Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jetty 12 ComplianceViolation.Listener not notified for URI, Cookie, and Multipart violations. #11253

Closed
joakime opened this issue Jan 8, 2024 · 1 comment · Fixed by #11254
Assignees
Labels
Bug For general bugs on Jetty side Sponsored This issue affects a user with a commercial support agreement
Milestone

Comments

@joakime
Copy link
Contributor

joakime commented Jan 8, 2024

Jetty version(s)
12.0.5

Jetty Environment
core / ee10 / ee9 / ee89

Java version/vendor (use: java -version)
Any

OS type/version
Any

Description
The ComplianceViolation.Listener is not called for Cookie, URI, and Muiltipart violations.

@joakime joakime added Bug For general bugs on Jetty side Sponsored This issue affects a user with a commercial support agreement labels Jan 8, 2024
@joakime joakime added this to the 12.0.x milestone Jan 8, 2024
@joakime joakime self-assigned this Jan 8, 2024
@joakime joakime moved this to 🏗 In progress in Jetty 12.0.6 FROZEN Jan 8, 2024
@joakime
Copy link
Contributor Author

joakime commented Jan 8, 2024

Note: HTTP/1 violations are properly notified.

joakime added a commit that referenced this issue Jan 8, 2024
… URI / MultiPart compliance to also receive listener events.
joakime added a commit that referenced this issue Jan 24, 2024
… URI / MultiPart compliance to also receive listener events. (#11254)

+ Introduce new events on `ComplianceViolation.Listener`
+ Introduce new `ComplianceViolation.Listener.initialize()` to allow for a new Listener at the appropriate time (to support per-request listeners)
+ Introduce new `ComplianceViolation.CapturingListener`
+ Introduce new `HttpConfiguration.(add/remove/get)ComplianceViolationListener()` methods.
+ Deprecate/Remove handling of `recordComplianceViolations` in `HttpConnection` and `HttpConnectionFactory` classes.
+ Produce warnings if use of `ComplianceViolation.Listener` as beans is still present.
+ Add `ComplianceViolation.Listener` support to `UriCompliance` locations.
+ Add `ComplianceViolation.Listener` support to `MultiPartCompliance` locations.
+ Add `ComplianceViolation.Listener` support to `CookieCompliance` locations.
+ Add `ComplianceViolation.Listener` support to `HttpCompliance` locations in HTTP/2 and HTTP/3

---------

Co-authored-by: gregw <[email protected]>
@github-project-automation github-project-automation bot moved this from 🏗 In progress to ✅ Done in Jetty 12.0.6 FROZEN Jan 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Bug For general bugs on Jetty side Sponsored This issue affects a user with a commercial support agreement
Projects
No open projects
Status: ✅ Done
1 participant