Author: markt Date: Mon Nov 20 11:31:36 2017 New Revision: 1815790 URL: http://svn.apache.org/viewvc?rev=1815790&view=rev Log: Add error messages when exceptions are thrown due to host name parsing issues.
Modified: tomcat/trunk/java/org/apache/tomcat/util/http/parser/HttpParser.java tomcat/trunk/java/org/apache/tomcat/util/http/parser/LocalStrings.properties Modified: tomcat/trunk/java/org/apache/tomcat/util/http/parser/HttpParser.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/http/parser/HttpParser.java?rev=1815790&r1=1815789&r2=1815790&view=diff ============================================================================== --- tomcat/trunk/java/org/apache/tomcat/util/http/parser/HttpParser.java (original) +++ tomcat/trunk/java/org/apache/tomcat/util/http/parser/HttpParser.java Mon Nov 20 11:31:36 2017 @@ -19,6 +19,8 @@ package org.apache.tomcat.util.http.pars import java.io.IOException; import java.io.Reader; +import org.apache.tomcat.util.res.StringManager; + /** * HTTP header value parser implementation. Parsing HTTP headers as per RFC2616 * is not always as simple as it first appears. For headers that only use tokens @@ -96,6 +98,9 @@ public class HttpParser { } + private static final StringManager sm = StringManager.getManager(HttpParser.class); + + public static String unquote(String input) { if (input == null || input.length() < 2) { return input; @@ -497,7 +502,8 @@ public class HttpParser { octetCount++; octet = -1; } else { - throw new IllegalArgumentException(); + throw new IllegalArgumentException( + sm.getString("http.invalidOctet", Integer.toString(octet))); } } else if (isNumeric(c)) { if (octet == -1) { @@ -509,7 +515,7 @@ public class HttpParser { break; } else if (c == -1) { if (inIPv6) { - throw new IllegalArgumentException(); + throw new IllegalArgumentException(sm.getString("http.noClosingBracket")); } else { pos = -1; break; @@ -519,19 +525,22 @@ public class HttpParser { pos++; break; } else { - throw new IllegalArgumentException(); + throw new IllegalArgumentException(sm.getString("http.closingBracket")); } } else { - throw new IllegalArgumentException(); + throw new IllegalArgumentException(sm.getString( + "http.illegalCharacterIpv4", Character.toString((char) c))); } pos++; } while (true); if (octetCount != 4) { - throw new IllegalArgumentException(); + throw new IllegalArgumentException( + sm.getString("http.wrongOctetCount", Integer.toString(octetCount))); } if (octet < 0 || octet > 255) { - throw new IllegalArgumentException(); + throw new IllegalArgumentException( + sm.getString("http.invalidOctet", Integer.toString(octet))); } return pos; @@ -546,7 +555,7 @@ public class HttpParser { // Must start with '[' int c = reader.read(); if (c != '[') { - throw new IllegalArgumentException(); + throw new IllegalArgumentException(sm.getString("http.noOpeningBracket")); } int h16Count = 0; @@ -559,7 +568,7 @@ public class HttpParser { c = reader.read(); if (h16Count == 0 && precedingColonsCount == 1 && c != ':') { // Can't start with a single : - throw new IllegalArgumentException(); + throw new IllegalArgumentException(sm.getString("http.singleColonStart")); } if (HttpParser.isHex(c)) { if (h16Size == 0) { @@ -569,18 +578,19 @@ public class HttpParser { } h16Size++; if (h16Size > 4) { - throw new IllegalArgumentException(); + throw new IllegalArgumentException(sm.getString("http.invalidHextet")); } } else if (c == ':') { if (precedingColonsCount >=2 ) { // ::: is not allowed - throw new IllegalArgumentException(); + throw new IllegalArgumentException(sm.getString("http.tooManyColons")); } else { if(precedingColonsCount == 1) { // End of :: if (parsedDoubleColon ) { // Only allowed one :: sequence - throw new IllegalArgumentException(); + throw new IllegalArgumentException( + sm.getString("http.tooManyDoubleColons")); } parsedDoubleColon = true; // :: represents at least one h16 block @@ -594,7 +604,7 @@ public class HttpParser { } else if (c == ']') { if (precedingColonsCount == 1) { // Can't end on a single ':' - throw new IllegalArgumentException(); + throw new IllegalArgumentException(sm.getString("http.singleColonEnd")); } pos++; break; @@ -606,18 +616,21 @@ public class HttpParser { h16Count++; break; } else { - throw new IllegalArgumentException(); + throw new IllegalArgumentException(sm.getString("http.invalidIpv4Location")); } } else { - throw new IllegalArgumentException(); + throw new IllegalArgumentException(sm.getString( + "http.illegalCharacterIpv6", Character.toString((char) c))); } pos++; } while (true); if (h16Count > 8) { - throw new IllegalArgumentException(); + throw new IllegalArgumentException( + sm.getString("http.tooManyHextets", Integer.toString(h16Count))); } else if (h16Count != 8 && !parsedDoubleColon) { - throw new IllegalArgumentException(); + throw new IllegalArgumentException( + sm.getString("http.tooFewHextets", Integer.toString(h16Count))); } c = reader.read(); @@ -627,7 +640,8 @@ public class HttpParser { if(c == -1) { return -1; } - throw new IllegalArgumentException(); + throw new IllegalArgumentException( + sm.getString("http.illegalAfterIpv6", Character.toString((char) c))); } } @@ -670,13 +684,13 @@ public class HttpParser { private enum DomainParseState { - NEW( true, false, false, false, false, false), - ALPHA( true, true, true, true, true, true), - NUMERIC( true, true, true, true, true, true), - PERIOD( true, false, false, false, true, true), - HYPHEN( true, true, true, false, false, false), - COLON( false, false, false, false, false, false), - END( false, false, false, false, false, false); + NEW( true, false, false, false, false, false, " at the start of"), + ALPHA( true, true, true, true, true, true, " after a letter in"), + NUMERIC( true, true, true, true, true, true, " after a number in"), + PERIOD( true, false, false, false, true, true, " after a period in"), + HYPHEN( true, true, true, false, false, false, " after a hypen in"), + COLON( false, false, false, false, false, false, " after a colon in"), + END( false, false, false, false, false, false, " at the end of"); private final boolean mayContinue; private final boolean allowsNumeric; @@ -684,15 +698,17 @@ public class HttpParser { private final boolean allowsPeriod; private final boolean allowsColon; private final boolean allowsEnd; + private final String errorLocation; private DomainParseState(boolean mayContinue, boolean allowsNumeric, boolean allowsHyphen, - boolean allowsPeriod, boolean allowsColon, boolean allowsEnd) { + boolean allowsPeriod, boolean allowsColon, boolean allowsEnd, String errorLocation) { this.mayContinue = mayContinue; this.allowsNumeric = allowsNumeric; this.allowsHyphen = allowsHyphen; this.allowsPeriod = allowsPeriod; this.allowsColon = allowsColon; this.allowsEnd = allowsEnd; + this.errorLocation = errorLocation; } public boolean mayContinue() { @@ -706,34 +722,40 @@ public class HttpParser { if (allowsNumeric) { return NUMERIC; } else { - throw new IllegalArgumentException(); + throw new IllegalArgumentException(sm.getString("http.invalidCharacterDomain", + Character.toString((char) c), errorLocation)); } } else if (c == '.') { if (allowsPeriod) { return PERIOD; } else { - throw new IllegalArgumentException(); + throw new IllegalArgumentException(sm.getString("http.invalidCharacterDomain", + Character.toString((char) c), errorLocation)); } } else if (c == ':') { if (allowsColon) { return COLON; } else { - throw new IllegalArgumentException(); + throw new IllegalArgumentException(sm.getString("http.invalidCharacterDomain", + Character.toString((char) c), errorLocation)); } } else if (c == -1) { if (allowsEnd) { return END; } else { - throw new IllegalArgumentException(); + throw new IllegalArgumentException(sm.getString("http.invalidCharacterDomain", + Character.toString((char) c), errorLocation)); } } else if (c == '-') { if (allowsHyphen) { return HYPHEN; } else { - throw new IllegalArgumentException(); + throw new IllegalArgumentException(sm.getString("http.invalidCharacterDomain", + Character.toString((char) c), errorLocation)); } } else { - throw new IllegalArgumentException(); + throw new IllegalArgumentException(sm.getString( + "http.illegalCharacterDomain", Character.toString((char) c))); } } } Modified: tomcat/trunk/java/org/apache/tomcat/util/http/parser/LocalStrings.properties URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/http/parser/LocalStrings.properties?rev=1815790&r1=1815789&r2=1815790&view=diff ============================================================================== --- tomcat/trunk/java/org/apache/tomcat/util/http/parser/LocalStrings.properties (original) +++ tomcat/trunk/java/org/apache/tomcat/util/http/parser/LocalStrings.properties Mon Nov 20 11:31:36 2017 @@ -14,7 +14,27 @@ # limitations under the License. authorization.unknownType=Unknown Type [{0}] + cookie.fallToDebug=Note: further occurrences of this error will be logged at DEBUG level. cookie.invalidCookieValue=A cookie header was received [{0}] that contained an invalid cookie. That cookie will be ignored. cookie.invalidCookieVersion=A cookie header was received using an unrecognised cookie version of [{0}]. The header and the cookies it contains will be ignored. -cookie.valueNotPresent=<not present> \ No newline at end of file +cookie.valueNotPresent=<not present> + +http.closingBracket=A closing bracket ']' was found in a non-IPv6 host name. +http.illegalAfterIpv6=The character [{0}] is not permitted to follow an IPv6 address in a host name +http.illegalCharacterDomain=The character [{0}] is never valid in a domain name. +http.illegalCharacterIpv4=The character [{0}] is never valid in an IPv4 address. +http.illegalCharacterIpv6=The character [{0}] is never valid in an IPv6 address. +http.invalidCharacterDomain=The character [{0}] is not valid{1} a domain name. +http.invalidHextet=Invalid hextet. A hextet must consist of 4 or less hex characters. +http.invalidIpv4Location=The IPv6 address contains an embedded IPv4 address at an invalid location. +http.invalidOctet=Invalid octet [{0}]. The valid range for IPv4 octets is 0 to 255. +http.noClosingBracket=The IPv6 address is missing a closing bracket. +http.noOpeningBracket=The IPv6 address is missing an opening bracket. +http.singleColonEnd=An IPv6 address may not end with a single ':'. +http.singleColonStart=An IPv6 address may not start with a single ':'. +http.tooFewHextets=An IPv6 address must consist of 8 hextets but this address contains [{0}] hextets and no '::' sequence to represent one or more zero hextets. +http.tooManyColons=An IPv6 address may not contain more than 2 sequential colon characters. +http.tooManyDoubleColons=An IPv6 address may only contain a single '::' sequence. +http.tooManyHextets=The IPv6 address contains [{0}] hextets but a valid IPv6 address may not have more than 8. +http.wrongOctetCount=An IPv4 address should have exactly 4 octets, not [{0}]. \ No newline at end of file --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org