Return-Path: X-Original-To: apmail-cxf-commits-archive@www.apache.org Delivered-To: apmail-cxf-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 1C137100D6 for ; Wed, 26 Mar 2014 21:57:45 +0000 (UTC) Received: (qmail 97640 invoked by uid 500); 26 Mar 2014 21:57:43 -0000 Delivered-To: apmail-cxf-commits-archive@cxf.apache.org Received: (qmail 97533 invoked by uid 500); 26 Mar 2014 21:57:43 -0000 Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list commits@cxf.apache.org Received: (qmail 97526 invoked by uid 99); 26 Mar 2014 21:57:42 -0000 Received: from tyr.zones.apache.org (HELO tyr.zones.apache.org) (140.211.11.114) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 26 Mar 2014 21:57:42 +0000 Received: by tyr.zones.apache.org (Postfix, from userid 65534) id A61D88369AD; Wed, 26 Mar 2014 21:57:42 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: sergeyb@apache.org To: commits@cxf.apache.org Message-Id: X-Mailer: ASF-Git Admin Mailer Subject: git commit: [CXF-5653] Optional support for the same URI redirects Date: Wed, 26 Mar 2014 21:57:42 +0000 (UTC) Repository: cxf Updated Branches: refs/heads/2.7.x-fixes 889c2c359 -> df909075a [CXF-5653] Optional support for the same URI redirects Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/df909075 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/df909075 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/df909075 Branch: refs/heads/2.7.x-fixes Commit: df909075ac5cb11fe993e2a3799e3290dd68e668 Parents: 889c2c3 Author: Sergey Beryozkin Authored: Wed Mar 26 21:33:18 2014 +0000 Committer: Sergey Beryozkin Committed: Wed Mar 26 21:57:28 2014 +0000 ---------------------------------------------------------------------- .../apache/cxf/transport/http/HTTPConduit.java | 41 +++++++++++++++----- 1 file changed, 31 insertions(+), 10 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/df909075/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java ---------------------------------------------------------------------- diff --git a/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java b/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java index ab4cdb6..5a6c199 100644 --- a/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java +++ b/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java @@ -30,6 +30,7 @@ import java.net.MalformedURLException; import java.net.URI; import java.net.URISyntaxException; import java.util.Arrays; +import java.util.HashMap; import java.util.HashSet; import java.util.List; import java.util.Map; @@ -44,6 +45,7 @@ import javax.xml.namespace.QName; import org.apache.cxf.Bus; import org.apache.cxf.common.injection.NoJSR250Annotations; import org.apache.cxf.common.logging.LogUtils; +import org.apache.cxf.common.util.PropertyUtils; import org.apache.cxf.configuration.Configurable; import org.apache.cxf.configuration.jsse.TLSClientParameters; import org.apache.cxf.configuration.security.AuthorizationPolicy; @@ -51,6 +53,7 @@ import org.apache.cxf.configuration.security.CertificateConstraintsType; import org.apache.cxf.configuration.security.ProxyAuthorizationPolicy; import org.apache.cxf.endpoint.ClientCallback; import org.apache.cxf.endpoint.Endpoint; +import org.apache.cxf.helpers.CastUtils; import org.apache.cxf.helpers.HttpHeaderHelper; import org.apache.cxf.helpers.IOUtils; import org.apache.cxf.helpers.LoadingByteArrayOutputStream; @@ -168,6 +171,7 @@ public abstract class HTTPConduit private static final String AUTO_REDIRECT_ALLOW_REL_URI = "http.redirect.relative.uri"; private static final String MAX_AUTO_REDIRECT_COUNT = "max.http.redirect.count"; + private static final String AUTO_REDIRECT_MAX_SAME_URI_COUNT = "http.redirect.max.same.uri.count"; private static final String HTTP_POST_METHOD = "POST"; private static final String HTTP_PUT_METHOD = "PUT"; @@ -1786,10 +1790,9 @@ public abstract class HTTPConduit String lastURL, String newURL, Message message) throws IOException { - @SuppressWarnings("unchecked") - Set visitedURLs = (Set) message.get(KEY_VISITED_URLS); + Map visitedURLs = CastUtils.cast((Map)message.get(KEY_VISITED_URLS)); if (visitedURLs == null) { - visitedURLs = new HashSet(); + visitedURLs = new HashMap(); message.put(KEY_VISITED_URLS, visitedURLs); } else { Object maxCountProp = message.getContextualProperty(MAX_AUTO_REDIRECT_COUNT); @@ -1803,15 +1806,33 @@ public abstract class HTTPConduit } } } - visitedURLs.add(lastURL); - if (newURL != null && visitedURLs.contains(newURL)) { + Integer visitCount = visitedURLs.get(lastURL); + if (visitCount == null) { + visitCount = 1; + } else { + visitCount++; + } + visitedURLs.put(lastURL, visitCount); + + Integer newURLCount = visitedURLs.get(newURL); + if (newURL != null && newURLCount != null) { // See if we are being redirected in a loop as best we can, // using string equality on URL. - // We are in a redirect loop; -- bail - String msg = "Redirect loop detected on Conduit '" - + conduitName + "' on '" + newURL + "'"; - LOG.log(Level.INFO, msg); - throw new IOException(msg); + boolean invalidLoopDetected = newURL.equals(lastURL); + if (!invalidLoopDetected) { + // this URI was used sometime earlier + Integer maxSameURICount = PropertyUtils.getInteger(message, AUTO_REDIRECT_MAX_SAME_URI_COUNT); + if (maxSameURICount == null || newURLCount > maxSameURICount) { + invalidLoopDetected = true; + } + } + if (invalidLoopDetected) { + // We are in a redirect loop; -- bail + String msg = "Redirect loop detected on Conduit '" + + conduitName + "' on '" + newURL + "'"; + LOG.log(Level.INFO, msg); + throw new IOException(msg); + } } } private static void detectAuthorizationLoop(String conduitName, Message message,