From ff3c19b99877b3ba6648ca93a7fa49840f02870a Mon Sep 17 00:00:00 2001 From: markt Date: Sun, 6 Jun 2010 18:47:14 +0000 Subject: [PATCH] Part of refactoring STRICT_SERVLET_COMPLIANCE so it just changes defaults New WRAP_SAME_OBJECT property git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@951926 13f79535-47bb-0310-9956-ffa450edef68 --- .../catalina/core/ApplicationDispatcher.java | 23 +++++++++- webapps/docs/config/systemprops.xml | 49 +++++++++++----------- 2 files changed, 46 insertions(+), 26 deletions(-) diff --git a/java/org/apache/catalina/core/ApplicationDispatcher.java b/java/org/apache/catalina/core/ApplicationDispatcher.java index b30c4b0cd..42678d5c2 100644 --- a/java/org/apache/catalina/core/ApplicationDispatcher.java +++ b/java/org/apache/catalina/core/ApplicationDispatcher.java @@ -70,6 +70,25 @@ final class ApplicationDispatcher private static final Log log = LogFactory.getLog(ApplicationDispatcher.class); + protected static final boolean STRICT_SERVLET_COMPLIANCE; + + protected static final boolean WRAP_SAME_OBJECT; + + + static { + STRICT_SERVLET_COMPLIANCE = Globals.STRICT_SERVLET_COMPLIANCE; + + String wrapSameObject = System.getProperty( + "org.apache.catalina.core.ApplicationDispatcher.WRAP_SAME_OBJECT"); + if (wrapSameObject == null) { + WRAP_SAME_OBJECT = STRICT_SERVLET_COMPLIANCE; + } else { + WRAP_SAME_OBJECT = + Boolean.valueOf(wrapSameObject).booleanValue(); + } + } + + protected class PrivilegedForward implements PrivilegedExceptionAction { private ServletRequest request; @@ -329,7 +348,7 @@ final class ApplicationDispatcher // Set up to handle the specified request and response State state = new State(request, response, false); - if (Globals.STRICT_SERVLET_COMPLIANCE) { + if (WRAP_SAME_OBJECT) { // Check SRV.8.2 / SRV.14.2.5.1 compliance checkSameObjects(request, response); } @@ -504,7 +523,7 @@ final class ApplicationDispatcher // Set up to handle the specified request and response State state = new State(request, response, true); - if (Globals.STRICT_SERVLET_COMPLIANCE) { + if (WRAP_SAME_OBJECT) { // Check SRV.8.2 / SRV.14.2.5.1 compliance checkSameObjects(request, response); } diff --git a/webapps/docs/config/systemprops.xml b/webapps/docs/config/systemprops.xml index 858c91ded..b67145057 100644 --- a/webapps/docs/config/systemprops.xml +++ b/webapps/docs/config/systemprops.xml @@ -222,31 +222,23 @@ -

If this is true the following actions will occur: +

If this is true the default values will be changed for:

    -
  • any wrapped request or response object passed to an application - dispatcher will be checked to ensure that it has wrapped the original - request or response. (SRV.8.2 / SRV.14.2.5.1) -
    • -
  • - The default value will be changed for: -
      -
    • org.apache.catalina.core.ApplicationContext.GET_RESOURCE_REQUIRE_SLASH
      • -
    • org.apache.catalina.core.StandardHostValve.ACCESS_SESSION
      • -
    • org.apache.catalina.session.StandardSession.ACTIVITY_CHECK
      • -
    • org.apache.tomcat.util.http.ServerCookie.ALWAYS_ADD_EXPIRES.
      • -
    • org.apache.tomcat.util.http.ServerCookie.FWD_SLASH_IS_SEPARATOR.
      • -
    • org.apache.tomcat.util.http.ServerCookie.STRICT_NAMING.
      • -
    • The tldNamespaceAware attribute of any - Context element
      • . -
    • The tldValidation attribute of any - Context element
      • . -
    • The xmlNamespaceAware attribute of any - Context element
      • . -
    • The xmlValidation attribute of any - Context element
      • . -
    -
    • +
  • org.apache.catalina.core.ApplicationContext.GET_RESOURCE_REQUIRE_SLASH
    • +
  • org.apache.catalina.core.ApplicationDispatcher.WRAP_SAME_OBJECT
    • +
  • org.apache.catalina.core.StandardHostValve.ACCESS_SESSION
    • +
  • org.apache.catalina.session.StandardSession.ACTIVITY_CHECK
    • +
  • org.apache.tomcat.util.http.ServerCookie.ALWAYS_ADD_EXPIRES.
    • +
  • org.apache.tomcat.util.http.ServerCookie.FWD_SLASH_IS_SEPARATOR.
    • +
  • org.apache.tomcat.util.http.ServerCookie.STRICT_NAMING.
    • +
  • The tldNamespaceAware attribute of any + Context element
    • . +
  • The tldValidation attribute of any + Context element
    • . +
  • The xmlNamespaceAware attribute of any + Context element
    • . +
  • The xmlValidation attribute of any + Context element
    • .

Note that changing a number of the above defaults is likely to break @@ -282,6 +274,15 @@ else the default value will be false.

 + +

If this is true then any wrapped request or response + object passed to an application dispatcher will be checked to ensure that + it has wrapped the original request or response. If + org.apache.catalina.STRICT_SERVLET_COMPLIANCE is set to + true, the default of this setting will be true, + else the default value will be false.

+ +

If this is true Tomcat will allow = -- 2.11.0