Example 1 with MultipartConfigElement
use of javax.servlet.MultipartConfigElement in project jetty.project by eclipse.
the class RequestTest method testMultiPartFormDataReadInputThenParams.
@Test
@Ignore("See issue #1175")
public void testMultiPartFormDataReadInputThenParams() throws Exception {
final File tmpdir = MavenTestingUtils.getTargetTestingDir("multipart");
FS.ensureEmpty(tmpdir);
Handler handler = new AbstractHandler() {
@Override
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
if (baseRequest.getDispatcherType() != DispatcherType.REQUEST)
return;
// Fake a @MultiPartConfig'd servlet endpoint
MultipartConfigElement multipartConfig = new MultipartConfigElement(tmpdir.getAbsolutePath());
request.setAttribute(Request.__MULTIPART_CONFIG_ELEMENT, multipartConfig);
// Normal processing
baseRequest.setHandled(true);
// Fake the commons-fileupload behavior
int length = request.getContentLength();
InputStream in = request.getInputStream();
ByteArrayOutputStream out = new ByteArrayOutputStream();
// KEY STEP (Don't Change!) commons-fileupload does not read to EOF
IO.copy(in, out, length);
// Record what happened as servlet response headers
response.setIntHeader("x-request-content-length", request.getContentLength());
response.setIntHeader("x-request-content-read", out.size());
// uri query parameter
String foo = request.getParameter("foo");
// form-data content parameter
String bar = request.getParameter("bar");
response.setHeader("x-foo", foo == null ? "null" : foo);
response.setHeader("x-bar", bar == null ? "null" : bar);
}
};
_server.stop();
_server.setHandler(handler);
_server.start();
String multipart = "--AaBbCc\r\n" + "content-disposition: form-data; name=\"bar\"\r\n" + "\r\n" + "BarContent\r\n" + "--AaBbCc\r\n" + "content-disposition: form-data; name=\"stuff\"\r\n" + "Content-Type: text/plain;charset=ISO-8859-1\r\n" + "\r\n" + "000000000000000000000000000000000000000000000000000\r\n" + "--AaBbCc--\r\n";
String request = "POST /?foo=FooUri HTTP/1.1\r\n" + "Host: whatever\r\n" + "Content-Type: multipart/form-data; boundary=\"AaBbCc\"\r\n" + "Content-Length: " + multipart.getBytes().length + "\r\n" + "Connection: close\r\n" + "\r\n" + multipart;
HttpTester.Response response = HttpTester.parseResponse(_connector.getResponse(request));
// It should always be possible to read query string
assertThat("response.x-foo", response.get("x-foo"), is("FooUri"));
// Not possible to read request content parameters?
// TODO: should this work?
assertThat("response.x-bar", response.get("x-bar"), is("null"));
}
Also used :
ServletInputStream(javax.servlet.ServletInputStream)
InputStream(java.io.InputStream)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
AbstractHandler(org.eclipse.jetty.server.handler.AbstractHandler)
ContextHandler(org.eclipse.jetty.server.handler.ContextHandler)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
AbstractHandler(org.eclipse.jetty.server.handler.AbstractHandler)
LocalEndPoint(org.eclipse.jetty.server.LocalConnector.LocalEndPoint)
HttpTester(org.eclipse.jetty.http.HttpTester)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
MultipartConfigElement(javax.servlet.MultipartConfigElement)
File(java.io.File)
Ignore(org.junit.Ignore)
Test(org.junit.Test)
Example 2 with MultipartConfigElement
use of javax.servlet.MultipartConfigElement in project jetty.project by eclipse.
the class StandardDescriptorProcessor method visitServlet.
public void visitServlet(WebAppContext context, Descriptor descriptor, XmlParser.Node node) {
String id = node.getAttribute("id");
// initialize holder
String name = node.getString("servlet-name", false, true);
ServletHolder holder = _servletHolderMap.get(name);
//If servlet of that name does not already exist, create it.
if (holder == null) {
holder = context.getServletHandler().newServletHolder(new Source(Source.Origin.DESCRIPTOR, descriptor.getResource().toString()));
holder.setName(name);
_servletHolderMap.put(name, holder);
_servletHolders.add(holder);
}
// init params
Iterator<?> iParamsIter = node.iterator("init-param");
while (iParamsIter.hasNext()) {
XmlParser.Node paramNode = (XmlParser.Node) iParamsIter.next();
String pname = paramNode.getString("param-name", false, true);
String pvalue = paramNode.getString("param-value", false, true);
String originName = name + ".servlet.init-param." + pname;
Descriptor originDescriptor = context.getMetaData().getOriginDescriptor(originName);
switch(context.getMetaData().getOrigin(originName)) {
case NotSet:
{
//init-param not already set, so set it
holder.setInitParameter(pname, pvalue);
context.getMetaData().setOrigin(originName, descriptor);
break;
}
case WebXml:
case WebDefaults:
case WebOverride:
{
//otherwise just ignore it
if (!(descriptor instanceof FragmentDescriptor) && (descriptor != originDescriptor)) {
holder.setInitParameter(pname, pvalue);
context.getMetaData().setOrigin(originName, descriptor);
}
break;
}
case WebFragment:
{
//previously set by a web-fragment, make sure that the value matches, otherwise its an error
if ((descriptor != originDescriptor) && !holder.getInitParameter(pname).equals(pvalue))
throw new IllegalStateException("Mismatching init-param " + pname + "=" + pvalue + " in " + descriptor.getResource());
break;
}
default:
// TODO throw ISE?
LOG.warn(new Throwable());
}
}
String servlet_class = node.getString("servlet-class", false, true);
if ("".equals(servlet_class))
servlet_class = null;
//Handle the default jsp servlet instance
if (id != null && id.equals("jsp") && servlet_class != null) {
try {
Loader.loadClass(servlet_class);
} catch (ClassNotFoundException e) {
LOG.info("NO JSP Support for {}, did not find {}", context.getContextPath(), servlet_class);
servlet_class = "org.eclipse.jetty.servlet.NoJspServlet";
}
}
//Set the servlet-class
if (servlet_class != null) {
((WebDescriptor) descriptor).addClassName(servlet_class);
switch(context.getMetaData().getOrigin(name + ".servlet.servlet-class")) {
case NotSet:
{
//the class of the servlet has not previously been set, so set it
holder.setClassName(servlet_class);
context.getMetaData().setOrigin(name + ".servlet.servlet-class", descriptor);
break;
}
case WebXml:
case WebDefaults:
case WebOverride:
{
//the class of the servlet was set by a web xml file, only allow web-override/web-default to change it
if (!(descriptor instanceof FragmentDescriptor)) {
holder.setClassName(servlet_class);
context.getMetaData().setOrigin(name + ".servlet.servlet-class", descriptor);
}
break;
}
case WebFragment:
{
//the class was set by another fragment, ensure this fragment's value is the same
if (!servlet_class.equals(holder.getClassName()))
throw new IllegalStateException("Conflicting servlet-class " + servlet_class + " in " + descriptor.getResource());
break;
}
default:
// TODO throw ISE?
LOG.warn(new Throwable());
}
}
// Handle JSP file
String jsp_file = node.getString("jsp-file", false, true);
if (jsp_file != null)
holder.setForcedPath(jsp_file);
// handle load-on-startup
XmlParser.Node startup = node.get("load-on-startup");
if (startup != null) {
String s = startup.toString(false, true).toLowerCase(Locale.ENGLISH);
int order = 0;
if (s.startsWith("t")) {
LOG.warn("Deprecated boolean load-on-startup. Please use integer");
order = 1;
} else {
try {
if (s != null && s.trim().length() > 0)
order = Integer.parseInt(s);
} catch (Exception e) {
LOG.warn("Cannot parse load-on-startup " + s + ". Please use integer");
LOG.ignore(e);
}
}
switch(context.getMetaData().getOrigin(name + ".servlet.load-on-startup")) {
case NotSet:
{
//not already set, so set it now
holder.setInitOrder(order);
context.getMetaData().setOrigin(name + ".servlet.load-on-startup", descriptor);
break;
}
case WebXml:
case WebDefaults:
case WebOverride:
{
//if it was already set by a web xml descriptor and we're parsing another web xml descriptor, then override it
if (!(descriptor instanceof FragmentDescriptor)) {
holder.setInitOrder(order);
context.getMetaData().setOrigin(name + ".servlet.load-on-startup", descriptor);
}
break;
}
case WebFragment:
{
//it was already set by another fragment, if we're parsing a fragment, the values must match
if (order != holder.getInitOrder())
throw new IllegalStateException("Conflicting load-on-startup value in " + descriptor.getResource());
break;
}
default:
// TODO throw ISE?
LOG.warn(new Throwable());
}
}
Iterator<Node> sRefsIter = node.iterator("security-role-ref");
while (sRefsIter.hasNext()) {
XmlParser.Node securityRef = (XmlParser.Node) sRefsIter.next();
String roleName = securityRef.getString("role-name", false, true);
String roleLink = securityRef.getString("role-link", false, true);
if (roleName != null && roleName.length() > 0 && roleLink != null && roleLink.length() > 0) {
if (LOG.isDebugEnabled())
LOG.debug("link role " + roleName + " to " + roleLink + " for " + this);
switch(context.getMetaData().getOrigin(name + ".servlet.role-name." + roleName)) {
case NotSet:
{
//set it
holder.setUserRoleLink(roleName, roleLink);
context.getMetaData().setOrigin(name + ".servlet.role-name." + roleName, descriptor);
break;
}
case WebXml:
case WebDefaults:
case WebOverride:
{
//only another web xml descriptor (web-default,web-override web.xml) can override an already set value
if (!(descriptor instanceof FragmentDescriptor)) {
holder.setUserRoleLink(roleName, roleLink);
context.getMetaData().setOrigin(name + ".servlet.role-name." + roleName, descriptor);
}
break;
}
case WebFragment:
{
if (!holder.getUserRoleLink(roleName).equals(roleLink))
throw new IllegalStateException("Conflicting role-link for role-name " + roleName + " for servlet " + name + " in " + descriptor.getResource());
break;
}
default:
// TODO throw ISE?
LOG.warn(new Throwable());
}
} else {
LOG.warn("Ignored invalid security-role-ref element: " + "servlet-name=" + holder.getName() + ", " + securityRef);
}
}
XmlParser.Node run_as = node.get("run-as");
if (run_as != null) {
String roleName = run_as.getString("role-name", false, true);
if (roleName != null) {
switch(context.getMetaData().getOrigin(name + ".servlet.run-as")) {
case NotSet:
{
//run-as not set, so set it
holder.setRunAsRole(roleName);
context.getMetaData().setOrigin(name + ".servlet.run-as", descriptor);
break;
}
case WebXml:
case WebDefaults:
case WebOverride:
{
//run-as was set by a web xml, only allow it to be changed if we're currently parsing another web xml(override/default)
if (!(descriptor instanceof FragmentDescriptor)) {
holder.setRunAsRole(roleName);
context.getMetaData().setOrigin(name + ".servlet.run-as", descriptor);
}
break;
}
case WebFragment:
{
//run-as was set by another fragment, this fragment must show the same value
if (!holder.getRunAsRole().equals(roleName))
throw new IllegalStateException("Conflicting run-as role " + roleName + " for servlet " + name + " in " + descriptor.getResource());
break;
}
default:
// TODO throw ISE?
LOG.warn(new Throwable());
}
}
}
String async = node.getString("async-supported", false, true);
if (async != null) {
boolean val = async.length() == 0 || Boolean.valueOf(async);
switch(context.getMetaData().getOrigin(name + ".servlet.async-supported")) {
case NotSet:
{
//set it
holder.setAsyncSupported(val);
context.getMetaData().setOrigin(name + ".servlet.async-supported", descriptor);
break;
}
case WebXml:
case WebDefaults:
case WebOverride:
{
//async-supported set by previous web xml descriptor, only allow override if we're parsing another web descriptor(web.xml/web-override.xml/web-default.xml)
if (!(descriptor instanceof FragmentDescriptor)) {
holder.setAsyncSupported(val);
context.getMetaData().setOrigin(name + ".servlet.async-supported", descriptor);
}
break;
}
case WebFragment:
{
//async-supported set by another fragment, this fragment's value must match
if (holder.isAsyncSupported() != val)
throw new IllegalStateException("Conflicting async-supported=" + async + " for servlet " + name + " in " + descriptor.getResource());
break;
}
default:
// TODO throw ISE?
LOG.warn(new Throwable());
}
}
String enabled = node.getString("enabled", false, true);
if (enabled != null) {
boolean is_enabled = enabled.length() == 0 || Boolean.valueOf(enabled);
switch(context.getMetaData().getOrigin(name + ".servlet.enabled")) {
case NotSet:
{
//hasn't been set yet, so set it
holder.setEnabled(is_enabled);
context.getMetaData().setOrigin(name + ".servlet.enabled", descriptor);
break;
}
case WebXml:
case WebDefaults:
case WebOverride:
{
//was set in a web xml descriptor, only allow override from another web xml descriptor
if (!(descriptor instanceof FragmentDescriptor)) {
holder.setEnabled(is_enabled);
context.getMetaData().setOrigin(name + ".servlet.enabled", descriptor);
}
break;
}
case WebFragment:
{
//was set by another fragment, this fragment's value must match
if (holder.isEnabled() != is_enabled)
throw new IllegalStateException("Conflicting value of servlet enabled for servlet " + name + " in " + descriptor.getResource());
break;
}
default:
// TODO throw ISE?
LOG.warn(new Throwable());
}
}
/*
* If multipart config not set, then set it and record it was by the web.xml or fragment.
* If it was set by web.xml then if this is a fragment, ignore the settings.
* If it was set by a fragment, if this is a fragment and the values are different, error!
*/
XmlParser.Node multipart = node.get("multipart-config");
if (multipart != null) {
String location = multipart.getString("location", false, true);
String maxFile = multipart.getString("max-file-size", false, true);
String maxRequest = multipart.getString("max-request-size", false, true);
String threshold = multipart.getString("file-size-threshold", false, true);
MultipartConfigElement element = new MultipartConfigElement(location, (maxFile == null || "".equals(maxFile) ? -1L : Long.parseLong(maxFile)), (maxRequest == null || "".equals(maxRequest) ? -1L : Long.parseLong(maxRequest)), (threshold == null || "".equals(threshold) ? 0 : Integer.parseInt(threshold)));
switch(context.getMetaData().getOrigin(name + ".servlet.multipart-config")) {
case NotSet:
{
//hasn't been set, so set it
holder.getRegistration().setMultipartConfig(element);
context.getMetaData().setOrigin(name + ".servlet.multipart-config", descriptor);
break;
}
case WebXml:
case WebDefaults:
case WebOverride:
{
//was set in a web xml, only allow changes if we're parsing another web xml (web.xml/web-default.xml/web-override.xml)
if (!(descriptor instanceof FragmentDescriptor)) {
holder.getRegistration().setMultipartConfig(element);
context.getMetaData().setOrigin(name + ".servlet.multipart-config", descriptor);
}
break;
}
case WebFragment:
{
//another fragment set the value, this fragment's values must match exactly or it is an error
MultipartConfigElement cfg = ((ServletHolder.Registration) holder.getRegistration()).getMultipartConfig();
if (cfg.getMaxFileSize() != element.getMaxFileSize())
throw new IllegalStateException("Conflicting multipart-config max-file-size for servlet " + name + " in " + descriptor.getResource());
if (cfg.getMaxRequestSize() != element.getMaxRequestSize())
throw new IllegalStateException("Conflicting multipart-config max-request-size for servlet " + name + " in " + descriptor.getResource());
if (cfg.getFileSizeThreshold() != element.getFileSizeThreshold())
throw new IllegalStateException("Conflicting multipart-config file-size-threshold for servlet " + name + " in " + descriptor.getResource());
if ((cfg.getLocation() != null && (element.getLocation() == null || element.getLocation().length() == 0)) || (cfg.getLocation() == null && (element.getLocation() != null || element.getLocation().length() > 0)))
throw new IllegalStateException("Conflicting multipart-config location for servlet " + name + " in " + descriptor.getResource());
break;
}
default:
// TODO throw ISE?
LOG.warn(new Throwable());
}
}
}
Also used :
XmlParser(org.eclipse.jetty.xml.XmlParser)
ServletHolder(org.eclipse.jetty.servlet.ServletHolder)
Node(org.eclipse.jetty.xml.XmlParser.Node)
Node(org.eclipse.jetty.xml.XmlParser.Node)
Source(org.eclipse.jetty.servlet.Source)
Constraint(org.eclipse.jetty.util.security.Constraint)
ServletException(javax.servlet.ServletException)
MultipartConfigElement(javax.servlet.MultipartConfigElement)
Example 3 with MultipartConfigElement
use of javax.servlet.MultipartConfigElement in project jetty.project by eclipse.
the class MultiPartInputStreamTest method testCRandLFMixRequest.
@Test
public void testCRandLFMixRequest() throws Exception {
String str = "--AaB03x\r" + "content-disposition: form-data; name=\"field1\"\r" + "\r" + "\nJoe Blow\n" + "\r" + "--AaB03x\r" + "content-disposition: form-data; name=\"field2\"\r" + "\r" + "Other\r" + "--AaB03x--\r";
MultipartConfigElement config = new MultipartConfigElement(_dirname, 1024, 3072, 50);
MultiPartInputStreamParser mpis = new MultiPartInputStreamParser(new ByteArrayInputStream(str.getBytes()), _contentType, config, _tmpDir);
mpis.setDeleteOnExit(true);
Collection<Part> parts = mpis.getParts();
assertThat(parts.size(), is(2));
Part p1 = mpis.getPart("field1");
assertThat(p1, notNullValue());
ByteArrayOutputStream baos = new ByteArrayOutputStream();
IO.copy(p1.getInputStream(), baos);
assertThat(baos.toString("UTF-8"), is("\nJoe Blow\n"));
Part p2 = mpis.getPart("field2");
assertThat(p2, notNullValue());
baos = new ByteArrayOutputStream();
IO.copy(p2.getInputStream(), baos);
assertThat(baos.toString("UTF-8"), is("Other"));
}
Also used :
MultipartConfigElement(javax.servlet.MultipartConfigElement)
ByteArrayInputStream(java.io.ByteArrayInputStream)
MultiPart(org.eclipse.jetty.util.MultiPartInputStreamParser.MultiPart)
Part(javax.servlet.http.Part)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
Test(org.junit.Test)
Example 4 with MultipartConfigElement
use of javax.servlet.MultipartConfigElement in project jetty.project by eclipse.
the class MultiPartInputStreamTest method testPartFileNotDeleted.
@Test
public void testPartFileNotDeleted() throws Exception {
MultipartConfigElement config = new MultipartConfigElement(_dirname, 1024, 3072, 50);
MultiPartInputStreamParser mpis = new MultiPartInputStreamParser(new ByteArrayInputStream(createMultipartRequestString("tptfd").getBytes()), _contentType, config, _tmpDir);
mpis.setDeleteOnExit(true);
Collection<Part> parts = mpis.getParts();
MultiPart part = (MultiPart) mpis.getPart("stuff");
File stuff = ((MultiPartInputStreamParser.MultiPart) part).getFile();
// longer than 100 bytes, should already be a tmp file
assertThat(stuff, notNullValue());
part.write("tptfd.txt");
File tptfd = new File(_dirname + File.separator + "tptfd.txt");
assertThat(tptfd.exists(), is(true));
//got renamed
assertThat(stuff.exists(), is(false));
part.cleanUp();
//explicitly written file did not get removed after cleanup
assertThat(tptfd.exists(), is(true));
//clean up test
tptfd.deleteOnExit();
}
Also used :
MultipartConfigElement(javax.servlet.MultipartConfigElement)
MultiPart(org.eclipse.jetty.util.MultiPartInputStreamParser.MultiPart)
ByteArrayInputStream(java.io.ByteArrayInputStream)
MultiPart(org.eclipse.jetty.util.MultiPartInputStreamParser.MultiPart)
Part(javax.servlet.http.Part)
File(java.io.File)
Test(org.junit.Test)
Example 5 with MultipartConfigElement
use of javax.servlet.MultipartConfigElement in project jetty.project by eclipse.
the class MultiPartInputStreamTest method testFinalBoundaryOnly.
@Test
public void testFinalBoundaryOnly() throws Exception {
String delimiter = "\r\n";
final String boundary = "MockMultiPartTestBoundary";
// Malformed multipart request body containing only an arbitrary string of text, followed by the final boundary marker, delimited by empty lines.
String str = delimiter + "Hello world" + // Two delimiter markers, which make an empty line.
delimiter + delimiter + "--" + boundary + "--" + delimiter;
MultipartConfigElement config = new MultipartConfigElement(_dirname, 1024, 3072, 50);
MultiPartInputStreamParser mpis = new MultiPartInputStreamParser(new ByteArrayInputStream(str.getBytes()), "multipart/form-data, boundary=" + boundary, config, _tmpDir);
mpis.setDeleteOnExit(true);
Collection<Part> parts = mpis.getParts();
assertTrue(mpis.getParts().isEmpty());
}
Also used :
MultipartConfigElement(javax.servlet.MultipartConfigElement)
ByteArrayInputStream(java.io.ByteArrayInputStream)
MultiPart(org.eclipse.jetty.util.MultiPartInputStreamParser.MultiPart)
Part(javax.servlet.http.Part)
Test(org.junit.Test)
Aggregations
MultipartConfigElement (javax.servlet.MultipartConfigElement)61
Test (org.junit.Test)37
ByteArrayInputStream (java.io.ByteArrayInputStream)30
Part (javax.servlet.http.Part)28
MultiPart (org.eclipse.jetty.util.MultiPartInputStreamParser.MultiPart)24
ByteArrayOutputStream (java.io.ByteArrayOutputStream)13
File (java.io.File)9
IOException (java.io.IOException)9
ServletException (javax.servlet.ServletException)6
DeploymentInfo (io.undertow.servlet.api.DeploymentInfo)5
ServletRegistration (javax.servlet.ServletRegistration)5
ServletInputStream (javax.servlet.ServletInputStream)4
ServletHolder (org.eclipse.jetty.servlet.ServletHolder)4
DeploymentManager (io.undertow.servlet.api.DeploymentManager)3
InputStream (java.io.InputStream)3
HashMap (java.util.HashMap)3
Servlets.servlet (io.undertow.servlet.Servlets.servlet)2
ServletInfo (io.undertow.servlet.api.ServletInfo)2
ArrayList (java.util.ArrayList)2
Map (java.util.Map)2
