cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: [CXF-7114] Blocking HTTP TRACE in the embedded Jetty handler, patch from Joe Luo applied
Date Thu, 03 Nov 2016 16:29:34 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes 2d86f9012 -> 99f7aacbb


[CXF-7114] Blocking HTTP TRACE in the embedded Jetty handler, patch from Joe Luo applied


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/99f7aacb
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/99f7aacb
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/99f7aacb

Branch: refs/heads/3.0.x-fixes
Commit: 99f7aacbb9c68c33b3e6be7ca7a34c7b1b8feff8
Parents: 2d86f90
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Thu Nov 3 16:29:01 2016 +0000
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Thu Nov 3 16:29:01 2016 +0000

----------------------------------------------------------------------
 .../transport/http_jetty/JettyHTTPHandler.java   | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/99f7aacb/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPHandler.java
----------------------------------------------------------------------
diff --git a/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPHandler.java
b/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPHandler.java
index 9904a33..a834734 100644
--- a/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPHandler.java
+++ b/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPHandler.java
@@ -31,6 +31,8 @@ import org.eclipse.jetty.server.Request;
 import org.eclipse.jetty.server.handler.AbstractHandler;
 
 public class JettyHTTPHandler extends AbstractHandler {
+    private static final String METHOD_TRACE = "TRACE";
+
     protected JettyHTTPDestination jettyHTTPDestination;
     protected ServletContext servletContext;
     private String urlName;
@@ -61,13 +63,18 @@ public class JettyHTTPHandler extends AbstractHandler {
 
     public void handle(String target, Request baseRequest, HttpServletRequest request,
                        HttpServletResponse response) throws IOException, ServletException
{
-        if (contextMatchExact) {
-            if (target.equals(urlName)) {
-                jettyHTTPDestination.doService(servletContext, request, response);
-            }
+        if (request.getMethod().equals(METHOD_TRACE)) {
+            baseRequest.setHandled(true);
+            response.setStatus(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
         } else {
-            if (target.equals(urlName) || HttpUrlUtil.checkContextPath(urlName, target))
{
-                jettyHTTPDestination.doService(servletContext, request, response);
+            if (contextMatchExact) {
+                if (target.equals(urlName)) {
+                    jettyHTTPDestination.doService(servletContext, request, response);
+                }
+            } else {
+                if (target.equals(urlName) || HttpUrlUtil.checkContextPath(urlName, target))
{
+                    jettyHTTPDestination.doService(servletContext, request, response);
+                }
             }
         }
         


Mime
View raw message