changelog.xml

markt Fri, 06 Mar 2009 06:05:20 -0800

Author: markt
Date: Fri Mar  6 14:04:54 2009
New Revision: 750908

URL: http://svn.apache.org/viewvc?rev=750908&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=39396
Don't include TRACEE in OPTIONS response unless we know it hasn't been disabled 
in the connector


Modified:
    tomcat/tc6.0.x/trunk/   (props changed)
    tomcat/tc6.0.x/trunk/STATUS.txt
    tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/RequestFacade.java
    tomcat/tc6.0.x/trunk/java/org/apache/catalina/servlets/DefaultServlet.java
    tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc6.0.x/trunk/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Fri Mar  6 14:04:54 2009
@@ -1 +1 @@
-/tomcat/trunk:601180,606992,612607,630314,640888,652744,653247,673796,673820,683982,684001,684081,684234,684269-684270,685177,687503,687645,689402,690781,691392,691805,692748,693378,694992,695053,695311,696780,696782,698012,698227,698236,698613,699427,699634,701355,709294,709811,709816,710063,710066,710125,710205,711126,711600,712461,712467,718360,719602,719626,719628,720046,720069,721040,723404,723738,726052,727303,728032,728768,728947,729057,729567,729569,729571,729809,729815,729934,730250,730590,731651,732859,732863,734734,740675,740684,742677,742697,747834,748344
+/tomcat/trunk:601180,606992,612607,630314,640888,652744,653247,673796,673820,683982,684001,684081,684234,684269-684270,685177,687503,687645,689402,690781,691392,691805,692748,693378,694992,695053,695311,696780,696782,698012,698227,698236,698613,699427,699634,701355,709294,709811,709816,710063,710066,710125,710205,711126,711600,712461,712467,718360,719602,719626,719628,720046,720069,721040,723404,723738,726052,727303,728032,728768,728947,729057,729567,729569,729571,729809,729815,729934,730250,730590,731651,732859,732863,734734,740675,740684,742677,742697,742714,747834,748344

Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=750908&r1=750907&r2=750908&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Fri Mar  6 14:04:54 2009
@@ -95,13 +95,6 @@
       code a warning that it won't be there in the next version.
   -1: 
 
-* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=39396
-  Don't include TRACEE in OPTIONS response unless we know it hasn't been
-  disabled in the connector
-  http://svn.apache.org/viewvc?rev=742714&view=rev
-  +1: markt, mturk, fhanik, jim
-  -1: 
-
 * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=46666
   keepAliveTimeout should be used regardless of setting of disableUploadTimeout
   http://svn.apache.org/viewvc?rev=744160&view=rev

Modified: 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/RequestFacade.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/RequestFacade.java?rev=750908&r1=750907&r2=750908&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/RequestFacade.java 
(original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/RequestFacade.java 
Fri Mar  6 14:04:54 2009
@@ -932,4 +932,7 @@
         return request.getRemotePort();
     }
 
+    public boolean getAllowTrace() {
+        return request.getConnector().getAllowTrace();
+    }
 }

Modified: 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/servlets/DefaultServlet.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/servlets/DefaultServlet.java?rev=750908&r1=750907&r2=750908&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/catalina/servlets/DefaultServlet.java 
(original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/servlets/DefaultServlet.java 
Fri Mar  6 14:04:54 2009
@@ -56,6 +56,7 @@
 import javax.xml.transform.stream.StreamSource;
 
 import org.apache.catalina.Globals;
+import org.apache.catalina.connector.RequestFacade;
 import org.apache.catalina.util.RequestUtil;
 import org.apache.catalina.util.ServerInfo;
 import org.apache.catalina.util.StringManager;
@@ -77,8 +78,7 @@
 
 public class DefaultServlet
     extends HttpServlet {
-
-
+    
     // ----------------------------------------------------- Instance Variables
 
 
@@ -354,6 +354,49 @@
 
 
     /**
+     * Override default implementation to ensure that TRACE is correctly
+     * handled.
+     *
+     * @param req   the {...@link HttpServletRequest} object that
+     *                  contains the request the client made of
+     *                  the servlet
+     *
+     * @param resp  the {...@link HttpServletResponse} object that
+     *                  contains the response the servlet returns
+     *                  to the client                                
+     *
+     * @exception IOException   if an input or output error occurs
+     *                              while the servlet is handling the
+     *                              OPTIONS request
+     *
+     * @exception ServletException  if the request for the
+     *                                  OPTIONS cannot be handled
+     */
+    protected void doOptions(HttpServletRequest req, HttpServletResponse resp)
+        throws ServletException, IOException {
+
+        StringBuffer allow = new StringBuffer();
+        // There is a doGet method
+        allow.append("GET, HEAD");
+        // There is a doPost
+        allow.append(", POST");
+        // There is a doPut
+        allow.append(", PUT");
+        // There is a doDelete
+        allow.append(", POST");
+        // Trace - assume disabled unless we can prove otherwise
+        if (req instanceof RequestFacade &&
+                ((RequestFacade) req).getAllowTrace()) {
+            allow.append(", TRACE");
+        }
+        // Always allow options
+        allow.append(", OPTIONS");
+        
+        resp.setHeader("Allow", allow.toString());
+    }
+    
+    
+    /**
      * Process a POST request for the specified resource.
      *
      * @param request The servlet request we are processing

Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=750908&r1=750907&r2=750908&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Fri Mar  6 14:04:54 2009
@@ -58,6 +58,10 @@
         match with the appBase dir. (markt)
       </fix>
       <fix>
+        <bug>39396</bug>: Don't include TRACEE in OPTIONS response unless we
+        know it hasn't been disabled in the connector. (markt)
+      </fix>
+      <fix>
         <bug>42747</bug>: Ensure context.xml takes effect on first deployment
         for WAR and DIR deployments. context.xml is now copied to
         CATALINA_BASE/&lt;engine name&gt;/&lt;host name&gt; for DIR as well as



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

svn commit: r750908 - in /tomcat/tc6.0.x/trunk: ./ STATUS.txt java/org/apache/catalina/connector/RequestFacade.java java/org/apache/catalina/servlets/DefaultServlet.java webapps/docs/changelog.xml

Reply via email to