(nifi) branch main updated: NIFI-14103 Corrected thread safety for Proxied Entity Encoder (#9591)

Fri, 20 Dec 2024 10:33:29 -0800 

This is an automated email from the ASF dual-hosted git repository.

exceptionfactory pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/nifi.git


The following commit(s) were added to refs/heads/main by this push:
     new 5c3499a008 NIFI-14103 Corrected thread safety for Proxied Entity 
Encoder (#9591)
5c3499a008 is described below

commit 5c3499a00885700d0fd45acaafce67a472417a0f
Author: David Handermann <[email protected]>
AuthorDate: Fri Dec 20 12:32:17 2024 -0600

    NIFI-14103 Corrected thread safety for Proxied Entity Encoder (#9591)
    
    - Created new CharsetEncoder for each method invocation
---
 .../nifi/security/proxied/entity/StandardProxiedEntityEncoder.java | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git 
a/nifi-commons/nifi-security-proxied-entity/src/main/java/org/apache/nifi/security/proxied/entity/StandardProxiedEntityEncoder.java
 
b/nifi-commons/nifi-security-proxied-entity/src/main/java/org/apache/nifi/security/proxied/entity/StandardProxiedEntityEncoder.java
index 4132537474..edfbb7cdf6 100644
--- 
a/nifi-commons/nifi-security-proxied-entity/src/main/java/org/apache/nifi/security/proxied/entity/StandardProxiedEntityEncoder.java
+++ 
b/nifi-commons/nifi-security-proxied-entity/src/main/java/org/apache/nifi/security/proxied/entity/StandardProxiedEntityEncoder.java
@@ -16,6 +16,7 @@
  */
 package org.apache.nifi.security.proxied.entity;
 
+import java.nio.charset.Charset;
 import java.nio.charset.CharsetEncoder;
 import java.nio.charset.StandardCharsets;
 import java.util.Base64;
@@ -34,7 +35,7 @@ public class StandardProxiedEntityEncoder implements 
ProxiedEntityEncoder {
 
     private static final String ESCAPED_LT = "\\\\<";
 
-    private static final CharsetEncoder headerValueCharsetEncoder = 
StandardCharsets.US_ASCII.newEncoder();
+    private static final Charset headerValueCharset = 
StandardCharsets.US_ASCII;
 
     private static final Base64.Encoder headerValueEncoder = 
Base64.getEncoder();
 
@@ -73,7 +74,9 @@ public class StandardProxiedEntityEncoder implements 
ProxiedEntityEncoder {
         } else {
             final String escaped = identity.replaceAll(LT, 
ESCAPED_LT).replaceAll(GT, ESCAPED_GT);
 
-            if (headerValueCharsetEncoder.canEncode(escaped)) {
+            // Create method-local CharsetEncoder for thread-safe state 
handling
+            final CharsetEncoder charsetEncoder = 
headerValueCharset.newEncoder();
+            if (charsetEncoder.canEncode(escaped)) {
                 // Strings limited to US-ASCII characters can be transmitted 
as HTTP header values without encoding
                 sanitized = escaped;
             } else {

Reply via email to