This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 67ec1d890e Refactor as suggested by CoPilot
67ec1d890e is described below
commit 67ec1d890ed0a48e4062d69377043067b4c9ced9
Author: Mark Thomas <[email protected]>
AuthorDate: Thu Apr 9 11:38:35 2026 +0100
Refactor as suggested by CoPilot
Make :path handling consistent with other headers
Don't waste cycles processing an unknown pseudo header
---
java/org/apache/coyote/http2/Stream.java | 40 ++++++++++++++------------------
1 file changed, 17 insertions(+), 23 deletions(-)
diff --git a/java/org/apache/coyote/http2/Stream.java
b/java/org/apache/coyote/http2/Stream.java
index 7e05f1a65a..2e83a441b5 100644
--- a/java/org/apache/coyote/http2/Stream.java
+++ b/java/org/apache/coyote/http2/Stream.java
@@ -407,31 +407,27 @@ class Stream extends AbstractNonZeroStream implements
HeaderEmitter {
headerException = new StreamException(
sm.getString("stream.header.duplicate",
getConnectionId(), getIdAsString(), ":path"),
Http2Error.PROTOCOL_ERROR, getIdAsInt());
- // No need for further processing. The stream will be
reset.
- return;
- }
- if (value.isEmpty()) {
+ } else if (value.isEmpty()) {
headerException = new StreamException(
sm.getString("stream.header.noPath",
getConnectionId(), getIdAsString()),
Http2Error.PROTOCOL_ERROR, getIdAsInt());
- // No need for further processing. The stream will be
reset.
- return;
- }
- int queryStart = value.indexOf('?');
- String uri;
- if (queryStart == -1) {
- uri = value;
} else {
- uri = value.substring(0, queryStart);
- String query = value.substring(queryStart + 1);
- coyoteRequest.queryString().setString(query);
+ int queryStart = value.indexOf('?');
+ String uri;
+ if (queryStart == -1) {
+ uri = value;
+ } else {
+ uri = value.substring(0, queryStart);
+ String query = value.substring(queryStart + 1);
+ coyoteRequest.queryString().setString(query);
+ }
+ // Bug 61120. Set the URI as bytes rather than String so:
+ // - any path parameters are correctly processed
+ // - the normalization security checks are performed that
prevent
+ // directory traversal attacks
+ byte[] uriBytes =
uri.getBytes(StandardCharsets.ISO_8859_1);
+ coyoteRequest.requestURI().setBytes(uriBytes, 0,
uriBytes.length);
}
- // Bug 61120. Set the URI as bytes rather than String so:
- // - any path parameters are correctly processed
- // - the normalization security checks are performed that
prevent
- // directory traversal attacks
- byte[] uriBytes = uri.getBytes(StandardCharsets.ISO_8859_1);
- coyoteRequest.requestURI().setBytes(uriBytes, 0,
uriBytes.length);
break;
}
case ":authority": {
@@ -499,9 +495,7 @@ class Stream extends AbstractNonZeroStream implements
HeaderEmitter {
headerException = new StreamException(
sm.getString("stream.header.unknownPseudoHeader",
getConnectionId(), getIdAsString(), name),
Http2Error.PROTOCOL_ERROR, getIdAsInt());
- }
-
- if (headerState == HEADER_STATE_TRAILER) {
+ } else if (headerState == HEADER_STATE_TRAILER) {
// HTTP/2 headers are already always lower case
coyoteRequest.getMimeTrailerFields().addValue(name).setString(value);
} else {
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
