New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
8274779: HttpURLConnection: HttpClient and HttpsClient incorrectly check request method when set to POST #5964
Closed
Closed
Changes from 5 commits
Commits
Show all changes
6 commits
Select commit
Hold shift + click to select a range
04a97fe
8274779: HttpClient and HttpsClient incorrectly check request method …
evwhelan a65e493
Test changes
evwhelan c213085
Removed reflection in favour of injected accessor for KeepAliveCache
evwhelan 90ab858
Extracted both connectTimeouts to variables and added copyright heade…
evwhelan e5de4b6
Added setInCache to HttpClientAccess to replace reflection
evwhelan 1325792
Removed +open from jtreg modules
evwhelan File filter
Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
140 changes: 140 additions & 0 deletions
140
test/jdk/sun/net/www/http/RequestMethodCheck/RequestMethodEquality.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,140 @@ | ||
/* | ||
* Copyright (c) 2021, Oracle and/or its affiliates. All rights reserved. | ||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. | ||
* | ||
* This code is free software; you can redistribute it and/or modify it | ||
* under the terms of the GNU General Public License version 2 only, as | ||
* published by the Free Software Foundation. | ||
* | ||
* This code is distributed in the hope that it will be useful, but WITHOUT | ||
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or | ||
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License | ||
* version 2 for more details (a copy is included in the LICENSE file that | ||
* accompanied this code). | ||
* | ||
* You should have received a copy of the GNU General Public License version | ||
* 2 along with this work; if not, write to the Free Software Foundation, | ||
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. | ||
* | ||
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA | ||
* or visit www.oracle.com if you need additional information or have any | ||
* questions. | ||
*/ | ||
|
||
/* @test | ||
* @summary This test checks that a broken HttpClient is not returned from the KeepAliveCache | ||
* when the intial HttpURLConnection.setRequest method is passed a 'new String("POST")' | ||
* rather than the "POST" String literal | ||
* @bug 8274779 | ||
* @library /test/lib | ||
* @modules java.base/sun.net.www.http:+open | ||
* java.base/sun.net.www.protocol.http | ||
* @build java.base/sun.net.www.http.HttpClientAccess | ||
* @run testng/othervm RequestMethodEquality | ||
*/ | ||
|
||
import com.sun.net.httpserver.HttpExchange; | ||
import com.sun.net.httpserver.HttpHandler; | ||
import com.sun.net.httpserver.HttpServer; | ||
import jdk.test.lib.net.URIBuilder; | ||
import org.testng.Assert; | ||
import org.testng.annotations.AfterTest; | ||
import org.testng.annotations.BeforeTest; | ||
import org.testng.annotations.Test; | ||
import sun.net.www.http.HttpClient; | ||
import sun.net.www.http.HttpClientAccess; | ||
import sun.net.www.http.KeepAliveCache; | ||
import sun.net.www.protocol.http.HttpURLConnection; | ||
|
||
import java.io.IOException; | ||
import java.net.InetAddress; | ||
import java.net.InetSocketAddress; | ||
import java.net.Proxy; | ||
import java.net.URL; | ||
|
||
public class RequestMethodEquality { | ||
private static final String TEST_CONTEXT = "/reqmethodtest"; | ||
private HttpServer server; | ||
private CustomHandler handler; | ||
private HttpClientAccess httpClientAccess; | ||
|
||
@BeforeTest | ||
public void setup() throws Exception { | ||
handler = new CustomHandler(); | ||
server = createServer(handler); | ||
httpClientAccess = new HttpClientAccess(); | ||
} | ||
|
||
@AfterTest | ||
public void tearDown() throws Exception { | ||
if (server != null) { | ||
server.stop(0); | ||
} | ||
} | ||
|
||
@Test | ||
public void testHttpClient() throws Exception { | ||
HttpURLConnection conn = null; | ||
try { | ||
URL url = URIBuilder.newBuilder() | ||
.scheme("http") | ||
.host(server.getAddress().getAddress()) | ||
.port(server.getAddress().getPort()) | ||
.path(TEST_CONTEXT) | ||
.toURL(); | ||
|
||
conn = (HttpURLConnection) url.openConnection(); | ||
conn.setChunkedStreamingMode(8); // ensures the call to HttpURLConnection.streaming() passes | ||
|
||
int firstConnectTimeout = 1234; | ||
HttpClient freshClient = HttpClient.New(url, Proxy.NO_PROXY, firstConnectTimeout, true, conn); | ||
freshClient.closeServer(); // ensures that the call to HttpClient.available() fails | ||
|
||
httpClientAccess.setInCache(freshClient, true); // allows the assertion in HttpClient.New to pass | ||
|
||
// Injecting a mock KeepAliveCache that the HttpClient can use | ||
KeepAliveCache kac = httpClientAccess.getKeepAliveCache(); | ||
kac.put(url, null, freshClient); | ||
|
||
// The 'new' keyword is important here as the original code | ||
// used '==' rather than String.equals to compare request methods | ||
conn.setRequestMethod(new String("POST")); | ||
|
||
// Before the fix, the value returned to 'cachedClient' would have been the (broken) cached | ||
// 'freshClient' as HttpClient.available() could never be checked | ||
int secondConnectTimeout = 4321; | ||
HttpClient cachedClient = HttpClient.New(url, Proxy.NO_PROXY, secondConnectTimeout, true, conn); | ||
cachedClient.closeServer(); | ||
|
||
int originalConnectTimeout = freshClient.getConnectTimeout(); | ||
int cachedConnectTimeout = cachedClient.getConnectTimeout(); | ||
|
||
// If both connectTimeout values are equal, it means the test retrieved the same broken | ||
// HttpClient from the cache and is trying to re-use it. | ||
Assert.assertNotEquals(originalConnectTimeout, cachedConnectTimeout, "Both connectTimeout values are equal.\nThis means the test is reusing a broken HttpClient rather than creating a new one."); | ||
} finally { | ||
if (conn != null) { | ||
conn.disconnect(); | ||
} | ||
} | ||
} | ||
|
||
private static HttpServer createServer(final HttpHandler handler) throws IOException { | ||
final InetSocketAddress serverAddress = new InetSocketAddress(InetAddress.getLoopbackAddress(), 0); | ||
final int backlog = -1; | ||
final HttpServer server = HttpServer.create(serverAddress, backlog); | ||
server.createContext(TEST_CONTEXT, handler); | ||
server.start(); | ||
System.out.println("Server started on " + server.getAddress()); | ||
return server; | ||
} | ||
|
||
private static class CustomHandler implements HttpHandler { | ||
@Override | ||
public void handle(HttpExchange exchange) throws IOException { | ||
// We'll always send 200 OK - We don't care about the server logic | ||
exchange.sendResponseHeaders(200, 1); | ||
exchange.close(); | ||
} | ||
} | ||
} |
35 changes: 35 additions & 0 deletions
35
.../jdk/sun/net/www/http/RequestMethodCheck/java.base/sun/net/www/http/HttpClientAccess.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
/* | ||
* Copyright (c) 2021, Oracle and/or its affiliates. All rights reserved. | ||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. | ||
* | ||
* This code is free software; you can redistribute it and/or modify it | ||
* under the terms of the GNU General Public License version 2 only, as | ||
* published by the Free Software Foundation. | ||
* | ||
* This code is distributed in the hope that it will be useful, but WITHOUT | ||
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or | ||
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License | ||
* version 2 for more details (a copy is included in the LICENSE file that | ||
* accompanied this code). | ||
* | ||
* You should have received a copy of the GNU General Public License version | ||
* 2 along with this work; if not, write to the Free Software Foundation, | ||
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. | ||
* | ||
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA | ||
* or visit www.oracle.com if you need additional information or have any | ||
* questions. | ||
*/ | ||
|
||
package sun.net.www.http; | ||
// We can use this injected accessor class to get the KeepAliveCache from our HttpClient | ||
public class HttpClientAccess { | ||
public KeepAliveCache getKeepAliveCache () { | ||
// kac is a protected static field in HttpClient | ||
return HttpClient.kac; | ||
} | ||
|
||
public void setInCache(HttpClient client, boolean inCache) { | ||
client.inCache = inCache; | ||
} | ||
} |
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think that now you can probably remove
:+open
- since you're no longer using reflection.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done, thanks!