Menu
▾
▴
[jboss-cvs] contrib/jetty/src/main/org/mortbay/http/handler ResourceHandler.java
|
From: Jules G. <jul...@us...> - 2002-08-29 21:13:30
|
User: jules_gosnell
Date: 02/08/29 14:13:29
Modified: jetty/src/main/org/mortbay/http/handler Tag: Branch_3_2
ResourceHandler.java
Log:
Jetty-4.1.0RC3 - 28 August 2002
+ Fixed security problem for suffix matching with trailing "/"
+ addWebApplications encodes paths to allow for spaces in file names.
+ Improved handling of PUT,DELETE & MOVE.
+ Improved handling of path encoding in Resources for bad JVMs
+ Added buffering to request log
+ Created and integrated the Jetty Launcher
+ Made Resource canonicalize it's base path for directories
+ Allow WebApplicationHandler to be used with other handlers.
+ Added defaults descriptor to addWebApplications.
+ Allow FORM auth pages to be within security constraint.
Revision Changes Path
No revision
No revision
1.15.2.2 +57 -32 contrib/jetty/src/main/org/mortbay/http/handler/ResourceHandler.java
Index: ResourceHandler.java
===================================================================
RCS file: /cvsroot/jboss/contrib/jetty/src/main/org/mortbay/http/handler/ResourceHandler.java,v
retrieving revision 1.15.2.1
retrieving revision 1.15.2.2
diff -u -r1.15.2.1 -r1.15.2.2
--- ResourceHandler.java 24 Aug 2002 18:53:38 -0000 1.15.2.1
+++ ResourceHandler.java 29 Aug 2002 21:13:29 -0000 1.15.2.2
@@ -1,6 +1,6 @@
// ===========================================================================
// Copyright (c) 1996-2002 Mort Bay Consulting Pty. Ltd. All rights reserved.
-// $Id: ResourceHandler.java,v 1.15.2.1 2002/08/24 18:53:38 jules_gosnell Exp $
+// $Id: ResourceHandler.java,v 1.15.2.2 2002/08/29 21:13:29 jules_gosnell Exp $
// ---------------------------------------------------------------------------
package org.mortbay.http.handler;
@@ -46,7 +46,7 @@
* A simple memory cache is also provided to reduce file I/O.
* HTTP/1.1 ranges are supported.
*
- * @version $Id: ResourceHandler.java,v 1.15.2.1 2002/08/24 18:53:38 jules_gosnell Exp $
+ * @version $Id: ResourceHandler.java,v 1.15.2.2 2002/08/29 21:13:29 jules_gosnell Exp $
* @author Nuno Preguiça
* @author Greg Wilkins
*/
@@ -147,7 +147,6 @@
HttpResponse response)
throws HttpException, IOException
{
- boolean endsWithSlash= pathInContext.endsWith("/");
Resource resource = getHttpContext().getResource(pathInContext);
if (resource==null)
@@ -177,7 +176,7 @@
if (method.equals(HttpRequest.__GET) ||
method.equals(HttpRequest.__POST) ||
method.equals(HttpRequest.__HEAD))
- handleGet(request, response, pathInContext, pathParams, resource, endsWithSlash);
+ handleGet(request, response, pathInContext, pathParams, resource);
else if (method.equals(HttpRequest.__PUT))
handlePut(request, response, pathInContext, resource);
else if (method.equals(HttpRequest.__DELETE))
@@ -215,18 +214,17 @@
HttpResponse response,
String pathInContext,
String pathParams,
- Resource resource,
- boolean endsWithSlash)
+ Resource resource)
throws IOException
{
Code.debug("Looking for ",resource);
-
+
if (resource!=null && resource.exists())
{
// check if directory
if (resource.isDirectory())
{
- if (!endsWithSlash && !pathInContext.equals("/"))
+ if (!pathInContext.endsWith("/") && !pathInContext.equals("/"))
{
Code.debug("Redirect to directory/");
@@ -238,7 +236,8 @@
buf.append(q);
}
response.setField(HttpFields.__Location, URI.addPaths(buf.toString(),"/"));
- response.sendError(302);
+ response.setStatus(302);
+ request.setHandled(true);
return;
}
@@ -301,7 +300,8 @@
{
if (resource.lastModified() <= date)
{
- response.sendError(response.__304_Not_Modified);
+ response.setStatus(response.__304_Not_Modified);
+ request.setHandled(true);
return false;
}
}
@@ -325,27 +325,50 @@
!passConditionalHeaders(request,response,resource))
return;
- try
+ if (pathInContext.endsWith("/"))
{
- int toRead = request.getContentLength();
- InputStream in = request.getInputStream();
- OutputStream out = resource.getOutputStream();
- if (toRead>=0)
- IO.copy(in,out,toRead);
+ if (!exists)
+ {
+ if (!resource.getFile().mkdirs())
+ response.sendError(response.__403_Forbidden, "Directories could not be created");
+ else
+ {
+ request.setHandled(true);
+ response.setStatus(HttpResponse.__201_Created);
+ response.commit();
+ }
+ }
else
- IO.copy(in,out);
- out.close();
- request.setHandled(true);
- response.setStatus(exists
- ?HttpResponse.__200_OK
- :HttpResponse.__201_Created);
- response.commit();
- }
- catch (Exception ex)
- {
- Code.warning(ex);
- response.sendError(response.__403_Forbidden,
- ex.getMessage());
+ {
+ request.setHandled(true);
+ response.setStatus(HttpResponse.__200_OK);
+ response.commit();
+ }
+ }
+ else
+ {
+ try
+ {
+ int toRead = request.getContentLength();
+ InputStream in = request.getInputStream();
+ OutputStream out = resource.getOutputStream();
+ if (toRead>=0)
+ IO.copy(in,out,toRead);
+ else
+ IO.copy(in,out);
+ out.close();
+ request.setHandled(true);
+ response.setStatus(exists
+ ?HttpResponse.__200_OK
+ :HttpResponse.__201_Created);
+ response.commit();
+ }
+ catch (Exception ex)
+ {
+ Code.warning(ex);
+ response.sendError(response.__403_Forbidden,
+ ex.getMessage());
+ }
}
}
@@ -365,11 +388,13 @@
try
{
// delete the file
- resource.delete();
+ if (resource.delete())
+ response.setStatus(HttpResponse.__204_No_Content);
+ else
+ response.sendError(HttpResponse.__403_Forbidden);
// Send response
request.setHandled(true);
- response.sendError(response.__204_No_Content);
}
catch (SecurityException sex)
{
@@ -419,8 +444,8 @@
Code.debug("Moving "+resource+" to "+newFile);
resource.renameTo(newFile);
+ response.setStatus(response.__204_No_Content);
request.setHandled(true);
- response.sendError(response.__204_No_Content);
}
catch (Exception ex)
{
|