oglueck 2004/09/17 00:51:41
Modified: httpclient/src/java/org/apache/commons/httpclient Tag:
HTTPCLIENT_2_0_BRANCH HttpMethodBase.java
Log:
add API Doc about buffering
add a warning if the buffered content length is unknown or > 1 MB
optimization of buffer allocation
PR: 31246, 30388
Reviewed by: Oleg Kalnichevski
Revision Changes Path
No revision
No revision
1.159.2.32 +29 -7
jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/HttpMethodBase.java
Index: HttpMethodBase.java
===================================================================
RCS file:
/home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/HttpMethodBase.java,v
retrieving revision 1.159.2.31
retrieving revision 1.159.2.32
diff -u -r1.159.2.31 -r1.159.2.32
--- HttpMethodBase.java 19 Aug 2004 21:38:12 -0000 1.159.2.31
+++ HttpMethodBase.java 17 Sep 2004 07:51:40 -0000 1.159.2.32
@@ -223,6 +223,12 @@
/** Number of milliseconds to wait for 100-contunue response. */
private static final int RESPONSE_WAIT_TIME_MS = 3000;
+ /** Maximum buffered response size (in bytes) that triggers no warning. */
+ private static final int BUFFER_WARN_TRIGGER_LIMIT = 1024*1024; //1 MB
+
+ /** Default initial size of the response buffer if content length is unknown. */
+ private static final int DEFAULT_INITIAL_BUFFER_SIZE = 4*1024; // 4 kB
+
// ----------------------------------------------------------- Constructors
/**
@@ -669,7 +675,12 @@
/**
* Returns the response body of the HTTP method, if any, as an array of bytes.
- * If response body is not available or cannot be read, returns <tt>null</tt>
+ * If response body is not available or cannot be read, returns <tt>null</tt>.
+ *
+ * Note: This will cause the entire response body to be buffered in memory. A
+ * malicious server may easily exhaust all the VM memory. It is strongly
+ * recommended, to use getResponseAsStream if the content length of the response
+ * is unknown or resonably large.
*
* @return The response body.
*/
@@ -678,8 +689,14 @@
try {
InputStream instream = getResponseBodyAsStream();
if (instream != null) {
+ int contentLength = getResponseContentLength();
+ if ((contentLength == -1) || (contentLength >
BUFFER_WARN_TRIGGER_LIMIT)) {
+ LOG.warn("Going to buffer response body of large or unknown
size. "
+ +"Using getResponseAsStream instead is
recommended.");
+ }
LOG.debug("Buffering response body");
- ByteArrayOutputStream outstream = new ByteArrayOutputStream();
+ ByteArrayOutputStream outstream = new ByteArrayOutputStream(
+ contentLength > 0 ? contentLength :
DEFAULT_INITIAL_BUFFER_SIZE);
byte[] buffer = new byte[4096];
int len;
while ((len = instream.read(buffer)) > 0) {
@@ -723,7 +740,12 @@
* If response body is not available or cannot be read, returns <tt>null</tt>
* The string conversion on the data is done using the character encoding
specified
* in <tt>Content-Type</tt> header.
- *
+ *
+ * Note: This will cause the entire response body to be buffered in memory. A
+ * malicious server may easily exhaust all the VM memory. It is strongly
+ * recommended, to use getResponseAsStream if the content length of the response
+ * is unknown or resonably large.
+ *
* @return The response body.
*/
public String getResponseBodyAsString() {
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
