This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit c4b5ad5e030c5e03de29bd725beba60f7e7a82fd
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Thu Sep 11 11:58:24 2025 +0100
Use constant for POST
---
.../catalina/authenticator/AuthenticatorBase.java | 3 +-
.../catalina/authenticator/FormAuthenticator.java | 2 +-
java/org/apache/catalina/connector/Connector.java | 3 +-
java/org/apache/catalina/filters/CorsFilter.java | 2 +-
java/org/apache/catalina/servlets/CGIServlet.java | 6 ++--
java/org/apache/coyote/ajp/Constants.java | 2 +-
java/org/apache/coyote/http2/Hpack.java | 2 +-
.../util/net/openssl/panama/OpenSSLEngine.java | 3 +-
.../TestAuthenticatorBaseCorsPreflight.java | 2 +-
.../authenticator/TestFormAuthenticatorA.java | 8 ++---
.../authenticator/TestFormAuthenticatorB.java | 18 +++++-----
.../authenticator/TestFormAuthenticatorC.java | 18 +++++-----
.../org/apache/catalina/connector/TestRequest.java | 6 ++--
.../apache/catalina/core/TestStandardContext.java | 8 ++---
.../apache/catalina/core/TestStandardWrapper.java | 2 +-
.../apache/catalina/filters/TestCorsFilter.java | 24 ++++++-------
.../filters/TestRestCsrfPreventionFilter.java | 40 ++++++++++------------
.../filters/TestRestCsrfPreventionFilter2.java | 26 +++++++-------
test/org/apache/catalina/realm/TestRealmBase.java | 2 +-
.../catalina/realm/TesterServletSecurity01.java | 3 +-
.../servlets/TestDefaultServletOptions.java | 2 +-
.../TestWebdavServletOptionCollection.java | 2 +-
.../servlets/TestWebdavServletOptionsFile.java | 2 +-
.../servlets/TestWebdavServletOptionsUnknown.java | 2 +-
test/org/apache/coyote/ajp/SimpleAjpClient.java | 4 +--
.../coyote/ajp/TestAbstractAjpProcessor.java | 8 ++---
test/org/apache/coyote/http2/Http2TestBase.java | 2 +-
test/org/apache/coyote/http2/TestFlowControl.java | 3 +-
.../coyote/http2/TestHttp2UpgradeHandler.java | 2 +-
.../descriptor/web/TestSecurityConstraint.java | 18 +++++-----
30 files changed, 113 insertions(+), 112 deletions(-)
diff --git a/java/org/apache/catalina/authenticator/AuthenticatorBase.java
b/java/org/apache/catalina/authenticator/AuthenticatorBase.java
index f30b457dae..39098ad000 100644
--- a/java/org/apache/catalina/authenticator/AuthenticatorBase.java
+++ b/java/org/apache/catalina/authenticator/AuthenticatorBase.java
@@ -69,6 +69,7 @@ import org.apache.tomcat.util.descriptor.web.FilterMap;
import org.apache.tomcat.util.descriptor.web.LoginConfig;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.apache.tomcat.util.http.FastHttpDateFormat;
+import org.apache.tomcat.util.http.Method;
import org.apache.tomcat.util.http.RequestUtil;
import org.apache.tomcat.util.res.StringManager;
@@ -485,7 +486,7 @@ public abstract class AuthenticatorBase extends ValveBase
implements Authenticat
// Make sure that constrained resources are not cached by web proxies
// or browsers as caching can provide a security hole
- if (constraints != null && disableProxyCaching &&
!"POST".equals(request.getMethod())) {
+ if (constraints != null && disableProxyCaching &&
!Method.POST.equals(request.getMethod())) {
if (securePagesWithPragma) {
// Note: These can cause problems with downloading files with
IE
response.setHeader("Pragma", "No-cache");
diff --git a/java/org/apache/catalina/authenticator/FormAuthenticator.java
b/java/org/apache/catalina/authenticator/FormAuthenticator.java
index 3b1d803fae..bd18064e7d 100644
--- a/java/org/apache/catalina/authenticator/FormAuthenticator.java
+++ b/java/org/apache/catalina/authenticator/FormAuthenticator.java
@@ -625,7 +625,7 @@ public class FormAuthenticator extends AuthenticatorBase {
// If no content type specified, use default for POST
String savedContentType = saved.getContentType();
- if (savedContentType == null && "POST".equals(method)) {
+ if (savedContentType == null && Method.POST.equals(method)) {
savedContentType = Globals.CONTENT_TYPE_FORM_URL_ENCODING;
}
diff --git a/java/org/apache/catalina/connector/Connector.java
b/java/org/apache/catalina/connector/Connector.java
index ba517710fc..64caa5409f 100644
--- a/java/org/apache/catalina/connector/Connector.java
+++ b/java/org/apache/catalina/connector/Connector.java
@@ -47,6 +47,7 @@ import org.apache.tomcat.util.buf.EncodedSolidusHandling;
import org.apache.tomcat.util.buf.StringUtils;
import org.apache.tomcat.util.buf.UDecoder;
import org.apache.tomcat.util.compat.JreCompat;
+import org.apache.tomcat.util.http.Method;
import org.apache.tomcat.util.net.SSLHostConfig;
import org.apache.tomcat.util.net.openssl.OpenSSLImplementation;
import org.apache.tomcat.util.net.openssl.OpenSSLStatus;
@@ -223,7 +224,7 @@ public class Connector extends LifecycleMBeanBase {
* Comma-separated list of HTTP methods that will be parsed according to
POST-style rules for
* application/x-www-form-urlencoded request bodies.
*/
- protected String parseBodyMethods = "POST";
+ protected String parseBodyMethods = Method.POST;
/**
* A Set of methods determined by {@link #parseBodyMethods}.
diff --git a/java/org/apache/catalina/filters/CorsFilter.java
b/java/org/apache/catalina/filters/CorsFilter.java
index 0f883b07f0..329eabc09d 100644
--- a/java/org/apache/catalina/filters/CorsFilter.java
+++ b/java/org/apache/catalina/filters/CorsFilter.java
@@ -570,7 +570,7 @@ public class CorsFilter extends GenericFilter {
case Method.GET:
case "HEAD":
return CORSRequestType.SIMPLE;
- case "POST":
+ case Method.POST:
String mediaType =
MediaType.parseMediaTypeOnly(request.getContentType());
if (mediaType == null ||
SIMPLE_HTTP_REQUEST_CONTENT_TYPE_VALUES.contains(mediaType)) {
return CORSRequestType.SIMPLE;
diff --git a/java/org/apache/catalina/servlets/CGIServlet.java
b/java/org/apache/catalina/servlets/CGIServlet.java
index f5d713a430..4326c73173 100644
--- a/java/org/apache/catalina/servlets/CGIServlet.java
+++ b/java/org/apache/catalina/servlets/CGIServlet.java
@@ -369,7 +369,7 @@ public final class CGIServlet extends HttpServlet {
}
} else {
cgiMethods.add(Method.GET);
- cgiMethods.add("POST");
+ cgiMethods.add(Method.POST);
}
if (getServletConfig().getInitParameter("cmdLineArgumentsEncoded") !=
null) {
@@ -554,7 +554,7 @@ public final class CGIServlet extends HttpServlet {
CGIRunner cgi = new CGIRunner(cgiEnv.getCommand(),
cgiEnv.getEnvironment(), cgiEnv.getWorkingDirectory(),
cgiEnv.getParameters());
- if ("POST".equals(req.getMethod())) {
+ if (Method.POST.equals(req.getMethod())) {
cgi.setInput(req.getInputStream());
}
cgi.setResponse(res);
@@ -724,7 +724,7 @@ public final class CGIServlet extends HttpServlet {
// does not contain an unencoded "=" this is an indexed query.
// The parsed query string becomes the command line parameters
// for the cgi command.
- if (enableCmdLineArguments && (Method.GET.equals(req.getMethod())
|| req.getMethod().equals("POST") ||
+ if (enableCmdLineArguments && (Method.GET.equals(req.getMethod())
|| req.getMethod().equals(Method.POST) ||
req.getMethod().equals("HEAD"))) {
String qs;
if (isIncluded) {
diff --git a/java/org/apache/coyote/ajp/Constants.java
b/java/org/apache/coyote/ajp/Constants.java
index 0f4f38169e..f9ca973355 100644
--- a/java/org/apache/coyote/ajp/Constants.java
+++ b/java/org/apache/coyote/ajp/Constants.java
@@ -107,7 +107,7 @@ public final class Constants {
// Translates integer codes to names of HTTP methods
private static final String[] methodTransArray =
- { "OPTIONS", Method.GET, "HEAD", "POST", "PUT", "DELETE", "TRACE",
"PROPFIND", "PROPPATCH", "MKCOL", "COPY",
+ { "OPTIONS", Method.GET, "HEAD", Method.POST, "PUT", "DELETE",
"TRACE", "PROPFIND", "PROPPATCH", "MKCOL", "COPY",
"MOVE", "LOCK", "UNLOCK", "ACL", "REPORT",
"VERSION-CONTROL", "CHECKIN", "CHECKOUT", "UNCHECKOUT",
"SEARCH", "MKWORKSPACE", "UPDATE", "LABEL", "MERGE",
"BASELINE-CONTROL", "MKACTIVITY" };
diff --git a/java/org/apache/coyote/http2/Hpack.java
b/java/org/apache/coyote/http2/Hpack.java
index 4df672112d..238a1a3720 100644
--- a/java/org/apache/coyote/http2/Hpack.java
+++ b/java/org/apache/coyote/http2/Hpack.java
@@ -62,7 +62,7 @@ final class Hpack {
// note that zero is not used
fields[1] = new HeaderField(":authority", null);
fields[2] = new HeaderField(":method", Method.GET);
- fields[3] = new HeaderField(":method", "POST");
+ fields[3] = new HeaderField(":method", Method.POST);
fields[4] = new HeaderField(":path", "/");
fields[5] = new HeaderField(":path", "/index.html");
fields[6] = new HeaderField(":scheme", "http");
diff --git a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
index 234cf26d05..bfb9b6f20a 100644
--- a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
+++ b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
@@ -56,6 +56,7 @@ import static
org.apache.tomcat.util.openssl.openssl_h_Macros.*;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.util.buf.Asn1Parser;
+import org.apache.tomcat.util.http.Method;
import org.apache.tomcat.util.net.Constants;
import org.apache.tomcat.util.net.SSLUtil;
import
org.apache.tomcat.util.net.openssl.ciphers.OpenSSLCipherConfigurationParser;
@@ -1307,7 +1308,7 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
// Content-Length: ocspRequestData.length
byte[] ocspRequestData = buf.reinterpret(requestLength,
localArena, null).toArray(ValueLayout.JAVA_BYTE);
connection = (HttpURLConnection) url.openConnection();
- connection.setRequestMethod("POST");
+ connection.setRequestMethod(Method.POST);
connection.setDoInput(true);
connection.setDoOutput(true);
connection.setFixedLengthStreamingMode(requestLength);
diff --git
a/test/org/apache/catalina/authenticator/TestAuthenticatorBaseCorsPreflight.java
b/test/org/apache/catalina/authenticator/TestAuthenticatorBaseCorsPreflight.java
index 27786efab9..1c3423e761 100644
---
a/test/org/apache/catalina/authenticator/TestAuthenticatorBaseCorsPreflight.java
+++
b/test/org/apache/catalina/authenticator/TestAuthenticatorBaseCorsPreflight.java
@@ -55,7 +55,7 @@ public class TestAuthenticatorBaseCorsPreflight extends
TomcatBaseTest {
private static final String INVALID_ORIGIN = "http://%20";;
private static final String SAME_ORIGIN = "http://localhost";;
private static final String ALLOWED_METHOD = Method.GET;
- private static final String BLOCKED_METHOD = "POST";
+ private static final String BLOCKED_METHOD = Method.POST;
private static final String EMPTY_METHOD = "";
@Parameterized.Parameters(name = "{index}: input[{0}]")
diff --git a/test/org/apache/catalina/authenticator/TestFormAuthenticatorA.java
b/test/org/apache/catalina/authenticator/TestFormAuthenticatorA.java
index 3633ca262e..6d64a4675c 100644
--- a/test/org/apache/catalina/authenticator/TestFormAuthenticatorA.java
+++ b/test/org/apache/catalina/authenticator/TestFormAuthenticatorA.java
@@ -186,7 +186,7 @@ public class TestFormAuthenticatorA extends TomcatBaseTest {
client.reset();
// Second request replies to the login challenge
- client.doResourceRequest("POST", true, "/test/j_security_check",
FormAuthClientBase.LOGIN_REPLY);
+ client.doResourceRequest(Method.POST, true, "/test/j_security_check",
FormAuthClientBase.LOGIN_REPLY);
Assert.assertTrue("login failed " + client.getResponseLine(),
client.isResponse303());
Assert.assertTrue(client.isResponseBodyOK());
String redirectUri = client.getRedirectUri();
@@ -296,7 +296,7 @@ public class TestFormAuthenticatorA extends TomcatBaseTest {
// Third request - the login was successful so
// follow the redirect to the protected resource
client.doResourceRequest(redirectMethod, true, redirectUri, null);
- if ("POST".equals(redirectMethod)) {
+ if (Method.POST.equals(redirectMethod)) {
client.setUseContinue(useContinue);
}
Assert.assertTrue(client.isResponse200());
@@ -376,7 +376,7 @@ public class TestFormAuthenticatorA extends TomcatBaseTest {
protected void doLoginRequest(String loginUri) throws Exception {
- doResourceRequest("POST", true, PROTECTED_RELATIVE_PATH +
loginUri, LOGIN_REPLY);
+ doResourceRequest(Method.POST, true, PROTECTED_RELATIVE_PATH +
loginUri, LOGIN_REPLY);
}
/*
@@ -428,7 +428,7 @@ public class TestFormAuthenticatorA extends TomcatBaseTest {
}
// finally, for posts only, deal with the request content
- if ("POST".equals(method)) {
+ if (Method.POST.equals(method)) {
if (requestTail == null) {
requestTail = "role=bar";
}
diff --git a/test/org/apache/catalina/authenticator/TestFormAuthenticatorB.java
b/test/org/apache/catalina/authenticator/TestFormAuthenticatorB.java
index 56b3c1a0a2..62b1ceb8d7 100644
--- a/test/org/apache/catalina/authenticator/TestFormAuthenticatorB.java
+++ b/test/org/apache/catalina/authenticator/TestFormAuthenticatorB.java
@@ -90,13 +90,13 @@ public class TestFormAuthenticatorB extends TomcatBaseTest {
@Test
public void testPostNoContinueWithCookies() throws Exception {
- doTest("POST", Method.GET, NO_100_CONTINUE, CLIENT_USE_COOKIES,
SERVER_USE_COOKIES, SERVER_CHANGE_SESSID);
+ doTest(Method.POST, Method.GET, NO_100_CONTINUE, CLIENT_USE_COOKIES,
SERVER_USE_COOKIES, SERVER_CHANGE_SESSID);
}
// Bug 49779
@Test
public void testPostNoContinuePostRedirectWithCookies() throws Exception {
- doTest("POST", "POST", NO_100_CONTINUE, CLIENT_USE_COOKIES,
SERVER_USE_COOKIES, SERVER_CHANGE_SESSID);
+ doTest(Method.POST, Method.POST, NO_100_CONTINUE, CLIENT_USE_COOKIES,
SERVER_USE_COOKIES, SERVER_CHANGE_SESSID);
}
@@ -105,13 +105,13 @@ public class TestFormAuthenticatorB extends
TomcatBaseTest {
@Test
public void testPostNoContinueNoServerCookies() throws Exception {
- doTest("POST", Method.GET, NO_100_CONTINUE, CLIENT_USE_COOKIES,
SERVER_NO_COOKIES, SERVER_CHANGE_SESSID);
+ doTest(Method.POST, Method.GET, NO_100_CONTINUE, CLIENT_USE_COOKIES,
SERVER_NO_COOKIES, SERVER_CHANGE_SESSID);
}
// variant of Bug 49779
@Test
public void testPostNoContinuePostRedirectNoServerCookies() throws
Exception {
- doTest("POST", "POST", NO_100_CONTINUE, CLIENT_USE_COOKIES,
SERVER_NO_COOKIES, SERVER_CHANGE_SESSID);
+ doTest(Method.POST, Method.POST, NO_100_CONTINUE, CLIENT_USE_COOKIES,
SERVER_NO_COOKIES, SERVER_CHANGE_SESSID);
}
@@ -121,13 +121,13 @@ public class TestFormAuthenticatorB extends
TomcatBaseTest {
@Test
public void testPostNoContinueNoClientCookies() throws Exception {
- doTest("POST", Method.GET, NO_100_CONTINUE, CLIENT_NO_COOKIES,
SERVER_USE_COOKIES, SERVER_CHANGE_SESSID);
+ doTest(Method.POST, Method.GET, NO_100_CONTINUE, CLIENT_NO_COOKIES,
SERVER_USE_COOKIES, SERVER_CHANGE_SESSID);
}
// variant of Bug 49779
@Test
public void testPostNoContinuePostRedirectNoClientCookies() throws
Exception {
- doTest("POST", "POST", NO_100_CONTINUE, CLIENT_NO_COOKIES,
SERVER_USE_COOKIES, SERVER_CHANGE_SESSID);
+ doTest(Method.POST, Method.POST, NO_100_CONTINUE, CLIENT_NO_COOKIES,
SERVER_USE_COOKIES, SERVER_CHANGE_SESSID);
}
@@ -194,7 +194,7 @@ public class TestFormAuthenticatorB extends TomcatBaseTest {
// Third request - the login was successful so
// follow the redirect to the protected resource
client.doResourceRequest(redirectMethod, true, redirectUri, null);
- if ("POST".equals(redirectMethod)) {
+ if (Method.POST.equals(redirectMethod)) {
client.setUseContinue(useContinue);
}
Assert.assertTrue(client.isResponse200());
@@ -274,7 +274,7 @@ public class TestFormAuthenticatorB extends TomcatBaseTest {
protected void doLoginRequest(String loginUri) throws Exception {
- doResourceRequest("POST", true, PROTECTED_RELATIVE_PATH +
loginUri, LOGIN_REPLY);
+ doResourceRequest(Method.POST, true, PROTECTED_RELATIVE_PATH +
loginUri, LOGIN_REPLY);
}
/*
@@ -326,7 +326,7 @@ public class TestFormAuthenticatorB extends TomcatBaseTest {
}
// finally, for posts only, deal with the request content
- if ("POST".equals(method)) {
+ if (Method.POST.equals(method)) {
if (requestTail == null) {
requestTail = "role=bar";
}
diff --git a/test/org/apache/catalina/authenticator/TestFormAuthenticatorC.java
b/test/org/apache/catalina/authenticator/TestFormAuthenticatorC.java
index 88105b3dca..cd8cbaebfa 100644
--- a/test/org/apache/catalina/authenticator/TestFormAuthenticatorC.java
+++ b/test/org/apache/catalina/authenticator/TestFormAuthenticatorC.java
@@ -90,13 +90,13 @@ public class TestFormAuthenticatorC extends TomcatBaseTest {
@Test
public void testPostWithContinueAndCookies() throws Exception {
- doTest("POST", Method.GET, USE_100_CONTINUE, CLIENT_USE_COOKIES,
SERVER_USE_COOKIES, SERVER_CHANGE_SESSID);
+ doTest(Method.POST, Method.GET, USE_100_CONTINUE, CLIENT_USE_COOKIES,
SERVER_USE_COOKIES, SERVER_CHANGE_SESSID);
}
// Bug 49779
@Test
public void testPostWithContinuePostRedirectWithCookies() throws Exception
{
- doTest("POST", "POST", USE_100_CONTINUE, CLIENT_USE_COOKIES,
SERVER_USE_COOKIES, SERVER_CHANGE_SESSID);
+ doTest(Method.POST, Method.POST, USE_100_CONTINUE, CLIENT_USE_COOKIES,
SERVER_USE_COOKIES, SERVER_CHANGE_SESSID);
}
@@ -105,13 +105,13 @@ public class TestFormAuthenticatorC extends
TomcatBaseTest {
@Test
public void testPostWithContinueNoServerCookies() throws Exception {
- doTest("POST", Method.GET, USE_100_CONTINUE, CLIENT_USE_COOKIES,
SERVER_NO_COOKIES, SERVER_CHANGE_SESSID);
+ doTest(Method.POST, Method.GET, USE_100_CONTINUE, CLIENT_USE_COOKIES,
SERVER_NO_COOKIES, SERVER_CHANGE_SESSID);
}
// variant of Bug 49779
@Test
public void testPostWithContinuePostRedirectNoServerCookies() throws
Exception {
- doTest("POST", "POST", USE_100_CONTINUE, CLIENT_USE_COOKIES,
SERVER_NO_COOKIES, SERVER_CHANGE_SESSID);
+ doTest(Method.POST, Method.POST, USE_100_CONTINUE, CLIENT_USE_COOKIES,
SERVER_NO_COOKIES, SERVER_CHANGE_SESSID);
}
@@ -126,13 +126,13 @@ public class TestFormAuthenticatorC extends
TomcatBaseTest {
@Test
public void testPostWithContinueNoClientCookies() throws Exception {
- doTest("POST", Method.GET, USE_100_CONTINUE, CLIENT_NO_COOKIES,
SERVER_USE_COOKIES, SERVER_CHANGE_SESSID);
+ doTest(Method.POST, Method.GET, USE_100_CONTINUE, CLIENT_NO_COOKIES,
SERVER_USE_COOKIES, SERVER_CHANGE_SESSID);
}
// variant of Bug 49779
@Test
public void testPostWithContinuePostRedirectNoClientCookies() throws
Exception {
- doTest("POST", "POST", USE_100_CONTINUE, CLIENT_NO_COOKIES,
SERVER_USE_COOKIES, SERVER_CHANGE_SESSID);
+ doTest(Method.POST, Method.POST, USE_100_CONTINUE, CLIENT_NO_COOKIES,
SERVER_USE_COOKIES, SERVER_CHANGE_SESSID);
}
@@ -199,7 +199,7 @@ public class TestFormAuthenticatorC extends TomcatBaseTest {
// Third request - the login was successful so
// follow the redirect to the protected resource
client.doResourceRequest(redirectMethod, true, redirectUri, null);
- if ("POST".equals(redirectMethod)) {
+ if (Method.POST.equals(redirectMethod)) {
client.setUseContinue(useContinue);
}
Assert.assertTrue(client.isResponse200());
@@ -279,7 +279,7 @@ public class TestFormAuthenticatorC extends TomcatBaseTest {
protected void doLoginRequest(String loginUri) throws Exception {
- doResourceRequest("POST", true, PROTECTED_RELATIVE_PATH +
loginUri, LOGIN_REPLY);
+ doResourceRequest(Method.POST, true, PROTECTED_RELATIVE_PATH +
loginUri, LOGIN_REPLY);
}
/*
@@ -331,7 +331,7 @@ public class TestFormAuthenticatorC extends TomcatBaseTest {
}
// finally, for posts only, deal with the request content
- if ("POST".equals(method)) {
+ if (Method.POST.equals(method)) {
if (requestTail == null) {
requestTail = "role=bar";
}
diff --git a/test/org/apache/catalina/connector/TestRequest.java
b/test/org/apache/catalina/connector/TestRequest.java
index 35052d4661..71d13b66bd 100644
--- a/test/org/apache/catalina/connector/TestRequest.java
+++ b/test/org/apache/catalina/connector/TestRequest.java
@@ -412,7 +412,7 @@ public class TestRequest extends TomcatBaseTest {
// Make sure POST works properly
//
// POST with separate GET and POST parameters
- client.doRequest("POST", "foo=bar",
Globals.CONTENT_TYPE_FORM_URL_ENCODING, "bar=baz", true);
+ client.doRequest(Method.POST, "foo=bar",
Globals.CONTENT_TYPE_FORM_URL_ENCODING, "bar=baz", true);
Assert.assertTrue("Non-200 response for POST request",
client.isResponse200());
Assert.assertEquals("Incorrect response for POST request",
"bar=baz,foo=bar", client.getResponseBody());
@@ -420,7 +420,7 @@ public class TestRequest extends TomcatBaseTest {
client.reset();
// POST with overlapping GET and POST parameters
- client.doRequest("POST", "foo=bar&bar=foo",
Globals.CONTENT_TYPE_FORM_URL_ENCODING, "bar=baz&foo=baz", true);
+ client.doRequest(Method.POST, "foo=bar&bar=foo",
Globals.CONTENT_TYPE_FORM_URL_ENCODING, "bar=baz&foo=baz", true);
Assert.assertTrue("Non-200 response for POST request",
client.isResponse200());
Assert.assertEquals("Incorrect response for POST request",
"bar=baz,bar=foo,foo=bar,foo=baz",
@@ -590,7 +590,7 @@ public class TestRequest extends TomcatBaseTest {
URL postURL;
postURL = new URL(query);
HttpURLConnection conn = (HttpURLConnection) postURL.openConnection();
- conn.setRequestMethod("POST");
+ conn.setRequestMethod(Method.POST);
conn.setDoInput(true);
conn.setDoOutput(true);
diff --git a/test/org/apache/catalina/core/TestStandardContext.java
b/test/org/apache/catalina/core/TestStandardContext.java
index 8889aa91c6..f3895533e3 100644
--- a/test/org/apache/catalina/core/TestStandardContext.java
+++ b/test/org/apache/catalina/core/TestStandardContext.java
@@ -19,7 +19,6 @@ package org.apache.catalina.core;
import java.io.File;
import java.io.IOException;
import java.io.PrintWriter;
-import java.lang.reflect.Method;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Set;
@@ -76,6 +75,7 @@ import org.apache.tomcat.util.buf.ByteChunk;
import org.apache.tomcat.util.descriptor.web.FilterDef;
import org.apache.tomcat.util.descriptor.web.FilterMap;
import org.apache.tomcat.util.descriptor.web.LoginConfig;
+import org.apache.tomcat.util.http.Method;
public class TestStandardContext extends TomcatBaseTest {
@@ -512,7 +512,7 @@ public class TestStandardContext extends TomcatBaseTest {
// Add a constraint with uncovered methods
HttpConstraintElement hce = new
HttpConstraintElement(TransportGuarantee.NONE, "tomcat");
- HttpMethodConstraintElement hmce = new
HttpMethodConstraintElement("POST", hce);
+ HttpMethodConstraintElement hmce = new
HttpMethodConstraintElement(Method.POST, hce);
Set<HttpMethodConstraintElement> hmces = new HashSet<>();
hmces.add(hmce);
ServletSecurityElement sse = new ServletSecurityElement(hmces);
@@ -985,7 +985,7 @@ public class TestStandardContext extends TomcatBaseTest {
}
- @ServletSecurity(value =
@HttpConstraint(ServletSecurity.EmptyRoleSemantic.DENY), httpMethodConstraints
= @HttpMethodConstraint("POST"))
+ @ServletSecurity(value =
@HttpConstraint(ServletSecurity.EmptyRoleSemantic.DENY), httpMethodConstraints
= @HttpMethodConstraint(Method.POST))
public static class Foo extends HttpServlet {
private static final long serialVersionUID = 1L;
@@ -1010,7 +1010,7 @@ public class TestStandardContext extends TomcatBaseTest {
context.setName("context");
context.setParent(host);
- Method m =
StandardContext.class.getDeclaredMethod("getNamingContextName");
+ java.lang.reflect.Method m =
StandardContext.class.getDeclaredMethod("getNamingContextName");
m.setAccessible(true);
String result = (String) m.invoke(context);
diff --git a/test/org/apache/catalina/core/TestStandardWrapper.java
b/test/org/apache/catalina/core/TestStandardWrapper.java
index dbe3dc40e3..ba5b52efb3 100644
--- a/test/org/apache/catalina/core/TestStandardWrapper.java
+++ b/test/org/apache/catalina/core/TestStandardWrapper.java
@@ -426,7 +426,7 @@ public class TestStandardWrapper extends TomcatBaseTest {
private static final long serialVersionUID = 1L;
}
- @ServletSecurity(httpMethodConstraints = { @HttpMethodConstraint(value =
"POST", rolesAllowed = "testRole") })
+ @ServletSecurity(httpMethodConstraints = { @HttpMethodConstraint(value =
Method.POST, rolesAllowed = "testRole") })
public static class UncoveredGetServlet extends TestServlet {
private static final long serialVersionUID = 1L;
}
diff --git a/test/org/apache/catalina/filters/TestCorsFilter.java
b/test/org/apache/catalina/filters/TestCorsFilter.java
index 21f6e71646..f3518b0aee 100644
--- a/test/org/apache/catalina/filters/TestCorsFilter.java
+++ b/test/org/apache/catalina/filters/TestCorsFilter.java
@@ -81,7 +81,7 @@ public class TestCorsFilter {
TesterHttpServletRequest request = new TesterHttpServletRequest();
request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
request.setContentType("text/plain");
- request.setMethod("POST");
+ request.setMethod(Method.POST);
TesterHttpServletResponse response = new TesterHttpServletResponse();
CorsFilter corsFilter = new CorsFilter();
@@ -137,7 +137,7 @@ public class TestCorsFilter {
public void testDoFilterSimpleSpecificHeader() throws IOException,
ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
- request.setMethod("POST");
+ request.setMethod(Method.POST);
request.setContentType("text/plain");
TesterHttpServletResponse response = new TesterHttpServletResponse();
@@ -207,7 +207,7 @@ public class TestCorsFilter {
public void testDoFilterSimpleWithExposedHeaders() throws IOException,
ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
- request.setMethod("POST");
+ request.setMethod(Method.POST);
request.setContentType("text/plain");
TesterHttpServletResponse response = new TesterHttpServletResponse();
@@ -399,7 +399,7 @@ public class TestCorsFilter {
public void testDoFilterNoOrigin() throws IOException, ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setMethod("POST");
+ request.setMethod(Method.POST);
request.setContentType("text/plain");
TesterHttpServletResponse response = new TesterHttpServletResponse();
@@ -457,7 +457,7 @@ public class TestCorsFilter {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setMethod("POST");
+ request.setMethod(Method.POST);
request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, origin);
request.setScheme(scheme);
request.setServerName(host);
@@ -489,7 +489,7 @@ public class TestCorsFilter {
public void testDoFilterInvalidCORSOriginNotAllowed() throws IOException,
ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, "www.google.com");
- request.setMethod("POST");
+ request.setMethod(Method.POST);
TesterHttpServletResponse response = new TesterHttpServletResponse();
CorsFilter corsFilter = new CorsFilter();
@@ -506,7 +506,7 @@ public class TestCorsFilter {
public void testDoFilterNullOriginAllowedByDefault() throws IOException,
ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setMethod("POST");
+ request.setMethod(Method.POST);
request.setContentType("text/plain");
request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, "null");
TesterHttpServletResponse response = new TesterHttpServletResponse();
@@ -529,7 +529,7 @@ public class TestCorsFilter {
public void testDoFilterNullOriginAllowedByConfiguration() throws
IOException, ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setMethod("POST");
+ request.setMethod(Method.POST);
request.setContentType("text/plain");
request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, "null");
TesterHttpServletResponse response = new TesterHttpServletResponse();
@@ -723,7 +723,7 @@ public class TestCorsFilter {
public void testCheckSimpleRequestTypePost() throws ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
TesterFilterConfigs.HTTP_TOMCAT_APACHE_ORG);
- request.setMethod("POST");
+ request.setMethod(Method.POST);
CorsFilter corsFilter = new CorsFilter();
corsFilter.init(TesterFilterConfigs.getDefaultFilterConfig());
CorsFilter.CORSRequestType requestType =
corsFilter.checkRequestType(request);
@@ -755,7 +755,7 @@ public class TestCorsFilter {
public void testCheckActualRequestTypeMethodPOSTNotSimpleHeaders() throws
ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
TesterFilterConfigs.HTTP_TOMCAT_APACHE_ORG);
- request.setMethod("POST");
+ request.setMethod(Method.POST);
request.setContentType("application/json");
CorsFilter corsFilter = new CorsFilter();
corsFilter.init(TesterFilterConfigs.getDefaultFilterConfig());
@@ -1057,7 +1057,7 @@ public class TestCorsFilter {
TesterHttpServletRequest request = new TesterHttpServletRequest();
TesterHttpServletResponse response = new TesterHttpServletResponse();
request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
"https://tomcat.apache.org";);
- request.setMethod("POST");
+ request.setMethod(Method.POST);
CorsFilter corsFilter = new CorsFilter();
corsFilter.init(TesterFilterConfigs.getSpecificOriginFilterConfig());
corsFilter.doFilter(request, response, filterChain);
@@ -1315,7 +1315,7 @@ public class TestCorsFilter {
public void testContentTypeWithParameter() throws IOException,
ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setMethod("POST");
+ request.setMethod(Method.POST);
request.setContentType("text/plain;charset=UTF-8");
request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, "null");
TesterHttpServletResponse response = new TesterHttpServletResponse();
diff --git a/test/org/apache/catalina/filters/TestRestCsrfPreventionFilter.java
b/test/org/apache/catalina/filters/TestRestCsrfPreventionFilter.java
index b5deb18483..9e22ffa7ba 100644
--- a/test/org/apache/catalina/filters/TestRestCsrfPreventionFilter.java
+++ b/test/org/apache/catalina/filters/TestRestCsrfPreventionFilter.java
@@ -39,8 +39,6 @@ public class TestRestCsrfPreventionFilter {
private static final String INVALID_NONCE = "invalid-nonce";
- private static final String POST_METHOD = "POST";
-
public static final String ACCEPTED_PATH1 = "/accepted/index1.jsp";
public static final String ACCEPTED_PATH2 = "/accepted/index2.jsp";
@@ -80,32 +78,32 @@ public class TestRestCsrfPreventionFilter {
@Test
public void testPostRequestNoSessionNoNonce() throws Exception {
- setRequestExpectations(POST_METHOD, null, null);
+ setRequestExpectations(Method.POST, null, null);
filter.doFilter(request, response, filterChain);
verifyDenyResponse(HttpServletResponse.SC_FORBIDDEN);
}
@Test
public void testPostRequestSessionNoNonce1() throws Exception {
- setRequestExpectations(POST_METHOD, session, null);
+ setRequestExpectations(Method.POST, session, null);
testPostRequestHeaderScenarios(null, true);
}
@Test
public void testPostRequestSessionNoNonce2() throws Exception {
- setRequestExpectations(POST_METHOD, session, null);
+ setRequestExpectations(Method.POST, session, null);
testPostRequestHeaderScenarios(NONCE, true);
}
@Test
public void testPostRequestSessionInvalidNonce() throws Exception {
- setRequestExpectations(POST_METHOD, session, INVALID_NONCE);
+ setRequestExpectations(Method.POST, session, INVALID_NONCE);
testPostRequestHeaderScenarios(NONCE, true);
}
@Test
public void testPostRequestSessionValidNonce() throws Exception {
- setRequestExpectations(POST_METHOD, session, NONCE);
+ setRequestExpectations(Method.POST, session, NONCE);
testPostRequestHeaderScenarios(NONCE, false);
}
@@ -123,7 +121,7 @@ public class TestRestCsrfPreventionFilter {
@Test
public void testPostFetchRequestSessionNoNonce() throws Exception {
- setRequestExpectations(POST_METHOD, session,
Constants.CSRF_REST_NONCE_HEADER_FETCH_VALUE);
+ setRequestExpectations(Method.POST, session,
Constants.CSRF_REST_NONCE_HEADER_FETCH_VALUE);
testPostRequestHeaderScenarios(null, true);
}
@@ -139,13 +137,13 @@ public class TestRestCsrfPreventionFilter {
@Test
public void testPostFetchRequestSessionNonce() throws Exception {
- setRequestExpectations(POST_METHOD, session,
Constants.CSRF_REST_NONCE_HEADER_FETCH_VALUE);
+ setRequestExpectations(Method.POST, session,
Constants.CSRF_REST_NONCE_HEADER_FETCH_VALUE);
testPostRequestHeaderScenarios(NONCE, true);
}
@Test
public void testPostRequestCustomDenyStatus() throws Exception {
- setRequestExpectations(POST_METHOD, null, null);
+ setRequestExpectations(Method.POST, null, null);
filter.setDenyStatus(HttpServletResponse.SC_BAD_REQUEST);
filter.doFilter(request, response, filterChain);
verifyDenyResponse(HttpServletResponse.SC_BAD_REQUEST);
@@ -153,67 +151,67 @@ public class TestRestCsrfPreventionFilter {
@Test
public void testPostRequestValidNonceAsParameterValidPath1() throws
Exception {
- setRequestExpectations(POST_METHOD, session, null, new String[] {
NONCE }, ACCEPTED_PATH1);
+ setRequestExpectations(Method.POST, session, null, new String[] {
NONCE }, ACCEPTED_PATH1);
testPostRequestParamsScenarios(NONCE, false, true);
}
@Test
public void testPostRequestValidNonceAsParameterValidPath2() throws
Exception {
- setRequestExpectations(POST_METHOD, session, null, new String[] {
NONCE }, ACCEPTED_PATH2);
+ setRequestExpectations(Method.POST, session, null, new String[] {
NONCE }, ACCEPTED_PATH2);
testPostRequestParamsScenarios(NONCE, false, true);
}
@Test
public void testPostRequestInvalidNonceAsParameterValidPath() throws
Exception {
- setRequestExpectations(POST_METHOD, session, null, new String[] {
INVALID_NONCE }, ACCEPTED_PATH1);
+ setRequestExpectations(Method.POST, session, null, new String[] {
INVALID_NONCE }, ACCEPTED_PATH1);
testPostRequestParamsScenarios(NONCE, true, true);
}
@Test
public void testPostRequestValidNonceAsParameterInvalidPath() throws
Exception {
- setRequestExpectations(POST_METHOD, session, null, new String[] {
NONCE }, ACCEPTED_PATH1 + "blah");
+ setRequestExpectations(Method.POST, session, null, new String[] {
NONCE }, ACCEPTED_PATH1 + "blah");
testPostRequestParamsScenarios(NONCE, true, true);
}
@Test
public void testPostRequestValidNonceAsParameterNoPath() throws Exception {
- setRequestExpectations(POST_METHOD, session, null, new String[] {
NONCE }, ACCEPTED_PATH1);
+ setRequestExpectations(Method.POST, session, null, new String[] {
NONCE }, ACCEPTED_PATH1);
testPostRequestParamsScenarios(NONCE, true, false);
}
@Test
public void testPostRequestValidNonceAsParameterNoNonceInSession() throws
Exception {
- setRequestExpectations(POST_METHOD, session, null, new String[] {
NONCE }, ACCEPTED_PATH1);
+ setRequestExpectations(Method.POST, session, null, new String[] {
NONCE }, ACCEPTED_PATH1);
testPostRequestParamsScenarios(null, true, true);
}
@Test
public void testPostRequestValidNonceAsParameterInvalidNonceAsHeader()
throws Exception {
- setRequestExpectations(POST_METHOD, session, INVALID_NONCE, new
String[] { NONCE }, ACCEPTED_PATH1);
+ setRequestExpectations(Method.POST, session, INVALID_NONCE, new
String[] { NONCE }, ACCEPTED_PATH1);
testPostRequestParamsScenarios(NONCE, true, true);
}
@Test
public void testPostRequestNoNonceAsParameterAndHeaderValidPath() throws
Exception {
- setRequestExpectations(POST_METHOD, session, null, null,
ACCEPTED_PATH1);
+ setRequestExpectations(Method.POST, session, null, null,
ACCEPTED_PATH1);
testPostRequestParamsScenarios(NONCE, true, true);
}
@Test
public void testPostRequestMultipleValidNoncesAsParameterValidPath()
throws Exception {
- setRequestExpectations(POST_METHOD, session, null, new String[] {
NONCE, NONCE }, ACCEPTED_PATH1);
+ setRequestExpectations(Method.POST, session, null, new String[] {
NONCE, NONCE }, ACCEPTED_PATH1);
testPostRequestParamsScenarios(NONCE, false, true);
}
@Test
public void testPostRequestMultipleNoncesAsParameterValidPath() throws
Exception {
- setRequestExpectations(POST_METHOD, session, null, new String[] {
NONCE, INVALID_NONCE }, ACCEPTED_PATH1);
+ setRequestExpectations(Method.POST, session, null, new String[] {
NONCE, INVALID_NONCE }, ACCEPTED_PATH1);
testPostRequestParamsScenarios(NONCE, true, true);
}
@Test
public void testPostRequestMultipleInvalidNoncesAsParameterValidPath()
throws Exception {
- setRequestExpectations(POST_METHOD, session, null, new String[] {
INVALID_NONCE, INVALID_NONCE },
+ setRequestExpectations(Method.POST, session, null, new String[] {
INVALID_NONCE, INVALID_NONCE },
ACCEPTED_PATH1);
testPostRequestParamsScenarios(NONCE, true, true);
}
diff --git
a/test/org/apache/catalina/filters/TestRestCsrfPreventionFilter2.java
b/test/org/apache/catalina/filters/TestRestCsrfPreventionFilter2.java
index 6b3f5250eb..fbc07340ab 100644
--- a/test/org/apache/catalina/filters/TestRestCsrfPreventionFilter2.java
+++ b/test/org/apache/catalina/filters/TestRestCsrfPreventionFilter2.java
@@ -51,8 +51,6 @@ public class TestRestCsrfPreventionFilter2 extends
TomcatBaseTest {
private static final boolean USE_COOKIES = true;
private static final boolean NO_COOKIES = !USE_COOKIES;
- private static final String METHOD_POST = "POST";
-
private static final String HTTP_PREFIX = "http://localhost:";;
private static final String CONTEXT_PATH_LOGIN = "";
private static final String URI_PROTECTED = "/services/*";
@@ -126,7 +124,7 @@ public class TestRestCsrfPreventionFilter2 extends
TomcatBaseTest {
}
private void testClearPost() throws Exception {
- doTest(METHOD_POST, REMOVE_CUSTOMER, CREDENTIALS, null, NO_COOKIES,
HttpServletResponse.SC_FORBIDDEN, null,
+ doTest(Method.POST, REMOVE_CUSTOMER, CREDENTIALS, null, NO_COOKIES,
HttpServletResponse.SC_FORBIDDEN, null,
null, true, Constants.CSRF_REST_NONCE_HEADER_REQUIRED_VALUE);
}
@@ -136,18 +134,18 @@ public class TestRestCsrfPreventionFilter2 extends
TomcatBaseTest {
}
private void testValidPost() throws Exception {
- doTest(METHOD_POST, REMOVE_CUSTOMER, CREDENTIALS, null, USE_COOKIES,
HttpServletResponse.SC_OK,
+ doTest(Method.POST, REMOVE_CUSTOMER, CREDENTIALS, null, USE_COOKIES,
HttpServletResponse.SC_OK,
CUSTOMER_REMOVED_RESPONSE, validNonce, false, null);
}
private void testInvalidPost() throws Exception {
- doTest(METHOD_POST, REMOVE_CUSTOMER, CREDENTIALS, null, USE_COOKIES,
HttpServletResponse.SC_FORBIDDEN, null,
+ doTest(Method.POST, REMOVE_CUSTOMER, CREDENTIALS, null, USE_COOKIES,
HttpServletResponse.SC_FORBIDDEN, null,
Constants.CSRF_REST_NONCE_HEADER_FETCH_VALUE, true,
Constants.CSRF_REST_NONCE_HEADER_REQUIRED_VALUE);
- doTest(METHOD_POST, REMOVE_CUSTOMER, CREDENTIALS, null, USE_COOKIES,
HttpServletResponse.SC_FORBIDDEN, null,
+ doTest(Method.POST, REMOVE_CUSTOMER, CREDENTIALS, null, USE_COOKIES,
HttpServletResponse.SC_FORBIDDEN, null,
INVALID_NONCE_1, true,
Constants.CSRF_REST_NONCE_HEADER_REQUIRED_VALUE);
- doTest(METHOD_POST, REMOVE_CUSTOMER, CREDENTIALS, null, USE_COOKIES,
HttpServletResponse.SC_FORBIDDEN, null,
+ doTest(Method.POST, REMOVE_CUSTOMER, CREDENTIALS, null, USE_COOKIES,
HttpServletResponse.SC_FORBIDDEN, null,
INVALID_NONCE_2, true,
Constants.CSRF_REST_NONCE_HEADER_REQUIRED_VALUE);
- doTest(METHOD_POST, REMOVE_CUSTOMER, CREDENTIALS, null, USE_COOKIES,
HttpServletResponse.SC_FORBIDDEN, null,
+ doTest(Method.POST, REMOVE_CUSTOMER, CREDENTIALS, null, USE_COOKIES,
HttpServletResponse.SC_FORBIDDEN, null,
null, true, Constants.CSRF_REST_NONCE_HEADER_REQUIRED_VALUE);
}
@@ -159,11 +157,11 @@ public class TestRestCsrfPreventionFilter2 extends
TomcatBaseTest {
private void testValidPostWithRequestParams() throws Exception {
String validBody = Constants.CSRF_REST_NONCE_HEADER_NAME + "=" +
validNonce;
String invalidbody = Constants.CSRF_REST_NONCE_HEADER_NAME + "=" +
INVALID_NONCE_1;
- doTest(METHOD_POST, REMOVE_CUSTOMER, CREDENTIALS,
validBody.getBytes(StandardCharsets.ISO_8859_1), USE_COOKIES,
+ doTest(Method.POST, REMOVE_CUSTOMER, CREDENTIALS,
validBody.getBytes(StandardCharsets.ISO_8859_1), USE_COOKIES,
HttpServletResponse.SC_OK, CUSTOMER_REMOVED_RESPONSE, null,
false, null);
- doTest(METHOD_POST, ADD_CUSTOMER, CREDENTIALS,
validBody.getBytes(StandardCharsets.ISO_8859_1), USE_COOKIES,
+ doTest(Method.POST, ADD_CUSTOMER, CREDENTIALS,
validBody.getBytes(StandardCharsets.ISO_8859_1), USE_COOKIES,
HttpServletResponse.SC_OK, CUSTOMER_ADDED_RESPONSE, null,
false, null);
- doTest(METHOD_POST, REMOVE_CUSTOMER, CREDENTIALS,
invalidbody.getBytes(StandardCharsets.ISO_8859_1),
+ doTest(Method.POST, REMOVE_CUSTOMER, CREDENTIALS,
invalidbody.getBytes(StandardCharsets.ISO_8859_1),
USE_COOKIES, HttpServletResponse.SC_OK,
CUSTOMER_REMOVED_RESPONSE, validNonce, false, null);
}
@@ -172,13 +170,13 @@ public class TestRestCsrfPreventionFilter2 extends
TomcatBaseTest {
String invalidbody1 = Constants.CSRF_REST_NONCE_HEADER_NAME + "=" +
INVALID_NONCE_1;
String invalidbody2 =
Constants.CSRF_REST_NONCE_HEADER_NAME + "=" +
Constants.CSRF_REST_NONCE_HEADER_FETCH_VALUE;
- doTest(METHOD_POST, REMOVE_ALL_CUSTOMERS, CREDENTIALS,
validBody.getBytes(StandardCharsets.ISO_8859_1),
+ doTest(Method.POST, REMOVE_ALL_CUSTOMERS, CREDENTIALS,
validBody.getBytes(StandardCharsets.ISO_8859_1),
USE_COOKIES, HttpServletResponse.SC_FORBIDDEN, null, null,
true,
Constants.CSRF_REST_NONCE_HEADER_REQUIRED_VALUE);
- doTest(METHOD_POST, REMOVE_CUSTOMER, CREDENTIALS,
invalidbody1.getBytes(StandardCharsets.ISO_8859_1),
+ doTest(Method.POST, REMOVE_CUSTOMER, CREDENTIALS,
invalidbody1.getBytes(StandardCharsets.ISO_8859_1),
USE_COOKIES, HttpServletResponse.SC_FORBIDDEN, null, null,
true,
Constants.CSRF_REST_NONCE_HEADER_REQUIRED_VALUE);
- doTest(METHOD_POST, REMOVE_CUSTOMER, CREDENTIALS,
invalidbody2.getBytes(StandardCharsets.ISO_8859_1),
+ doTest(Method.POST, REMOVE_CUSTOMER, CREDENTIALS,
invalidbody2.getBytes(StandardCharsets.ISO_8859_1),
USE_COOKIES, HttpServletResponse.SC_FORBIDDEN, null, null,
true,
Constants.CSRF_REST_NONCE_HEADER_REQUIRED_VALUE);
}
diff --git a/test/org/apache/catalina/realm/TestRealmBase.java
b/test/org/apache/catalina/realm/TestRealmBase.java
index d4184a93e8..3ce81b3007 100644
--- a/test/org/apache/catalina/realm/TestRealmBase.java
+++ b/test/org/apache/catalina/realm/TestRealmBase.java
@@ -713,7 +713,7 @@ public class TestRealmBase {
// Only user1 should be able to perform a POST as only that user has
// role1.
- request.setMethod("POST");
+ request.setMethod(Method.POST);
SecurityConstraint[] constraintsPost =
mapRealm.findSecurityConstraints(request, context);
diff --git a/test/org/apache/catalina/realm/TesterServletSecurity01.java
b/test/org/apache/catalina/realm/TesterServletSecurity01.java
index 24f34d7467..5fb760cdc3 100644
--- a/test/org/apache/catalina/realm/TesterServletSecurity01.java
+++ b/test/org/apache/catalina/realm/TesterServletSecurity01.java
@@ -21,10 +21,11 @@ import javax.servlet.annotation.HttpMethodConstraint;
import javax.servlet.annotation.ServletSecurity;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
+import org.apache.tomcat.util.http.Method;
@ServletSecurity(value=@HttpConstraint,
httpMethodConstraints={
- @HttpMethodConstraint(value="POST",
+ @HttpMethodConstraint(value=Method.POST,
rolesAllowed=TestRealmBase.ROLE1),
@HttpMethodConstraint(value="PUT",
rolesAllowed=SecurityConstraint.ROLE_ALL_ROLES),
diff --git a/test/org/apache/catalina/servlets/TestDefaultServletOptions.java
b/test/org/apache/catalina/servlets/TestDefaultServletOptions.java
index 690cb40b5b..ef52326bbb 100644
--- a/test/org/apache/catalina/servlets/TestDefaultServletOptions.java
+++ b/test/org/apache/catalina/servlets/TestDefaultServletOptions.java
@@ -34,7 +34,7 @@ public class TestDefaultServletOptions extends
ServletOptionsBaseTest {
@Parameters
public static Collection<Object[]> inputs() {
String[] urls = new String[] { COLLECTION_NAME, FILE_NAME,
UNKNOWN_NAME };
- String[] methods = new String[] { Method.GET, "POST", "HEAD", "TRACE",
"PUT", "DELETE" };
+ String[] methods = new String[] { Method.GET, Method.POST, "HEAD",
"TRACE", "PUT", "DELETE" };
List<Object[]> result = new ArrayList<>();
diff --git
a/test/org/apache/catalina/servlets/TestWebdavServletOptionCollection.java
b/test/org/apache/catalina/servlets/TestWebdavServletOptionCollection.java
index c02e51a2f1..0eee5c136b 100644
--- a/test/org/apache/catalina/servlets/TestWebdavServletOptionCollection.java
+++ b/test/org/apache/catalina/servlets/TestWebdavServletOptionCollection.java
@@ -37,7 +37,7 @@ public class TestWebdavServletOptionCollection extends
ServletOptionsBaseTest {
@Parameters
public static Collection<Object[]> inputs() {
- String[] methods = new String[] { Method.GET, "POST", "HEAD", "TRACE",
"PUT", "DELETE",
+ String[] methods = new String[] { Method.GET, Method.POST, "HEAD",
"TRACE", "PUT", "DELETE",
"MKCOL", "LOCK", "UNLOCK", "COPY", "MOVE", "PROPFIND",
"PROPPATCH" };
List<Object[]> result = new ArrayList<>();
diff --git
a/test/org/apache/catalina/servlets/TestWebdavServletOptionsFile.java
b/test/org/apache/catalina/servlets/TestWebdavServletOptionsFile.java
index 6e1f4e51ec..a46c4d6cc7 100644
--- a/test/org/apache/catalina/servlets/TestWebdavServletOptionsFile.java
+++ b/test/org/apache/catalina/servlets/TestWebdavServletOptionsFile.java
@@ -37,7 +37,7 @@ public class TestWebdavServletOptionsFile extends
ServletOptionsBaseTest {
@Parameters
public static Collection<Object[]> inputs() {
- String[] methods = new String[] { Method.GET, "POST", "HEAD", "TRACE",
"PUT", "DELETE",
+ String[] methods = new String[] { Method.GET, Method.POST, "HEAD",
"TRACE", "PUT", "DELETE",
"MKCOL", "LOCK", "UNLOCK", "COPY", "MOVE", "PROPFIND",
"PROPPATCH" };
List<Object[]> result = new ArrayList<>();
diff --git
a/test/org/apache/catalina/servlets/TestWebdavServletOptionsUnknown.java
b/test/org/apache/catalina/servlets/TestWebdavServletOptionsUnknown.java
index 3804c9de8f..7a1c11e0ea 100644
--- a/test/org/apache/catalina/servlets/TestWebdavServletOptionsUnknown.java
+++ b/test/org/apache/catalina/servlets/TestWebdavServletOptionsUnknown.java
@@ -37,7 +37,7 @@ public class TestWebdavServletOptionsUnknown extends
ServletOptionsBaseTest {
@Parameters
public static Collection<Object[]> inputs() {
- String[] methods = new String[] { Method.GET, "POST", "HEAD", "TRACE",
"PUT", "DELETE",
+ String[] methods = new String[] { Method.GET, Method.POST, "HEAD",
"TRACE", "PUT", "DELETE",
"MKCOL", "LOCK", "UNLOCK", "COPY", "MOVE", "PROPFIND",
"PROPPATCH" };
List<Object[]> result = new ArrayList<>();
diff --git a/test/org/apache/coyote/ajp/SimpleAjpClient.java
b/test/org/apache/coyote/ajp/SimpleAjpClient.java
index ed3a3c837b..a2c3dd1088 100644
--- a/test/org/apache/coyote/ajp/SimpleAjpClient.java
+++ b/test/org/apache/coyote/ajp/SimpleAjpClient.java
@@ -85,7 +85,7 @@ public class SimpleAjpClient {
case "HEAD":
this.method = 3;
break;
- case "POST":
+ case Method.POST:
this.method = 4;
break;
case "PUT":
@@ -171,7 +171,7 @@ public class SimpleAjpClient {
case 3:
return "HEAD";
case 4:
- return "POST";
+ return Method.POST;
case 5:
return "PUT";
case 6:
diff --git a/test/org/apache/coyote/ajp/TestAbstractAjpProcessor.java
b/test/org/apache/coyote/ajp/TestAbstractAjpProcessor.java
index ff7968a523..bf7dfe6a89 100644
--- a/test/org/apache/coyote/ajp/TestAbstractAjpProcessor.java
+++ b/test/org/apache/coyote/ajp/TestAbstractAjpProcessor.java
@@ -636,7 +636,7 @@ public class TestAbstractAjpProcessor extends
TomcatBaseTest {
validateCpong(ajpClient.cping());
ajpClient.setUri("/test/echo-params.jsp");
- ajpClient.setMethod("POST");
+ ajpClient.setMethod(Method.POST);
TesterAjpMessage forwardMessage = ajpClient.createForwardMessage();
forwardMessage.addHeader(0xA008, "9");
if (multipleCL) {
@@ -723,12 +723,12 @@ public class TestAbstractAjpProcessor extends
TomcatBaseTest {
@Test
public void testZeroLengthRequestBodyPostA() throws Exception {
- doTestZeroLengthRequestBody("POST", true);
+ doTestZeroLengthRequestBody(Method.POST, true);
}
@Test
public void testZeroLengthRequestBodyPostB() throws Exception {
- doTestZeroLengthRequestBody("POST", false);
+ doTestZeroLengthRequestBody(Method.POST, false);
}
private void doTestZeroLengthRequestBody(String method, boolean
callAvailable) throws Exception {
@@ -1110,7 +1110,7 @@ public class TestAbstractAjpProcessor extends
TomcatBaseTest {
response.setCharacterEncoding("UTF-8");
try (PrintWriter w = response.getWriter()) {
- w.println("Method: " + (isPost ? "POST" : Method.GET) + ".
Reading request body...");
+ w.println("Method: " + (isPost ? Method.POST : Method.GET) +
". Reading request body...");
w.println("Request Body length in bytes: " + readCount);
}
}
diff --git a/test/org/apache/coyote/http2/Http2TestBase.java
b/test/org/apache/coyote/http2/Http2TestBase.java
index f47f0f691b..4eb1ecc9d8 100644
--- a/test/org/apache/coyote/http2/Http2TestBase.java
+++ b/test/org/apache/coyote/http2/Http2TestBase.java
@@ -374,7 +374,7 @@ public abstract class Http2TestBase extends TomcatBaseTest {
byte[] padding, boolean withTrailers, int streamId) {
MimeHeaders headers = new MimeHeaders();
- headers.addValue(":method").setString("POST");
+ headers.addValue(":method").setString(Method.POST);
headers.addValue(":scheme").setString("http");
headers.addValue(":path").setString(path);
headers.addValue(":authority").setString("localhost:" + getPort());
diff --git a/test/org/apache/coyote/http2/TestFlowControl.java
b/test/org/apache/coyote/http2/TestFlowControl.java
index 362dcf40e4..ad9bf51058 100644
--- a/test/org/apache/coyote/http2/TestFlowControl.java
+++ b/test/org/apache/coyote/http2/TestFlowControl.java
@@ -24,6 +24,7 @@ import java.util.logging.Logger;
import org.junit.Assert;
import org.junit.Test;
+import org.apache.tomcat.util.http.Method;
import org.apache.tomcat.util.http.MimeHeaders;
import org.apache.tomcat.util.res.StringManager;
@@ -49,7 +50,7 @@ public class TestFlowControl extends Http2TestBase {
ByteBuffer headersPayload = ByteBuffer.allocate(128);
MimeHeaders headers = new MimeHeaders();
- headers.addValue(":method").setString("POST");
+ headers.addValue(":method").setString(Method.POST);
headers.addValue(":scheme").setString("http");
headers.addValue(":path").setString("/path-does-not-exist");
headers.addValue(":authority").setString("localhost:" + getPort());
diff --git a/test/org/apache/coyote/http2/TestHttp2UpgradeHandler.java
b/test/org/apache/coyote/http2/TestHttp2UpgradeHandler.java
index a78682446f..12fecd6f90 100644
--- a/test/org/apache/coyote/http2/TestHttp2UpgradeHandler.java
+++ b/test/org/apache/coyote/http2/TestHttp2UpgradeHandler.java
@@ -131,7 +131,7 @@ public class TestHttp2UpgradeHandler extends Http2TestBase {
openClientConnection();
- byte[] upgradeRequest = ((usePost ? "POST" : Method.GET) + " /" +
(useReader ? "?useReader=true " : " ") +
+ byte[] upgradeRequest = ((usePost ? Method.POST : Method.GET) + " /" +
(useReader ? "?useReader=true " : " ") +
"HTTP/1.1\r\n" + "Host: localhost:" + getPort() + "\r\n" +
"Content-Length: 18\r\n" +
"Connection: Upgrade,HTTP2-Settings\r\n" + "Upgrade: h2c\r\n"
+ EMPTY_HTTP2_SETTINGS_HEADER + "\r\n" +
"Small request body").getBytes(StandardCharsets.ISO_8859_1);
diff --git
a/test/org/apache/tomcat/util/descriptor/web/TestSecurityConstraint.java
b/test/org/apache/tomcat/util/descriptor/web/TestSecurityConstraint.java
index ea5869ff6e..e409c15e8b 100644
--- a/test/org/apache/tomcat/util/descriptor/web/TestSecurityConstraint.java
+++ b/test/org/apache/tomcat/util/descriptor/web/TestSecurityConstraint.java
@@ -59,7 +59,7 @@ public class TestSecurityConstraint {
POST_ONLY = new SecurityConstraint();
POST_ONLY.addAuthRole(ROLE1);
SecurityCollection scPostOnly = new SecurityCollection();
- scPostOnly.addMethod("POST");
+ scPostOnly.addMethod(Method.POST);
scPostOnly.addPatternDecoded(URL_PATTERN);
scPostOnly.setName("POST_ONLY");
POST_ONLY.addCollection(scPostOnly);
@@ -75,7 +75,7 @@ public class TestSecurityConstraint {
POST_OMIT = new SecurityConstraint();
POST_OMIT.addAuthRole(ROLE1);
SecurityCollection scPostOmit = new SecurityCollection();
- scPostOmit.addOmittedMethod("POST");
+ scPostOmit.addOmittedMethod(Method.POST);
scPostOmit.addPatternDecoded(URL_PATTERN);
scPostOmit.setName("POST_OMIT");
POST_OMIT.addCollection(scPostOmit);
@@ -145,14 +145,14 @@ public class TestSecurityConstraint {
// Example 13-5
// @ServletSecurity((httpMethodConstraints = {
// @HttpMethodConstraint(value = Method.GET, rolesAllowed = "R1"),
- // @HttpMethodConstraint(value = "POST", rolesAllowed = "R1",
+ // @HttpMethodConstraint(value = Method.POST, rolesAllowed = "R1",
// transportGuarantee = TransportGuarantee.CONFIDENTIAL)
// })
hmces.clear();
hmces.add(new HttpMethodConstraintElement(Method.GET,
new HttpConstraintElement(
ServletSecurity.TransportGuarantee.NONE, ROLE1)));
- hmces.add(new HttpMethodConstraintElement("POST",
+ hmces.add(new HttpMethodConstraintElement(Method.POST,
new HttpConstraintElement(
ServletSecurity.TransportGuarantee.CONFIDENTIAL,
ROLE1)));
@@ -170,7 +170,7 @@ public class TestSecurityConstraint {
if (Method.GET.equals(method)) {
Assert.assertEquals(ServletSecurity.TransportGuarantee.NONE.name(),
result[i].getUserConstraint());
- } else if ("POST".equals(method)) {
+ } else if (Method.POST.equals(method)) {
Assert.assertEquals(ServletSecurity.TransportGuarantee.CONFIDENTIAL.name(),
result[i].getUserConstraint());
} else {
@@ -322,7 +322,7 @@ public class TestSecurityConstraint {
// Should list POST as an omitted method
Assert.assertEquals(0, sc.findMethods().length);
Assert.assertEquals(1, sc.findOmittedMethods().length);
- Assert.assertEquals("POST", sc.findOmittedMethods()[0]);
+ Assert.assertEquals(Method.POST, sc.findOmittedMethods()[0]);
}
@@ -358,7 +358,7 @@ public class TestSecurityConstraint {
// Should list POST as an method
Assert.assertEquals(0, sc.findOmittedMethods().length);
Assert.assertEquals(1, sc.findMethods().length);
- Assert.assertEquals("POST", sc.findMethods()[0]);
+ Assert.assertEquals(Method.POST, sc.findMethods()[0]);
}
@@ -400,7 +400,7 @@ public class TestSecurityConstraint {
HashSet<String> omittedMethods = new HashSet<>();
omittedMethods.addAll(Arrays.asList(sc.findOmittedMethods()));
Assert.assertTrue(omittedMethods.remove(Method.GET));
- Assert.assertTrue(omittedMethods.remove("POST"));
+ Assert.assertTrue(omittedMethods.remove(Method.POST));
}
@@ -429,7 +429,7 @@ public class TestSecurityConstraint {
// Should list POST as a method
Assert.assertEquals(1, sc.findMethods().length);
Assert.assertEquals(0, sc.findOmittedMethods().length);
- Assert.assertEquals("POST", sc.findMethods()[0]);
+ Assert.assertEquals(Method.POST, sc.findMethods()[0]);
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
