io.undertow.servlet.spec.HttpServletResponseImpl Maven / Gradle / Ivy
/*
* JBoss, Home of Professional Open Source.
* Copyright 2012 Red Hat, Inc., and individual contributors
* as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package io.undertow.servlet.spec;
import java.io.IOException;
import java.io.PrintWriter;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.HashSet;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.SessionTrackingMode;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import io.undertow.server.HttpServerExchange;
import io.undertow.servlet.UndertowServletMessages;
import io.undertow.servlet.handlers.ServletRequestContext;
import io.undertow.util.CanonicalPathUtils;
import io.undertow.util.DateUtils;
import io.undertow.util.Headers;
import io.undertow.util.HttpString;
import io.undertow.util.RedirectBuilder;
import io.undertow.util.StatusCodes;
/**
* @author Stuart Douglas
*/
public final class HttpServletResponseImpl implements HttpServletResponse {
private final HttpServerExchange exchange;
private final ServletContextImpl originalServletContext;
private volatile ServletContextImpl servletContext;
private ServletOutputStreamImpl servletOutputStream;
private ResponseState responseState = ResponseState.NONE;
private PrintWriter writer;
private Integer bufferSize;
private long contentLength = -1;
private boolean insideInclude = false;
private Locale locale;
private boolean responseDone = false;
private boolean ignoredFlushPerformed = false;
private boolean charsetSet = false; //if a content type has been set either implicitly or implicitly
private String contentType;
private String charset;
public HttpServletResponseImpl(final HttpServerExchange exchange, final ServletContextImpl servletContext) {
this.exchange = exchange;
this.servletContext = servletContext;
this.originalServletContext = servletContext;
}
public HttpServerExchange getExchange() {
return exchange;
}
@Override
public void addCookie(final Cookie cookie) {
if (insideInclude) {
return;
}
final ServletCookieAdaptor servletCookieAdaptor = new ServletCookieAdaptor(cookie);
if (cookie.getVersion() == 0) {
servletCookieAdaptor.setVersion(servletContext.getDeployment().getDeploymentInfo().getDefaultCookieVersion());
}
exchange.setResponseCookie(servletCookieAdaptor);
}
@Override
public boolean containsHeader(final String name) {
return exchange.getResponseHeaders().contains(name);
}
@Override
public String encodeUrl(final String url) {
return encodeURL(url);
}
@Override
public String encodeRedirectUrl(final String url) {
return encodeRedirectURL(url);
}
@Override
public void sendError(final int sc, final String msg) throws IOException {
if (responseStarted()) {
throw UndertowServletMessages.MESSAGES.responseAlreadyCommited();
}
resetBuffer();
writer = null;
responseState = ResponseState.NONE;
exchange.setResponseCode(sc);
//todo: is this the best way to handle errors?
final String location = servletContext.getDeployment().getErrorPages().getErrorLocation(sc);
if (location != null) {
RequestDispatcherImpl requestDispatcher = new RequestDispatcherImpl(location, servletContext);
final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
try {
requestDispatcher.error(servletRequestContext.getServletRequest(), servletRequestContext.getServletResponse(), exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY).getCurrentServlet().getManagedServlet().getServletInfo().getName(), msg);
} catch (ServletException e) {
throw new RuntimeException(e);
}
} else if (msg != null) {
setContentType("text/html");
getWriter().write("Error " + msg + "");
getWriter().close();
}
responseDone();
}
@Override
public void sendError(final int sc) throws IOException {
sendError(sc, StatusCodes.getReason(sc));
}
@Override
public void sendRedirect(final String location) throws IOException {
if (responseStarted()) {
throw UndertowServletMessages.MESSAGES.responseAlreadyCommited();
}
resetBuffer();
setStatus(302);
String realPath;
if (location.contains("://")) {//absolute url
exchange.getResponseHeaders().put(Headers.LOCATION, location);
} else {
if (location.startsWith("/")) {
realPath = location;
} else {
String current = exchange.getRelativePath();
int lastSlash = current.lastIndexOf("/");
if (lastSlash != -1) {
current = current.substring(0, lastSlash + 1);
}
realPath = servletContext.getContextPath() + CanonicalPathUtils.canonicalize(current + location);
}
String loc = exchange.getRequestScheme() + "://" + exchange.getHostAndPort() + realPath;
exchange.getResponseHeaders().put(Headers.LOCATION, loc);
}
responseDone();
}
@Override
public void setDateHeader(final String name, final long date) {
setHeader(name, DateUtils.toDateString(new Date(date)));
}
@Override
public void addDateHeader(final String name, final long date) {
addHeader(name, DateUtils.toDateString(new Date(date)));
}
@Override
public void setHeader(final String name, final String value) {
setHeader(new HttpString(name), value);
}
public void setHeader(final HttpString name, final String value) {
if (insideInclude || ignoredFlushPerformed) {
return;
}
exchange.getResponseHeaders().put(name, value);
}
@Override
public void addHeader(final String name, final String value) {
addHeader(new HttpString(name), value);
}
public void addHeader(final HttpString name, final String value) {
if (insideInclude || ignoredFlushPerformed) {
return;
}
exchange.getResponseHeaders().add(name, value);
}
@Override
public void setIntHeader(final String name, final int value) {
setHeader(name, Integer.toString(value));
}
@Override
public void addIntHeader(final String name, final int value) {
addHeader(name, Integer.toString(value));
}
@Override
public void setStatus(final int sc) {
if (insideInclude) {
return;
}
if (responseStarted()) {
return;
}
exchange.setResponseCode(sc);
}
@Override
public void setStatus(final int sc, final String sm) {
if (insideInclude) {
return;
}
setStatus(sc);
}
@Override
public int getStatus() {
return exchange.getResponseCode();
}
@Override
public String getHeader(final String name) {
return exchange.getResponseHeaders().getFirst(name);
}
@Override
public Collection getHeaders(final String name) {
return new ArrayList(exchange.getResponseHeaders().get(name));
}
@Override
public Collection getHeaderNames() {
final Set headers = new HashSet();
for (final HttpString i : exchange.getResponseHeaders().getHeaderNames()) {
headers.add(i.toString());
}
return headers;
}
@Override
public String getCharacterEncoding() {
if (charset == null) {
return servletContext.getDeployment().getDeploymentInfo().getDefaultEncoding();
}
return charset;
}
@Override
public String getContentType() {
if (contentType != null) {
if (charsetSet) {
return contentType + ";charset=" + getCharacterEncoding();
} else {
return contentType;
}
}
return null;
}
@Override
public ServletOutputStream getOutputStream() {
if (responseState == ResponseState.WRITER) {
throw UndertowServletMessages.MESSAGES.getWriterAlreadyCalled();
}
responseState = ResponseState.STREAM;
createOutputStream();
return servletOutputStream;
}
@Override
public PrintWriter getWriter() throws IOException {
if (writer == null) {
if (!charsetSet) {
//servet 5.5
setCharacterEncoding(getCharacterEncoding());
}
if (responseState == ResponseState.STREAM) {
throw UndertowServletMessages.MESSAGES.getOutputStreamAlreadyCalled();
}
responseState = ResponseState.WRITER;
createOutputStream();
final ServletPrintWriter servletPrintWriter = new ServletPrintWriter(servletOutputStream, getCharacterEncoding());
writer = ServletPrintWriterDelegate.newInstance(servletPrintWriter);
}
return writer;
}
private void createOutputStream() {
if (servletOutputStream == null) {
if (bufferSize == null) {
servletOutputStream = new ServletOutputStreamImpl(contentLength, exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY));
} else {
servletOutputStream = new ServletOutputStreamImpl(contentLength, exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY), bufferSize);
}
}
}
@Override
public void setCharacterEncoding(final String charset) {
if (insideInclude || responseStarted() || writer != null || isCommitted()) {
return;
}
charsetSet = true;
this.charset = charset;
if (contentType != null) {
exchange.getResponseHeaders().put(Headers.CONTENT_TYPE, getContentType());
}
}
@Override
public void setContentLength(final int len) {
if (insideInclude || responseStarted()) {
return;
}
exchange.getResponseHeaders().put(Headers.CONTENT_LENGTH, Integer.toString(len));
this.contentLength = (long) len;
}
@Override
public void setContentLengthLong(final long len) {
if (insideInclude || responseStarted()) {
return;
}
exchange.getResponseHeaders().put(Headers.CONTENT_LENGTH, Long.toString(len));
this.contentLength = len;
}
boolean isIgnoredFlushPerformed() {
return ignoredFlushPerformed;
}
void setIgnoredFlushPerformed(boolean ignoredFlushPerformed) {
this.ignoredFlushPerformed = ignoredFlushPerformed;
}
private boolean responseStarted() {
return exchange.isResponseStarted() || ignoredFlushPerformed;
}
@Override
public void setContentType(final String type) {
if (insideInclude || responseStarted()) {
return;
}
contentType = type;
int split = type.indexOf(";");
if (split != -1) {
int pos = type.indexOf("charset=");
if (pos != -1) {
int i = pos + "charset=".length();
do {
char c = type.charAt(i);
if (c == ' ' || c == '\t' || c == ';') {
break;
}
++i;
} while (i < type.length());
if (writer == null && !isCommitted()) {
charsetSet = true;
//we only change the charset if the writer has not been retrieved yet
this.charset = type.substring(pos + "charset=".length(), i);
//it is valid for the charset to be enclosed in quotes
if (this.charset.startsWith("\"") && this.charset.endsWith("\"") && this.charset.length() > 1) {
this.charset = this.charset.substring(1, this.charset.length() - 1);
}
}
int charsetStart = pos;
while (type.charAt(--charsetStart) != ';' && charsetStart > 0) {
}
StringBuilder contentTypeBuilder = new StringBuilder();
contentTypeBuilder.append(type.substring(0, charsetStart));
if (i != type.length()) {
contentTypeBuilder.append(type.substring(i));
}
contentType = contentTypeBuilder.toString();
}
//strip any trailing semicolon
for (int i = contentType.length() - 1; i >= 0; --i) {
char c = contentType.charAt(i);
if (c == ' ' || c == '\t') {
continue;
}
if (c == ';') {
contentType = contentType.substring(0, i);
}
break;
}
}
exchange.getResponseHeaders().put(Headers.CONTENT_TYPE, getContentType());
}
@Override
public void setBufferSize(final int size) {
if (servletOutputStream != null) {
servletOutputStream.setBufferSize(size);
}
this.bufferSize = size;
}
@Override
public int getBufferSize() {
if (bufferSize == null) {
return exchange.getConnection().getBufferSize();
}
return bufferSize;
}
@Override
public void flushBuffer() throws IOException {
if (writer != null) {
writer.flush();
} else if (servletOutputStream != null) {
servletOutputStream.flush();
} else {
createOutputStream();
servletOutputStream.flush();
}
}
public void closeStreamAndWriter() throws IOException {
if (writer != null) {
if (!servletOutputStream.isClosed()) {
writer.flush();
}
writer.close();
} else {
if (servletOutputStream == null) {
createOutputStream();
}
//close also flushes
servletOutputStream.close();
}
}
@Override
public void resetBuffer() {
if (servletOutputStream != null) {
servletOutputStream.resetBuffer();
}
if (writer != null) {
writer = new PrintWriter(servletOutputStream, false);
}
}
@Override
public boolean isCommitted() {
return responseStarted();
}
@Override
public void reset() {
if (servletOutputStream != null) {
servletOutputStream.resetBuffer();
}
writer = null;
responseState = ResponseState.NONE;
exchange.getResponseHeaders().clear();
exchange.setResponseCode(200);
}
@Override
public void setLocale(final Locale loc) {
if (insideInclude || responseStarted()) {
return;
}
this.locale = loc;
exchange.getResponseHeaders().put(Headers.CONTENT_LANGUAGE, loc.getLanguage() + "-" + loc.getCountry());
if (!charsetSet && writer == null) {
final Map localeCharsetMapping = servletContext.getDeployment().getDeploymentInfo().getLocaleCharsetMapping();
// Match full language_country_variant first, then language_country,
// then language only
String charset = localeCharsetMapping.get(locale.toString());
if (charset == null) {
charset = localeCharsetMapping.get(locale.getLanguage() + "_"
+ locale.getCountry());
if (charset == null) {
charset = localeCharsetMapping.get(locale.getLanguage());
}
}
if (charset != null) {
this.charset = charset;
if (contentType != null) {
exchange.getResponseHeaders().put(Headers.CONTENT_TYPE, getContentType());
}
}
}
}
@Override
public Locale getLocale() {
if (locale != null) {
return locale;
}
return Locale.getDefault();
}
public void responseDone() {
if (responseDone) {
return;
}
servletContext.updateSessionAccessTime(exchange);
responseDone = true;
try {
closeStreamAndWriter();
} catch (IOException e) {
throw new RuntimeException(e);
}
}
public boolean isInsideInclude() {
return insideInclude;
}
public void setInsideInclude(final boolean insideInclude) {
this.insideInclude = insideInclude;
}
public void setServletContext(final ServletContextImpl servletContext) {
this.servletContext = servletContext;
}
public ServletContextImpl getServletContext() {
return servletContext;
}
public String encodeURL(String url) {
String absolute = toAbsolute(url);
if (isEncodeable(absolute)) {
// W3c spec clearly said
if (url.equalsIgnoreCase("")) {
url = absolute;
}
return originalServletContext.getSessionConfig().rewriteUrl(url, servletContext.getSession(originalServletContext.getSessionConfig(), exchange, true).getId());
} else {
return (url);
}
}
/**
* Encode the session identifier associated with this response
* into the specified redirect URL, if necessary.
*
* @param url URL to be encoded
*/
public String encodeRedirectURL(String url) {
if (isEncodeable(toAbsolute(url))) {
return originalServletContext.getSessionConfig().rewriteUrl(url, servletContext.getSession(originalServletContext.getSessionConfig(), exchange, true).getId());
} else {
return (url);
}
}
/**
* Convert (if necessary) and return the absolute URL that represents the
* resource referenced by this possibly relative URL. If this URL is
* already absolute, return it unchanged.
*
* @param location URL to be (possibly) converted and then returned
* @throws IllegalArgumentException if a MalformedURLException is
* thrown when converting the relative URL to an absolute one
*/
private String toAbsolute(String location) {
if (location == null) {
return location;
}
boolean leadingSlash = location.startsWith("/");
if (leadingSlash || !hasScheme(location)) {
return RedirectBuilder.redirect(exchange, location, false);
} else {
return location;
}
}
/**
* Determine if a URI string has a scheme component.
*/
private boolean hasScheme(String uri) {
int len = uri.length();
for (int i = 0; i < len; i++) {
char c = uri.charAt(i);
if (c == ':') {
return i > 0;
} else if (!Character.isLetterOrDigit(c) &&
(c != '+' && c != '-' && c != '.')) {
return false;
}
}
return false;
}
/**
* Return true if the specified URL should be encoded with
* a session identifier. This will be true if all of the following
* conditions are met:
*
* - The request we are responding to asked for a valid session
*
- The requested session ID was not received via a cookie
*
- The specified URL points back to somewhere within the web
* application that is responding to this request
*
*
* @param location Absolute URL to be validated
*/
protected boolean isEncodeable(final String location) {
if (location == null)
return (false);
// Is this an intra-document reference?
if (location.startsWith("#"))
return (false);
// Are we in a valid session that is not using cookies?
final HttpServletRequestImpl hreq = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY).getOriginalRequest();
// Is URL encoding permitted
if (!originalServletContext.getEffectiveSessionTrackingModes().contains(SessionTrackingMode.URL)) {
return false;
}
final HttpSession session = hreq.getSession(false);
if (session == null)
return (false);
if (hreq.isRequestedSessionIdFromCookie())
return (false);
return doIsEncodeable(hreq, session, location);
}
private boolean doIsEncodeable(HttpServletRequestImpl hreq, HttpSession session,
String location) {
// Is this a valid absolute URL?
URL url = null;
try {
url = new URL(location);
} catch (MalformedURLException e) {
return false;
}
// Does this URL match down to (and including) the context path?
if (!hreq.getScheme().equalsIgnoreCase(url.getProtocol())) {
return false;
}
if (!hreq.getServerName().equalsIgnoreCase(url.getHost())) {
return false;
}
int serverPort = hreq.getServerPort();
if (serverPort == -1) {
if ("https".equals(hreq.getScheme())) {
serverPort = 443;
} else {
serverPort = 80;
}
}
int urlPort = url.getPort();
if (urlPort == -1) {
if ("https".equals(url.getProtocol())) {
urlPort = 443;
} else {
urlPort = 80;
}
}
if (serverPort != urlPort) {
return false;
}
String file = url.getFile();
if (file == null) {
return false;
}
String tok = originalServletContext.getSessionCookieConfig().getName() + "=" + session.getId();
if (file.indexOf(tok) >= 0) {
return false;
}
// This URL belongs to our web application, so it is encodeable
return true;
}
public static enum ResponseState {
NONE,
STREAM,
WRITER
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy