This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/master by this push:
new d0877a6 Remove two system properties used for configuration
d0877a6 is described below
commit d0877a698fe23f633747f429e43ce40d5f8d3ed7
Author: remm <[email protected]>
AuthorDate: Wed Mar 25 17:58:08 2020 +0100
Remove two system properties used for configuration
Two rarely used properties, both in the connector package:
- org.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH is
replaced by the allowBackslash attribute
- org.apache.catalina.connector.Response.ENFORCE_ENCODING_IN_GET_WRITER
is replaced by the enforceEncodingInGetWriter attribute
---
java/org/apache/catalina/connector/Connector.java | 57 ++++++++++++++++++++++
.../apache/catalina/connector/CoyoteAdapter.java | 11 ++---
java/org/apache/catalina/connector/Response.java | 17 +------
.../catalina/connector/TestCoyoteAdapter.java | 2 +-
webapps/docs/changelog.xml | 13 +++++
webapps/docs/config/systemprops.xml | 18 -------
6 files changed, 76 insertions(+), 42 deletions(-)
diff --git a/java/org/apache/catalina/connector/Connector.java
b/java/org/apache/catalina/connector/Connector.java
index 43b9431..ec65163 100644
--- a/java/org/apache/catalina/connector/Connector.java
+++ b/java/org/apache/catalina/connector/Connector.java
@@ -118,6 +118,14 @@ public class Connector extends LifecycleMBeanBase {
/**
+ * If this is <code>true</code> the '\' character will be permitted as a
+ * path delimiter. If not specified, the default value of
+ * <code>false</code> will be used.
+ */
+ protected boolean allowBackslash = false;
+
+
+ /**
* Do we allow TRACE ?
*/
protected boolean allowTrace = false;
@@ -135,6 +143,19 @@ public class Connector extends LifecycleMBeanBase {
protected boolean enableLookups = false;
+ /**
+ * If this is <code>true</code> then a call to
+ * <code>Response.getWriter()</code> if no character encoding
+ * has been specified will result in subsequent calls to
+ * <code>Response.getCharacterEncoding()</code> returning
+ * <code>ISO-8859-1</code> and the <code>Content-Type</code> response
header
+ * will include a <code>charset=ISO-8859-1</code> component.
+ * (SRV.15.2.22.1)
+ * If not specified, the default specification compliant value of
+ * <code>true</code> will be used.
+ */
+ protected boolean enforceEncodingInGetWriter = true;
+
/*
* Is generation of X-Powered-By response header enabled/disabled?
*/
@@ -339,6 +360,24 @@ public class Connector extends LifecycleMBeanBase {
/**
+ * @return <code>true</code> if backslash characters are allowed in URLs.
+ * Default value is <code>false</code>.
+ */
+ public boolean getAllowBackslash() {
+ return allowBackslash;
+ }
+
+
+ /**
+ * Set the allowBackslash flag.
+ * @param allowBackslash the new flag value
+ */
+ public void setAllowBackslash(boolean allowBackslash) {
+ this.allowBackslash = allowBackslash;
+ }
+
+
+ /**
* @return <code>true</code> if the TRACE method is allowed. Default value
* is <code>false</code>.
*/
@@ -415,6 +454,24 @@ public class Connector extends LifecycleMBeanBase {
}
+ /**
+ * @return <code>true</code> if a default character encoding will be set
+ * when calling Response.getWriter()
+ */
+ public boolean getEnforceEncodingInGetWriter() {
+ return enforceEncodingInGetWriter;
+ }
+
+
+ /**
+ * Set the enforceEncodingInGetWriter flag.
+ * @param enforceEncodingInGetWriter the new flag value
+ */
+ public void setEnforceEncodingInGetWriter(boolean
enforceEncodingInGetWriter) {
+ this.enforceEncodingInGetWriter = enforceEncodingInGetWriter;
+ }
+
+
public int getMaxCookieCount() {
return maxCookieCount;
}
diff --git a/java/org/apache/catalina/connector/CoyoteAdapter.java
b/java/org/apache/catalina/connector/CoyoteAdapter.java
index 3b6f7e9..9bfe301 100644
--- a/java/org/apache/catalina/connector/CoyoteAdapter.java
+++ b/java/org/apache/catalina/connector/CoyoteAdapter.java
@@ -78,10 +78,6 @@ public class CoyoteAdapter implements Adapter {
public static final int ADAPTER_NOTES = 1;
- protected static final boolean ALLOW_BACKSLASH =
-
Boolean.parseBoolean(System.getProperty("org.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH",
"false"));
-
-
private static final ThreadLocal<String> THREAD_NAME =
new ThreadLocal<String>() {
@@ -635,7 +631,7 @@ public class CoyoteAdapter implements Adapter {
response.sendError(400, "Invalid URI: " + ioe.getMessage());
}
// Normalization
- if (normalize(req.decodedURI())) {
+ if (normalize(req.decodedURI(), connector.getAllowBackslash())) {
// Character decoding
convertURI(decodedURI, request);
// URIEncoding values are limited to US-ASCII supersets.
@@ -1127,12 +1123,13 @@ public class CoyoteAdapter implements Adapter {
* This method normalizes "\", "//", "/./" and "/../".
*
* @param uriMB URI to be normalized
+ * @param allowBackslash <code>true</code> if backslash characters are
allowed in URLs
*
* @return <code>false</code> if normalizing this URI would require going
* above the root, or if the URI contains a null byte, otherwise
* <code>true</code>
*/
- public static boolean normalize(MessageBytes uriMB) {
+ public static boolean normalize(MessageBytes uriMB, boolean
allowBackslash) {
ByteChunk uriBC = uriMB.getByteChunk();
final byte[] b = uriBC.getBytes();
@@ -1151,7 +1148,7 @@ public class CoyoteAdapter implements Adapter {
// Check for null byte
for (pos = start; pos < end; pos++) {
if (b[pos] == (byte) '\\') {
- if (ALLOW_BACKSLASH) {
+ if (allowBackslash) {
b[pos] = (byte) '/';
} else {
return false;
diff --git a/java/org/apache/catalina/connector/Response.java
b/java/org/apache/catalina/connector/Response.java
index 9ec0b5d..17d086b 100644
--- a/java/org/apache/catalina/connector/Response.java
+++ b/java/org/apache/catalina/connector/Response.java
@@ -74,21 +74,6 @@ public class Response implements HttpServletResponse {
private static final MediaTypeCache MEDIA_TYPE_CACHE = new
MediaTypeCache(100);
- /**
- * Compliance with SRV.15.2.22.1. A call to Response.getWriter() if no
- * character encoding has been specified will result in subsequent calls to
- * Response.getCharacterEncoding() returning ISO-8859-1 and the
Content-Type
- * response header will include a charset=ISO-8859-1 component.
- */
- private static final boolean ENFORCE_ENCODING_IN_GET_WRITER;
-
- static {
- ENFORCE_ENCODING_IN_GET_WRITER = Boolean.parseBoolean(
-
System.getProperty("org.apache.catalina.connector.Response.ENFORCE_ENCODING_IN_GET_WRITER",
- "true"));
- }
-
-
// ----------------------------------------------------- Instance Variables
public Response() {
@@ -572,7 +557,7 @@ public class Response implements HttpServletResponse {
(sm.getString("coyoteResponse.getWriter.ise"));
}
- if (ENFORCE_ENCODING_IN_GET_WRITER) {
+ if (request.getConnector().getEnforceEncodingInGetWriter()) {
/*
* If the response's character encoding has not been specified as
* described in <code>getCharacterEncoding</code> (i.e., the method
diff --git a/test/org/apache/catalina/connector/TestCoyoteAdapter.java
b/test/org/apache/catalina/connector/TestCoyoteAdapter.java
index 93692af..464ca90 100644
--- a/test/org/apache/catalina/connector/TestCoyoteAdapter.java
+++ b/test/org/apache/catalina/connector/TestCoyoteAdapter.java
@@ -333,7 +333,7 @@ public class TestCoyoteAdapter extends TomcatBaseTest {
byte[] b = input.getBytes(StandardCharsets.UTF_8);
mb.setBytes(b, 0, b.length);
- boolean result = CoyoteAdapter.normalize(mb);
+ boolean result = CoyoteAdapter.normalize(mb, false);
mb.toString();
if (expected == null) {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index e8452cd..9e7f153 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -74,6 +74,19 @@
Refactor DefaultServlet to avoid using an internal Range structure that
is duplicated from the parsing result. (remm)
</update>
+ <update>
+ Remove
+
<code>org.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH</code>
+ system property, replaced by the <code>allowBackslash</code> attribute
+ on the Connector. (remm)
+ </update>
+ <update>
+ Remove
+
<code>org.apache.catalina.connector.Response.ENFORCE_ENCODING_IN_GET_WRITER</code>
+ system property, replaced by the
+ <code>enforceEncodingInGetWriter</code> attribute on the Connector.
+ (remm)
+ </update>
</changelog>
</subsection>
<subsection name="Coyote">
diff --git a/webapps/docs/config/systemprops.xml
b/webapps/docs/config/systemprops.xml
index bd4a98a..0188a53 100644
--- a/webapps/docs/config/systemprops.xml
+++ b/webapps/docs/config/systemprops.xml
@@ -264,13 +264,6 @@
<properties>
<property
- name="org.apache.catalina.connector. CoyoteAdapter.ALLOW_BACKSLASH">
- <p>If this is <code>true</code> the '\' character will be permitted as a
- path delimiter.</p>
- <p>If not specified, the default value of <code>false</code> will be
used.</p>
- </property>
-
- <property
name="org.apache.tomcat.util.buf. UDecoder.ALLOW_ENCODED_SLASH">
<p>If this is <code>true</code> '%2F' and '%5C' will be permitted as path
delimiters.</p>
@@ -312,17 +305,6 @@
</ul>
</property>
- <property name="org.apache.catalina.connector.
Response.ENFORCE_ENCODING_IN_GET_WRITER">
- <p>If this is <code>true</code> then
- a call to <code>Response.getWriter()</code> if no character encoding
- has been specified will result in subsequent calls to
- <code>Response.getCharacterEncoding()</code> returning
- <code>ISO-8859-1</code> and the <code>Content-Type</code> response header
- will include a <code>charset=ISO-8859-1</code> component.
(SRV.15.2.22.1)</p>
- <p>If not specified, the default specification compliant value of
- <code>true</code> will be used.</p>
- </property>
-
<property name="org.apache.catalina.core.ApplicationContext
.GET_RESOURCE_REQUIRE_SLASH">
<p>If this is <code>true</code> then the path passed to
<code>ServletContext.getResource()</code> or
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
