cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject git commit: [CXF-5653] Optional support for the same URI redirects
Date Wed, 26 Mar 2014 21:57:42 GMT
Repository: cxf
Updated Branches:
  refs/heads/2.7.x-fixes 889c2c359 -> df909075a


[CXF-5653] Optional support for the same URI redirects


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/df909075
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/df909075
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/df909075

Branch: refs/heads/2.7.x-fixes
Commit: df909075ac5cb11fe993e2a3799e3290dd68e668
Parents: 889c2c3
Author: Sergey Beryozkin <sberyozkin@talend.com>
Authored: Wed Mar 26 21:33:18 2014 +0000
Committer: Sergey Beryozkin <sberyozkin@talend.com>
Committed: Wed Mar 26 21:57:28 2014 +0000

----------------------------------------------------------------------
 .../apache/cxf/transport/http/HTTPConduit.java  | 41 +++++++++++++++-----
 1 file changed, 31 insertions(+), 10 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/df909075/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java
----------------------------------------------------------------------
diff --git a/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java
b/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java
index ab4cdb6..5a6c199 100644
--- a/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java
+++ b/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java
@@ -30,6 +30,7 @@ import java.net.MalformedURLException;
 import java.net.URI;
 import java.net.URISyntaxException;
 import java.util.Arrays;
+import java.util.HashMap;
 import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
@@ -44,6 +45,7 @@ import javax.xml.namespace.QName;
 import org.apache.cxf.Bus;
 import org.apache.cxf.common.injection.NoJSR250Annotations;
 import org.apache.cxf.common.logging.LogUtils;
+import org.apache.cxf.common.util.PropertyUtils;
 import org.apache.cxf.configuration.Configurable;
 import org.apache.cxf.configuration.jsse.TLSClientParameters;
 import org.apache.cxf.configuration.security.AuthorizationPolicy;
@@ -51,6 +53,7 @@ import org.apache.cxf.configuration.security.CertificateConstraintsType;
 import org.apache.cxf.configuration.security.ProxyAuthorizationPolicy;
 import org.apache.cxf.endpoint.ClientCallback;
 import org.apache.cxf.endpoint.Endpoint;
+import org.apache.cxf.helpers.CastUtils;
 import org.apache.cxf.helpers.HttpHeaderHelper;
 import org.apache.cxf.helpers.IOUtils;
 import org.apache.cxf.helpers.LoadingByteArrayOutputStream;
@@ -168,6 +171,7 @@ public abstract class HTTPConduit
     private static final String AUTO_REDIRECT_ALLOW_REL_URI = "http.redirect.relative.uri";
     private static final String MAX_AUTO_REDIRECT_COUNT = "max.http.redirect.count";
     
+    private static final String AUTO_REDIRECT_MAX_SAME_URI_COUNT = "http.redirect.max.same.uri.count";
     
     private static final String HTTP_POST_METHOD = "POST";
     private static final String HTTP_PUT_METHOD = "PUT";
@@ -1786,10 +1790,9 @@ public abstract class HTTPConduit
                                            String lastURL, 
                                            String newURL,
                                            Message message) throws IOException {
-        @SuppressWarnings("unchecked")
-        Set<String> visitedURLs = (Set<String>) message.get(KEY_VISITED_URLS);
+        Map<String, Integer> visitedURLs = CastUtils.cast((Map<?, ?>)message.get(KEY_VISITED_URLS));
         if (visitedURLs == null) {
-            visitedURLs = new HashSet<String>();
+            visitedURLs = new HashMap<String, Integer>();
             message.put(KEY_VISITED_URLS, visitedURLs);
         } else {
             Object maxCountProp = message.getContextualProperty(MAX_AUTO_REDIRECT_COUNT);
@@ -1803,15 +1806,33 @@ public abstract class HTTPConduit
                 }
             }
         }
-        visitedURLs.add(lastURL);
-        if (newURL != null && visitedURLs.contains(newURL)) {
+        Integer visitCount = visitedURLs.get(lastURL);
+        if (visitCount == null) {
+            visitCount = 1;
+        } else {
+            visitCount++;
+        }
+        visitedURLs.put(lastURL, visitCount);
+        
+        Integer newURLCount = visitedURLs.get(newURL);
+        if (newURL != null && newURLCount != null) {
             // See if we are being redirected in a loop as best we can,
             // using string equality on URL.
-            // We are in a redirect loop; -- bail
-            String msg = "Redirect loop detected on Conduit '" 
-                + conduitName + "' on '" + newURL + "'";
-            LOG.log(Level.INFO, msg);
-            throw new IOException(msg);
+            boolean invalidLoopDetected = newURL.equals(lastURL); 
+            if (!invalidLoopDetected) {
+                // this URI was used sometime earlier
+                Integer maxSameURICount = PropertyUtils.getInteger(message, AUTO_REDIRECT_MAX_SAME_URI_COUNT);
+                if (maxSameURICount == null || newURLCount > maxSameURICount) {
+                    invalidLoopDetected = true;
+                }
+            }
+            if (invalidLoopDetected) {
+                // We are in a redirect loop; -- bail
+                String msg = "Redirect loop detected on Conduit '" 
+                    + conduitName + "' on '" + newURL + "'";
+                LOG.log(Level.INFO, msg);
+                throw new IOException(msg);
+            }
         }
     }   
     private static void detectAuthorizationLoop(String conduitName, Message message, 


Mime
View raw message