Author: markt Date: Fri Oct 14 10:49:11 2016 New Revision: 1764866 URL: http://svn.apache.org/viewvc?rev=1764866&view=rev Log: Cookie headers should be merged into a single header
Modified: tomcat/trunk/java/org/apache/coyote/http2/Http2UpgradeHandler.java tomcat/trunk/java/org/apache/coyote/http2/Stream.java tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/java/org/apache/coyote/http2/Http2UpgradeHandler.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/Http2UpgradeHandler.java?rev=1764866&r1=1764865&r2=1764866&view=diff ============================================================================== --- tomcat/trunk/java/org/apache/coyote/http2/Http2UpgradeHandler.java (original) +++ tomcat/trunk/java/org/apache/coyote/http2/Http2UpgradeHandler.java Fri Oct 14 10:49:11 2016 @@ -1247,6 +1247,7 @@ class Http2UpgradeHandler extends Abstra setMaxProcessedStream(streamId); Stream stream = getStream(streamId, connectionState.get().isNewStreamAllowed()); if (stream != null && stream.isActive()) { + stream.headersEnd(); processStreamOnContainerThread(stream); } } Modified: tomcat/trunk/java/org/apache/coyote/http2/Stream.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/Stream.java?rev=1764866&r1=1764865&r2=1764866&view=diff ============================================================================== --- tomcat/trunk/java/org/apache/coyote/http2/Stream.java (original) +++ tomcat/trunk/java/org/apache/coyote/http2/Stream.java Fri Oct 14 10:49:11 2016 @@ -52,6 +52,7 @@ class Stream extends AbstractStream impl private final StreamStateMachine state; // TODO: null these when finished to reduce memory used by closed stream private final Request coyoteRequest; + private StringBuilder cookieHeader = null; private final Response coyoteResponse = new Response(); private final StreamInputBuffer inputBuffer; private final StreamOutputBuffer outputBuffer = new StreamOutputBuffer(); @@ -228,6 +229,17 @@ class Stream extends AbstractStream impl } break; } + case "cookie": { + // Cookie headers need to be concatenated into a single header + // See RFC 7540 8.1.2.5 + if (cookieHeader == null) { + cookieHeader = new StringBuilder(); + } else { + cookieHeader.append("; "); + } + cookieHeader.append(value); + break; + } default: { if ("expect".equals(name) && "100-continue".equals(value)) { coyoteRequest.setExpectation(true); @@ -238,6 +250,16 @@ class Stream extends AbstractStream impl } } + + final void headersEnd() { + // Cookie headers need to be concatenated into a single header + // See RFC 7540 8.1.2.5 + // Can only do this once the headers are fully received + if (cookieHeader != null) { + coyoteRequest.getMimeHeaders().addValue("cookie").setString(cookieHeader.toString()); + } + } + final void writeHeaders() throws IOException { // TODO: Is 1k the optimal value? Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1764866&r1=1764865&r2=1764866&view=diff ============================================================================== --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Fri Oct 14 10:49:11 2016 @@ -89,6 +89,11 @@ Don't continue to process an HTTP/2 stream if it is reset during header parsing. (markt) </fix> + <fix> + HTTP/2 uses separate headers for each Cookie. As required by RFC 7540, + merge these into a single Cookie header before processing continues. + (markt) + </fix> </changelog> </subsection> <subsection name="Jasper"> --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org