[568138] Rewrite of header validation
Change-Id: Iee8380f01fc56cc0a8bce816f1c751a573723967
diff --git a/core/bundles/org.eclipse.wst.wsi/.classpath b/core/bundles/org.eclipse.wst.wsi/.classpath
index ca11557..c6c0de9 100644
--- a/core/bundles/org.eclipse.wst.wsi/.classpath
+++ b/core/bundles/org.eclipse.wst.wsi/.classpath
@@ -1,7 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<classpath>
- <classpathentry kind="src" path="src"/>
- <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/J2SE-1.4">
+ <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8">
<accessrules>
<accessrule kind="accessible" pattern="org/apache/xerces/**"/>
<accessrule kind="accessible" pattern="org/apache/xml/**"/>
@@ -19,5 +18,6 @@
<accessrule kind="accessible" pattern="org/eclipse/wst/ws/internal/preferences/PersistentWSIContext"/>
</accessrules>
</classpathentry>
+ <classpathentry kind="src" path="src"/>
<classpathentry kind="output" path="bin"/>
</classpath>
diff --git a/core/bundles/org.eclipse.wst.wsi/.settings/org.eclipse.jdt.core.prefs b/core/bundles/org.eclipse.wst.wsi/.settings/org.eclipse.jdt.core.prefs
index a47032c..ec1937b 100644
--- a/core/bundles/org.eclipse.wst.wsi/.settings/org.eclipse.jdt.core.prefs
+++ b/core/bundles/org.eclipse.wst.wsi/.settings/org.eclipse.jdt.core.prefs
@@ -1,12 +1,12 @@
-#Wed Mar 29 04:08:26 EST 2006
eclipse.preferences.version=1
-org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=disabled
-org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.2
+org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
+org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.8
org.eclipse.jdt.core.compiler.codegen.unusedLocal=preserve
-org.eclipse.jdt.core.compiler.compliance=1.4
+org.eclipse.jdt.core.compiler.compliance=1.8
org.eclipse.jdt.core.compiler.debug.lineNumber=generate
org.eclipse.jdt.core.compiler.debug.localVariable=generate
org.eclipse.jdt.core.compiler.debug.sourceFile=generate
-org.eclipse.jdt.core.compiler.problem.assertIdentifier=warning
-org.eclipse.jdt.core.compiler.problem.enumIdentifier=warning
-org.eclipse.jdt.core.compiler.source=1.3
+org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
+org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
+org.eclipse.jdt.core.compiler.release=disabled
+org.eclipse.jdt.core.compiler.source=1.8
diff --git a/core/bundles/org.eclipse.wst.wsi/META-INF/MANIFEST.MF b/core/bundles/org.eclipse.wst.wsi/META-INF/MANIFEST.MF
index ef5ff7b..e54bf1b 100644
--- a/core/bundles/org.eclipse.wst.wsi/META-INF/MANIFEST.MF
+++ b/core/bundles/org.eclipse.wst.wsi/META-INF/MANIFEST.MF
@@ -2,7 +2,7 @@
Bundle-ManifestVersion: 2
Bundle-Name: %_PLUGIN_NAME
Bundle-SymbolicName: org.eclipse.wst.wsi; singleton:=true
-Bundle-Version: 1.1.100.qualifier
+Bundle-Version: 1.1.200.qualifier
Bundle-Activator: org.eclipse.wst.wsi.internal.WSITestToolsPlugin
Bundle-Vendor: %_PROVIDER_NAME
Bundle-Localization: plugin
@@ -52,9 +52,15 @@
javax.wsdl;bundle-version="[1.6.2,1.7.0)",
org.uddi4j;bundle-version="[2.0.4,2.1.0)",
org.apache.axis;bundle-version="[1.3.0,2.0.0)",
+ org.apache.commons.logging,
org.apache.xerces;bundle-version="[2.8.0,3.0.0)",
org.apache.commons.codec;bundle-version="[1.2.0,2.0.0)"
Import-Package: com.ibm.icu.util; version="3.8",
- com.ibm.icu.text; version="3.8"
+ com.ibm.icu.text; version="3.8",
+ org.apache.http,
+ org.apache.http.config,
+ org.apache.http.impl.conn,
+ org.apache.http.impl.io,
+ org.apache.http.io
Bundle-ActivationPolicy: lazy
Bundle-RequiredExecutionEnvironment: JavaSE-1.8
diff --git a/core/bundles/org.eclipse.wst.wsi/pom.xml b/core/bundles/org.eclipse.wst.wsi/pom.xml
index 00d68cb..4537749 100644
--- a/core/bundles/org.eclipse.wst.wsi/pom.xml
+++ b/core/bundles/org.eclipse.wst.wsi/pom.xml
@@ -22,7 +22,7 @@
<groupId>org.eclipse.webtools.webservices</groupId>
<artifactId>org.eclipse.wst.wsi</artifactId>
- <version>1.1.100-SNAPSHOT</version>
+ <version>1.1.200-SNAPSHOT</version>
<packaging>eclipse-plugin</packaging>
<build>
diff --git a/core/bundles/org.eclipse.wst.wsi/src/org/eclipse/wst/wsi/internal/core/util/HttpHeadersValidator.java b/core/bundles/org.eclipse.wst.wsi/src/org/eclipse/wst/wsi/internal/core/util/HttpHeadersValidator.java
index 0b7d38e..3683f97 100644
--- a/core/bundles/org.eclipse.wst.wsi/src/org/eclipse/wst/wsi/internal/core/util/HttpHeadersValidator.java
+++ b/core/bundles/org.eclipse.wst.wsi/src/org/eclipse/wst/wsi/internal/core/util/HttpHeadersValidator.java
@@ -1,5 +1,5 @@
/*******************************************************************************
- * Copyright (c) 2002-2006 IBM Corporation and others.
+ * Copyright (c) 2002, 2020 IBM Corporation and others.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License 2.0
* which accompanies this distribution, and is available at
@@ -18,11 +18,18 @@
import java.net.URL;
import java.text.ParseException;
import java.util.Locale;
-import com.ibm.icu.util.StringTokenizer;
-import sun.net.www.MessageHeader;
+import org.apache.http.Header;
+import org.apache.http.HttpException;
+import org.apache.http.HttpResponse;
+import org.apache.http.config.MessageConstraints;
+import org.apache.http.impl.conn.DefaultHttpResponseParserFactory;
+import org.apache.http.impl.io.HttpTransportMetricsImpl;
+import org.apache.http.impl.io.SessionInputBufferImpl;
+import org.apache.http.io.HttpMessageParser;
import com.ibm.icu.text.SimpleDateFormat;
+import com.ibm.icu.util.StringTokenizer;
/**
* This class checks HTTP request headers about RFC 2616.
@@ -342,55 +349,29 @@
public static boolean validateHttpRequestHeaders(String headers)
{
+ SessionInputBufferImpl buffer = new SessionInputBufferImpl(new HttpTransportMetricsImpl(), 2048);
+ buffer.bind(new ByteArrayInputStream(headers.getBytes()));
+ HttpMessageParser<HttpResponse> messageParser = DefaultHttpResponseParserFactory.INSTANCE.create(buffer, MessageConstraints.DEFAULT);
+ HttpResponse response;
+ try {
+ response = messageParser.parse();
+ }
+ catch (IOException e1) {
+ return false;
+ }
+ catch (HttpException e1) {
+ return false;
+ }
- MessageHeader mh = new MessageHeader();
+ if (!isHTTPVersion(response.getProtocolVersion().toString()))
+ return false;
+
try
{
- mh.parseHeader(new ByteArrayInputStream(headers.getBytes()));
- }
- catch (IOException e)
- {
- return false;
- }
-
- String header = null;
- String value = null;
-
- header = mh.getKey(0);
- if (header != null)
- return false;
-
- value = mh.getValue(0);
- if (value == null)
- return false;
-
- //method
- StringTokenizer st = new StringTokenizer(value, " ");
- if (!st.hasMoreElements())
- return false;
- String str = st.nextToken();
- if (!isToken(str))
- return false;
-
- if (!st.hasMoreElements())
- return false;
- str = st.nextToken();
- if (!isURI(str) && !str.equals("*"))
- return false;
-
- if (!st.hasMoreElements())
- return false;
- str = st.nextToken();
- if (!isHTTPVersion(str))
- return false;
-
- int i = 1;
- try
- {
- while ((header = mh.getKey(i)) != null)
+ for (Header httpHeader: response.getAllHeaders())
{
- value = mh.getValue(i);
- i++;
+ String header = httpHeader.getName();
+ String value = httpHeader.getValue();
// is message-header token
if (!isToken(header))
@@ -605,7 +586,7 @@
continue;
}
- //---
+ //---
if (header.equals(HEADER_IF_MODIFIED_SINCE))
{
if (!isHTTPDate(value))
