org.apache.catalina.connector.Response Maven / Gradle / Ivy
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.catalina.connector;
import java.io.IOException;
import java.io.PrintWriter;
import java.io.UnsupportedEncodingException;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.nio.charset.Charset;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Enumeration;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import java.util.function.Supplier;
import javax.servlet.ServletOutputStream;
import javax.servlet.ServletResponse;
import javax.servlet.SessionTrackingMode;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import org.apache.catalina.Context;
import org.apache.catalina.Session;
import org.apache.catalina.security.SecurityUtil;
import org.apache.catalina.util.SessionConfig;
import org.apache.coyote.ActionCode;
import org.apache.coyote.ContinueResponseTiming;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.util.buf.CharChunk;
import org.apache.tomcat.util.buf.UEncoder;
import org.apache.tomcat.util.buf.UEncoder.SafeCharsSet;
import org.apache.tomcat.util.buf.UriUtil;
import org.apache.tomcat.util.http.FastHttpDateFormat;
import org.apache.tomcat.util.http.MimeHeaders;
import org.apache.tomcat.util.http.parser.MediaTypeCache;
import org.apache.tomcat.util.res.StringManager;
import org.apache.tomcat.util.security.Escape;
/**
* Wrapper object for the Coyote response.
*
* @author Remy Maucherat
* @author Craig R. McClanahan
*/
public class Response implements HttpServletResponse {
private static final Log log = LogFactory.getLog(Response.class);
protected static final StringManager sm = StringManager.getManager(Response.class);
private static final MediaTypeCache MEDIA_TYPE_CACHE = new MediaTypeCache(100);
/**
* Compliance with SRV.15.2.22.1. A call to Response.getWriter() if no character encoding has been specified will
* result in subsequent calls to Response.getCharacterEncoding() returning ISO-8859-1 and the Content-Type response
* header will include a charset=ISO-8859-1 component.
*/
private static final boolean ENFORCE_ENCODING_IN_GET_WRITER;
static {
ENFORCE_ENCODING_IN_GET_WRITER = Boolean.parseBoolean(
System.getProperty("org.apache.catalina.connector.Response.ENFORCE_ENCODING_IN_GET_WRITER", "true"));
}
// ----------------------------------------------------- Instance Variables
/**
* The date format we will use for creating date headers.
*
* @deprecated Unused. This will be removed in Tomcat 10
*/
@Deprecated
protected SimpleDateFormat format = null;
public Response() {
this(OutputBuffer.DEFAULT_BUFFER_SIZE);
}
public Response(int outputBufferSize) {
outputBuffer = new OutputBuffer(outputBufferSize);
}
// ------------------------------------------------------------- Properties
/**
* Coyote response.
*/
protected org.apache.coyote.Response coyoteResponse;
/**
* Set the Coyote response.
*
* @param coyoteResponse The Coyote response
*/
public void setCoyoteResponse(org.apache.coyote.Response coyoteResponse) {
this.coyoteResponse = coyoteResponse;
outputBuffer.setResponse(coyoteResponse);
}
/**
* @return the Coyote response.
*/
public org.apache.coyote.Response getCoyoteResponse() {
return this.coyoteResponse;
}
/**
* @return the Context within which this Request is being processed.
*/
public Context getContext() {
return request.getContext();
}
/**
* The associated output buffer.
*/
protected final OutputBuffer outputBuffer;
/**
* The associated output stream.
*/
protected CoyoteOutputStream outputStream;
/**
* The associated writer.
*/
protected CoyoteWriter writer;
/**
* The application commit flag.
*/
protected boolean appCommitted = false;
/**
* The included flag.
*/
protected boolean included = false;
/**
* The characterEncoding flag
*/
private boolean isCharacterEncodingSet = false;
/**
* Using output stream flag.
*/
protected boolean usingOutputStream = false;
/**
* Using writer flag.
*/
protected boolean usingWriter = false;
/**
* URL encoder.
*/
protected final UEncoder urlEncoder = new UEncoder(SafeCharsSet.WITH_SLASH);
/**
* Recyclable buffer to hold the redirect URL.
*/
protected final CharChunk redirectURLCC = new CharChunk();
/*
* Not strictly required but it makes generating HTTP/2 push requests a lot easier if these are retained until the
* response is recycled.
*/
private final List cookies = new ArrayList<>();
private HttpServletResponse applicationResponse = null;
// --------------------------------------------------------- Public Methods
/**
* Release all object references, and initialize instance variables, in preparation for reuse of this object.
*/
public void recycle() {
cookies.clear();
outputBuffer.recycle();
usingOutputStream = false;
usingWriter = false;
appCommitted = false;
included = false;
isCharacterEncodingSet = false;
applicationResponse = null;
if (getRequest().getDiscardFacades()) {
if (facade != null) {
facade.clear();
facade = null;
}
if (outputStream != null) {
outputStream.clear();
outputStream = null;
}
if (writer != null) {
writer.clear();
writer = null;
}
} else if (writer != null) {
writer.recycle();
}
}
public List getCookies() {
return cookies;
}
// ------------------------------------------------------- Response Methods
/**
* @return the number of bytes the application has actually written to the output stream. This excludes chunking,
* compression, etc. as well as headers.
*/
public long getContentWritten() {
return outputBuffer.getContentWritten();
}
/**
* @return the number of bytes the actually written to the socket. This includes chunking, compression, etc. but
* excludes headers.
*
* @param flush if true
will perform a buffer flush first
*/
public long getBytesWritten(boolean flush) {
if (flush) {
try {
outputBuffer.flush();
} catch (IOException ioe) {
// Ignore - the client has probably closed the connection
}
}
return getCoyoteResponse().getBytesWritten(flush);
}
/**
* Set the application commit flag.
*
* @param appCommitted The new application committed flag value
*/
public void setAppCommitted(boolean appCommitted) {
this.appCommitted = appCommitted;
}
/**
* Application commit flag accessor.
*
* @return true
if the application has committed the response
*/
public boolean isAppCommitted() {
return this.appCommitted || isCommitted() || isSuspended() ||
((getContentLength() > 0) && (getContentWritten() >= getContentLength()));
}
/**
* The request with which this response is associated.
*/
protected Request request = null;
/**
* @return the Request with which this Response is associated.
*/
public Request getRequest() {
return this.request;
}
/**
* Set the Request with which this Response is associated.
*
* @param request The new associated request
*/
public void setRequest(Request request) {
this.request = request;
}
/**
* The facade associated with this response.
*/
protected ResponseFacade facade = null;
/**
* @return the ServletResponse
for which this object is the facade.
*/
public HttpServletResponse getResponse() {
if (facade == null) {
facade = new ResponseFacade(this);
}
if (applicationResponse == null) {
applicationResponse = facade;
}
return applicationResponse;
}
/**
* Set a wrapped HttpServletResponse to pass to the application. Components wishing to wrap the response should
* obtain the response via {@link #getResponse()}, wrap it and then call this method with the wrapped response.
*
* @param applicationResponse The wrapped response to pass to the application
*/
public void setResponse(HttpServletResponse applicationResponse) {
// Check the wrapper wraps this request
ServletResponse r = applicationResponse;
while (r instanceof HttpServletResponseWrapper) {
r = ((HttpServletResponseWrapper) r).getResponse();
}
if (r != facade) {
throw new IllegalArgumentException(sm.getString("response.illegalWrap"));
}
this.applicationResponse = applicationResponse;
}
/**
* Set the suspended flag.
*
* @param suspended The new suspended flag value
*/
public void setSuspended(boolean suspended) {
outputBuffer.setSuspended(suspended);
}
/**
* Suspended flag accessor.
*
* @return true
if the response is suspended
*/
public boolean isSuspended() {
return outputBuffer.isSuspended();
}
/**
* Closed flag accessor.
*
* @return true
if the response has been closed
*/
public boolean isClosed() {
return outputBuffer.isClosed();
}
/**
* Set the error flag.
*
* @return false
if the error flag was already set
*
* @deprecated This method will be changed to return void in Tomcat 11 onwards
*/
@Deprecated
public boolean setError() {
return getCoyoteResponse().setError();
}
/**
* Error flag accessor.
*
* @return true
if the response has encountered an error
*/
public boolean isError() {
return getCoyoteResponse().isError();
}
public boolean isErrorReportRequired() {
return getCoyoteResponse().isErrorReportRequired();
}
public boolean setErrorReported() {
return getCoyoteResponse().setErrorReported();
}
public void resetError() {
getCoyoteResponse().resetError();
}
/**
* Perform whatever actions are required to flush and close the output stream or writer, in a single operation.
*
* @exception IOException if an input/output error occurs
*/
public void finishResponse() throws IOException {
// Writing leftover bytes
outputBuffer.close();
}
/**
* @return the content length that was set or calculated for this Response.
*/
public int getContentLength() {
return getCoyoteResponse().getContentLength();
}
@Override
public String getContentType() {
return getCoyoteResponse().getContentType();
}
/**
* Return a PrintWriter that can be used to render error messages, regardless of whether a stream or writer has
* already been acquired.
*
* @return Writer which can be used for error reports. If the response is not an error report returned using
* sendError or triggered by an unexpected exception thrown during the servlet processing (and only in
* that case), null will be returned if the response stream has already been used.
*
* @exception IOException if an input/output error occurs
*/
public PrintWriter getReporter() throws IOException {
if (outputBuffer.isNew()) {
outputBuffer.checkConverter();
if (writer == null) {
writer = new CoyoteWriter(outputBuffer);
}
return writer;
} else {
return null;
}
}
// ------------------------------------------------ ServletResponse Methods
@Override
public void flushBuffer() throws IOException {
outputBuffer.flush();
}
@Override
public int getBufferSize() {
return outputBuffer.getBufferSize();
}
@Override
public String getCharacterEncoding() {
String charset = getCoyoteResponse().getCharacterEncoding();
if (charset != null) {
return charset;
}
Context context = getContext();
String result = null;
if (context != null) {
result = context.getResponseCharacterEncoding();
}
if (result == null) {
result = org.apache.coyote.Constants.DEFAULT_BODY_CHARSET.name();
}
return result;
}
@Override
public ServletOutputStream getOutputStream() throws IOException {
if (usingWriter) {
throw new IllegalStateException(sm.getString("coyoteResponse.getOutputStream.ise"));
}
usingOutputStream = true;
if (outputStream == null) {
outputStream = new CoyoteOutputStream(outputBuffer);
}
return outputStream;
}
@Override
public Locale getLocale() {
return getCoyoteResponse().getLocale();
}
@Override
public PrintWriter getWriter() throws IOException {
if (usingOutputStream) {
throw new IllegalStateException(sm.getString("coyoteResponse.getWriter.ise"));
}
if (ENFORCE_ENCODING_IN_GET_WRITER) {
/*
* If the response's character encoding has not been specified as described in
* getCharacterEncoding
(i.e., the method just returns the default value
* ISO-8859-1
), getWriter
updates it to ISO-8859-1
(with the effect
* that a subsequent call to getContentType() will include a charset=ISO-8859-1 component which will also be
* reflected in the Content-Type response header, thereby satisfying the Servlet spec requirement that
* containers must communicate the character encoding used for the servlet response's writer to the client).
*/
setCharacterEncoding(getCharacterEncoding());
}
usingWriter = true;
outputBuffer.checkConverter();
if (writer == null) {
writer = new CoyoteWriter(outputBuffer);
}
return writer;
}
@Override
public boolean isCommitted() {
return getCoyoteResponse().isCommitted();
}
@Override
public void reset() {
// Ignore any call from an included servlet
if (included) {
return;
}
getCoyoteResponse().reset();
outputBuffer.reset();
usingOutputStream = false;
usingWriter = false;
isCharacterEncodingSet = false;
}
@Override
public void resetBuffer() {
resetBuffer(false);
}
/**
* Reset the data buffer and the using Writer/Stream flags but not any status or header information.
*
* @param resetWriterStreamFlags true
if the internal usingWriter
,
* usingOutputStream
, isCharacterEncodingSet
flags
* should also be reset
*
* @exception IllegalStateException if the response has already been committed
*/
public void resetBuffer(boolean resetWriterStreamFlags) {
if (isCommitted()) {
throw new IllegalStateException(sm.getString("coyoteResponse.resetBuffer.ise"));
}
outputBuffer.reset(resetWriterStreamFlags);
if (resetWriterStreamFlags) {
usingOutputStream = false;
usingWriter = false;
isCharacterEncodingSet = false;
}
}
@Override
public void setBufferSize(int size) {
if (isCommitted() || !outputBuffer.isNew()) {
throw new IllegalStateException(sm.getString("coyoteResponse.setBufferSize.ise"));
}
outputBuffer.setBufferSize(size);
}
@Override
public void setContentLength(int length) {
setContentLengthLong(length);
}
@Override
public void setContentLengthLong(long length) {
if (isCommitted()) {
return;
}
// Ignore any call from an included servlet
if (included) {
return;
}
getCoyoteResponse().setContentLength(length);
}
@Override
public void setContentType(String type) {
if (isCommitted()) {
return;
}
// Ignore any call from an included servlet
if (included) {
return;
}
if (type == null) {
getCoyoteResponse().setContentType(null);
try {
getCoyoteResponse().setCharacterEncoding(null);
} catch (UnsupportedEncodingException e) {
// Can never happen when calling with null
}
isCharacterEncodingSet = false;
return;
}
String[] m = MEDIA_TYPE_CACHE.parse(type);
if (m == null) {
// Invalid - Assume no charset and just pass through whatever
// the user provided.
getCoyoteResponse().setContentTypeNoCharset(type);
return;
}
if (m[1] == null) {
// No charset and we know value is valid as cache lookup was
// successful
// Pass-through user provided value in case user-agent is buggy and
// requires specific format
getCoyoteResponse().setContentTypeNoCharset(type);
} else {
// There is a charset so have to rebuild content-type without it
getCoyoteResponse().setContentTypeNoCharset(m[0]);
// Ignore charset if getWriter() has already been called
if (!usingWriter) {
try {
getCoyoteResponse().setCharacterEncoding(m[1]);
} catch (UnsupportedEncodingException e) {
log.warn(sm.getString("coyoteResponse.encoding.invalid", m[1]), e);
}
isCharacterEncodingSet = true;
}
}
}
@Override
public void setCharacterEncoding(String encoding) {
if (isCommitted()) {
return;
}
// Ignore any call from an included servlet
if (included) {
return;
}
// Ignore any call made after the getWriter has been invoked
// The default should be used
if (usingWriter) {
return;
}
try {
getCoyoteResponse().setCharacterEncoding(encoding);
} catch (UnsupportedEncodingException e) {
log.warn(sm.getString("coyoteResponse.encoding.invalid", encoding), e);
return;
}
if (encoding == null) {
isCharacterEncodingSet = false;
} else {
isCharacterEncodingSet = true;
}
}
@Override
public void setLocale(Locale locale) {
if (isCommitted()) {
return;
}
// Ignore any call from an included servlet
if (included) {
return;
}
getCoyoteResponse().setLocale(locale);
// Ignore any call made after the getWriter has been invoked.
// The default should be used
if (usingWriter) {
return;
}
if (isCharacterEncodingSet) {
return;
}
if (locale == null) {
try {
getCoyoteResponse().setCharacterEncoding(null);
} catch (UnsupportedEncodingException e) {
// Impossible when calling with null
}
} else {
// In some error handling scenarios, the context is unknown
// (e.g. a 404 when a ROOT context is not present)
Context context = getContext();
if (context != null) {
String charset = context.getCharset(locale);
if (charset != null) {
try {
getCoyoteResponse().setCharacterEncoding(charset);
} catch (UnsupportedEncodingException e) {
log.warn(sm.getString("coyoteResponse.encoding.invalid", charset), e);
}
}
}
}
}
// --------------------------------------------------- HttpResponse Methods
@Override
public String getHeader(String name) {
return getCoyoteResponse().getMimeHeaders().getHeader(name);
}
@Override
public Collection getHeaderNames() {
MimeHeaders headers = getCoyoteResponse().getMimeHeaders();
int n = headers.size();
List result = new ArrayList<>(n);
for (int i = 0; i < n; i++) {
result.add(headers.getName(i).toString());
}
return result;
}
@Override
public Collection getHeaders(String name) {
Enumeration enumeration = getCoyoteResponse().getMimeHeaders().values(name);
Set result = new LinkedHashSet<>();
while (enumeration.hasMoreElements()) {
result.add(enumeration.nextElement());
}
return result;
}
/**
* @return the error message that was set with sendError()
for this Response.
*/
public String getMessage() {
return getCoyoteResponse().getMessage();
}
@Override
public int getStatus() {
return getCoyoteResponse().getStatus();
}
// -------------------------------------------- HttpServletResponse Methods
/**
* Add the specified Cookie to those that will be included with this Response.
*
* @param cookie Cookie to be added
*/
@Override
public void addCookie(final Cookie cookie) {
// Ignore any call from an included servlet
if (included || isCommitted()) {
return;
}
cookies.add(cookie);
String header = generateCookieString(cookie);
// if we reached here, no exception, cookie is valid
// the header name is Set-Cookie for both "old" and v.1 ( RFC2109 )
// RFC2965 is not supported by browsers and the Servlet spec
// asks for 2109.
addHeader("Set-Cookie", header, getContext().getCookieProcessor().getCharset());
}
/**
* Special method for adding a session cookie as we should be overriding any previous.
*
* @param cookie The new session cookie to add the response
*/
public void addSessionCookieInternal(final Cookie cookie) {
if (isCommitted()) {
return;
}
String name = cookie.getName();
final String headername = "Set-Cookie";
final String startsWith = name + "=";
String header = generateCookieString(cookie);
boolean set = false;
MimeHeaders headers = getCoyoteResponse().getMimeHeaders();
int n = headers.size();
for (int i = 0; i < n; i++) {
if (headers.getName(i).toString().equals(headername)) {
if (headers.getValue(i).toString().startsWith(startsWith)) {
headers.getValue(i).setString(header);
set = true;
}
}
}
if (!set) {
addHeader(headername, header);
}
}
public String generateCookieString(final Cookie cookie) {
// Web application code can receive a IllegalArgumentException
// from the generateHeader() invocation
if (SecurityUtil.isPackageProtectionEnabled()) {
return AccessController
.doPrivileged(new PrivilegedGenerateCookieString(getContext(), cookie, request.getRequest()));
} else {
return getContext().getCookieProcessor().generateHeader(cookie, request.getRequest());
}
}
@Override
public void addDateHeader(String name, long value) {
if (name == null || name.length() == 0) {
return;
}
if (isCommitted()) {
return;
}
// Ignore any call from an included servlet
if (included) {
return;
}
addHeader(name, FastHttpDateFormat.formatDate(value));
}
@Override
public void addHeader(String name, String value) {
addHeader(name, value, null);
}
private void addHeader(String name, String value, Charset charset) {
if (name == null || name.length() == 0 || value == null) {
return;
}
if (isCommitted()) {
return;
}
// Ignore any call from an included servlet
if (included) {
return;
}
char cc = name.charAt(0);
if (cc == 'C' || cc == 'c') {
if (checkSpecialHeader(name, value)) {
return;
}
}
getCoyoteResponse().addHeader(name, value, charset);
}
/**
* An extended version of this exists in {@link org.apache.coyote.Response}. This check is required here to ensure
* that the usingWriter check in {@link #setContentType(String)} is applied since usingWriter is not visible to
* {@link org.apache.coyote.Response} Called from set/addHeader.
*
* @return true
if the header is special, no need to set the header.
*/
private boolean checkSpecialHeader(String name, String value) {
if (name.equalsIgnoreCase("Content-Type")) {
setContentType(value);
return true;
}
return false;
}
@Override
public void addIntHeader(String name, int value) {
if (name == null || name.length() == 0) {
return;
}
if (isCommitted()) {
return;
}
// Ignore any call from an included servlet
if (included) {
return;
}
addHeader(name, "" + value);
}
@Override
public boolean containsHeader(String name) {
// Need special handling for Content-Type and Content-Length due to
// special handling of these in coyoteResponse
char cc = name.charAt(0);
if (cc == 'C' || cc == 'c') {
if (name.equalsIgnoreCase("Content-Type")) {
// Will return null if this has not been set
return (getCoyoteResponse().getContentType() != null);
}
if (name.equalsIgnoreCase("Content-Length")) {
// -1 means not known and is not sent to client
return (getCoyoteResponse().getContentLengthLong() != -1);
}
}
return getCoyoteResponse().containsHeader(name);
}
@Override
public void setTrailerFields(Supplier
© 2015 - 2025 Weber Informatics LLC | Privacy Policy