This is an automated email from the ASF dual-hosted git repository. dkulp pushed a commit to branch 3.1.x-fixes in repository https://gitbox.apache.org/repos/asf/cxf.git
commit 7bc22f411fc82c07d33336857aa7476cc0c82c95 Author: Daniel Kulp <dk...@apache.org> AuthorDate: Thu Apr 26 09:50:31 2018 -0400 [CXF-7720] Bunch of issues with case senstive Set-Cookie headers (cherry picked from commit e4da23a719581d5a657b1c4e99fa41a0aca393e5) --- .../org/apache/cxf/transport/http/Headers.java | 39 +++++++++++----------- .../org/apache/cxf/systest/jaxrs/BookStore.java | 4 +-- 2 files changed, 22 insertions(+), 21 deletions(-) diff --git a/rt/transports/http/src/main/java/org/apache/cxf/transport/http/Headers.java b/rt/transports/http/src/main/java/org/apache/cxf/transport/http/Headers.java index 6ca427a..f2285dd 100644 --- a/rt/transports/http/src/main/java/org/apache/cxf/transport/http/Headers.java +++ b/rt/transports/http/src/main/java/org/apache/cxf/transport/http/Headers.java @@ -28,11 +28,10 @@ import java.util.Collections; import java.util.Date; import java.util.Enumeration; import java.util.HashMap; -import java.util.HashSet; import java.util.List; import java.util.Locale; import java.util.Map; -import java.util.Set; +import java.util.Map.Entry; import java.util.TimeZone; import java.util.TreeMap; import java.util.logging.Level; @@ -74,18 +73,8 @@ public class Headers { private static final List<String> SENSITIVE_HEADERS = Arrays.asList("Authorization", "Proxy-Authorization"); private static final List<Object> SENSITIVE_HEADER_MARKER = Arrays.asList((Object)"***"); private static final String ALLOW_LOGGING_SENSITIVE_HEADERS = "allow.logging.sensitive.headers"; - /** - * Known HTTP headers whose values have to be represented as individual HTTP headers - */ - private static final Set<String> HTTP_HEADERS_SINGLE_VALUE_ONLY; - private static final String USER_AGENT; - static { - HTTP_HEADERS_SINGLE_VALUE_ONLY = new HashSet<String>(); - HTTP_HEADERS_SINGLE_VALUE_ONLY.add(HTTP_HEADERS_SETCOOKIE); - HTTP_HEADERS_SINGLE_VALUE_ONLY.add(HTTP_HEADERS_LINK); - USER_AGENT = initUserAgent(); - } - + private static final String USER_AGENT = initUserAgent(); + private final Message message; private final Map<String, List<String>> headers; @@ -291,10 +280,18 @@ public class Headers { public void readFromConnection(HttpURLConnection connection) { Map<String, List<String>> origHeaders = connection.getHeaderFields(); headers.clear(); - for (String key : connection.getHeaderFields().keySet()) { - if (key != null) { - headers.put(HttpHeaderHelper.getHeaderKey(key), - origHeaders.get(key)); + for (Entry<String, List<String>> entry : origHeaders.entrySet()) { + if (entry.getKey() != null) { + String key = HttpHeaderHelper.getHeaderKey(entry.getKey()); + List<String> old = headers.get(key); + if (old != null) { + List<String> nl = new ArrayList<>(old.size() + entry.getValue().size()); + nl.addAll(old); + nl.addAll(entry.getValue()); + headers.put(key, nl); + } else { + headers.put(key, entry.getValue()); + } } } } @@ -505,6 +502,10 @@ public class Headers { return true; } + private boolean isSingleHeader(String header) { + return HTTP_HEADERS_SETCOOKIE.equalsIgnoreCase(header) || HTTP_HEADERS_LINK.equalsIgnoreCase(header); + } + /** * Copy the response headers into the response. * @@ -525,7 +526,7 @@ public class Headers { String header = entry.getKey(); List<?> headerList = entry.getValue(); - if (addHeaders || HTTP_HEADERS_SINGLE_VALUE_ONLY.contains(header)) { + if (addHeaders || isSingleHeader(header)) { for (int i = 0; i < headerList.size(); i++) { Object headerObject = headerList.get(i); if (headerObject != null) { diff --git a/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/BookStore.java b/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/BookStore.java index 49b173f..86d4149 100644 --- a/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/BookStore.java +++ b/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/BookStore.java @@ -529,8 +529,8 @@ public class BookStore { @Path("setmanycookies") public Response setTwoCookies() { return Response.ok().header("Set-Cookie", "JSESSIONID=0475F7F30A26E5B0C15D69; Path=/") - .header("Set-Cookie", "COOKIETWO=dummy; Expires=Sat, 20-Nov-2010 19:11:32 GMT; Path=/") - .header("Set-Cookie", "COOKIETWO=dummy2; expires=Sat, 20-Nov-2010 19:11:32 GMT; Path=/") + .header("Set-cookie", "COOKIETWO=dummy; Expires=Sat, 20-Nov-2010 19:11:32 GMT; Path=/") + .header("set-cookie", "COOKIETWO=dummy2; expires=Sat, 20-Nov-2010 19:11:32 GMT; Path=/") .build(); } -- To stop receiving notification emails like this one, please contact dk...@apache.org.