Example 16 with MultipartConfigElement
use of javax.servlet.MultipartConfigElement in project jetty.project by eclipse.
the class MultiPartInputStreamTest method testRequestTooBigThrowsErrorOnGetParts.
@Test
public void testRequestTooBigThrowsErrorOnGetParts() throws Exception {
MultipartConfigElement config = new MultipartConfigElement(_dirname, 60, 100, 50);
MultiPartInputStreamParser mpis = new MultiPartInputStreamParser(new ByteArrayInputStream(_multi.getBytes()), _contentType, config, _tmpDir);
mpis.setDeleteOnExit(true);
Collection<Part> parts = null;
//cause parsing
try {
parts = mpis.getParts();
fail("Request should have exceeded maxRequestSize");
} catch (IllegalStateException e) {
assertTrue(e.getMessage().startsWith("Request exceeds maxRequestSize"));
}
//try again
try {
parts = mpis.getParts();
fail("Request should have exceeded maxRequestSize");
} catch (IllegalStateException e) {
assertTrue(e.getMessage().startsWith("Request exceeds maxRequestSize"));
}
}
Also used :
MultipartConfigElement(javax.servlet.MultipartConfigElement)
ByteArrayInputStream(java.io.ByteArrayInputStream)
MultiPart(org.eclipse.jetty.util.MultiPartInputStreamParser.MultiPart)
Part(javax.servlet.http.Part)
Test(org.junit.Test)
Example 17 with MultipartConfigElement
use of javax.servlet.MultipartConfigElement in project jetty.project by eclipse.
the class QuickStartDescriptorGenerator method outholder.
private void outholder(XmlAppendable out, MetaData md, ServletHolder holder) throws IOException {
if (LOG.isDebugEnabled())
out.openTag("servlet", Collections.singletonMap("source", holder.getSource().toString()));
else
out.openTag("servlet");
String n = holder.getName();
out.tag("servlet-name", n);
String ot = n + ".servlet.";
ServletHolder s = (ServletHolder) holder;
if (s.getForcedPath() != null && s.getClassName() == null)
out.tag("jsp-file", s.getForcedPath());
else
out.tag("servlet-class", origin(md, ot + "servlet-class"), s.getClassName());
for (String p : holder.getInitParameters().keySet()) {
if (//don't preconfigure the temp dir for jsp output
"jsp".equalsIgnoreCase(n) && "scratchdir".equalsIgnoreCase(p))
continue;
out.openTag("init-param", origin(md, ot + "init-param." + p)).tag("param-name", p).tag("param-value", holder.getInitParameter(p)).closeTag();
}
if (s.getInitOrder() >= 0)
out.tag("load-on-startup", Integer.toString(s.getInitOrder()));
if (!s.isEnabled())
out.tag("enabled", origin(md, ot + "enabled"), "false");
out.tag("async-supported", origin(md, ot + "async-supported"), holder.isAsyncSupported() ? "true" : "false");
if (s.getRunAsRole() != null)
out.openTag("run-as", origin(md, ot + "run-as")).tag("role-name", s.getRunAsRole()).closeTag();
Map<String, String> roles = s.getRoleRefMap();
if (roles != null) {
for (Map.Entry<String, String> e : roles.entrySet()) {
out.openTag("security-role-ref", origin(md, ot + "role-name." + e.getKey())).tag("role-name", e.getKey()).tag("role-link", e.getValue()).closeTag();
}
}
//multipart-config
MultipartConfigElement multipartConfig = ((ServletHolder.Registration) s.getRegistration()).getMultipartConfig();
if (multipartConfig != null) {
out.openTag("multipart-config", origin(md, s.getName() + ".servlet.multipart-config"));
if (multipartConfig.getLocation() != null)
out.tag("location", multipartConfig.getLocation());
out.tag("max-file-size", Long.toString(multipartConfig.getMaxFileSize()));
out.tag("max-request-size", Long.toString(multipartConfig.getMaxRequestSize()));
out.tag("file-size-threshold", Long.toString(multipartConfig.getFileSizeThreshold()));
out.closeTag();
}
out.closeTag();
}
Also used :
MultipartConfigElement(javax.servlet.MultipartConfigElement)
ServletHolder(org.eclipse.jetty.servlet.ServletHolder)
HashMap(java.util.HashMap)
Map(java.util.Map)
Example 18 with MultipartConfigElement
use of javax.servlet.MultipartConfigElement in project jetty.project by eclipse.
the class RequestTest method testMultiPartFormDataReadInputThenParams.
@Test
@Ignore("See issue #1175")
public void testMultiPartFormDataReadInputThenParams() throws Exception {
final File tmpdir = MavenTestingUtils.getTargetTestingDir("multipart");
FS.ensureEmpty(tmpdir);
Handler handler = new AbstractHandler() {
@Override
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
if (baseRequest.getDispatcherType() != DispatcherType.REQUEST)
return;
// Fake a @MultiPartConfig'd servlet endpoint
MultipartConfigElement multipartConfig = new MultipartConfigElement(tmpdir.getAbsolutePath());
request.setAttribute(Request.__MULTIPART_CONFIG_ELEMENT, multipartConfig);
// Normal processing
baseRequest.setHandled(true);
// Fake the commons-fileupload behavior
int length = request.getContentLength();
InputStream in = request.getInputStream();
ByteArrayOutputStream out = new ByteArrayOutputStream();
// KEY STEP (Don't Change!) commons-fileupload does not read to EOF
IO.copy(in, out, length);
// Record what happened as servlet response headers
response.setIntHeader("x-request-content-length", request.getContentLength());
response.setIntHeader("x-request-content-read", out.size());
// uri query parameter
String foo = request.getParameter("foo");
// form-data content parameter
String bar = request.getParameter("bar");
response.setHeader("x-foo", foo == null ? "null" : foo);
response.setHeader("x-bar", bar == null ? "null" : bar);
}
};
_server.stop();
_server.setHandler(handler);
_server.start();
String multipart = "--AaBbCc\r\n" + "content-disposition: form-data; name=\"bar\"\r\n" + "\r\n" + "BarContent\r\n" + "--AaBbCc\r\n" + "content-disposition: form-data; name=\"stuff\"\r\n" + "Content-Type: text/plain;charset=ISO-8859-1\r\n" + "\r\n" + "000000000000000000000000000000000000000000000000000\r\n" + "--AaBbCc--\r\n";
String request = "POST /?foo=FooUri HTTP/1.1\r\n" + "Host: whatever\r\n" + "Content-Type: multipart/form-data; boundary=\"AaBbCc\"\r\n" + "Content-Length: " + multipart.getBytes().length + "\r\n" + "Connection: close\r\n" + "\r\n" + multipart;
HttpTester.Response response = HttpTester.parseResponse(_connector.getResponse(request));
// It should always be possible to read query string
assertThat("response.x-foo", response.get("x-foo"), is("FooUri"));
// Not possible to read request content parameters?
// TODO: should this work?
assertThat("response.x-bar", response.get("x-bar"), is("null"));
}
Also used :
ServletInputStream(javax.servlet.ServletInputStream)
InputStream(java.io.InputStream)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
AbstractHandler(org.eclipse.jetty.server.handler.AbstractHandler)
ContextHandler(org.eclipse.jetty.server.handler.ContextHandler)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
AbstractHandler(org.eclipse.jetty.server.handler.AbstractHandler)
LocalEndPoint(org.eclipse.jetty.server.LocalConnector.LocalEndPoint)
HttpTester(org.eclipse.jetty.http.HttpTester)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
MultipartConfigElement(javax.servlet.MultipartConfigElement)
File(java.io.File)
Ignore(org.junit.Ignore)
Test(org.junit.Test)
Example 19 with MultipartConfigElement
use of javax.servlet.MultipartConfigElement in project jetty.project by eclipse.
the class StandardDescriptorProcessor method visitServlet.
public void visitServlet(WebAppContext context, Descriptor descriptor, XmlParser.Node node) {
String id = node.getAttribute("id");
// initialize holder
String name = node.getString("servlet-name", false, true);
ServletHolder holder = _servletHolderMap.get(name);
//If servlet of that name does not already exist, create it.
if (holder == null) {
holder = context.getServletHandler().newServletHolder(new Source(Source.Origin.DESCRIPTOR, descriptor.getResource().toString()));
holder.setName(name);
_servletHolderMap.put(name, holder);
_servletHolders.add(holder);
}
// init params
Iterator<?> iParamsIter = node.iterator("init-param");
while (iParamsIter.hasNext()) {
XmlParser.Node paramNode = (XmlParser.Node) iParamsIter.next();
String pname = paramNode.getString("param-name", false, true);
String pvalue = paramNode.getString("param-value", false, true);
String originName = name + ".servlet.init-param." + pname;
Descriptor originDescriptor = context.getMetaData().getOriginDescriptor(originName);
switch(context.getMetaData().getOrigin(originName)) {
case NotSet:
{
//init-param not already set, so set it
holder.setInitParameter(pname, pvalue);
context.getMetaData().setOrigin(originName, descriptor);
break;
}
case WebXml:
case WebDefaults:
case WebOverride:
{
//otherwise just ignore it
if (!(descriptor instanceof FragmentDescriptor) && (descriptor != originDescriptor)) {
holder.setInitParameter(pname, pvalue);
context.getMetaData().setOrigin(originName, descriptor);
}
break;
}
case WebFragment:
{
//previously set by a web-fragment, make sure that the value matches, otherwise its an error
if ((descriptor != originDescriptor) && !holder.getInitParameter(pname).equals(pvalue))
throw new IllegalStateException("Mismatching init-param " + pname + "=" + pvalue + " in " + descriptor.getResource());
break;
}
default:
// TODO throw ISE?
LOG.warn(new Throwable());
}
}
String servlet_class = node.getString("servlet-class", false, true);
if ("".equals(servlet_class))
servlet_class = null;
//Handle the default jsp servlet instance
if (id != null && id.equals("jsp") && servlet_class != null) {
try {
Loader.loadClass(servlet_class);
} catch (ClassNotFoundException e) {
LOG.info("NO JSP Support for {}, did not find {}", context.getContextPath(), servlet_class);
servlet_class = "org.eclipse.jetty.servlet.NoJspServlet";
}
}
//Set the servlet-class
if (servlet_class != null) {
((WebDescriptor) descriptor).addClassName(servlet_class);
switch(context.getMetaData().getOrigin(name + ".servlet.servlet-class")) {
case NotSet:
{
//the class of the servlet has not previously been set, so set it
holder.setClassName(servlet_class);
context.getMetaData().setOrigin(name + ".servlet.servlet-class", descriptor);
break;
}
case WebXml:
case WebDefaults:
case WebOverride:
{
//the class of the servlet was set by a web xml file, only allow web-override/web-default to change it
if (!(descriptor instanceof FragmentDescriptor)) {
holder.setClassName(servlet_class);
context.getMetaData().setOrigin(name + ".servlet.servlet-class", descriptor);
}
break;
}
case WebFragment:
{
//the class was set by another fragment, ensure this fragment's value is the same
if (!servlet_class.equals(holder.getClassName()))
throw new IllegalStateException("Conflicting servlet-class " + servlet_class + " in " + descriptor.getResource());
break;
}
default:
// TODO throw ISE?
LOG.warn(new Throwable());
}
}
// Handle JSP file
String jsp_file = node.getString("jsp-file", false, true);
if (jsp_file != null)
holder.setForcedPath(jsp_file);
// handle load-on-startup
XmlParser.Node startup = node.get("load-on-startup");
if (startup != null) {
String s = startup.toString(false, true).toLowerCase(Locale.ENGLISH);
int order = 0;
if (s.startsWith("t")) {
LOG.warn("Deprecated boolean load-on-startup. Please use integer");
order = 1;
} else {
try {
if (s != null && s.trim().length() > 0)
order = Integer.parseInt(s);
} catch (Exception e) {
LOG.warn("Cannot parse load-on-startup " + s + ". Please use integer");
LOG.ignore(e);
}
}
switch(context.getMetaData().getOrigin(name + ".servlet.load-on-startup")) {
case NotSet:
{
//not already set, so set it now
holder.setInitOrder(order);
context.getMetaData().setOrigin(name + ".servlet.load-on-startup", descriptor);
break;
}
case WebXml:
case WebDefaults:
case WebOverride:
{
//if it was already set by a web xml descriptor and we're parsing another web xml descriptor, then override it
if (!(descriptor instanceof FragmentDescriptor)) {
holder.setInitOrder(order);
context.getMetaData().setOrigin(name + ".servlet.load-on-startup", descriptor);
}
break;
}
case WebFragment:
{
//it was already set by another fragment, if we're parsing a fragment, the values must match
if (order != holder.getInitOrder())
throw new IllegalStateException("Conflicting load-on-startup value in " + descriptor.getResource());
break;
}
default:
// TODO throw ISE?
LOG.warn(new Throwable());
}
}
Iterator<Node> sRefsIter = node.iterator("security-role-ref");
while (sRefsIter.hasNext()) {
XmlParser.Node securityRef = (XmlParser.Node) sRefsIter.next();
String roleName = securityRef.getString("role-name", false, true);
String roleLink = securityRef.getString("role-link", false, true);
if (roleName != null && roleName.length() > 0 && roleLink != null && roleLink.length() > 0) {
if (LOG.isDebugEnabled())
LOG.debug("link role " + roleName + " to " + roleLink + " for " + this);
switch(context.getMetaData().getOrigin(name + ".servlet.role-name." + roleName)) {
case NotSet:
{
//set it
holder.setUserRoleLink(roleName, roleLink);
context.getMetaData().setOrigin(name + ".servlet.role-name." + roleName, descriptor);
break;
}
case WebXml:
case WebDefaults:
case WebOverride:
{
//only another web xml descriptor (web-default,web-override web.xml) can override an already set value
if (!(descriptor instanceof FragmentDescriptor)) {
holder.setUserRoleLink(roleName, roleLink);
context.getMetaData().setOrigin(name + ".servlet.role-name." + roleName, descriptor);
}
break;
}
case WebFragment:
{
if (!holder.getUserRoleLink(roleName).equals(roleLink))
throw new IllegalStateException("Conflicting role-link for role-name " + roleName + " for servlet " + name + " in " + descriptor.getResource());
break;
}
default:
// TODO throw ISE?
LOG.warn(new Throwable());
}
} else {
LOG.warn("Ignored invalid security-role-ref element: " + "servlet-name=" + holder.getName() + ", " + securityRef);
}
}
XmlParser.Node run_as = node.get("run-as");
if (run_as != null) {
String roleName = run_as.getString("role-name", false, true);
if (roleName != null) {
switch(context.getMetaData().getOrigin(name + ".servlet.run-as")) {
case NotSet:
{
//run-as not set, so set it
holder.setRunAsRole(roleName);
context.getMetaData().setOrigin(name + ".servlet.run-as", descriptor);
break;
}
case WebXml:
case WebDefaults:
case WebOverride:
{
//run-as was set by a web xml, only allow it to be changed if we're currently parsing another web xml(override/default)
if (!(descriptor instanceof FragmentDescriptor)) {
holder.setRunAsRole(roleName);
context.getMetaData().setOrigin(name + ".servlet.run-as", descriptor);
}
break;
}
case WebFragment:
{
//run-as was set by another fragment, this fragment must show the same value
if (!holder.getRunAsRole().equals(roleName))
throw new IllegalStateException("Conflicting run-as role " + roleName + " for servlet " + name + " in " + descriptor.getResource());
break;
}
default:
// TODO throw ISE?
LOG.warn(new Throwable());
}
}
}
String async = node.getString("async-supported", false, true);
if (async != null) {
boolean val = async.length() == 0 || Boolean.valueOf(async);
switch(context.getMetaData().getOrigin(name + ".servlet.async-supported")) {
case NotSet:
{
//set it
holder.setAsyncSupported(val);
context.getMetaData().setOrigin(name + ".servlet.async-supported", descriptor);
break;
}
case WebXml:
case WebDefaults:
case WebOverride:
{
//async-supported set by previous web xml descriptor, only allow override if we're parsing another web descriptor(web.xml/web-override.xml/web-default.xml)
if (!(descriptor instanceof FragmentDescriptor)) {
holder.setAsyncSupported(val);
context.getMetaData().setOrigin(name + ".servlet.async-supported", descriptor);
}
break;
}
case WebFragment:
{
//async-supported set by another fragment, this fragment's value must match
if (holder.isAsyncSupported() != val)
throw new IllegalStateException("Conflicting async-supported=" + async + " for servlet " + name + " in " + descriptor.getResource());
break;
}
default:
// TODO throw ISE?
LOG.warn(new Throwable());
}
}
String enabled = node.getString("enabled", false, true);
if (enabled != null) {
boolean is_enabled = enabled.length() == 0 || Boolean.valueOf(enabled);
switch(context.getMetaData().getOrigin(name + ".servlet.enabled")) {
case NotSet:
{
//hasn't been set yet, so set it
holder.setEnabled(is_enabled);
context.getMetaData().setOrigin(name + ".servlet.enabled", descriptor);
break;
}
case WebXml:
case WebDefaults:
case WebOverride:
{
//was set in a web xml descriptor, only allow override from another web xml descriptor
if (!(descriptor instanceof FragmentDescriptor)) {
holder.setEnabled(is_enabled);
context.getMetaData().setOrigin(name + ".servlet.enabled", descriptor);
}
break;
}
case WebFragment:
{
//was set by another fragment, this fragment's value must match
if (holder.isEnabled() != is_enabled)
throw new IllegalStateException("Conflicting value of servlet enabled for servlet " + name + " in " + descriptor.getResource());
break;
}
default:
// TODO throw ISE?
LOG.warn(new Throwable());
}
}
/*
* If multipart config not set, then set it and record it was by the web.xml or fragment.
* If it was set by web.xml then if this is a fragment, ignore the settings.
* If it was set by a fragment, if this is a fragment and the values are different, error!
*/
XmlParser.Node multipart = node.get("multipart-config");
if (multipart != null) {
String location = multipart.getString("location", false, true);
String maxFile = multipart.getString("max-file-size", false, true);
String maxRequest = multipart.getString("max-request-size", false, true);
String threshold = multipart.getString("file-size-threshold", false, true);
MultipartConfigElement element = new MultipartConfigElement(location, (maxFile == null || "".equals(maxFile) ? -1L : Long.parseLong(maxFile)), (maxRequest == null || "".equals(maxRequest) ? -1L : Long.parseLong(maxRequest)), (threshold == null || "".equals(threshold) ? 0 : Integer.parseInt(threshold)));
switch(context.getMetaData().getOrigin(name + ".servlet.multipart-config")) {
case NotSet:
{
//hasn't been set, so set it
holder.getRegistration().setMultipartConfig(element);
context.getMetaData().setOrigin(name + ".servlet.multipart-config", descriptor);
break;
}
case WebXml:
case WebDefaults:
case WebOverride:
{
//was set in a web xml, only allow changes if we're parsing another web xml (web.xml/web-default.xml/web-override.xml)
if (!(descriptor instanceof FragmentDescriptor)) {
holder.getRegistration().setMultipartConfig(element);
context.getMetaData().setOrigin(name + ".servlet.multipart-config", descriptor);
}
break;
}
case WebFragment:
{
//another fragment set the value, this fragment's values must match exactly or it is an error
MultipartConfigElement cfg = ((ServletHolder.Registration) holder.getRegistration()).getMultipartConfig();
if (cfg.getMaxFileSize() != element.getMaxFileSize())
throw new IllegalStateException("Conflicting multipart-config max-file-size for servlet " + name + " in " + descriptor.getResource());
if (cfg.getMaxRequestSize() != element.getMaxRequestSize())
throw new IllegalStateException("Conflicting multipart-config max-request-size for servlet " + name + " in " + descriptor.getResource());
if (cfg.getFileSizeThreshold() != element.getFileSizeThreshold())
throw new IllegalStateException("Conflicting multipart-config file-size-threshold for servlet " + name + " in " + descriptor.getResource());
if ((cfg.getLocation() != null && (element.getLocation() == null || element.getLocation().length() == 0)) || (cfg.getLocation() == null && (element.getLocation() != null || element.getLocation().length() > 0)))
throw new IllegalStateException("Conflicting multipart-config location for servlet " + name + " in " + descriptor.getResource());
break;
}
default:
// TODO throw ISE?
LOG.warn(new Throwable());
}
}
}
Also used :
XmlParser(org.eclipse.jetty.xml.XmlParser)
ServletHolder(org.eclipse.jetty.servlet.ServletHolder)
Node(org.eclipse.jetty.xml.XmlParser.Node)
Node(org.eclipse.jetty.xml.XmlParser.Node)
Source(org.eclipse.jetty.servlet.Source)
Constraint(org.eclipse.jetty.util.security.Constraint)
ServletException(javax.servlet.ServletException)
MultipartConfigElement(javax.servlet.MultipartConfigElement)
Example 20 with MultipartConfigElement
use of javax.servlet.MultipartConfigElement in project spring-boot by spring-projects.
the class ServletComponentScanIntegrationTests method multipartConfigIsHonoured.
@Test
public void multipartConfigIsHonoured() {
this.context = new AnnotationConfigServletWebServerApplicationContext();
this.context.register(TestConfiguration.class);
new ServerPortInfoApplicationContextInitializer().initialize(this.context);
this.context.refresh();
@SuppressWarnings("rawtypes") Map<String, ServletRegistrationBean> beans = this.context.getBeansOfType(ServletRegistrationBean.class);
ServletRegistrationBean<?> servletRegistrationBean = beans.get(TestMultipartServlet.class.getName());
assertThat(servletRegistrationBean).isNotNull();
MultipartConfigElement multipartConfig = servletRegistrationBean.getMultipartConfig();
assertThat(multipartConfig).isNotNull();
assertThat(multipartConfig.getLocation()).isEqualTo("test");
assertThat(multipartConfig.getMaxRequestSize()).isEqualTo(2048);
assertThat(multipartConfig.getMaxFileSize()).isEqualTo(1024);
assertThat(multipartConfig.getFileSizeThreshold()).isEqualTo(512);
}
Also used :
ServerPortInfoApplicationContextInitializer(org.springframework.boot.web.context.ServerPortInfoApplicationContextInitializer)
MultipartConfigElement(javax.servlet.MultipartConfigElement)
TestMultipartServlet(org.springframework.boot.web.servlet.testcomponents.TestMultipartServlet)
AnnotationConfigServletWebServerApplicationContext(org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext)
Test(org.junit.Test)
Aggregations
MultipartConfigElement (javax.servlet.MultipartConfigElement)51
Test (org.junit.Test)35
ByteArrayInputStream (java.io.ByteArrayInputStream)30
Part (javax.servlet.http.Part)27
MultiPart (org.eclipse.jetty.util.MultiPartInputStreamParser.MultiPart)24
ByteArrayOutputStream (java.io.ByteArrayOutputStream)13
IOException (java.io.IOException)8
File (java.io.File)7
ServletHolder (org.eclipse.jetty.servlet.ServletHolder)5
ServletException (javax.servlet.ServletException)4
ServletInputStream (javax.servlet.ServletInputStream)4
InputStream (java.io.InputStream)3
HashMap (java.util.HashMap)2
Map (java.util.Map)2
Servlet (javax.servlet.Servlet)2
ServletRegistration (javax.servlet.ServletRegistration)2
MultipartConfig (javax.servlet.annotation.MultipartConfig)2
HttpServletRequest (javax.servlet.http.HttpServletRequest)2
MultiPartInputStreamParser (org.eclipse.jetty.util.MultiPartInputStreamParser)2
DbxException (com.dropbox.core.DbxException)1
