GitHub-Spring
/
spring-boot
mirror of https://github.com/spring-projects/spring-boot.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Reinstate permissive alias check 

Without the permissive check, unusually named static resources are
inaccessible. The need for this may be due to a Jetty bug. This change
restores the tests to their previous form for now.

See gh-40568
pull/40611/head
Andy Wilkinson 2 years ago
parent
f70a270ec8
commit
34e62bb4e2
1 changed files with 7 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 9
      spring-boot-tests/spring-boot-integration-tests/spring-boot-server-tests/spring-boot-server-tests-app/src/main/java/com/example/JettyServerCustomizerConfig.java

9
spring-boot-tests/spring-boot-integration-tests/spring-boot-server-tests/spring-boot-server-tests-app/src/main/java/com/example/JettyServerCustomizerConfig.java
Unescape View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2012-2024 the original author or authors. * Copyright 2012-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -20,6 +20,7 @@ import org.eclipse.jetty.http.UriCompliance;
import org.eclipse.jetty.server.AllowedResourceAliasChecker; import org.eclipse.jetty.server.AllowedResourceAliasChecker;
import org.eclipse.jetty.server.Connector; import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.HttpConnectionFactory; import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.handler.ContextHandler;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass; import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.web.embedded.jetty.JettyServerCustomizer; import org.springframework.boot.web.embedded.jetty.JettyServerCustomizer;
@ -29,19 +30,23 @@ import org.springframework.context.annotation.Configuration;
/** /**
* {@link JettyServerCustomizer} that: * {@link JettyServerCustomizer} that:
* <ul> * <ul>
* <li>Approves all aliases to allow access to unusually named static resources
* <li>Relaxes URI compliance to allow access to static resources with {@code %} in their file name. * <li>Relaxes URI compliance to allow access to static resources with {@code %} in their file name.
* </ul> * </ul>
* *
* @author Madhura Bhave * @author Madhura Bhave
* @author Andy Wilkinson * @author Andy Wilkinson
*/ */
@ConditionalOnClass(name = "org.eclipse.jetty.server.Connector") @ConditionalOnClass(name = {"org.eclipse.jetty.server.handler.ContextHandler"})
@Configuration(proxyBeanMethods = false) @Configuration(proxyBeanMethods = false)
public class JettyServerCustomizerConfig { public class JettyServerCustomizerConfig {
@Bean @Bean
public JettyServerCustomizer jettyServerCustomizer() { public JettyServerCustomizer jettyServerCustomizer() {
return (server) -> { return (server) -> {
ContextHandler handler = (ContextHandler) server.getHandler();
handler.addAliasCheck((path, resource) -> true);
for (Connector connector : server.getConnectors()) { for (Connector connector : server.getConnectors()) {
connector.getConnectionFactory(HttpConnectionFactory.class).getHttpConfiguration() connector.getConnectionFactory(HttpConnectionFactory.class).getHttpConfiguration()
.setUriCompliance(UriCompliance.LEGACY); .setUriCompliance(UriCompliance.LEGACY);

Write Preview
Loading…
Cancel
Save