andreacavalli/netty5
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Revert "CorsHandler to respect http connection (keep-alive) header."

Browse Source 
This reverts commit ecd6e5ce6d.
This commit is contained in:
Norman Maurer 2016-08-24 08:54:29 +02:00
parent ecd6e5ce6d
commit a8b8553ad1
2 changed files with 6 additions and 112 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
codec-http/src/main/java/io/netty/handler/codec/http/cors/CorsHandler.java
View File

@ -24,7 +24,6 @@ import io.netty.handler.codec.http.HttpHeaderNames;
import io.netty.handler.codec.http.HttpHeaders;
import io.netty.handler.codec.http.HttpRequest;
import io.netty.handler.codec.http.HttpResponse;
import io.netty.handler.codec.http.HttpUtil;
import io.netty.util.internal.logging.InternalLogger;
import io.netty.util.internal.logging.InternalLoggerFactory;
@ -81,12 +80,7 @@ public class CorsHandler extends ChannelDuplexHandler {
setPreflightHeaders(response);
}
release(request);
if (HttpUtil.isKeepAlive(request)) {
ctx.writeAndFlush(response);
} else {
ctx.writeAndFlush(response).addListener(ChannelFutureListener.CLOSE);
}
ctx.writeAndFlush(response).addListener(ChannelFutureListener.CLOSE);
}
/**
@ -209,14 +203,8 @@ public class CorsHandler extends ChannelDuplexHandler {
}
private static void forbidden(final ChannelHandlerContext ctx, final HttpRequest request) {
if (HttpUtil.isKeepAlive(request)) {
ctx.writeAndFlush(new DefaultFullHttpResponse(request.protocolVersion(), FORBIDDEN));
} else {
ctx.writeAndFlush(new DefaultFullHttpResponse(request.protocolVersion(), FORBIDDEN))
.addListener(ChannelFutureListener.CLOSE);
}
ctx.writeAndFlush(new DefaultFullHttpResponse(request.protocolVersion(), FORBIDDEN))
.addListener(ChannelFutureListener.CLOSE);
release(request);
}
}

100
codec-http/src/test/java/io/netty/handler/codec/http/cors/CorsHandlerTest.java
View File

@ -23,7 +23,6 @@ import io.netty.handler.codec.http.DefaultFullHttpResponse;
import io.netty.handler.codec.http.FullHttpRequest;
import io.netty.handler.codec.http.HttpMethod;
import io.netty.handler.codec.http.HttpResponse;
import io.netty.util.AsciiString;
import org.junit.Test;
import java.util.Arrays;
@ -36,13 +35,10 @@ import static io.netty.handler.codec.http.HttpHeaderNames.ACCESS_CONTROL_ALLOW_O
import static io.netty.handler.codec.http.HttpHeaderNames.ACCESS_CONTROL_EXPOSE_HEADERS;
import static io.netty.handler.codec.http.HttpHeaderNames.ACCESS_CONTROL_REQUEST_HEADERS;
import static io.netty.handler.codec.http.HttpHeaderNames.ACCESS_CONTROL_REQUEST_METHOD;
import static io.netty.handler.codec.http.HttpHeaderNames.CONNECTION;
import static io.netty.handler.codec.http.HttpHeaderNames.CONTENT_LENGTH;
import static io.netty.handler.codec.http.HttpHeaderNames.DATE;
import static io.netty.handler.codec.http.HttpHeaderNames.ORIGIN;
import static io.netty.handler.codec.http.HttpHeaderNames.VARY;
import static io.netty.handler.codec.http.HttpHeaderValues.KEEP_ALIVE;
import static io.netty.handler.codec.http.HttpHeaderValues.CLOSE;
import static io.netty.handler.codec.http.HttpHeadersTestUtils.of;
import static io.netty.handler.codec.http.HttpMethod.DELETE;
import static io.netty.handler.codec.http.HttpMethod.GET;
@ -292,100 +288,17 @@ public class CorsHandlerTest {
assertThat(response.headers().get(ACCESS_CONTROL_ALLOW_ORIGIN), is(nullValue()));
}
@Test
public void shortCurcuitWithConnectionKeepAliveShouldStayOpen() {
final CorsConfig config = forOrigin("http://localhost:8080").shortCircuit().build();
final EmbeddedChannel channel = new EmbeddedChannel(new CorsHandler(config));
final FullHttpRequest request = createHttpRequest(GET);
request.headers().set(ORIGIN, "http://localhost:8888");
request.headers().set(CONNECTION, KEEP_ALIVE);
channel.writeInbound(request);
final HttpResponse response = channel.readOutbound();
assertThat(channel.isOpen(), is(true));
assertThat(response.status(), is(FORBIDDEN));
}
@Test
public void shortCurcuitWithoutConnectionShouldStayOpen() {
final CorsConfig config = forOrigin("http://localhost:8080").shortCircuit().build();
final EmbeddedChannel channel = new EmbeddedChannel(new CorsHandler(config));
final FullHttpRequest request = createHttpRequest(GET);
request.headers().set(ORIGIN, "http://localhost:8888");
channel.writeInbound(request);
final HttpResponse response = channel.readOutbound();
assertThat(channel.isOpen(), is(true));
assertThat(response.status(), is(FORBIDDEN));
}
@Test
public void shortCurcuitWithConnectionCloseShouldClose() {
final CorsConfig config = forOrigin("http://localhost:8080").shortCircuit().build();
final EmbeddedChannel channel = new EmbeddedChannel(new CorsHandler(config));
final FullHttpRequest request = createHttpRequest(GET);
request.headers().set(ORIGIN, "http://localhost:8888");
request.headers().set(CONNECTION, CLOSE);
channel.writeInbound(request);
final HttpResponse response = channel.readOutbound();
assertThat(channel.isOpen(), is(false));
assertThat(response.status(), is(FORBIDDEN));
}
@Test
public void preflightRequestShouldReleaseRequest() {
final CorsConfig config = forOrigin("http://localhost:8888")
.preflightResponseHeader("CustomHeader", Arrays.asList("value1", "value2"))
.build();
final EmbeddedChannel channel = new EmbeddedChannel(new CorsHandler(config));
final FullHttpRequest request = optionsRequest("http://localhost:8888", "content-type, xheader1", null);
final FullHttpRequest request = optionsRequest("http://localhost:8888", "content-type, xheader1");
channel.writeInbound(request);
assertThat(request.refCnt(), is(0));
}
@Test
public void preflightRequestWithConnectionKeepAliveShouldStayOpen() throws Exception {
final CorsConfig config = forOrigin("http://localhost:8888").build();
final EmbeddedChannel channel = new EmbeddedChannel(new CorsHandler(config));
final FullHttpRequest request = optionsRequest("http://localhost:8888", "", KEEP_ALIVE);
channel.writeInbound(request);
final HttpResponse response = channel.readOutbound();
assertThat(channel.isOpen(), is(true));
assertThat(response.status(), is(OK));
}
@Test
public void preflightRequestWithoutConnectionShouldStayOpen() throws Exception {
final CorsConfig config = forOrigin("http://localhost:8888").build();
final EmbeddedChannel channel = new EmbeddedChannel(new CorsHandler(config));
final FullHttpRequest request = optionsRequest("http://localhost:8888", "", null);
channel.writeInbound(request);
final HttpResponse response = channel.readOutbound();
assertThat(channel.isOpen(), is(true));
assertThat(response.status(), is(OK));
}
@Test
public void preflightRequestWithConnectionCloseShouldClose() throws Exception {
final CorsConfig config = forOrigin("http://localhost:8888").build();
final EmbeddedChannel channel = new EmbeddedChannel(new CorsHandler(config));
final FullHttpRequest request = optionsRequest("http://localhost:8888", "", CLOSE);
channel.writeInbound(request);
final HttpResponse response = channel.readOutbound();
assertThat(channel.isOpen(), is(false));
assertThat(response.status(), is(OK));
}
@Test
public void forbiddenShouldReleaseRequest() {
final CorsConfig config = forOrigin("https://localhost").shortCircuit().build();
@ -426,22 +339,15 @@ public class CorsHandlerTest {
final String origin,
final String requestHeaders) {
final EmbeddedChannel channel = new EmbeddedChannel(new CorsHandler(config));
channel.writeInbound(optionsRequest(origin, requestHeaders, null));
channel.writeInbound(optionsRequest(origin, requestHeaders));
return (HttpResponse) channel.readOutbound();
}
private static FullHttpRequest optionsRequest(final String origin,
final String requestHeaders,
final AsciiString connection) {
private static FullHttpRequest optionsRequest(final String origin, final String requestHeaders) {
final FullHttpRequest httpRequest = createHttpRequest(OPTIONS);
httpRequest.headers().set(ORIGIN, origin);
httpRequest.headers().set(ACCESS_CONTROL_REQUEST_METHOD, httpRequest.method().toString());
httpRequest.headers().set(ACCESS_CONTROL_REQUEST_HEADERS, requestHeaders);
if (connection != null) {
httpRequest.headers().set(CONNECTION, connection);
}
return httpRequest;
}