ContentCachingResponseWrapper defensively applies content length in case of sendError/sendRedirect

Issue: SPR-13004 (cherry picked from commit 4facb2f)
11 years ago · f1b42b7d8f
2 changed files with 34 additions and 10 deletions
--- a/spring-web/src/main/java/org/springframework/web/util/ContentCachingResponseWrapper.java
+++ b/spring-web/src/main/java/org/springframework/web/util/ContentCachingResponseWrapper.java
@ -48,6 +48,8 @@ public class ContentCachingResponseWrapper extends HttpServletResponseWrapper {
				@@ -48,6 +48,8 @@ public class ContentCachingResponseWrapper extends HttpServletResponseWrapper {

 	private int statusCode = HttpServletResponse.SC_OK;

+	private Integer contentLength;
+

 	/**
 	 * Create a new ContentCachingResponseWrapper for the given servlet response.
@ -74,14 +76,27 @@ public class ContentCachingResponseWrapper extends HttpServletResponseWrapper {
				@@ -74,14 +76,27 @@ public class ContentCachingResponseWrapper extends HttpServletResponseWrapper {
 	@Override
 	public void sendError(int sc) throws IOException {
 		copyBodyToResponse();
-		super.sendError(sc);
+		try {
+			super.sendError(sc);
+		}
+		catch (IllegalStateException ex) {
+			// Possibly on Tomcat when called too late: fall back to silent setStatus
+			super.setStatus(sc);
+		}
 		this.statusCode = sc;
 	}

 	@Override
+	@SuppressWarnings("deprecation")
 	public void sendError(int sc, String msg) throws IOException {
 		copyBodyToResponse();
-		super.sendError(sc, msg);
+		try {
+			super.sendError(sc, msg);
+		}
+		catch (IllegalStateException ex) {
+			// Possibly on Tomcat when called too late: fall back to silent setStatus
+			super.setStatus(sc, msg);
+		}
 		this.statusCode = sc;
 	}

@ -111,6 +126,7 @@ public class ContentCachingResponseWrapper extends HttpServletResponseWrapper {
				@@ -111,6 +126,7 @@ public class ContentCachingResponseWrapper extends HttpServletResponseWrapper {
 		if (len > this.content.capacity()) {
 			this.content.resize(len);
 		}
+		this.contentLength = len;
 	}

 	// Overrides Servlet 3.1 setContentLengthLong(long) at runtime
@ -119,9 +135,11 @@ public class ContentCachingResponseWrapper extends HttpServletResponseWrapper {
				@@ -119,9 +135,11 @@ public class ContentCachingResponseWrapper extends HttpServletResponseWrapper {
 			throw new IllegalArgumentException("Content-Length exceeds ShallowEtagHeaderFilter's maximum (" +
 					Integer.MAX_VALUE + "): " + len);
 		}
-		if (len > this.content.capacity()) {
-			this.content.resize((int) len);
+		int lenInt = (int) len;
+		if (lenInt > this.content.capacity()) {
+			this.content.resize(lenInt);
 		}
+		this.contentLength = lenInt;
 	}

 	@Override
@ -158,7 +176,10 @@ public class ContentCachingResponseWrapper extends HttpServletResponseWrapper {
				@@ -158,7 +176,10 @@ public class ContentCachingResponseWrapper extends HttpServletResponseWrapper {

 	private void copyBodyToResponse() throws IOException {
 		if (this.content.size() > 0) {
-			getResponse().setContentLength(this.content.size());
+			if (this.contentLength != null) {
+				getResponse().setContentLength(this.contentLength);
+				this.contentLength = null;
+			}
 			StreamUtils.copy(this.content.toByteArray(), getResponse().getOutputStream());
 			this.content.reset();
 		}
--- a/spring-web/src/test/java/org/springframework/web/filter/ShallowEtagHeaderFilterTests.java
+++ b/spring-web/src/test/java/org/springframework/web/filter/ShallowEtagHeaderFilterTests.java
@ -1,5 +1,5 @@
				@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2014 the original author or authors.
+ * Copyright 2002-2015 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -58,7 +58,7 @@ public class ShallowEtagHeaderFilterTests {
				@@ -58,7 +58,7 @@ public class ShallowEtagHeaderFilterTests {
 		assertFalse(filter.isEligibleForEtag(request, response, 200, new byte[0]));

 		request = new MockHttpServletRequest("POST", "/hotels");
-		request.addHeader("Cache-Control","must-revalidate, no-store");
+		request.addHeader("Cache-Control", "must-revalidate, no-store");
 		assertFalse(filter.isEligibleForEtag(request, response, 200, new byte[0]));
 	}

@ -146,6 +146,7 @@ public class ShallowEtagHeaderFilterTests {
				@@ -146,6 +146,7 @@ public class ShallowEtagHeaderFilterTests {
 			public void doFilter(ServletRequest filterRequest, ServletResponse filterResponse)
 					throws IOException, ServletException {
 				assertEquals("Invalid request passed", request, filterRequest);
+				response.setContentLength(100);
 				FileCopyUtils.copy(responseBody, filterResponse.getOutputStream());
 				((HttpServletResponse) filterResponse).sendError(HttpServletResponse.SC_FORBIDDEN);
 			}
@ -154,7 +155,7 @@ public class ShallowEtagHeaderFilterTests {
				@@ -154,7 +155,7 @@ public class ShallowEtagHeaderFilterTests {

 		assertEquals("Invalid status", 403, response.getStatus());
 		assertNull("Invalid ETag header", response.getHeader("ETag"));
-		assertTrue("Invalid Content-Length header", response.getContentLength() > 0);
+		assertEquals("Invalid Content-Length header", 100, response.getContentLength());
 		assertArrayEquals("Invalid content", responseBody, response.getContentAsByteArray());
 	}

@ -169,6 +170,7 @@ public class ShallowEtagHeaderFilterTests {
				@@ -169,6 +170,7 @@ public class ShallowEtagHeaderFilterTests {
 			public void doFilter(ServletRequest filterRequest, ServletResponse filterResponse)
 					throws IOException, ServletException {
 				assertEquals("Invalid request passed", request, filterRequest);
+				response.setContentLength(100);
 				FileCopyUtils.copy(responseBody, filterResponse.getOutputStream());
 				((HttpServletResponse) filterResponse).sendError(HttpServletResponse.SC_FORBIDDEN, "ERROR");
 			}
@ -177,7 +179,7 @@ public class ShallowEtagHeaderFilterTests {
				@@ -177,7 +179,7 @@ public class ShallowEtagHeaderFilterTests {

 		assertEquals("Invalid status", 403, response.getStatus());
 		assertNull("Invalid ETag header", response.getHeader("ETag"));
-		assertTrue("Invalid Content-Length header", response.getContentLength() > 0);
+		assertEquals("Invalid Content-Length header", 100, response.getContentLength());
 		assertArrayEquals("Invalid content", responseBody, response.getContentAsByteArray());
 		assertEquals("Invalid error message", "ERROR", response.getErrorMessage());
 	}
@ -193,6 +195,7 @@ public class ShallowEtagHeaderFilterTests {
				@@ -193,6 +195,7 @@ public class ShallowEtagHeaderFilterTests {
 			public void doFilter(ServletRequest filterRequest, ServletResponse filterResponse)
 					throws IOException, ServletException {
 				assertEquals("Invalid request passed", request, filterRequest);
+				response.setContentLength(100);
 				FileCopyUtils.copy(responseBody, filterResponse.getOutputStream());
 				((HttpServletResponse) filterResponse).sendRedirect("http://www.google.com");
 			}
@ -201,7 +204,7 @@ public class ShallowEtagHeaderFilterTests {
				@@ -201,7 +204,7 @@ public class ShallowEtagHeaderFilterTests {

 		assertEquals("Invalid status", 302, response.getStatus());
 		assertNull("Invalid ETag header", response.getHeader("ETag"));
-		assertTrue("Invalid Content-Length header", response.getContentLength() > 0);
+		assertEquals("Invalid Content-Length header", 100, response.getContentLength());
 		assertArrayEquals("Invalid content", responseBody, response.getContentAsByteArray());
 		assertEquals("Invalid redirect URL", "http://www.google.com", response.getRedirectedUrl());
 	}