+ return; // Ignore any call from an included servlet
+ }
- if (included)
- return; // Ignore any call from an included servlet
-
- coyoteResponse.reset();
+ grizzlyResponse.reset();
outputBuffer.reset();
+
// reset Grizzly duplicated internal attributes
- coyoteResponse.resetBuffer(true);
+ grizzlyResponse.resetBuffer(true);
usingOutputStream = false;
usingWriter = false;
isCharacterEncodingSet = false;
}
-
/**
* Reset the data buffer but not any status or header information.
*
- * @exception IllegalStateException if the response has already
- * been committed
+ * @exception IllegalStateException if the response has already been committed
*/
+ @Override
public void resetBuffer() {
resetBuffer(false);
}
-
/**
- * Reset the data buffer and the using Writer/Stream flags but not any
- * status or header information.
+ * Reset the data buffer and the using Writer/Stream flags but not any status or header information.
*
- * @param resetWriterStreamFlags <code>true</code> if the internal
- * <code>usingWriter</code>, <code>usingOutputStream</code>,
- * <code>isCharacterEncodingSet</code> flags should also be reset
+ * @param resetWriterStreamFlags <code>true</code> if the internal <code>usingWriter</code>,
+ * <code>usingOutputStream</code>, <code>isCharacterEncodingSet</code> flags should also be reset
*
- * @exception IllegalStateException if the response has already
- * been committed
+ * @exception IllegalStateException if the response has already been committed
*/
+ @Override
public void resetBuffer(boolean resetWriterStreamFlags) {
-
- if (isCommitted())
- throw new IllegalStateException(rb.getString(LogFacade.CANNOT_RESET_BUFFER_EXCEPTION));
+ if (isCommitted()) {
+ throw new IllegalStateException(rb.getString(CANNOT_RESET_BUFFER_EXCEPTION));
+ }
outputBuffer.reset();
- if(resetWriterStreamFlags) {
+ if (resetWriterStreamFlags) {
usingOutputStream = false;
usingWriter = false;
isCharacterEncodingSet = false;
}
-
}
-
/**
* Set the buffer size to be used for this Response.
*
* @param size The new buffer size
*
- * @exception IllegalStateException if this method is called after
- * output has been committed for this response
+ * @exception IllegalStateException if this method is called after output has been committed for this response
*/
+ @Override
public void setBufferSize(int size) {
-
- if (isCommitted() || !outputBuffer.isNew())
- throw new IllegalStateException(rb.getString(LogFacade.CANNOT_CHANGE_BUFFER_SIZE_EXCEPTION));
+ if (isCommitted() || !outputBuffer.isNew()) {
+ throw new IllegalStateException(rb.getString(CANNOT_CHANGE_BUFFER_SIZE_EXCEPTION));
+ }
outputBuffer.setBufferSize(size);
-
}
-
/**
* Set the content length (in bytes) for this Response.
*
* @param length The new content length
*/
+ @Override
public void setContentLength(int length) {
-
setContentLengthLong(length);
-
}
-
/**
- * Sets the length of the content body in the response In HTTP servlets,
- * this method sets the HTTP Content-Length header.
+ * Sets the length of the content body in the response In HTTP servlets, this method sets the HTTP Content-Length
+ * header.
*
* @param length The new content length
*/
+ @Override
public void setContentLengthLong(long length) {
-
- if (isCommitted())
- return;
-
// Ignore any call from an included servlet
- if (included)
+ if (isCommitted() || included || usingWriter) {
return;
+ }
- if (usingWriter)
- return;
-
- coyoteResponse.setContentLengthLong(length);
-
+ grizzlyResponse.setContentLengthLong(length);
}
-
/**
* Set the content type for this Response.
*
* @param type The new content type
*/
+ @Override
public void setContentType(String type) {
-
- if (isCommitted())
- return;
-
// Ignore any call from an included servlet
- if (included)
+ if (isCommitted() || included) {
return;
+ }
// Ignore charset if getWriter() has already been called
if (usingWriter) {
@@ -862,7 +785,7 @@
}
}
- coyoteResponse.setContentType(type);
+ grizzlyResponse.setContentType(type);
// Check to see if content type contains charset
if (type != null) {
@@ -873,205 +796,161 @@
while (index < len && Character.isWhitespace(type.charAt(index))) {
index++;
}
- if (index+7 < len
- && type.charAt(index) == 'c'
- && type.charAt(index+1) == 'h'
- && type.charAt(index+2) == 'a'
- && type.charAt(index+3) == 'r'
- && type.charAt(index+4) == 's'
- && type.charAt(index+5) == 'e'
- && type.charAt(index+6) == 't'
- && type.charAt(index+7) == '=') {
+ if (index + 7 < len &&
+ type.charAt(index) == 'c' &&
+ type.charAt(index + 1) == 'h' &&
+ type.charAt(index + 2) == 'a' &&
+ type.charAt(index + 3) == 'r' &&
+ type.charAt(index + 4) == 's' &&
+ type.charAt(index + 5) == 'e' &&
+ type.charAt(index + 6) == 't' &&
+ type.charAt(index + 7) == '=') {
isCharacterEncodingSet = true;
}
}
}
-
- isContentTypeSet = true;
}
-
/**
- * Set the Locale that is appropriate for this response, including
- * setting the appropriate character encoding.
+ * Set the Locale that is appropriate for this response, including setting the appropriate character encoding.
*
* @param locale The new locale
*/
+ @Override
public void setLocale(Locale locale) {
-
- if (isCommitted())
- return;
-
// Ignore any call from an included servlet
- if (included)
+ if (isCommitted() || included) {
return;
+ }
- coyoteResponse.setLocale(locale);
+ grizzlyResponse.setLocale(locale);
// Ignore any call made after the getWriter has been invoked.
// The default should be used
- if (usingWriter)
+ if (usingWriter) {
return;
+ }
if (isCharacterEncodingSet) {
return;
}
- CharsetMapper cm = getContext().getCharsetMapper();
- String charset = cm.getCharset( locale );
- if ( charset != null ){
- coyoteResponse.setCharacterEncoding(charset);
+ String charset = getContext().getCharsetMapper().getCharset(locale);
+ if (charset != null) {
+ grizzlyResponse.setCharacterEncoding(charset);
}
-
}
-
// --------------------------------------------------- HttpResponse Methods
-
/**
- * Return the value for the specified header, or <code>null</code> if this
- * header has not been set. If more than one value was added for this
- * name, only the first is returned; use {@link #getHeaders(String)} to
- * retrieve all of them.
+ * Return the value for the specified header, or <code>null</code> if this header has not been set. If more than one
+ * value was added for this name, only the first is returned; use {@link #getHeaders(String)} to retrieve all of them.
*
* @param name Header name to look up
*/
+ @Override
public String getHeader(String name) {
- return coyoteResponse.getHeader(name);
+ return grizzlyResponse.getHeader(name);
}
-
/**
- * @return a (possibly empty) <code>Collection</code> of the names
- * of the headers of this response
+ * @return a (possibly empty) <code>Collection</code> of the names of the headers of this response
*/
+ @Override
public Collection<String> getHeaderNames() {
- final Collection<String> result = new ArrayList<String>();
- for (final String headerName : coyoteResponse.getResponse().getHeaders().names()) {
- result.add(headerName);
+ final Collection<String> headerNames = new ArrayList<>();
+ for (String headerName : grizzlyResponse.getResponse().getHeaders().names()) {
+ headerNames.add(headerName);
}
- return result;
+ return headerNames;
}
-
/**
* @param name the name of the response header whose values to return
*
- * @return a (possibly empty) <code>Collection</code> of the values
- * of the response header with the given name
+ * @return a (possibly empty) <code>Collection</code> of the values of the response header with the given name
*/
+ @Override
public Collection<String> getHeaders(String name) {
- final Collection<String> result = new ArrayList<String>();
- for (final String headerValue : coyoteResponse.getResponse().getHeaders().values(name)) {
- result.add(headerValue);
+ final Collection<String> headers = new ArrayList<>();
+ for (String headerValue : grizzlyResponse.getResponse().getHeaders().values(name)) {
+ headers.add(headerValue);
}
- return result;
+ return headers;
}
-
/**
- * Return the error message that was set with <code>sendError()</code>
- * for this Response.
+ * Return the error message that was set with <code>sendError()</code> for this Response.
*/
+ @Override
public String getMessage() {
- return coyoteResponse.getMessage();
+ return grizzlyResponse.getMessage();
}
-
/**
* Return the HTTP status code associated with this Response.
*/
+ @Override
public int getStatus() {
- return coyoteResponse.getStatus();
+ return grizzlyResponse.getStatus();
}
-
/**
- * Reset this response, and specify the values for the HTTP status code
- * and corresponding message.
+ * Reset this response, and specify the values for the HTTP status code and corresponding message.
*
- * @exception IllegalStateException if this response has already been
- * committed
+ * @exception IllegalStateException if this response has already been committed
*/
+ @Override
public void reset(int status, String message) {
reset();
setStatus(status, message);
}
-
// -------------------------------------------- HttpServletResponse Methods
-
/**
- * Add the specified Cookie to those that will be included with
- * this Response.
+ * Add the specified Cookie to those that will be included with this Response.
*
* @param cookie Cookie to be added
*/
+ @Override
public void addCookie(final Cookie cookie) {
-
- if (isCommitted())
- return;
-
// Ignore any call from an included servlet
- if (included)
+ if (isCommitted() || included) {
return;
-
- /* GlassFish 898
- final StringBuilder sb = new StringBuilder();
- if (SecurityUtil.isPackageProtectionEnabled()) {
- AccessController.doPrivileged(new PrivilegedAction<Void>() {
- public Void run(){
- ServerCookie.appendCookieValue
- (sb, cookie.getVersion(), cookie.getName(),
- cookie.getValue(), cookie.getPath(),
- cookie.getDomain(), cookie.getComment(),
- cookie.getMaxAge(), cookie.getSecure());
- return null;
- }
- });
- } else {
- ServerCookie.appendCookieValue
- (sb, cookie.getVersion(), cookie.getName(), cookie.getValue(),
- cookie.getPath(), cookie.getDomain(), cookie.getComment(),
- cookie.getMaxAge(), cookie.getSecure());
}
- */
- // START GlassFish 898
- String cookieValue = getCookieString(cookie);
- // END GlassFish 898
- // the header name is Set-Cookie for both "old" and v.1 ( RFC2109 )
+ String cookieValue = getCookieString(cookie);
+
+ // The header name is Set-Cookie for both "old" and v.1 (RFC2109)
// RFC2965 is not supported by browsers and the Servlet spec
- // asks for 2109.
- /* GlassFish 898
- addHeader("Set-Cookie", sb.toString());
- */
- // START GlassFish 898
+ // asks for RFC6265 (which obsoletes both RFC2965 and RFC2109)
addHeader("Set-Cookie", cookieValue);
- // END GlassFish 898
}
/**
- * Special method for adding a session cookie as we should be overriding
- * any previous
+ * Special method for adding a session cookie as we should be overriding any previous
+ *
* @param cookie
*/
+ @Override
public void addSessionCookieInternal(final Cookie cookie) {
- if (isCommitted())
+ if (isCommitted()) {
return;
+ }
String name = cookie.getName();
final String headername = "Set-Cookie";
final String startsWith = name + "=";
final String cookieString = getCookieString(cookie);
boolean set = false;
- MimeHeaders headers = coyoteResponse.getResponse().getHeaders();
- int n = headers.size();
- for (int i = 0; i < n; i++) {
+
+ MimeHeaders headers = grizzlyResponse.getResponse().getHeaders();
+ int headersSize = headers.size();
+ for (int i = 0; i < headersSize; i++) {
if (headers.getName(i).toString().equals(headername)) {
if (headers.getValue(i).toString().startsWith(startsWith)) {
headers.getValue(i).setString(cookieString);
@@ -1079,11 +958,10 @@
}
}
}
+
if (!set) {
addHeader(headername, cookieString);
}
-
-
}
/**
@@ -1092,246 +970,173 @@
* @param name Name of the header to set
* @param value Date value to be set
*/
+ @Override
public void addDateHeader(String name, long value) {
-
- if (name == null || name.length() == 0) {
- return;
- }
-
- if (isCommitted())
- return;
-
// Ignore any call from an included servlet
- if (included) {
+ if (name == null || name.length() == 0 || isCommitted() || included) {
return;
}
if (format == null) {
- format = new SimpleDateFormat(HTTP_RESPONSE_DATE_HEADER,
- Locale.US);
+ format = new SimpleDateFormat(HTTP_RESPONSE_DATE_HEADER, Locale.US);
format.setTimeZone(TimeZone.getTimeZone("GMT"));
}
addHeader(name, FastHttpDateFormat.formatDate(value, format));
-
}
-
/**
* Add the specified header to the specified value.
*
* @param name Name of the header to set
* @param value Value to be set
*/
+ @Override
public void addHeader(String name, String value) {
-
- if (name == null || name.length() == 0 || value == null) {
+ // Ignore any call from an included servlet
+ if (name == null || name.length() == 0 || value == null || isCommitted() || included) {
return;
}
- if (isCommitted())
- return;
-
- // Ignore any call from an included servlet
- if (included)
- return;
-
- coyoteResponse.addHeader(name, value);
-
+ grizzlyResponse.addHeader(name, value);
}
-
/**
* Add the specified integer header to the specified value.
*
* @param name Name of the header to set
* @param value Integer value to be set
*/
+ @Override
public void addIntHeader(String name, int value) {
-
- if (name == null || name.length() == 0) {
+ // Ignore any call from an included servlet
+ if (name == null || name.length() == 0 || isCommitted() || included) {
return;
}
- if (isCommitted())
- return;
-
- // Ignore any call from an included servlet
- if (included)
- return;
-
addHeader(name, "" + value);
-
}
-
/**
* Has the specified header been set already in this response?
*
* @param name Name of the header to check
*/
+ @Override
public boolean containsHeader(String name) {
- return coyoteResponse.containsHeader(name);
+ return grizzlyResponse.containsHeader(name);
}
-
@Override
public Supplier<Map<String, String>> getTrailerFields() {
- return coyoteResponse.getTrailers();
+ return grizzlyResponse.getTrailers();
}
-
@Override
public void setTrailerFields(Supplier<Map<String, String>> supplier) {
- coyoteResponse.setTrailers(supplier);
+ grizzlyResponse.setTrailers(supplier);
}
-
/**
- * Encode the session identifier associated with this response
- * into the specified redirect URL, if necessary.
+ * Encode the session identifier associated with this response into the specified redirect URL, if necessary.
*
* @param url URL to be encoded
*/
+ @Override
public String encodeRedirectURL(String url) {
- if (isEncodeable(toAbsolute(url))) {
- String sessionVersion = null;
- Map<String, String> sessionVersions =
- request.getSessionVersionsRequestAttribute();
- if (sessionVersions != null) {
- sessionVersion = RequestUtil.createSessionVersionString(
- sessionVersions);
- }
- return toEncoded(url,
- request.getSessionInternal().getIdInternal(),
- sessionVersion);
- } else {
+ if (!isEncodeable(toAbsolute(url))) {
return url;
}
+
+ String sessionVersion = null;
+ Map<String, String> sessionVersions = connectorRequest.getSessionVersionsRequestAttribute();
+ if (sessionVersions != null) {
+ sessionVersion = RequestUtil.createSessionVersionString(sessionVersions);
+ }
+
+ return toEncoded(url, connectorRequest.getSessionInternal().getIdInternal(), sessionVersion);
}
-
/**
- * Encode the session identifier associated with this response
- * into the specified redirect URL, if necessary.
- *
- * @param url URL to be encoded
- *
- * @deprecated As of Version 2.1 of the Java Servlet API, use
- * <code>encodeRedirectURL()</code> instead.
- */
- public String encodeRedirectUrl(String url) {
- return encodeRedirectURL(url);
- }
-
-
- /**
- * Encode the session identifier associated with this response
- * into the specified URL, if necessary.
+ * Encode the session identifier associated with this response into the specified URL, if necessary.
*
* @param url URL to be encoded
*/
+ @Override
public String encodeURL(String url) {
String absolute = toAbsolute(url);
- if (isEncodeable(absolute)) {
- // W3c spec clearly said
- if (url.equalsIgnoreCase("")){
- url = absolute;
- } else if (url.equals(absolute) && !hasPath(url)) {
- url += '/';
- }
- String sessionVersion = null;
- Map<String, String> sessionVersions =
- request.getSessionVersionsRequestAttribute();
- if (sessionVersions != null) {
- sessionVersion = RequestUtil.createSessionVersionString(
- sessionVersions);
- }
- return toEncoded(url,
- request.getSessionInternal().getIdInternal(),
- sessionVersion);
- } else {
+ if (!isEncodeable(absolute)) {
return url;
}
+
+ // W3c spec clearly said
+ if (url.equalsIgnoreCase("")) {
+ url = absolute;
+ } else if (url.equals(absolute) && !hasPath(url)) {
+ url += '/';
+ }
+
+ String sessionVersion = null;
+ Map<String, String> sessionVersions = connectorRequest.getSessionVersionsRequestAttribute();
+ if (sessionVersions != null) {
+ sessionVersion = RequestUtil.createSessionVersionString(sessionVersions);
+ }
+
+ return toEncoded(url, connectorRequest.getSessionInternal().getIdInternal(), sessionVersion);
}
-
/**
- * Encode the session identifier associated with this response
- * into the specified URL, if necessary.
- *
- * @param url URL to be encoded
- *
- * @deprecated As of Version 2.1 of the Java Servlet API, use
- * <code>encodeURL()</code> instead.
- */
- public String encodeUrl(String url) {
- return encodeURL(url);
- }
-
-
- /**
- * Apply URL Encoding to the given URL without adding session identifier
- * et al associated to this response.
+ * Apply URL Encoding to the given URL without adding session identifier et al associated to this response.
*
* @param url URL to be encoded
*/
+ @Override
public String encode(String url) {
return urlEncoder.encodeURL(url);
}
-
/**
* Send an acknowledgment of a request.
*
* @exception IOException if an input/output error occurs
*/
- public void sendAcknowledgement()
- throws IOException {
-
- if (isCommitted())
- return;
-
+ @Override
+ public void sendAcknowledgement() throws IOException {
// Ignore any call from an included servlet
- if (included)
+ if (isCommitted() || included) {
return;
+ }
- coyoteResponse.sendAcknowledgement();
-
+ grizzlyResponse.sendAcknowledgement();
}
-
/**
- * Send an error response with the specified status and a
- * default message.
+ * Send an error response with the specified status and a default message.
*
* @param status HTTP status code to send
*
- * @exception IllegalStateException if this response has
- * already been committed
+ * @exception IllegalStateException if this response has already been committed
* @exception IOException if an input/output error occurs
*/
- public void sendError(int status)
- throws IOException {
+ @Override
+ public void sendError(int status) throws IOException {
sendError(status, null);
}
-
/**
* Send an error response with the specified status and message.
*
* @param status HTTP status code to send
* @param message Corresponding message to send
*
- * @exception IllegalStateException if this response has
- * already been committed
+ * @exception IllegalStateException if this response has already been committed
* @exception IOException if an input/output error occurs
*/
- public void sendError(int status, String message)
- throws IOException {
-
- if (isCommitted())
- throw new IllegalStateException(rb.getString(LogFacade.CANNOT_CALL_SEND_ERROR_EXCEPTION));
+ @Override
+ public void sendError(int status, String message) throws IOException {
+ if (isCommitted()) {
+ throw new IllegalStateException(rb.getString(CANNOT_CALL_SEND_ERROR_EXCEPTION));
+ }
// Ignore any call from an included servlet
if (included) {
@@ -1340,71 +1145,63 @@
setError();
- coyoteResponse.setStatus(status);
- // use encoding in GlassFish
- coyoteResponse.getResponse().setHtmlEncodingCustomReasonPhrase(false);
- coyoteResponse.setDetailMessage(HtmlEntityEncoder.encodeXSS(message));
+ grizzlyResponse.setStatus(status);
+
+ // Use encoding in GlassFish
+ grizzlyResponse.getResponse().setHtmlEncodingCustomReasonPhrase(false);
+ grizzlyResponse.setDetailMessage(encodeXSS(message));
// Clear any data content that has been buffered
resetBuffer();
// Cause the response to be finished (from the application perspective)
setSuspended(true);
-
}
-
/**
* Sends a temporary redirect to the specified redirect location URL.
*
* @param location Location URL to redirect to
*
- * @throws IllegalStateException if this response has
- * already been committed
+ * @throws IllegalStateException if this response has already been committed
* @throws IOException if an input/output error occurs
*/
+ @Override
public void sendRedirect(String location) throws IOException {
sendRedirect(location, true);
}
-
/**
- * Sends a temporary or permanent redirect to the specified redirect
- * location URL.
+ * Sends a temporary or permanent redirect to the specified redirect location URL.
*
* @param location Location URL to redirect to
- * @param isTemporary true if the redirect is supposed to be temporary,
- * false if permanent
+ * @param isTemporary true if the redirect is supposed to be temporary, false if permanent
*
- * @throws IllegalStateException if this response has
- * already been committed
+ * @throws IllegalStateException if this response has already been committed
* @throws IOException if an input/output error occurs
*/
- public void sendRedirect(String location, boolean isTemporary)
- throws IOException {
-
- if (isCommitted())
- throw new IllegalStateException(rb.getString(LogFacade.CANNOT_CALL_SEND_REDIRECT_EXCEPTION));
+ public void sendRedirect(String location, boolean isTemporary) throws IOException {
+ if (isCommitted()) {
+ throw new IllegalStateException(rb.getString(CANNOT_CALL_SEND_REDIRECT_EXCEPTION));
+ }
// Ignore any call from an included servlet
- if (included)
+ if (included) {
return;
+ }
// Clear any data content that has been buffered
resetBuffer();
// Generate a temporary redirect to the specified location
try {
- /* RIMOD 4642650
- String absolute = toAbsolute(location);
- */
- // START RIMOD 4642650
String absolute;
- if (getContext().getAllowRelativeRedirect())
+ if (getContext().getAllowRelativeRedirect()) {
absolute = location;
- else
+ } else {
absolute = toAbsolute(location);
- // END RIMOD 4642650
+ }
+
if (isTemporary) {
setStatus(SC_MOVED_TEMPORARILY);
} else {
@@ -1418,7 +1215,7 @@
setContentType("text/html");
setLocale(Locale.getDefault());
- String href = HtmlEntityEncoder.encodeXSS(absolute);
+ String href = encodeXSS(absolute);
StringBuilder sb = new StringBuilder(150 + href.length());
sb.append("<html>\r\n");
@@ -1446,113 +1243,90 @@
// Cause the response to be finished (from the application perspective)
setSuspended(true);
-
}
-
/**
* Set the specified date header to the specified value.
*
* @param name Name of the header to set
* @param value Date value to be set
*/
+ @Override
public void setDateHeader(String name, long value) {
-
- if (name == null || name.length() == 0) {
- return;
- }
-
- if (isCommitted())
- return;
-
// Ignore any call from an included servlet
- if (included) {
+ if (name == null || name.length() == 0 || isCommitted() || included) {
return;
}
if (format == null) {
- format = new SimpleDateFormat(HTTP_RESPONSE_DATE_HEADER,
- Locale.US);
+ format = new SimpleDateFormat(HTTP_RESPONSE_DATE_HEADER, Locale.US);
format.setTimeZone(TimeZone.getTimeZone("GMT"));
}
setHeader(name, FastHttpDateFormat.formatDate(value, format));
-
}
-
/**
* Set the specified header to the specified value.
*
* @param name Name of the header to set
* @param value Value to be set
*/
+ @Override
public void setHeader(String name, String value) {
-
- if (name == null || name.length() == 0 || value == null) {
+ if (name == null || name.length() == 0 || value == null || isCommitted()) {
return;
}
- if (isCommitted())
- return;
-
// Ignore any call from an included servlet
- if (included)
+ if (included) {
return;
+ }
try {
- String safeName = InputValidationUtil.getSafeHeaderName(name);
- String safeValue = InputValidationUtil.getSafeHeaderValue(value);
- coyoteResponse.setHeader(safeName, safeValue);
+ grizzlyResponse.setHeader(
+ getSafeHeaderName(name),
+ getSafeHeaderValue(value));
} catch (Exception e) {
try {
- coyoteResponse.sendError(403, "Forbidden");
+ grizzlyResponse.sendError(403, "Forbidden");
} catch (IOException ex) {
// just return
}
}
-
}
-
/**
* Set the specified integer header to the specified value.
*
* @param name Name of the header to set
* @param value Integer value to be set
*/
+ @Override
public void setIntHeader(String name, int value) {
-
- if (name == null || name.length() == 0) {
+ // Ignore any call from an included servlet
+ if (name == null || name.length() == 0 || isCommitted() || included) {
return;
}
- if (isCommitted())
- return;
-
- // Ignore any call from an included servlet
- if (included)
- return;
-
setHeader(name, "" + value);
-
}
-
/**
* Set the HTTP status to be returned with this response.
*
* @param status The new HTTP status
*/
+ @Override
public void setStatus(int status) {
setStatus(status, null);
}
+ @Override
public void setError(int status, String message) {
setStatus(status, message);
}
-
/**
* Set the HTTP status and message to be returned with this response.
*
@@ -1561,72 +1335,59 @@
*
*/
private void setStatus(int status, String message) {
- if (isCommitted())
- return;
-
// Ignore any call from an included servlet
- if (included)
+ if (isCommitted() || included) {
return;
+ }
- coyoteResponse.setStatus(status);
- // use encoding in GlassFish
- coyoteResponse.getResponse().setHtmlEncodingCustomReasonPhrase(false);
- coyoteResponse.setDetailMessage(HtmlEntityEncoder.encodeXSS(message));
+ grizzlyResponse.setStatus(status);
+ // Use encoding in GlassFish
+ grizzlyResponse.getResponse().setHtmlEncodingCustomReasonPhrase(false);
+ grizzlyResponse.setDetailMessage(encodeXSS(message));
}
-
// ------------------------------------------------------ Protected Methods
-
/**
- * Return <code>true</code> if the specified URL should be encoded with
- * a session identifier. This will be true if all of the following
- * conditions are met:
+ * Return <code>true</code> if the specified URL should be encoded with a session identifier. This will be true if all
+ * of the following conditions are met:
* <ul>
* <li>The request we are responding to asked for a valid session
* <li>The requested session ID was not received via a cookie
- * <li>The specified URL points back to somewhere within the web
- * application that is responding to this request
+ * <li>The specified URL points back to somewhere within the web application that is responding to this request
* </ul>
*
* @param location Absolute URL to be validated
*/
protected boolean isEncodeable(final String location) {
-
- if (location == null)
- return false;
-
// Is this an intra-document reference?
- if (location.startsWith("#"))
+ if (location == null || location.startsWith("#")) {
return false;
+ }
// Are we in a valid session that is not using cookies?
- final Request hreq = request;
- final Session session = hreq.getSessionInternal(false);
+ final Session session = connectorRequest.getSessionInternal(false);
if (session == null) {
return false;
}
- if (hreq.isRequestedSessionIdFromCookie() ||
- getContext() != null && !getContext().isEnableURLRewriting()) {
+
+ if (connectorRequest.isRequestedSessionIdFromCookie() || getContext() != null && !getContext().isEnableURLRewriting()) {
return false;
}
if (SecurityUtil.isPackageProtectionEnabled()) {
- return (
- AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
-
+ return (AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
@Override
- public Boolean run(){
- return Boolean.valueOf(doIsEncodeable(hreq, session, location));
+ public Boolean run() {
+ return Boolean.valueOf(doIsEncodeable(connectorRequest, session, location));
}
})).booleanValue();
} else {
- return doIsEncodeable(hreq, session, location);
+ return doIsEncodeable(connectorRequest, session, location);
}
}
- private boolean doIsEncodeable(Request hreq, Session session,
- String location){
+ private boolean doIsEncodeable(Request hreq, Session session, String location) {
// Is this a valid absolute URL?
URL url = null;
try {
@@ -1636,26 +1397,31 @@
}
// Does this URL match down to (and including) the context path?
- if (!hreq.getScheme().equalsIgnoreCase(url.getProtocol()))
+ if (!hreq.getScheme().equalsIgnoreCase(url.getProtocol()) || !hreq.getServerName().equalsIgnoreCase(url.getHost())) {
return false;
- if (!hreq.getServerName().equalsIgnoreCase(url.getHost()))
- return false;
+ }
+
int serverPort = hreq.getServerPort();
if (serverPort == -1) {
- if ("https".equals(hreq.getScheme()))
+ if ("https".equals(hreq.getScheme())) {
serverPort = 443;
- else
+ } else {
serverPort = 80;
+ }
}
+
int urlPort = url.getPort();
if (urlPort == -1) {
- if ("https".equals(url.getProtocol()))
+ if ("https".equals(url.getProtocol())) {
urlPort = 443;
- else
+ } else {
urlPort = 80;
+ }
}
- if (serverPort != urlPort)
+
+ if (serverPort != urlPort) {
return false;
+ }
Context ctx = getContext();
if (ctx != null) {
@@ -1665,6 +1431,7 @@
if (file == null || !file.startsWith(contextPath)) {
return false;
}
+
String sessionParamName = ctx.getSessionParameterName();
if (file.contains(";" + sessionParamName + "=" + session.getIdInternal())) {
return false;
@@ -1674,82 +1441,76 @@
// This URL belongs to our web application, so it is encodeable
return true;
-
}
-
/**
- * Convert (if necessary) and return the absolute URL that represents the
- * resource referenced by this possibly relative URL. If this URL is
- * already absolute, return it unchanged.
+ * Convert (if necessary) and return the absolute URL that represents the resource referenced by this possibly relative
+ * URL. If this URL is already absolute, return it unchanged.
*
* @param location URL to be (possibly) converted and then returned
*
- * @exception IllegalArgumentException if a MalformedURLException is
- * thrown when converting the relative URL to an absolute one
+ * @exception IllegalArgumentException if a MalformedURLException is thrown when converting the relative URL to an
+ * absolute one
*/
protected String toAbsolute(String location) {
-
- if (location == null)
+ if (location == null) {
return location;
+ }
boolean leadingSlash = location.startsWith("/");
if (location.startsWith("//")) {
// Scheme relative, network-path reference in RFC 3986
- redirectURLCC.recycle();
+ redirectURLCharChunk.recycle();
+
// Add the scheme
String scheme = getRedirectScheme();
try {
- redirectURLCC.append(scheme, 0, scheme.length());
- redirectURLCC.append(':');
- redirectURLCC.append(location, 0, location.length());
- return redirectURLCC.toString();
+ redirectURLCharChunk.append(scheme, 0, scheme.length());
+ redirectURLCharChunk.append(':');
+ redirectURLCharChunk.append(location, 0, location.length());
+
+ return redirectURLCharChunk.toString();
} catch (IOException e) {
- IllegalArgumentException iae =
- new IllegalArgumentException(location);
- iae.initCause(e);
- throw iae;
+ throw new IllegalArgumentException(location, e);
}
- } else if (leadingSlash || (location.indexOf("://") == -1)) {
+ }
- redirectURLCC.recycle();
+ if (leadingSlash || location.indexOf("://") == -1) {
+ redirectURLCharChunk.recycle();
String scheme = getRedirectScheme();
-
- String name = request.getServerName();
- int port = request.getServerPort();
+ String name = connectorRequest.getServerName();
+ int port = connectorRequest.getServerPort();
try {
- redirectURLCC.append(scheme, 0, scheme.length());
- redirectURLCC.append("://", 0, 3);
- redirectURLCC.append(name, 0, name.length());
- if (scheme.equals("http") && port != 80
- || scheme.equals("https") && port != 443) {
- redirectURLCC.append(':');
+ redirectURLCharChunk.append(scheme, 0, scheme.length());
+ redirectURLCharChunk.append("://", 0, 3);
+ redirectURLCharChunk.append(name, 0, name.length());
+ if (scheme.equals("http") && port != 80 || scheme.equals("https") && port != 443) {
+ redirectURLCharChunk.append(':');
String portS = port + "";
- redirectURLCC.append(portS, 0, portS.length());
+ redirectURLCharChunk.append(portS, 0, portS.length());
}
+
if (!leadingSlash) {
- String relativePath = request.getDecodedRequestURI();
- int pos = relativePath.lastIndexOf('/');
- relativePath = relativePath.substring(0, pos);
+ String relativePath = connectorRequest.getDecodedRequestURI();
+ relativePath = relativePath.substring(0, relativePath.lastIndexOf('/'));
String encodedURI = null;
final String frelativePath = relativePath;
- if (SecurityUtil.isPackageProtectionEnabled() ){
- try{
- encodedURI = AccessController.doPrivileged(
- new PrivilegedExceptionAction<String>(){
- public String run() throws IOException{
- return urlEncoder.encodeURL(frelativePath);
- }
- });
- } catch (PrivilegedActionException pae){
- IllegalArgumentException iae =
- new IllegalArgumentException(location);
+ if (SecurityUtil.isPackageProtectionEnabled()) {
+ try {
+ encodedURI = AccessController.doPrivileged(new PrivilegedExceptionAction<String>() {
+ @Override
+ public String run() throws IOException {
+ return urlEncoder.encodeURL(frelativePath);
+ }
+ });
+ } catch (PrivilegedActionException pae) {
+ IllegalArgumentException iae = new IllegalArgumentException(location);
iae.initCause(pae.getCause());
throw iae;
}
@@ -1757,53 +1518,39 @@
encodedURI = urlEncoder.encodeURL(relativePath);
}
- redirectURLCC.append(encodedURI, 0, encodedURI.length());
- redirectURLCC.append('/');
+ redirectURLCharChunk.append(encodedURI, 0, encodedURI.length());
+ redirectURLCharChunk.append('/');
}
- redirectURLCC.append(location, 0, location.length());
- normalize(redirectURLCC);
+ redirectURLCharChunk.append(location, 0, location.length());
+ normalize(redirectURLCharChunk);
} catch (IOException e) {
- IllegalArgumentException iae =
- new IllegalArgumentException(location);
- iae.initCause(e);
- throw iae;
+ throw new IllegalArgumentException(location, e);
}
- return redirectURLCC.toString();
-
- } else {
-
- return location;
-
+ return redirectURLCharChunk.toString();
}
+ return location;
}
-
/**
* Returns the scheme for a redirect if it is not specified.
*/
private String getRedirectScheme() {
- String scheme = request.getScheme();
+ String scheme = connectorRequest.getScheme();
- // START S1AS 6170450
- if (getConnector() != null
- && getConnector().getAuthPassthroughEnabled()) {
+ if (getConnector() != null && getConnector().getAuthPassthroughEnabled()) {
ProxyHandler proxyHandler = getConnector().getProxyHandler();
- if (proxyHandler != null
- && proxyHandler.getSSLKeysize(request) > 0) {
+ if (proxyHandler != null && proxyHandler.getSSLKeysize(connectorRequest) > 0) {
scheme = "https";
}
}
- // END S1AS 6170450
return scheme;
}
-
/**
- * Return the specified URL with the specified session identifier
- * suitably encoded.
+ * Return the specified URL with the specified session identifier suitably encoded.
*
* @param url URL to be encoded with the session id
* @param sessionId Session id to be included in the encoded URL
@@ -1812,74 +1559,69 @@
return toEncoded(url, sessionId, null);
}
-
/**
- * Return the specified URL with the specified session identifier
- * suitably encoded.
+ * Return the specified URL with the specified session identifier suitably encoded.
*
* @param url URL to be encoded with the session id
* @param sessionId Session id to be included in the encoded URL
* @param sessionVersion Session version to be included in the encoded URL
*/
- private String toEncoded(String url, String sessionId,
- String sessionVersion) {
- if (url == null || sessionId == null)
+ private String toEncoded(String url, String sessionId, String sessionVersion) {
+ if (url == null || sessionId == null) {
return url;
+ }
String path = url;
String query = "";
String anchor = "";
+
int question = url.indexOf('?');
if (question >= 0) {
path = url.substring(0, question);
query = url.substring(question);
}
+
int pound = path.indexOf('#');
if (pound >= 0) {
anchor = path.substring(pound);
path = path.substring(0, pound);
}
- StringBuilder sb = new StringBuilder(path);
- if( sb.length() > 0 ) { // jsessionid can't be first.
+ StringBuilder urlBuilder = new StringBuilder(path);
+ if (urlBuilder.length() > 0) { // jsessionid can't be first.
StandardContext ctx = (StandardContext) getContext();
- String sessionParamName =
- ctx != null ? ctx.getSessionParameterName() :
- Globals.SESSION_PARAMETER_NAME;
- sb.append(";" + sessionParamName + "=");
- sb.append(sessionId);
+ String sessionParamName = ctx != null ? ctx.getSessionParameterName() : SESSION_PARAMETER_NAME;
+ urlBuilder.append(";" + sessionParamName + "=");
+ urlBuilder.append(sessionId);
if (ctx != null && ctx.getJvmRoute() != null) {
- sb.append('.').append(ctx.getJvmRoute());
+ urlBuilder.append('.').append(ctx.getJvmRoute());
}
- // START SJSAS 6337561
- String jrouteId = request.getHeader(Constants.PROXY_JROUTE);
+ String jrouteId = connectorRequest.getHeader(PROXY_JROUTE);
if (jrouteId != null) {
- sb.append(":");
- sb.append(jrouteId);
+ urlBuilder.append(":");
+ urlBuilder.append(jrouteId);
}
- // END SJSAS 6337561
- final Session session = request.getSessionInternal(false);
+ Session session = connectorRequest.getSessionInternal(false);
if (session != null) {
- String replicaLocation =
- (String) session.getNote(Globals.JREPLICA_SESSION_NOTE);
+ String replicaLocation = (String) session.getNote(JREPLICA_SESSION_NOTE);
if (replicaLocation != null) {
- sb.append(Globals.JREPLICA_PARAMETER);
- sb.append(replicaLocation);
+ urlBuilder.append(JREPLICA_PARAMETER);
+ urlBuilder.append(replicaLocation);
}
}
if (sessionVersion != null) {
- sb.append(Globals.SESSION_VERSION_PARAMETER);
- sb.append(sessionVersion);
+ urlBuilder.append(SESSION_VERSION_PARAMETER);
+ urlBuilder.append(sessionVersion);
}
}
- sb.append(anchor);
- sb.append(query);
- return sb.toString();
+ urlBuilder.append(anchor);
+ urlBuilder.append(query);
+ return urlBuilder.toString();
}
/**
@@ -1889,7 +1631,6 @@
return new CoyoteWriter(outbuf);
}
- // START GlassFish 898
/**
* Gets the string representation of the given cookie.
*
@@ -1899,59 +1640,59 @@
*/
protected String getCookieString(final Cookie cookie) {
String cookieValue = null;
- final StringBuilder sb = new StringBuilder();
- // TODO: default these values for now. update later.
- final boolean versionOneStrictCompliance = CookieUtils.COOKIE_VERSION_ONE_STRICT_COMPLIANCE;
- final boolean alwaysAddExpires = CookieUtils.ALWAYS_ADD_EXPIRES;
- final boolean rfc6265Support = CookieUtils.RFC_6265_SUPPORT_ENABLED;
if (SecurityUtil.isPackageProtectionEnabled()) {
- cookieValue = AccessController.doPrivileged(
- new PrivilegedAction<String>() {
- public String run(){
- CookieSerializerUtils.serializeServerCookie(
- sb, versionOneStrictCompliance, rfc6265Support,
- alwaysAddExpires, cookie.getName(),
- cookie.getValue(), cookie.getVersion(), cookie.getPath(),
- cookie.getDomain(), cookie.getComment(),
- cookie.getMaxAge(), cookie.getSecure(),
- cookie.isHttpOnly());
- return sb.toString();
- }
- });
+ cookieValue = AccessController.doPrivileged(new PrivilegedAction<String>() {
+ @Override
+ public String run() {
+ return CookieHeaderGenerator.generateHeader(
+ cookie.getName(),
+ cookie.getValue(),
+ cookie.getMaxAge(),
+ cookie.getDomain(),
+ cookie.getPath(),
+ cookie.getSecure(),
+ cookie.isHttpOnly(),
+ cookie.getAttributes());
+ }
+ });
} else {
- CookieSerializerUtils.serializeServerCookie(
- sb, versionOneStrictCompliance, rfc6265Support,
- alwaysAddExpires, cookie.getName(),
- cookie.getValue(), cookie.getVersion(), cookie.getPath(),
- cookie.getDomain(), cookie.getComment(),
- cookie.getMaxAge(), cookie.getSecure(),
- cookie.isHttpOnly());
- cookieValue = sb.toString();
+ cookieValue =
+ CookieHeaderGenerator.generateHeader(
+ cookie.getName(),
+ cookie.getValue(),
+ cookie.getMaxAge(),
+ cookie.getDomain(),
+ cookie.getPath(),
+ cookie.getSecure(),
+ cookie.isHttpOnly(),
+ cookie.getAttributes());
}
return cookieValue;
}
- // END GlassFish 898
-
- // START GlassFish 896
/**
- * Removes any Set-Cookie response headers whose value contains the
- * string JSESSIONID
+ * Removes any Set-Cookie response headers whose value contains the string JSESSIONID
*/
public void removeSessionCookies() {
String matchExpression = "^" + getContext().getSessionCookieName() + "=.*";
- coyoteResponse.getResponse().getHeaders().removeHeaderMatches("Set-Cookie", matchExpression);
- matchExpression = "^" +
- org.apache.catalina.authenticator.Constants.SINGLE_SIGN_ON_COOKIE + "=.*";
- coyoteResponse.getResponse().getHeaders().removeHeaderMatches("Set-Cookie", matchExpression);
+ grizzlyResponse.getResponse().getHeaders().removeHeaderMatches("Set-Cookie", matchExpression);
+
+ matchExpression = "^" + org.apache.catalina.authenticator.Constants.SINGLE_SIGN_ON_COOKIE + "=.*";
+ grizzlyResponse.getResponse().getHeaders().removeHeaderMatches("Set-Cookie", matchExpression);
}
- // END GlassFish 896
+
+ public void setUpgrade(boolean upgrade) {
+ this.upgrade = upgrade;
+ }
+
+ void disableWriteHandler() {
+ outputBuffer.disableWriteHandler();
+ }
/*
- * Removes /./ and /../ sequences from absolute URLs.
- * Code borrowed heavily from CoyoteAdapter.normalize()
+ * Removes /./ and /../ sequences from absolute URLs. Code borrowed heavily from CoyoteAdapter.normalize()
*/
private void normalize(CharChunk cc) {
// Strip query string and/or fragment first as doing it this way makes
@@ -1960,10 +1701,10 @@
if (truncate == -1) {
truncate = cc.indexOf('#');
}
+
char[] truncateCC = null;
if (truncate > -1) {
- truncateCC = Arrays.copyOfRange(cc.getBuffer(),
- cc.getStart() + truncate, cc.getEnd());
+ truncateCC = Arrays.copyOfRange(cc.getBuffer(), cc.getStart() + truncate, cc.getEnd());
cc.setEnd(cc.getStart() + truncate);
}
@@ -1995,8 +1736,7 @@
if (index < 0) {
break;
}
- copyChars(c, start + index, start + index + 2,
- end - start - index - 2);
+ copyChars(c, start + index, start + index + 2, end - start - index - 2);
end = end - 2;
cc.setEnd(end);
}
@@ -2014,13 +1754,12 @@
throw new IllegalArgumentException();
}
int index2 = -1;
- for (pos = start + index - 1; (pos >= 0) && (index2 < 0); pos --) {
+ for (pos = start + index - 1; (pos >= 0) && (index2 < 0); pos--) {
if (c[pos] == (byte) '/') {
index2 = pos;
}
}
- copyChars(c, start + index2, start + index + 3,
- end - start - index - 3);
+ copyChars(c, start + index2, start + index + 3, end - start - index - 3);
end = end + index2 - index - 3;
cc.setEnd(end);
index = index2;
@@ -2062,22 +1801,13 @@
if (connector != null && connector.getContainer() != null) {
logger = connector.getContainer().getLogger();
}
+
String localName = "Response";
if (logger != null) {
- logger.log(localName + " " + message, t,
- org.apache.catalina.Logger.WARNING);
+ logger.log(localName + " " + message, t, WARNING);
} else {
log.log(Level.WARNING, localName + " " + message, t);
}
}
-
- public void setUpgrade(boolean upgrade) {
- this.upgrade = upgrade;
- }
-
- void disableWriteHandler() {
- outputBuffer.disableWriteHandler();
- }
}
-