org.eclipse.jetty.server.HttpConfiguration Maven / Gradle / Ivy
Show all versions of jetty-server Show documentation
//
// ========================================================================
// Copyright (c) 1995-2019 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package org.eclipse.jetty.server;
import java.io.IOException;
import java.util.List;
import java.util.Set;
import java.util.concurrent.CopyOnWriteArrayList;
import org.eclipse.jetty.http.CookieCompliance;
import org.eclipse.jetty.http.HttpCompliance;
import org.eclipse.jetty.http.HttpMethod;
import org.eclipse.jetty.http.HttpScheme;
import org.eclipse.jetty.util.Jetty;
import org.eclipse.jetty.util.TreeTrie;
import org.eclipse.jetty.util.Trie;
import org.eclipse.jetty.util.annotation.ManagedAttribute;
import org.eclipse.jetty.util.annotation.ManagedObject;
import org.eclipse.jetty.util.component.Dumpable;
import org.eclipse.jetty.util.component.DumpableCollection;
import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.util.log.Logger;
/**
* HTTP Configuration.
* This class is a holder of HTTP configuration for use by the
* {@link HttpChannel} class. Typically a HTTPConfiguration instance
* is instantiated and passed to a {@link ConnectionFactory} that can
* create HTTP channels (e.g. HTTP, AJP or FCGI).
* The configuration held by this class is not for the wire protocol,
* but for the interpretation and handling of HTTP requests that could
* be transported by a variety of protocols.
*
*/
@ManagedObject("HTTP Configuration")
public class HttpConfiguration implements Dumpable
{
private static final Logger LOG = Log.getLogger(HttpConfiguration.class);
public static final String SERVER_VERSION = "Jetty(" + Jetty.VERSION + ")";
private final List _customizers = new CopyOnWriteArrayList<>();
private final Trie _formEncodedMethods = new TreeTrie<>();
private int _outputBufferSize = 32 * 1024;
private int _outputAggregationSize = _outputBufferSize / 4;
private int _requestHeaderSize = 8 * 1024;
private int _responseHeaderSize = 8 * 1024;
private int _headerCacheSize = 4 * 1024;
private boolean _headerCacheCaseSensitive = false;
private int _securePort;
private long _idleTimeout = -1;
private String _secureScheme = HttpScheme.HTTPS.asString();
private boolean _sendServerVersion = true;
private boolean _sendXPoweredBy = false;
private boolean _sendDateHeader = true;
private boolean _delayDispatchUntilContent = true;
private boolean _persistentConnectionsEnabled = true;
private int _maxErrorDispatches = 10;
private boolean _useDirectByteBuffers = false;
private long _minRequestDataRate;
private long _minResponseDataRate;
private HttpCompliance _httpCompliance = HttpCompliance.RFC7230;
private CookieCompliance _requestCookieCompliance = CookieCompliance.RFC6265;
private CookieCompliance _responseCookieCompliance = CookieCompliance.RFC6265;
private boolean _notifyRemoteAsyncErrors = true;
/**
* An interface that allows a request object to be customized
* for a particular HTTP connector configuration. Unlike Filters, customizer are
* applied before the request is submitted for processing and can be specific to the
* connector on which the request was received.
*
* Typically Customizers perform tasks such as:
*
* - process header fields that may be injected by a proxy or load balancer.
*
- setup attributes that may come from the connection/connector such as SSL Session IDs
*
- Allow a request to be marked as secure or authenticated if those have been offloaded
* and communicated by header, cookie or other out-of-band mechanism
*
- Set request attributes/fields that are determined by the connector on which the
* request was received
*
*/
public interface Customizer
{
public void customize(Connector connector, HttpConfiguration channelConfig, Request request);
}
public interface ConnectionFactory
{
HttpConfiguration getHttpConfiguration();
}
public HttpConfiguration()
{
_formEncodedMethods.put(HttpMethod.POST.asString(), Boolean.TRUE);
_formEncodedMethods.put(HttpMethod.PUT.asString(), Boolean.TRUE);
}
/**
* Creates a configuration from another.
*
* @param config The configuration to copy.
*/
public HttpConfiguration(HttpConfiguration config)
{
_customizers.addAll(config._customizers);
for (String s : config._formEncodedMethods.keySet())
{
_formEncodedMethods.put(s, Boolean.TRUE);
}
_outputBufferSize = config._outputBufferSize;
_outputAggregationSize = config._outputAggregationSize;
_requestHeaderSize = config._requestHeaderSize;
_responseHeaderSize = config._responseHeaderSize;
_headerCacheSize = config._headerCacheSize;
_secureScheme = config._secureScheme;
_securePort = config._securePort;
_idleTimeout = config._idleTimeout;
_sendDateHeader = config._sendDateHeader;
_sendServerVersion = config._sendServerVersion;
_sendXPoweredBy = config._sendXPoweredBy;
_delayDispatchUntilContent = config._delayDispatchUntilContent;
_persistentConnectionsEnabled = config._persistentConnectionsEnabled;
_maxErrorDispatches = config._maxErrorDispatches;
_useDirectByteBuffers = config._useDirectByteBuffers;
_minRequestDataRate = config._minRequestDataRate;
_minResponseDataRate = config._minResponseDataRate;
_requestCookieCompliance = config._requestCookieCompliance;
_responseCookieCompliance = config._responseCookieCompliance;
_notifyRemoteAsyncErrors = config._notifyRemoteAsyncErrors;
}
/**
* Adds a {@link Customizer} that is invoked for every
* request received.
* Customizers are often used to interpret optional headers (eg {@link ForwardedRequestCustomizer}) or
* optional protocol semantics (eg {@link SecureRequestCustomizer}).
*
* @param customizer A request customizer
*/
public void addCustomizer(Customizer customizer)
{
_customizers.add(customizer);
}
public List getCustomizers()
{
return _customizers;
}
public T getCustomizer(Class type)
{
for (Customizer c : _customizers)
{
if (type.isAssignableFrom(c.getClass()))
return (T)c;
}
return null;
}
@ManagedAttribute("The size in bytes of the output buffer used to aggregate HTTP output")
public int getOutputBufferSize()
{
return _outputBufferSize;
}
@ManagedAttribute("The maximum size in bytes for HTTP output to be aggregated")
public int getOutputAggregationSize()
{
return _outputAggregationSize;
}
@ManagedAttribute("The maximum allowed size in bytes for a HTTP request header")
public int getRequestHeaderSize()
{
return _requestHeaderSize;
}
@ManagedAttribute("The maximum allowed size in bytes for a HTTP response header")
public int getResponseHeaderSize()
{
return _responseHeaderSize;
}
@ManagedAttribute("The maximum allowed size in bytes for a HTTP header field cache")
public int getHeaderCacheSize()
{
return _headerCacheSize;
}
@ManagedAttribute("True if the header field cache is case sensitive")
public boolean isHeaderCacheCaseSensitive()
{
return _headerCacheCaseSensitive;
}
@ManagedAttribute("The port to which Integral or Confidential security constraints are redirected")
public int getSecurePort()
{
return _securePort;
}
@ManagedAttribute("The scheme with which Integral or Confidential security constraints are redirected")
public String getSecureScheme()
{
return _secureScheme;
}
@ManagedAttribute("Whether persistent connections are enabled")
public boolean isPersistentConnectionsEnabled()
{
return _persistentConnectionsEnabled;
}
/**
* The max idle time is applied to a HTTP request for IO operations and
* delayed dispatch.
*
* @return the max idle time in ms or if == 0 implies an infinite timeout, <0
* implies no HTTP channel timeout and the connection timeout is used instead.
*/
@ManagedAttribute("The idle timeout in ms for I/O operations during the handling of a HTTP request")
public long getIdleTimeout()
{
return _idleTimeout;
}
/**
* The max idle time is applied to a HTTP request for IO operations and
* delayed dispatch.
*
* @param timeoutMs the max idle time in ms or if == 0 implies an infinite timeout, <0
* implies no HTTP channel timeout and the connection timeout is used instead.
*/
public void setIdleTimeout(long timeoutMs)
{
_idleTimeout = timeoutMs;
}
public void setPersistentConnectionsEnabled(boolean persistentConnectionsEnabled)
{
_persistentConnectionsEnabled = persistentConnectionsEnabled;
}
public void setSendServerVersion(boolean sendServerVersion)
{
_sendServerVersion = sendServerVersion;
}
@ManagedAttribute("Whether to send the Server header in responses")
public boolean getSendServerVersion()
{
return _sendServerVersion;
}
public void writePoweredBy(Appendable out, String preamble, String postamble) throws IOException
{
if (getSendServerVersion())
{
if (preamble != null)
out.append(preamble);
out.append(Jetty.POWERED_BY);
if (postamble != null)
out.append(postamble);
}
}
public void setSendXPoweredBy(boolean sendXPoweredBy)
{
_sendXPoweredBy = sendXPoweredBy;
}
@ManagedAttribute("Whether to send the X-Powered-By header in responses")
public boolean getSendXPoweredBy()
{
return _sendXPoweredBy;
}
public void setSendDateHeader(boolean sendDateHeader)
{
_sendDateHeader = sendDateHeader;
}
@ManagedAttribute("Whether to send the Date header in responses")
public boolean getSendDateHeader()
{
return _sendDateHeader;
}
/**
* @param delay if true, delay the application dispatch until content is available (default false)
*/
public void setDelayDispatchUntilContent(boolean delay)
{
_delayDispatchUntilContent = delay;
}
@ManagedAttribute("Whether to delay the application dispatch until content is available")
public boolean isDelayDispatchUntilContent()
{
return _delayDispatchUntilContent;
}
/**
* @param useDirectByteBuffers if true, use direct byte buffers for requests
*/
public void setUseDirectByteBuffers(boolean useDirectByteBuffers)
{
_useDirectByteBuffers = useDirectByteBuffers;
}
@ManagedAttribute("Whether to use direct byte buffers for requests")
public boolean isUseDirectByteBuffers()
{
return _useDirectByteBuffers;
}
/**
* Sets the {@link Customizer}s that are invoked for every
* request received.
* Customizers are often used to interpret optional headers (eg {@link ForwardedRequestCustomizer}) or
* optional protocol semantics (eg {@link SecureRequestCustomizer}).
*
* @param customizers the list of customizers
*/
public void setCustomizers(List customizers)
{
_customizers.clear();
_customizers.addAll(customizers);
}
/**
* Set the size of the buffer into which response content is aggregated
* before being sent to the client. A larger buffer can improve performance by allowing
* a content producer to run without blocking, however larger buffers consume more memory and
* may induce some latency before a client starts processing the content.
*
* @param outputBufferSize buffer size in bytes.
*/
public void setOutputBufferSize(int outputBufferSize)
{
_outputBufferSize = outputBufferSize;
setOutputAggregationSize(outputBufferSize / 4);
}
/**
* Set the max size of the response content write that is copied into the aggregate buffer.
* Writes that are smaller of this size are copied into the aggregate buffer, while
* writes that are larger of this size will cause the aggregate buffer to be flushed
* and the write to be executed without being copied.
*
* @param outputAggregationSize the max write size that is aggregated
*/
public void setOutputAggregationSize(int outputAggregationSize)
{
_outputAggregationSize = outputAggregationSize;
}
/**
* Larger headers will allow for more and/or larger cookies plus larger form content encoded
* in a URL. However, larger headers consume more memory and can make a server more vulnerable to denial of service
* attacks.
*
* @param requestHeaderSize the maximum size in bytes of the request header
*/
public void setRequestHeaderSize(int requestHeaderSize)
{
_requestHeaderSize = requestHeaderSize;
}
/**
* Larger headers will allow for more and/or larger cookies and longer HTTP headers (eg for redirection).
* However, larger headers will also consume more memory.
*
* @param responseHeaderSize the maximum size in bytes of the response header
*/
public void setResponseHeaderSize(int responseHeaderSize)
{
_responseHeaderSize = responseHeaderSize;
}
/**
* @param headerCacheSize The size in bytes of the header field cache.
*/
public void setHeaderCacheSize(int headerCacheSize)
{
_headerCacheSize = headerCacheSize;
}
public void setHeaderCacheCaseSensitive(boolean headerCacheCaseSensitive)
{
this._headerCacheCaseSensitive = headerCacheCaseSensitive;
}
/**
* Sets the TCP/IP port used for CONFIDENTIAL and INTEGRAL redirections.
*
* @param securePort the secure port to redirect to.
*/
public void setSecurePort(int securePort)
{
_securePort = securePort;
}
/**
* Set the URI scheme used for CONFIDENTIAL and INTEGRAL redirections.
*
* @param secureScheme A scheme string like "https"
*/
public void setSecureScheme(String secureScheme)
{
_secureScheme = secureScheme;
}
/**
* Sets the form encoded HTTP methods.
*
* @param methods the HTTP methods of requests that can be decoded as
* {@code x-www-form-urlencoded} content to be made available via the
* {@link Request#getParameter(String)} and associated APIs
*/
public void setFormEncodedMethods(String... methods)
{
_formEncodedMethods.clear();
for (String method : methods)
{
addFormEncodedMethod(method);
}
}
/**
* @return the set of HTTP methods of requests that can be decoded as
* {@code x-www-form-urlencoded} content to be made available via the
* {@link Request#getParameter(String)} and associated APIs
*/
public Set getFormEncodedMethods()
{
return _formEncodedMethods.keySet();
}
/**
* Adds a form encoded HTTP Method
*
* @param method the HTTP method of requests that can be decoded as
* {@code x-www-form-urlencoded} content to be made available via the
* {@link Request#getParameter(String)} and associated APIs
*/
public void addFormEncodedMethod(String method)
{
_formEncodedMethods.put(method, Boolean.TRUE);
}
/**
* Tests whether the HTTP method supports {@code x-www-form-urlencoded} content
*
* @param method the HTTP method
* @return true if requests with this method can be
* decoded as {@code x-www-form-urlencoded} content to be made available via the
* {@link Request#getParameter(String)} and associated APIs
*/
public boolean isFormEncodedMethod(String method)
{
return Boolean.TRUE.equals(_formEncodedMethods.get(method));
}
/**
* @return The maximum error dispatches for a request to prevent looping on an error
*/
@ManagedAttribute("The maximum ERROR dispatches for a request for loop prevention (default 10)")
public int getMaxErrorDispatches()
{
return _maxErrorDispatches;
}
/**
* @param max The maximum error dispatches for a request to prevent looping on an error
*/
public void setMaxErrorDispatches(int max)
{
_maxErrorDispatches = max;
}
/**
* @return The minimum request data rate in bytes per second; or <=0 for no limit
*/
@ManagedAttribute("The minimum request content data rate in bytes per second")
public long getMinRequestDataRate()
{
return _minRequestDataRate;
}
/**
* @param bytesPerSecond The minimum request data rate in bytes per second; or <=0 for no limit
*/
public void setMinRequestDataRate(long bytesPerSecond)
{
_minRequestDataRate = bytesPerSecond;
}
/**
* @return The minimum response data rate in bytes per second; or <=0 for no limit
*/
@ManagedAttribute("The minimum response content data rate in bytes per second")
public long getMinResponseDataRate()
{
return _minResponseDataRate;
}
/**
* Sets an minimum response content data rate.
* The value is enforced only approximately - not precisely - due to the fact that
* for efficiency reasons buffer writes may be comprised of both response headers and
* response content.
*
* @param bytesPerSecond The minimum response data rate in bytes per second; or <=0 for no limit
*/
public void setMinResponseDataRate(long bytesPerSecond)
{
_minResponseDataRate = bytesPerSecond;
}
public HttpCompliance getHttpCompliance()
{
return _httpCompliance;
}
public void setHttpCompliance(HttpCompliance httpCompliance)
{
_httpCompliance = httpCompliance;
}
/**
* @return The CookieCompliance used for parsing request Cookie
headers.
* @see #getResponseCookieCompliance()
*/
public CookieCompliance getRequestCookieCompliance()
{
return _requestCookieCompliance;
}
/**
* @return The CookieCompliance used for generating response Set-Cookie
headers
* @see #getRequestCookieCompliance()
*/
public CookieCompliance getResponseCookieCompliance()
{
return _responseCookieCompliance;
}
/**
* @param cookieCompliance The CookieCompliance to use for parsing request Cookie
headers.
* @see #setRequestCookieCompliance(CookieCompliance)
*/
public void setRequestCookieCompliance(CookieCompliance cookieCompliance)
{
_requestCookieCompliance = cookieCompliance == null ? CookieCompliance.RFC6265 : cookieCompliance;
}
/**
* @param cookieCompliance The CookieCompliance to use for generating response Set-Cookie
headers
* @see #setResponseCookieCompliance(CookieCompliance)
*/
public void setResponseCookieCompliance(CookieCompliance cookieCompliance)
{
_responseCookieCompliance = cookieCompliance == null ? CookieCompliance.RFC6265 : cookieCompliance;
}
/**
* @param notifyRemoteAsyncErrors whether remote errors, when detected, are notified to async applications
*/
public void setNotifyRemoteAsyncErrors(boolean notifyRemoteAsyncErrors)
{
this._notifyRemoteAsyncErrors = notifyRemoteAsyncErrors;
}
/**
* @return whether remote errors, when detected, are notified to async applications
*/
@ManagedAttribute("Whether remote errors, when detected, are notified to async applications")
public boolean isNotifyRemoteAsyncErrors()
{
return _notifyRemoteAsyncErrors;
}
@Override
public String dump()
{
return Dumpable.dump(this);
}
@Override
public void dump(Appendable out, String indent) throws IOException
{
Dumpable.dumpObjects(out, indent, this,
new DumpableCollection("customizers", _customizers),
new DumpableCollection("formEncodedMethods", _formEncodedMethods.keySet()),
"outputBufferSize=" + _outputBufferSize,
"outputAggregationSize=" + _outputAggregationSize,
"requestHeaderSize=" + _requestHeaderSize,
"responseHeaderSize=" + _responseHeaderSize,
"headerCacheSize=" + _headerCacheSize,
"secureScheme=" + _secureScheme,
"securePort=" + _securePort,
"idleTimeout=" + _idleTimeout,
"sendDateHeader=" + _sendDateHeader,
"sendServerVersion=" + _sendServerVersion,
"sendXPoweredBy=" + _sendXPoweredBy,
"delayDispatchUntilContent=" + _delayDispatchUntilContent,
"persistentConnectionsEnabled=" + _persistentConnectionsEnabled,
"maxErrorDispatches=" + _maxErrorDispatches,
"minRequestDataRate=" + _minRequestDataRate,
"minResponseDataRate=" + _minResponseDataRate,
"requestCookieCompliance=" + _requestCookieCompliance,
"responseCookieCompliance=" + _responseCookieCompliance,
"notifyRemoteAsyncErrors=" + _notifyRemoteAsyncErrors
);
}
@Override
public String toString()
{
return String.format("%s@%x{%d/%d,%d/%d,%s://:%d,%s}",
this.getClass().getSimpleName(),
hashCode(),
_outputBufferSize,
_outputAggregationSize,
_requestHeaderSize,
_responseHeaderSize,
_secureScheme,
_securePort,
_customizers);
}
}