michael-o commented on a change in pull request #325:
URL: https://github.com/apache/tomcat/pull/325#discussion_r463516693
##########
File path: java/org/apache/catalina/servlets/DefaultServlet.java
##########
@@ -2611,6 +2574,44 @@ private PrecompressedResource(WebResource resource,
CompressionFormat format) {
}
}
+ /**
+ * RFC 7232 requires weak comparison for If-None-Match
+ */
+ private boolean matchByEtagWeak(String headerValue, String eTag) {
+ // Match W/"1" and W/"1"
+ if (headerValue.contains(eTag)) {
+ return true;
+ }
+ // Match W/"1" and "1"
+ String resourceEtag = weakEtagToStrong(eTag);
+ if (headerValue.contains(resourceEtag)) {
+ return true;
+ }
+ // asterisk checked last as rarely used
+ return headerValue.equals("*");
+ }
+
+ /**
+ * RFC 7232 requires strong comparison for If-Match
+ */
+ private boolean matchByEtagStrong(String headerValue, String eTag) {
+ // BZ 64265: Default servlet uses weak matching so we strip any
leading "W/" and
+ // then compare using equals
+ String resourceEtag = weakEtagToStrong(eTag);
+ StringTokenizer commaTokenizer = new StringTokenizer(headerValue, ",");
Review comment:
You have critisized this block, but remained at the split? Note that a
comma can also appear in an ETag value.
##########
File path: java/org/apache/catalina/servlets/DefaultServlet.java
##########
@@ -2611,6 +2574,44 @@ private PrecompressedResource(WebResource resource,
CompressionFormat format) {
}
}
+ /**
+ * RFC 7232 requires weak comparison for If-None-Match
+ */
+ private boolean matchByEtagWeak(String headerValue, String eTag) {
+ // Match W/"1" and W/"1"
+ if (headerValue.contains(eTag)) {
+ return true;
+ }
+ // Match W/"1" and "1"
+ String resourceEtag = weakEtagToStrong(eTag);
+ if (headerValue.contains(resourceEtag)) {
+ return true;
+ }
+ // asterisk checked last as rarely used
+ return headerValue.equals("*");
Review comment:
Asterisk match is the cheapest one and should go first as described in
the RFC.
##########
File path: java/org/apache/catalina/servlets/DefaultServlet.java
##########
@@ -2611,6 +2574,44 @@ private PrecompressedResource(WebResource resource,
CompressionFormat format) {
}
}
+ /**
+ * RFC 7232 requires weak comparison for If-None-Match
+ */
+ private boolean matchByEtagWeak(String headerValue, String eTag) {
+ // Match W/"1" and W/"1"
+ if (headerValue.contains(eTag)) {
Review comment:
I am not a huge a fan of something like this, I'd rather prefer a real
split here.
##########
File path: java/org/apache/catalina/servlets/DefaultServlet.java
##########
@@ -2611,6 +2574,44 @@ private PrecompressedResource(WebResource resource,
CompressionFormat format) {
}
}
+ /**
+ * RFC 7232 requires weak comparison for If-None-Match
+ */
+ private boolean matchByEtagWeak(String headerValue, String eTag) {
+ // Match W/"1" and W/"1"
+ if (headerValue.contains(eTag)) {
+ return true;
+ }
+ // Match W/"1" and "1"
+ String resourceEtag = weakEtagToStrong(eTag);
+ if (headerValue.contains(resourceEtag)) {
+ return true;
+ }
+ // asterisk checked last as rarely used
+ return headerValue.equals("*");
+ }
+
+ /**
+ * RFC 7232 requires strong comparison for If-Match
+ */
+ private boolean matchByEtagStrong(String headerValue, String eTag) {
+ // BZ 64265: Default servlet uses weak matching so we strip any
leading "W/" and
+ // then compare using equals
+ String resourceEtag = weakEtagToStrong(eTag);
Review comment:
This does not feel right because if the ETag is weak, the comparison can
never succeed.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
