private boolean validateAcceptCommands(HttpAcceptSession session) { String commands = session.getReadHeader("X-Accept-Commands"); if (commands != null && !"ping".equals(commands)) { session.setStatus(HttpStatus.CLIENT_BAD_REQUEST); session.setReason("X-Accept-Commands header value is invalid: " + commands); session.setWriteHeader(HEADER_CONTENT_LENGTH, "0"); session.close(false); return false; } return true; }
private void reportError(HttpAcceptSession session, HttpStatus status) throws IOException { session.setStatus(status); if (errorPagesDir != null && errorPagesDir.exists()) { String errorFileName = Integer.toString(status.code()) + ".html"; File errorContentFile = new File(errorPagesDir, errorFileName); if (errorContentFile.exists() && errorContentFile.canRead()) { IoBufferAllocatorEx<?> allocator = session.getBufferAllocator(); IoBufferEx buf = HttpUtils.getBufferForFile(allocator, errorContentFile); session.setWriteHeader(HttpHeaders.HEADER_CONTENT_LENGTH, Integer.toString(buf.remaining())); session.write(buf); } } }
public static void handleExtensionNegotiationException(HttpAcceptSession session, List<String> clientRequestedExtensions, ProtocolException e, Logger logger) { // This happens when the extension negotiation leads to // a fatal failure; the session should be closed because // the service REQUIRED some extension that the client // did not request. if (logger.isDebugEnabled()) { if (logger.isDebugEnabled()) { // KG-10384: make sure port is explicitly included in the request URI we use for lookup since it is always // included when the service registry is created since we force use of explicit port in accepts. // TODO: consider doing this "at the edge" when the HTTP request object (or http session) is created. URI requestURI = HttpUtils.getRequestURI(session.getRequestURL(), session.getReadHeader("Host"), session); logger.debug(format( "Rejected %s request for URI \"%s\" on session '%s': failed to negotiate client requested extensions '%s'" + " due to exception %s", session.getMethod(), requestURI, session, clientRequestedExtensions, e.toString())); } } session.setStatus(HttpStatus.CLIENT_NOT_FOUND); session.setReason("WebSocket Extensions not found or invalid"); session.close(false); }
private static void checkBlockPadding(HttpAcceptSession session) { // TODO: Verify if counting bytes is really necessary // check to see if we need to add a padding message to the end of sent messages long writtenBytes = session.getWrittenBytes(); Long bytesWrittenOnLastFlush = (Long)session.getAttribute(WsebAcceptor.BYTES_WRITTEN_ON_LAST_FLUSH_KEY); if (bytesWrittenOnLastFlush == null || writtenBytes != bytesWrittenOnLastFlush) { // Block Padding is required session.write(WsebFrameEncoder.BLOCK_PADDING_MESSAGE); session.setAttribute(WsebAcceptor.BYTES_WRITTEN_ON_LAST_FLUSH_KEY, writtenBytes + 4096); } }
@Override protected void doSessionOpened(HttpAcceptSession session) throws Exception { HttpMethod method = session.getMethod(); String service = session.getParameter("service"); session.setStatus(HttpStatus.CLIENT_METHOD_NOT_ALLOWED); session.close(false); throw new IllegalArgumentException("HTTP method not allowed: " + method); } else if (!"turn".equals(service)) { session.setStatus(HttpStatus.CLIENT_BAD_REQUEST); session.close(false); throw new IllegalArgumentException("Unsupported/invalid service: " + service); session.setVersion(HttpVersion.HTTP_1_1); session.setWriteHeader(HttpHeaders.HEADER_CONTENT_TYPE, "application/json"); Subject subject = session.getSubject(); if (subject == null) { throw new TurnException("Subject is null"); IoBufferAllocatorEx<?> allocator = session.getBufferAllocator(); IoBufferEx out = allocator.wrap(allocator.allocate(response.length())).setAutoExpander(allocator); out.put(response.getBytes()); out.flip(); session.setWriteHeader(HttpHeaders.HEADER_CONTENT_LENGTH, Integer.toString(out.remaining())); session.setWriteHeader(HttpHeaders.HEADER_MAX_AGE, ttl); session.write(out); session.close(false);
private void doUpgrade75(final HttpAcceptSession session) throws URISyntaxException { switch (session.getMethod()) { case GET: session.suspendRead(); String origin = session.getReadHeader(HEADER_ORIGIN); URI wsLocation = getWebSocketLocation(session, WebSocketWireProtocol.HIXIE_75); final Encoding encoding = getWebSocketEncoding(session); session.setStatus(HttpStatus.INFO_SWITCHING_PROTOCOLS); session.setReason(REASON_WEB_SOCKET_HANDSHAKE); session.addWriteHeader(HEADER_UPGRADE, WEB_SOCKET); session.addWriteHeader(HEADER_CONNECTION, HEADER_UPGRADE); session.addWriteHeader(HEADER_WEBSOCKET_ORIGIN, origin); session.addWriteHeader(HEADER_WEBSOCKET_LOCATION, wsLocation.toASCIIString()); List<String> clientRequestedWsProtocols = session.getReadHeaders(HEADER_SEC_WEBSOCKET_PROTOCOL); if ( clientRequestedWsProtocols != null ) { clientWebSocketProtocolHeaderName = HEADER_SEC_WEBSOCKET_PROTOCOL; } clientRequestedWsProtocols = session.getReadHeaders(HEADER_X_WEBSOCKET_PROTOCOL); if ( clientRequestedWsProtocols != null ) { clientWebSocketProtocolHeaderName = HEADER_X_WEBSOCKET_PROTOCOL; } clientRequestedWsProtocols = session.getReadHeaders(HEADER_WEBSOCKET_PROTOCOL); if ( clientRequestedWsProtocols != null ) { clientWebSocketProtocolHeaderName = HEADER_WEBSOCKET_PROTOCOL; } List<String> clientRequestedExtensions = session.getReadHeaders(HEADER_SEC_WEBSOCKET_EXTENSION); if ( clientRequestedExtensions == null ) { clientRequestedExtensions = session.getReadHeaders(HEADER_X_WEBSOCKET_EXTENSIONS);
String wsrVersion = session.getReadHeader("X-WebSocket-Version"); if (!"wsr-1.0".equals(wsrVersion)) { session.setStatus(HttpStatus.SERVER_NOT_IMPLEMENTED); session.setReason("WebSocket-Version not supported"); session.close(false); return; List<String> wsProtocols = session.getReadHeaders("X-WebSocket-Protocol"); List<String> clientRequestedExtensions = session.getReadHeaders(WsUtils.HEADER_X_WEBSOCKET_EXTENSIONS); URI request = session.getRequestURL(); ResourceAddress httpCreateAddress = session.getLocalAddress(); URI httpCreateURI = httpCreateAddress.getResource(); final URI httpUri = session.getRequestURL(); if ( !httpUri.getPath().contains(CREATE_SUFFIX)) { throw new IllegalStateException("Session created with unexpected URL: "+httpUri.toASCIIString()); session.setWriteHeader("Content-Type", "text/plain"); session.setStatus(HttpStatus.SUCCESS_CREATED); IoBufferAllocatorEx<?> allocator = session.getBufferAllocator(); ByteBuffer nioBuf = allocator.allocate(256); IoBufferEx buf = allocator.wrap(nioBuf).setAutoExpander(allocator); session.setWriteHeader("Content-Length", Integer.toString(buf.remaining())); session.write(buf);
@Override protected void doExceptionCaught(HttpAcceptSession session, Throwable cause) throws Exception { wsebSession.setCloseException(cause); HttpStatus status = HttpStatus.SERVER_INTERNAL_ERROR; session.setStatus(status); session.setWriteHeader(HEADER_CONTENT_LENGTH, "0"); session.close(true); }
private void doUpgrade(final HttpAcceptSession session) throws Exception { switch (session.getMethod()) { case GET: session.suspendRead(); List<String> clientRequestedWsProtocols = session.getReadHeaders(HEADER_SEC_WEBSOCKET_PROTOCOL); List<String> clientRequestedExtensions = session.getReadHeaders(HEADER_SEC_WEBSOCKET_EXTENSION); final String wsVersionString = session.getReadHeader(HEADER_WEBSOCKET_VERSION); String key = session.getReadHeader(HEADER_WEBSOCKET_KEY); final Encoding encoding = getWebSocketEncoding(session); final List<String> connectionHeaders = session.getReadHeaders(HEADER_CONNECTION); for (String connectionHeader : connectionHeaders) { if (HEADER_UPGRADE.equalsIgnoreCase(connectionHeader)) { session.setStatus(HttpStatus.CLIENT_BAD_REQUEST); session.close(false); return; wsv = WebSocketWireProtocol.HYBI_8; } else { session.setStatus(HttpStatus.CLIENT_BAD_REQUEST); session.close(false); return; String upgrade = session.getReadHeader(HEADER_UPGRADE); if (WEB_SOCKET.equals(upgrade)) { webSocketUpgradeResponseValue = WEB_SOCKET;
HttpMethod method = session.getMethod(); if (method != HttpMethod.GET && method != HttpMethod.HEAD) { reportError(session, HttpStatus.CLIENT_METHOD_NOT_ALLOWED); session.close(false); return; String pathInfo = session.getPathInfo().getPath(); String requestPath = session.getRequestURI().getPath(); session.setStatus(HttpStatus.REDIRECT_FOUND); session.setWriteHeader("Location", requestPath + "/"); session.close(false); return; session.close(false); return; session.setWriteHeader("Content-Type", "text/html"); ByteBuffer nioBuf = DirectoryListingUtils.createDirectoryListing(pathInfo, baseDir, requestFile); IoBufferAllocatorEx<?> allocator = session.getBufferAllocator(); IoBufferEx buf = allocator.wrap(nioBuf); session.write(buf); session.close(false); return; session.close(false); return;
URI requestURI = httpSession.getRequestURI(); String scheme = httpSession.isSecure() ? "https" : "http"; String authority = httpSession.getReadHeader("Host"); URI locationURI = new URI(scheme, authority, requestURI.getPath(), requestURI.getQuery(), requestURI.getFragment()); httpSession.setWriteHeader(HEADER_CONTENT_TYPE, "text/plain; charset=UTF-8"); httpSession.setWriteHeader("Location", locationURI.toString()); httpSession.setStatus(HttpStatus.SUCCESS_OK); String cookieHeader = httpSession.getReadHeader("Cookie"); if (cookieHeader != null && cookieHeader.length() > 0) { IoBufferAllocatorEx<?> allocator = httpSession.getBufferAllocator(); IoBufferEx buf = allocator.wrap(allocator.allocate(cookieHeader.length())).setAutoExpander(allocator); CharsetEncoder utf8Encoder = UTF_8.newEncoder(); WriteFuture future = httpSession.write(buf); future.addListener(new IoFutureListener<IoFuture>() { @Override httpSession.close(false);
String path = session.getPathInfo().getPath(); if (CREATE_SUFFIX.endsWith(path)) { createSuffix = CREATE_SUFFIX; } else { logger.info(String.format("Sending HTTP status 404 as the request=%s is not wse create request", path)); session.setStatus(HttpStatus.CLIENT_NOT_FOUND); session.close(false); return; String sequenceStr = session.getReadHeader(HttpHeaders.HEADER_X_SEQUENCE_NO); final boolean validateSequenceNo = (sequenceStr != null); final long sequenceNo = validateSequenceNo ? Long.parseLong(sequenceStr) : -1; List<String> wsProtocols = session.getReadHeaders("X-WebSocket-Protocol"); try { wsProtocol = WsUtils.negotiateWebSocketProtocol(session, session.setStatus(HttpStatus.CLIENT_NOT_FOUND); session.close(false); return; List<String> clientRequestedExtensions = session.getReadHeaders(WsUtils.HEADER_X_WEBSOCKET_EXTENSIONS); final IoBufferAllocatorEx<WsBuffer> allocator = new WsebBufferAllocator(session.getBufferAllocator()); final URI httpUri = session.getRequestURL(); if (!httpUri.getPath().contains(createSuffix)) { throw new IllegalStateException("Session created with unexpected URL: "+httpUri.toASCIIString());
IoSessionConfig httpConfig = httpSession.getConfig(); httpConfig.setIdleTime(WRITER_IDLE, (int) TIME_TO_PULSE_MILLIS); if (!useHttpStreaming && !"s".equals(httpSession.getParameter(".kd"))) { URI pathInfo = httpSession.getPathInfo(); String secureAuthority = secureAcceptURI.getAuthority(); String secureAcceptPath = secureAcceptURI.getPath(); httpSession.setStatus(HttpStatus.REDIRECT_MOVED_PERMANENTLY); httpSession.setWriteHeader("Location", request); httpSession.close(false); sseMessage.setLocation(request); sseMessage.setReconnect(true); httpSession.write(sseMessage); httpSession.close(false); httpSession.setWriteHeader("Connection", "close"); String contentTypeOverride = httpSession.getParameter(".kc"); if (contentTypeOverride != null) { if (contentTypeOverride.indexOf(';') == -1) { httpSession.setWriteHeader("X-Content-Type-Options", "nosniff"); httpSession.setWriteHeader("Content-Type", contentType); String cacheControlOverride = httpSession.getParameter(".kcc"); if (cacheControlOverride != null) {
@Override protected void doSessionOpened(HttpAcceptSession session) throws Exception { if (!PERMITTED_REQUEST_METHODS.contains(session.getMethod())) { wsebSession.setCloseException( new IOException("Unsupported downstream request method: " + session.getMethod())); HttpStatus status = HttpStatus.CLIENT_BAD_REQUEST; session.setStatus(status); session.setWriteHeader(HEADER_CONTENT_LENGTH, "0"); session.close(true); IoFilterChain bridgeFilterChain = session.getFilterChain(); String requestedKeepAliveIntervalInSeconds = session.getParameter(".kkt"); if (requestedKeepAliveIntervalInSeconds != null) { clientIdleTimeout = Integer.parseInt(requestedKeepAliveIntervalInSeconds); session.getConfig().setWriterIdleTime(clientIdleTimeout); String contentLength = session.getReadHeader(HttpHeaders.HEADER_CONTENT_LENGTH); if (contentLength == null || parseInt(contentLength) == session.getReadBytes()) { reconnectSession(session, wsebSession);
String userAgent = session.getReadHeader("User-Agent"); boolean isClientIE11 = false; if (userAgent != null && userAgent.contains("Trident/7.0")) { if (!"s".equals(session.getParameter(".kd"))) { URI pathInfo = session.getPathInfo(); String secureAuthority = secureAcceptURI.getAuthority(); String secureAcceptPath = secureAcceptURI.getPath(); session.setStatus(HttpStatus.REDIRECT_MOVED_PERMANENTLY); session.setWriteHeader("Location", request.toString()); session.close(false); session.setWriteHeader("Connection", "close"); String contentTypeOverride = session.getParameter(".kc"); if (contentTypeOverride != null) { if (contentTypeOverride.indexOf(';') == -1) { session.setWriteHeader("X-Content-Type-Options", "nosniff"); session.setWriteHeader(HEADER_CONTENT_TYPE, contentType); session.setWriteHeader("X-Idle-Timeout", String.valueOf(wsebSession.getClientIdleTimeout())); if(session.getParameter(".kns") != null) { session.setWriteHeader("X-Content-Type-Nosniff", "abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234abcdefghijklmnopqrstuvwxyz1234"); String cacheControlOverride = session.getParameter(".kcc");
CharsetEncoder utf8Encoder = UTF_8.newEncoder(); ResourceAddress localAddress = httpSession.getLocalAddress(); URI requestURI = localAddress.getResource(); String requestAuthority = requestURI.getAuthority(); IoBufferAllocatorEx<?> bufferAllocator = httpSession.getBufferAllocator(); IoBufferEx buf = bufferAllocator.wrap(ByteBuffer.allocate(10240), FLAG_SHARED).setAutoExpander(bufferAllocator); httpSession.setWriteHeader(HEADER_MAX_AGE, valueOf(minimumMaximumAge)); httpSession.setWriteHeader(HEADER_CONTENT_LENGTH, valueOf(buf.remaining())); } else { cacheByAuthority.put(requestAuthority, new InvalidResult()); httpSession.setStatus(HttpStatus.CLIENT_NOT_FOUND); httpSession.close(true);
@Override protected void doSessionOpened(final HttpAcceptSession session) throws Exception { if (wsebSession.isClosing() && wsebSession.isCloseReceived()) { session.close(false); return; if (!(HttpMethod.POST == session.getMethod())) { wsebSession.setCloseException( new IOException("Unsupported upstream request method: " + session.getMethod())); HttpStatus status = HttpStatus.CLIENT_BAD_REQUEST; session.setStatus(status); session.setWriteHeader(HEADER_CONTENT_LENGTH, "0"); session.close(true); return; String contentLength = session.getReadHeader(HEADER_CONTENT_LENGTH); if (contentLength != null && contentLength.equals("0")) { wsebSession.setCloseException( new IOException("Invalid upstream request: content length must not be zero")); HttpStatus status = HttpStatus.CLIENT_BAD_REQUEST; session.setStatus(status); session.setWriteHeader(HEADER_CONTENT_LENGTH, "0"); session.close(true); return; IoFilterChain filterChain = session.getFilterChain(); String contentType = session.getReadHeader(HttpHeaders.HEADER_CONTENT_TYPE); if (CONTENT_TYPE_TEXT_PLAIN_CHARSET_UTF_8.matcher((contentType)).matches()) { filterChain.addBefore(CODEC_FILTER, UTF8_FILTER, utf8);
@Override protected void doSessionOpened(HttpAcceptSession session) throws Exception { List<String> availableBalanceeURIs = getBalanceeURIs(session.isSecure()); GL.warn(GL.CLUSTER_LOGGER_NAME, "Rejected {} request for URI \"{}\" on session {}: no available balancee URI was found", session.getMethod(), session.getRequestURI(), session); session.setStatus(HttpStatus.CLIENT_NOT_FOUND); } else { GL.debug(GL.CLUSTER_LOGGER_NAME, "WsebBalancerServiceHandler doSessionOpen Selected Balancee URI: {}", selectedBalanceeURI); URI requestURI = session.getRequestURI(); String balanceeScheme = getScheme(selectedBalanceeURI); switch (balanceeScheme) { session.setStatus(HttpStatus.REDIRECT_FOUND /* 302 */); session.setWriteHeader("Location", selectedBalanceeURI); session.close(false);