root
/
spring-boot
mirror of https://github.com/spring-projects/spring-boot.git
1
0
Fork 0
Code Issues Actions 15 Packages Projects Releases Wiki Activity

Upgrade to Jetty 12.0.2 

Closes gh-37803
This commit is contained in:
Andy Wilkinson 2023-10-10 15:00:02 +01:00
parent 7b1059a4b5
commit 15ee305ef3
2 changed files with 11 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
spring-boot-project/spring-boot-dependencies/build.gradle
View File

@ -677,7 +677,7 @@ bom {
] ]
} }
} }
library("Jetty", "12.0.1") { library("Jetty", "12.0.2") {
group("org.eclipse.jetty.ee10") { group("org.eclipse.jetty.ee10") {
imports = [ imports = [
"jetty-ee10-bom" "jetty-ee10-bom"

13
spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/embedded/jetty/JettyServletWebServerFactory.java
View File

@ -55,8 +55,10 @@ import org.eclipse.jetty.ee10.webapp.WebInfConfiguration;
import org.eclipse.jetty.http.HttpCookie; import org.eclipse.jetty.http.HttpCookie;
import org.eclipse.jetty.http.HttpField; import org.eclipse.jetty.http.HttpField;
import org.eclipse.jetty.http.HttpFields.Mutable; import org.eclipse.jetty.http.HttpFields.Mutable;
import org.eclipse.jetty.http.HttpHeader;
import org.eclipse.jetty.http.MimeTypes; import org.eclipse.jetty.http.MimeTypes;
import org.eclipse.jetty.http.MimeTypes.Wrapper; import org.eclipse.jetty.http.MimeTypes.Wrapper;
import org.eclipse.jetty.http.SetCookieParser;
import org.eclipse.jetty.http2.server.HTTP2CServerConnectionFactory; import org.eclipse.jetty.http2.server.HTTP2CServerConnectionFactory;
import org.eclipse.jetty.server.AbstractConnector; import org.eclipse.jetty.server.AbstractConnector;
import org.eclipse.jetty.server.ConnectionFactory; import org.eclipse.jetty.server.ConnectionFactory;
@ -787,6 +789,8 @@ public class JettyServletWebServerFactory extends AbstractServletWebServerFactor
private final class SameSiteCookieHttpStreamWrapper extends HttpStream.Wrapper { private final class SameSiteCookieHttpStreamWrapper extends HttpStream.Wrapper {
private static final SetCookieParser setCookieParser = SetCookieParser.newInstance();
private final Request request; private final Request request;
private SameSiteCookieHttpStreamWrapper(HttpStream wrapped, Request request) { private SameSiteCookieHttpStreamWrapper(HttpStream wrapped, Request request) {
@ -799,15 +803,18 @@ public class JettyServletWebServerFactory extends AbstractServletWebServerFactor
super.prepareResponse(headers); super.prepareResponse(headers);
ListIterator<HttpField> headerFields = headers.listIterator(); ListIterator<HttpField> headerFields = headers.listIterator();
while (headerFields.hasNext()) { while (headerFields.hasNext()) {
HttpCookieUtils.SetCookieHttpField updatedField = applySameSiteIfNecessary(headerFields.next()); HttpField updatedField = applySameSiteIfNecessary(headerFields.next());
if (updatedField != null) { if (updatedField != null) {
headerFields.set(updatedField); headerFields.set(updatedField);
} }
} }
} }
private HttpCookieUtils.SetCookieHttpField applySameSiteIfNecessary(HttpField headerField) { private HttpField applySameSiteIfNecessary(HttpField headerField) {
HttpCookie cookie = HttpCookieUtils.getSetCookie(headerField); if (headerField.getHeader() != HttpHeader.SET_COOKIE) {
return null;
}
HttpCookie cookie = setCookieParser.parse(headerField.getValue());
if (cookie == null) { if (cookie == null) {
return null; return null;
} }