This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit dcb77df35005cbb1063bbda4149caf83f6bc46fb
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Thu Oct 17 18:41:38 2019 +0100
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=63825
The expect header has a single defined value "100-continue" so look for
the exact value rather than a value that starts with "100-continue"
When looking for the "upgrade" token, use an exact match rather than
looking for any token then contains "upgrade"
---
java/org/apache/coyote/http11/Http11Processor.java | 27 +++++-----------------
webapps/docs/changelog.xml | 5 ++++
2 files changed, 11 insertions(+), 21 deletions(-)
diff --git a/java/org/apache/coyote/http11/Http11Processor.java
b/java/org/apache/coyote/http11/Http11Processor.java
index 10c8709..c5df631 100644
--- a/java/org/apache/coyote/http11/Http11Processor.java
+++ b/java/org/apache/coyote/http11/Http11Processor.java
@@ -737,16 +737,7 @@ public class Http11Processor extends AbstractProcessor {
}
// Has an upgrade been requested?
- Enumeration<String> connectionValues =
request.getMimeHeaders().values("Connection");
- boolean foundUpgrade = false;
- while (connectionValues.hasMoreElements() && !foundUpgrade) {
- String connectionValue = connectionValues.nextElement();
- if (connectionValue != null) {
- foundUpgrade =
connectionValue.toLowerCase(Locale.ENGLISH).contains("upgrade");
- }
- }
-
- if (foundUpgrade) {
+ if (isConnectionToken(request.getMimeHeaders(), "upgrade")) {
// Check the protocol
String requestedProtocol = request.getHeader("Upgrade");
@@ -1009,7 +1000,7 @@ public class Http11Processor extends AbstractProcessor {
if (http11) {
MessageBytes expectMB = headers.getValue("expect");
if (expectMB != null && !expectMB.isNull()) {
- if (expectMB.indexOfIgnoreCase("100-continue", 0) != -1) {
+ if
(expectMB.toString().trim().equalsIgnoreCase("100-continue")) {
inputBuffer.setSwallowInput(false);
request.setExpectation(true);
} else {
@@ -1301,7 +1292,7 @@ public class Http11Processor extends AbstractProcessor {
}
long contentLength = response.getContentLengthLong();
- boolean connectionClosePresent = isConnectionClose(headers);
+ boolean connectionClosePresent = isConnectionToken(headers,
Constants.CLOSE);
if (contentLength != -1) {
headers.setValue("Content-Length").setLong(contentLength);
outputBuffer.addActiveFilter
@@ -1404,25 +1395,19 @@ public class Http11Processor extends AbstractProcessor {
outputBuffer.commit();
}
- private static boolean isConnectionClose(MimeHeaders headers) throws
IOException {
+ private static boolean isConnectionToken(MimeHeaders headers, String
token) throws IOException {
MessageBytes connection = headers.getValue(Constants.CONNECTION);
if (connection == null) {
return false;
}
Enumeration<String> values = headers.values(Constants.CONNECTION);
- Set<String> result = null;
+ Set<String> result = new HashSet<>();
while (values.hasMoreElements()) {
- if (result == null) {
- result = new HashSet<>();
- }
TokenList.parseTokenList(new StringReader(values.nextElement()),
result);
}
- if (result == null) {
- return false;
- }
- return result.contains(Constants.CLOSE);
+ return result.contains(token);
}
private void prepareSendfile(OutputFilter[] outputFilters) {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 3d083d3..fa45ae4 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -68,6 +68,11 @@
that started asynchronous processing has completed processing the
current request/response. (markt)
</fix>
+ <fix>
+ <bug>63825</bug>: When processing the <code>Expect</code> and
+ <code>Connection</code> HTTP headers looking for a specific token, be
+ stricter in ensuring that the exact token is present. (markt)
+ </fix>
</changelog>
</subsection>
</section>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
