# HG changeset patch # User dfuchs # Date 1512557071 0 # Node ID 35376c843df1b88656ea759fbc463535a76b0022 # Parent 24e637188a68a9da88b1e62fd067a350ccbd4fa5 http-client-branch: make test MockServer more resilient to rogue clients diff -r 24e637188a68 -r 35376c843df1 test/jdk/java/net/httpclient/MockServer.java --- a/test/jdk/java/net/httpclient/MockServer.java Wed Dec 06 10:33:27 2017 +0000 +++ b/test/jdk/java/net/httpclient/MockServer.java Wed Dec 06 10:44:31 2017 +0000 @@ -50,6 +50,15 @@ private final List removals; private final List additions; AtomicInteger counter = new AtomicInteger(0); + // if specified (not null), only requests which + // contain this value in their status line + // will be taken into account and returned by activity(). + // Other requests will get summarily closed. + // When specified, this can prevent answering to rogue + // (external) clients that might be lurking + // on the test machine instead of answering + // to the test client. + final String root; // waits up to 20 seconds for something to happen // dont use this unless certain activity coming. @@ -58,6 +67,19 @@ doRemovalsAndAdditions(); for (Connection c : sockets) { if (c.poll()) { + if (root != null) { + // if a root was specified in MockServer + // constructor, rejects (by closing) all + // requests whose statusLine does not contain + // root. + if (!c.statusLine.contains(root)) { + System.out.println("Bad statusLine: " + + c.statusLine + + " closing connection"); + c.close(); + continue; + } + } return c; } } @@ -118,6 +140,7 @@ final InputStream is; final OutputStream os; final ArrayBlockingQueue incoming; + volatile String statusLine; final static String CRLF = "\r\n"; @@ -143,6 +166,7 @@ while ((i=s.indexOf(CRLF)) != -1) { String s1 = s.substring(0, i+2); System.out.println("Server got: " + s1.substring(0,i)); + if (statusLine == null) statusLine = s1.substring(0,i); incoming.put(s1); if (i+2 == s.length()) { s = ""; @@ -250,8 +274,10 @@ } } - MockServer(int port, ServerSocketFactory factory) throws IOException { + MockServer(int port, ServerSocketFactory factory, String root) throws IOException { ss = factory.createServerSocket(port); + this.root = root; // if specified, any request which don't have this value + // in their statusLine will be rejected. sockets = Collections.synchronizedList(new LinkedList<>()); removals = new LinkedList<>(); additions = new LinkedList<>(); @@ -259,6 +285,10 @@ setDaemon(true); } + MockServer(int port, ServerSocketFactory factory) throws IOException { + this(port, factory, "/foo/"); + } + MockServer(int port) throws IOException { this(port, ServerSocketFactory.getDefault()); } diff -r 24e637188a68 -r 35376c843df1 test/jdk/java/net/httpclient/SplitResponse.java --- a/test/jdk/java/net/httpclient/SplitResponse.java Wed Dec 06 10:33:27 2017 +0000 +++ b/test/jdk/java/net/httpclient/SplitResponse.java Wed Dec 06 10:44:31 2017 +0000 @@ -132,6 +132,34 @@ out.println("server is: " + uri); server.start(); + + // The following code can be uncommented to verify that the + // MockServer will reject rogue requests whose URI does not + // contain "/foo/". + // + // Thread go = new Thread() { + // public void run() { + // try { + // HttpClient client = newHttpClient(); + // URI uri2 = URI.create(uri.toString().replace("/foo/","/")); + // HttpRequest request = HttpRequest + // .newBuilder(uri2).version(version).build(); + // while (true) { + // try { + // client.send(request, HttpResponse.BodyHandler.asString()); + // } catch (IOException ex) { + // System.out.println("Client rejected " + request); + // } + // sleep(250); + // } + // } catch ( Throwable x) { + // } + // } + // }; + // go.setDaemon(true); + // go.start(); + + HttpClient client = newHttpClient(); HttpRequest request = HttpRequest.newBuilder(uri).version(version).build(); HttpResponse r;