-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Rémy,
Should there be a note about this in the migration guide? - -chris On 3/25/20 12:58, r...@apache.org wrote: > This is an automated email from the ASF dual-hosted git > repository. > > remm pushed a commit to branch master in repository > https://gitbox.apache.org/repos/asf/tomcat.git > > > The following commit(s) were added to refs/heads/master by this > push: new d0877a6 Remove two system properties used for > configuration d0877a6 is described below > > commit d0877a698fe23f633747f429e43ce40d5f8d3ed7 Author: remm > <r...@apache.org> AuthorDate: Wed Mar 25 17:58:08 2020 +0100 > > Remove two system properties used for configuration > > Two rarely used properties, both in the connector package: - > org.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH is > replaced by the allowBackslash attribute - > org.apache.catalina.connector.Response.ENFORCE_ENCODING_IN_GET_WRITER > > is replaced by the enforceEncodingInGetWriter attribute > --- java/org/apache/catalina/connector/Connector.java | 57 > ++++++++++++++++++++++ > .../apache/catalina/connector/CoyoteAdapter.java | 11 ++--- > java/org/apache/catalina/connector/Response.java | 17 +------ > .../catalina/connector/TestCoyoteAdapter.java | 2 +- > webapps/docs/changelog.xml | 13 +++++ > webapps/docs/config/systemprops.xml | 18 ------- 6 > files changed, 76 insertions(+), 42 deletions(-) > > diff --git a/java/org/apache/catalina/connector/Connector.java > b/java/org/apache/catalina/connector/Connector.java index > 43b9431..ec65163 100644 --- > a/java/org/apache/catalina/connector/Connector.java +++ > b/java/org/apache/catalina/connector/Connector.java @@ -118,6 > +118,14 @@ public class Connector extends LifecycleMBeanBase { > > > /** + * If this is <code>true</code> the '\' character will be > permitted as a + * path delimiter. If not specified, the > default value of + * <code>false</code> will be used. + */ > + protected boolean allowBackslash = false; + + + /** * Do we > allow TRACE ? */ protected boolean allowTrace = false; @@ -135,6 > +143,19 @@ public class Connector extends LifecycleMBeanBase { > protected boolean enableLookups = false; > > > + /** + * If this is <code>true</code> then a call to + > * <code>Response.getWriter()</code> if no character encoding + > * has been specified will result in subsequent calls to + * > <code>Response.getCharacterEncoding()</code> returning + * > <code>ISO-8859-1</code> and the <code>Content-Type</code> response > header + * will include a <code>charset=ISO-8859-1</code> > component. + * (SRV.15.2.22.1) + * If not specified, the > default specification compliant value of + * <code>true</code> > will be used. + */ + protected boolean > enforceEncodingInGetWriter = true; + /* * Is generation of > X-Powered-By response header enabled/disabled? */ @@ -339,6 +360,24 > @@ public class Connector extends LifecycleMBeanBase { > > > /** + * @return <code>true</code> if backslash characters are > allowed in URLs. + * Default value is <code>false</code>. + > */ + public boolean getAllowBackslash() { + return > allowBackslash; + } + + + /** + * Set the allowBackslash > flag. + * @param allowBackslash the new flag value + */ + > public void setAllowBackslash(boolean allowBackslash) { + > this.allowBackslash = allowBackslash; + } + + + /** * @return > <code>true</code> if the TRACE method is allowed. Default value * > is <code>false</code>. */ @@ -415,6 +454,24 @@ public class > Connector extends LifecycleMBeanBase { } > > > + /** + * @return <code>true</code> if a default character > encoding will be set + * when calling Response.getWriter() + > */ + public boolean getEnforceEncodingInGetWriter() { + > return enforceEncodingInGetWriter; + } + + + /** + * Set > the enforceEncodingInGetWriter flag. + * @param > enforceEncodingInGetWriter the new flag value + */ + public > void setEnforceEncodingInGetWriter(boolean > enforceEncodingInGetWriter) { + > this.enforceEncodingInGetWriter = enforceEncodingInGetWriter; + > } + + public int getMaxCookieCount() { return maxCookieCount; } > diff --git a/java/org/apache/catalina/connector/CoyoteAdapter.java > b/java/org/apache/catalina/connector/CoyoteAdapter.java index > 3b6f7e9..9bfe301 100644 --- > a/java/org/apache/catalina/connector/CoyoteAdapter.java +++ > b/java/org/apache/catalina/connector/CoyoteAdapter.java @@ -78,10 > +78,6 @@ public class CoyoteAdapter implements Adapter { public > static final int ADAPTER_NOTES = 1; > > > - protected static final boolean ALLOW_BACKSLASH = - > Boolean.parseBoolean(System.getProperty("org.apache.catalina.connector .CoyoteAdapter.ALLOW_BACKSLASH", > "false")); - - private static final ThreadLocal<String> THREAD_NAME > = new ThreadLocal<String>() { > > @@ -635,7 +631,7 @@ public class CoyoteAdapter implements Adapter > { response.sendError(400, "Invalid URI: " + ioe.getMessage()); } // > Normalization - if (normalize(req.decodedURI())) { + > if (normalize(req.decodedURI(), connector.getAllowBackslash())) { > // Character decoding convertURI(decodedURI, request); // > URIEncoding values are limited to US-ASCII supersets. @@ -1127,12 > +1123,13 @@ public class CoyoteAdapter implements Adapter { * This > method normalizes "\", "//", "/./" and "/../". * * @param uriMB URI > to be normalized + * @param allowBackslash <code>true</code> if > backslash characters are allowed in URLs * * @return > <code>false</code> if normalizing this URI would require going * > above the root, or if the URI contains a null byte, otherwise * > <code>true</code> */ - public static boolean > normalize(MessageBytes uriMB) { + public static boolean > normalize(MessageBytes uriMB, boolean allowBackslash) { > > ByteChunk uriBC = uriMB.getByteChunk(); final byte[] b = > uriBC.getBytes(); @@ -1151,7 +1148,7 @@ public class CoyoteAdapter > implements Adapter { // Check for null byte for (pos = start; pos < > end; pos++) { if (b[pos] == (byte) '\\') { - if > (ALLOW_BACKSLASH) { + if (allowBackslash) { b[pos] = > (byte) '/'; } else { return false; diff --git > a/java/org/apache/catalina/connector/Response.java > b/java/org/apache/catalina/connector/Response.java index > 9ec0b5d..17d086b 100644 --- > a/java/org/apache/catalina/connector/Response.java +++ > b/java/org/apache/catalina/connector/Response.java @@ -74,21 +74,6 > @@ public class Response implements HttpServletResponse { > > private static final MediaTypeCache MEDIA_TYPE_CACHE = new > MediaTypeCache(100); > > - /** - * Compliance with SRV.15.2.22.1. A call to > Response.getWriter() if no - * character encoding has been > specified will result in subsequent calls to - * > Response.getCharacterEncoding() returning ISO-8859-1 and the > Content-Type - * response header will include a > charset=ISO-8859-1 component. - */ - private static final > boolean ENFORCE_ENCODING_IN_GET_WRITER; - - static { - > ENFORCE_ENCODING_IN_GET_WRITER = Boolean.parseBoolean( - > System.getProperty("org.apache.catalina.connector.Response.ENFORCE_ENC ODING_IN_GET_WRITER", > > - - "true")); > - } - - // ----------------------------------------------------- > Instance Variables > > public Response() { @@ -572,7 +557,7 @@ public class Response > implements HttpServletResponse { > (sm.getString("coyoteResponse.getWriter.ise")); } > > - if (ENFORCE_ENCODING_IN_GET_WRITER) { + if > (request.getConnector().getEnforceEncodingInGetWriter()) { /* * If > the response's character encoding has not been specified as * > described in <code>getCharacterEncoding</code> (i.e., the method > diff --git > a/test/org/apache/catalina/connector/TestCoyoteAdapter.java > b/test/org/apache/catalina/connector/TestCoyoteAdapter.java index > 93692af..464ca90 100644 --- > a/test/org/apache/catalina/connector/TestCoyoteAdapter.java +++ > b/test/org/apache/catalina/connector/TestCoyoteAdapter.java @@ > -333,7 +333,7 @@ public class TestCoyoteAdapter extends > TomcatBaseTest { byte[] b = > input.getBytes(StandardCharsets.UTF_8); mb.setBytes(b, 0, > b.length); > > - boolean result = CoyoteAdapter.normalize(mb); + > boolean result = CoyoteAdapter.normalize(mb, false); > mb.toString(); > > if (expected == null) { diff --git a/webapps/docs/changelog.xml > b/webapps/docs/changelog.xml index e8452cd..9e7f153 100644 --- > a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ > -74,6 +74,19 @@ Refactor DefaultServlet to avoid using an internal > Range structure that is duplicated from the parsing result. (remm) > </update> + <update> + Remove + > <code>org.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH</cod e> > > + system property, replaced by the <code>allowBackslash</code> attribute > + on the Connector. (remm) + </update> + <update> > + Remove + > <code>org.apache.catalina.connector.Response.ENFORCE_ENCODING_IN_GET_W RITER</code> > > + system property, replaced by the > + <code>enforceEncodingInGetWriter</code> attribute on the > Connector. + (remm) + </update> </changelog> > </subsection> <subsection name="Coyote"> diff --git > a/webapps/docs/config/systemprops.xml > b/webapps/docs/config/systemprops.xml index bd4a98a..0188a53 > 100644 --- a/webapps/docs/config/systemprops.xml +++ > b/webapps/docs/config/systemprops.xml @@ -264,13 +264,6 @@ > <properties> > > <property - name="org.apache.catalina.connector. > CoyoteAdapter.ALLOW_BACKSLASH"> - <p>If this is > <code>true</code> the '\' character will be permitted as a - > path delimiter.</p> - <p>If not specified, the default value > of <code>false</code> will be used.</p> - </property> - - > <property name="org.apache.tomcat.util.buf. > UDecoder.ALLOW_ENCODED_SLASH"> <p>If this is <code>true</code> > '%2F' and '%5C' will be permitted as path delimiters.</p> @@ > -312,17 +305,6 @@ </ul> </property> > > - <property name="org.apache.catalina.connector. > Response.ENFORCE_ENCODING_IN_GET_WRITER"> - <p>If this is > <code>true</code> then - a call to > <code>Response.getWriter()</code> if no character encoding - > has been specified will result in subsequent calls to - > <code>Response.getCharacterEncoding()</code> returning - > <code>ISO-8859-1</code> and the <code>Content-Type</code> response > header - will include a <code>charset=ISO-8859-1</code> > component. (SRV.15.2.22.1)</p> - <p>If not specified, the > default specification compliant value of - <code>true</code> > will be used.</p> - </property> - <property > name="org.apache.catalina.core.ApplicationContext > .GET_RESOURCE_REQUIRE_SLASH"> <p>If this is <code>true</code> then > the path passed to <code>ServletContext.getResource()</code> or > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl57oywACgkQHPApP6U8 pFhY2hAAmIhGcCDARv08ffARNwkTNtOumtRcEUG/AgcVk5S4ULvkYaNkRC122/Vf O9Ud6kpWaH9GIASynC+gZrjlkP55ipikygmYML47VarbGOH28KlKPrujclndB69d tHnvCt+QklVaA95j/B/mXjjQvVI5MHaP8kn0emmNKZxZamosaHQzoxWKoSsi7+2h NBANeYp+zY6+CcpZiq+2fHWeVeYJHarBhr9IqzwV9HPGDRwRZ3gTtazszY4Ohst6 t5S5aFWEfEDoF681CsHjIYsknYx8tmYnWRH7yOlypZ1WumbSM3QYInSfVOvLmFxk kfYLfruYDVB/1EX/rKaR7/xcQzwSbbZmiwgvz9lNC3kPpsGUocT0fifkUZrDQqJN M/7qq8ailalIXiKhjyG6/Q1QyPaxRkLMoIbPHvyyVVWF4ISmFmCAraUvHnfMWUN7 HzDj7zyvoz6sAFzWdzTDyzakiG8CYQ+8KHV392bEFKGojIQLGTS8dJhmj2ZJLmzA Q4mHV2/uX8fbbV2WPqL0xzBiQpaZLtRyEbgpal9kX6O482yhXmKqjyvBonhRtF5S vb7EEgGDIkztcsrx/rnCzpwbD4t0q8Cuh52zAbZJrPXfFwtvjsPY2kYvZL8opaEZ 7i1OrwDwwoesdCnBE10Ly83tr0LOqrGB3/xKVvRh8wcsT1SzDLI= =fDny -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org