Skip to content

Commit

Permalink
FELIX-6698 Ability to configure URI Compliance mode (#308)
Browse files Browse the repository at this point in the history
* FELIX-6698 Ability to configure URI Compliance mode
- Add `org.eclipse.jetty.UriComplianceMode` option
- Possible values are: DEFAULT, LEGACY, RFC3986, UNAMBIGUOUS, UNSAFE
- When UNSAFE or LEGACY is used, also apply workaround as suggested in jetty/jetty.project#11448 (comment). This is not Servlet API 6 compliant though, so use on your own risk.

* FELIX-6698 Ability to configure URI Compliance mode
- Add UNAMBIGUOUS

* Code review comments

* Code review comments
  • Loading branch information
paulrutter authored Apr 29, 2024
1 parent b6fff2a commit 76344a4
Show file tree
Hide file tree
Showing 4 changed files with 31 additions and 2 deletions.
1 change: 1 addition & 0 deletions http/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -413,6 +413,7 @@ properties can be used (some legacy property names still exist but are not docum
| `org.eclipse.jetty.servlet.SessionDomain` | Domain to set on the session cookie. The default is `null`. |
| `org.eclipse.jetty.servlet.SessionPath` | The path to set on the session cookie. The default is the configured session context path ("/"). |
| `org.eclipse.jetty.servlet.MaxAge` | The maximum age value to set on the cookie. The default is "-1". |
| `org.eclipse.jetty.UriComplianceMode` | The URI compliance mode to set. The default is [DEFAULT](https://eclipse.dev/jetty/javadoc/jetty-12/org/eclipse/jetty/http/UriCompliance.html#DEFAULT). See [documentation](https://eclipse.dev/jetty/documentation/jetty-12/programming-guide/index.html#pg-server-compliance-uri.) and [possible modes](https://github.com/jetty/jetty.project/blob/jetty-12.0.x/jetty-core/jetty-http/src/main/java/org/eclipse/jetty/http/UriCompliance.java#L186C107-L186C113). |
| `org.apache.felix.proxy.load.balancer.connection.enable` | Set this to `true` when running Felix HTTP behind a (offloading) proxy or load balancer which rewrites the requests. The default is `false`. |
| `org.apache.felix.http.runtime.init.` | Properties starting with this prefix are added as service registration properties to the HttpServiceRuntime service. The prefix is removed for the property name. |
| `org.apache.felix.jetty.gziphandler.enable` | Whether the server should use a server-wide gzip handler. Default is false. |
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -284,6 +284,12 @@ public ObjectClassDefinition getObjectClassDefinition( String id, String locale
false,
bundle.getBundleContext().getProperty(JettyConfig.FELIX_JETTY_SESSION_COOKIE_SECURE)));

adList.add(new AttributeDefinitionImpl(JettyConfig.FELIX_JETTY_URI_COMPLIANCE_MODE,
"Jetty URI compliance mode",
"Jetty URI compliance mode (if not set, Jetty will configure a default)",
null,
bundle.getBundleContext().getProperty(JettyConfig.FELIX_JETTY_URI_COMPLIANCE_MODE)));

adList.add(new AttributeDefinitionImpl(JettyConfig.FELIX_JETTY_SERVLET_SESSION_ID_PATH_PARAMETER_NAME,
"Session Id path parameter",
"Defaults to jsessionid. If set to null or \"none\" no URL rewriting will be done.",
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -166,6 +166,9 @@ public final class JettyConfig
/** Felix specific property to configure session max age */
public static final String FELIX_JETTY_SERVLET_SESSION_MAX_AGE = "org.eclipse.jetty.servlet.MaxAge";

/** Felix specific property to configure the uri compliance mode (https://eclipse.dev/jetty/documentation/jetty-12/programming-guide/index.html#pg-server-compliance-uri) */
public static final String FELIX_JETTY_URI_COMPLIANCE_MODE = "org.eclipse.jetty.UriComplianceMode";

/** Felix specific property to configure session scavenging interval in Seconds */
public static final String FELIX_JETTY_SESSION_SCAVENGING_INTERVAL = "org.eclipse.jetty.servlet.SessionScavengingInterval";

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,9 @@
import org.eclipse.jetty.ee10.servlet.ServletContextHandler;
import org.eclipse.jetty.ee10.servlet.ServletHolder;
import org.eclipse.jetty.ee10.servlet.SessionHandler;
import org.eclipse.jetty.ee10.servlet.ServletHandler;
import org.eclipse.jetty.http.HttpVersion;
import org.eclipse.jetty.http.UriCompliance;
import org.eclipse.jetty.http2.server.HTTP2ServerConnectionFactory;
import org.eclipse.jetty.io.ConnectionStatistics;
import org.eclipse.jetty.security.HashLoginService;
Expand Down Expand Up @@ -251,9 +253,9 @@ private void initializeJetty() throws Exception
loginService.setUserStore(new UserStore());
this.server.addBean(loginService);

ServletContextHandler context = new ServletContextHandler(this.config.getContextPath(),
ServletContextHandler context = new ServletContextHandler(this.config.getContextPath(),
ServletContextHandler.SESSIONS);

this.parent = new ContextHandlerCollection(context);

configureSessionManager(context);
Expand Down Expand Up @@ -564,6 +566,23 @@ private void configureHttpConnectionFactory(HttpConnectionFactory connFactory)
config.setResponseHeaderSize(this.config.getHeaderSize());
config.setOutputBufferSize(this.config.getResponseBufferSize());

String uriComplianceMode = this.config.getProperty(JettyConfig.FELIX_JETTY_URI_COMPLIANCE_MODE, null);
if (uriComplianceMode != null) {
try {
config.setUriCompliance(UriCompliance.valueOf(uriComplianceMode));

if (UriCompliance.LEGACY.equals(uriComplianceMode)
|| UriCompliance.UNSAFE.equals(uriComplianceMode)
|| UriCompliance.UNAMBIGUOUS.equals(uriComplianceMode)) {
// See https://github.com/jetty/jetty.project/issues/11448#issuecomment-1969206031
this.server.getContainedBeans(ServletHandler.class)
.forEach(handler -> handler.setDecodeAmbiguousURIs(true));
}
} catch (IllegalArgumentException e) {
SystemLogger.LOGGER.warn("Invalid URI compliance mode: {}", uriComplianceMode);
}
}

// HTTP/1.1 requires Date header if possible (it is)
config.setSendDateHeader(true);
config.setSendServerVersion(this.config.isSendServerHeader());
Expand Down

0 comments on commit 76344a4

Please sign in to comment.