Author: zhoresh
Date: Tue Jul 27 20:05:09 2010
New Revision: 979836
URL: http://svn.apache.org/viewvc?rev=979836&view=rev
Log:
Handle bad header for proxy request.
http://codereview.appspot.com/1867046/show
Modified:
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyHandler.java
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/ProxyHandlerTest.java
Modified:
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyHandler.java
URL:
http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyHandler.java?rev=979836&r1=979835&r2=979836&view=diff
==============================================================================
---
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyHandler.java
(original)
+++
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyHandler.java
Tue Jul 27 20:05:09 2010
@@ -52,7 +52,7 @@ public class ProxyHandler extends ProxyB
// TODO: parameterize these.
static final Integer LONG_LIVED_REFRESH = (365 * 24 * 60 * 60); // 1 year
static final Integer DEFAULT_REFRESH = (60 * 60); // 1 hour
-
+
private final RequestPipeline requestPipeline;
private final LockedDomainService lockedDomainService;
private final ResponseRewriterRegistry contentRewriterRegistry;
@@ -99,11 +99,11 @@ public class ProxyHandler extends ProxyB
throw new GadgetException(GadgetException.Code.INVALID_PARAMETER, msg,
HttpResponse.SC_BAD_REQUEST);
}
-
+
// Parse request uri:
ProxyUriManager.ProxyUri proxyUri = proxyUriManager.process(
new UriBuilder(request).toUri());
-
+
try {
HttpUtil.setCachingHeaders(response,
proxyUri.translateStatusRefresh(LONG_LIVED_REFRESH,
DEFAULT_REFRESH), false);
@@ -115,10 +115,10 @@ public class ProxyHandler extends ProxyB
HttpRequest rcr = buildHttpRequest(request, proxyUri,
proxyUri.getResource());
if (rcr == null) {
throw new GadgetException(GadgetException.Code.INVALID_PARAMETER,
- "No url paramater in request", HttpResponse.SC_BAD_REQUEST);
+ "No url paramater in request", HttpResponse.SC_BAD_REQUEST);
}
HttpResponse results = requestPipeline.execute(rcr);
-
+
if (results.isError()) {
// Error: try the fallback. Particularly useful for proxied images.
Uri fallbackUri = proxyUri.getFallbackUri();
@@ -127,7 +127,7 @@ public class ProxyHandler extends ProxyB
results = requestPipeline.execute(fallbackRcr);
}
}
-
+
if (contentRewriterRegistry != null) {
try {
results = contentRewriterRegistry.rewriteHttpResponse(rcr, results);
@@ -140,7 +140,12 @@ public class ProxyHandler extends ProxyB
for (Map.Entry<String, String> entry : results.getHeaders().entries()) {
String name = entry.getKey();
if (!DISALLOWED_RESPONSE_HEADERS.contains(name.toLowerCase())) {
+ try {
response.addHeader(name, entry.getValue());
+ } catch (IllegalArgumentException e) {
+ // Skip illegal header
+ LOG.info("Skipping illegal header: " + name + ":" +
entry.getValue());
+ }
}
}
Modified:
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/ProxyHandlerTest.java
URL:
http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/ProxyHandlerTest.java?rev=979836&r1=979835&r2=979836&view=diff
==============================================================================
---
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/ProxyHandlerTest.java
(original)
+++
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/ProxyHandlerTest.java
Tue Jul 27 20:05:09 2010
@@ -25,6 +25,7 @@ import static org.easymock.EasyMock.isA;
import com.google.common.base.Objects;
import com.google.common.collect.Maps;
+import org.apache.shindig.common.servlet.HttpServletResponseRecorder;
import org.apache.shindig.common.uri.Uri;
import org.apache.shindig.common.util.Utf8UrlCoder;
import org.apache.shindig.gadgets.GadgetException;
@@ -63,7 +64,7 @@ public class ProxyHandlerTest extends Se
HttpResponse resp = new
HttpResponseBuilder().addAllHeaders(headers).create();
expect(pipeline.execute(req)).andReturn(resp);
}
-
+
private void setupProxyRequestBase(String host) {
expect(request.getServerName()).andReturn(host).anyTimes();
expect(request.getScheme()).andReturn("http").anyTimes();
@@ -170,9 +171,12 @@ public class ProxyHandlerTest extends Se
String domain = "example.org";
String contentType = "text/evil; charset=UTF-8";
String magicGarbage = "fadfdfdfd";
+ final String badHeader = "Caching Server";
+ String badValue ="server";
Map<String, List<String>> headers = Maps.newHashMap();
headers.put("Content-Type", Arrays.asList(contentType));
headers.put("X-Magic-Garbage", Arrays.asList(magicGarbage));
+ headers.put(badHeader, Arrays.asList(badValue));
expect(lockedDomainService.isSafeForOpenProxy(domain)).andReturn(true).atLeastOnce();
setupProxyRequestMock(domain, url);
@@ -180,13 +184,23 @@ public class ProxyHandlerTest extends Se
replay();
- proxyHandler.fetch(request, recorder);
+ HttpServletResponseRecorder newRecorder = new
HttpServletResponseRecorder(response) {
+ @Override
+ public void addHeader(String name, String value) {
+ if (name.equals(badHeader)) {
+ throw new IllegalArgumentException("Bad header");
+ }
+ super.addHeader(name, value);
+ }
+ };
+ proxyHandler.fetch(request, newRecorder);
- assertEquals(contentType, recorder.getHeader("Content-Type"));
- assertEquals(magicGarbage, recorder.getHeader("X-Magic-Garbage"));
+ assertEquals(contentType, newRecorder.getHeader("Content-Type"));
+ assertEquals(magicGarbage, newRecorder.getHeader("X-Magic-Garbage"));
+ assertNull("Blocked header", newRecorder.getHeader(badHeader));
assertTrue(rewriter.responseWasRewritten());
}
-
+
@Test
public void testGetFallback() throws Exception {
String url = "http://example.org/file.evil";;
