diff options
author | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2022-04-29 12:17:22 +0200 |
---|---|---|
committer | gjoranv <gv@verizonmedia.com> | 2022-06-08 11:45:20 +0200 |
commit | 48d0b778681f08f27fae29a974c1aad071912efe (patch) | |
tree | 874a00fdcf4163eab528880be4ab21e14ee5a846 /config-model | |
parent | a6d53acc873b9057c2e5faf54d6b60d9616b0582 (diff) |
Enable filtering 'strict-mode' by default
Diffstat (limited to 'config-model')
-rw-r--r-- | config-model/src/main/java/com/yahoo/vespa/model/container/http/Http.java | 9 | ||||
-rw-r--r-- | config-model/src/test/java/com/yahoo/vespa/model/container/http/StrictFilteringTest.java | 43 |
2 files changed, 45 insertions, 7 deletions
diff --git a/config-model/src/main/java/com/yahoo/vespa/model/container/http/Http.java b/config-model/src/main/java/com/yahoo/vespa/model/container/http/Http.java index f5d1d3e6afd..eea3ec68cc0 100644 --- a/config-model/src/main/java/com/yahoo/vespa/model/container/http/Http.java +++ b/config-model/src/main/java/com/yahoo/vespa/model/container/http/Http.java @@ -24,7 +24,7 @@ public class Http extends AbstractConfigProducer<AbstractConfigProducer<?>> impl private final List<FilterBinding> bindings = new CopyOnWriteArrayList<>(); private volatile JettyHttpServer httpServer; private volatile AccessControl accessControl; - private volatile boolean strictFiltering = false; // TODO Vespa 8: Enable strict filtering by default if filtering is enabled + private volatile Boolean strictFiltering; public Http(FilterChains chains) { super("http"); @@ -83,7 +83,12 @@ public class Http extends AbstractConfigProducer<AbstractConfigProducer<?>> impl .binding(binding.binding().patternString())); } populateDefaultFiltersConfig(builder, httpServer); - builder.strictFiltering(strictFiltering); + + // Enable strict filter by default if any filter chain/binding is configured + boolean strictFilter = this.strictFiltering == null + ? (!bindings.isEmpty() || !filterChains.allChains().allComponents().isEmpty()) + : strictFiltering; + builder.strictFiltering(strictFilter); } @Override diff --git a/config-model/src/test/java/com/yahoo/vespa/model/container/http/StrictFilteringTest.java b/config-model/src/test/java/com/yahoo/vespa/model/container/http/StrictFilteringTest.java index f703f39295f..ad81c9a5a4d 100644 --- a/config-model/src/test/java/com/yahoo/vespa/model/container/http/StrictFilteringTest.java +++ b/config-model/src/test/java/com/yahoo/vespa/model/container/http/StrictFilteringTest.java @@ -8,7 +8,7 @@ import com.yahoo.vespa.model.container.xml.ContainerModelBuilder; import org.junit.Test; import org.w3c.dom.Element; -import static org.junit.Assert.assertTrue; +import static org.junit.Assert.assertEquals; /** * @author bjorncs @@ -16,11 +16,11 @@ import static org.junit.Assert.assertTrue; public class StrictFilteringTest extends DomBuilderTest { @Test - public void default_request_and_response_filters_in_services_xml_are_listen_in_server_config() { + public void strict_filtering_enabled_if_specified_in_services() { Element xml = parse( "<container version='1.0'>", " <http>", - " <filtering strict-mode=\"true\">", + " <filtering strict-mode='true'>", " <request-chain id='request-chain-with-binding'>", " <filter id='my-filter' class='MyFilter'/>", " <binding>http://*/my-chain-binding</binding>", @@ -29,9 +29,42 @@ public class StrictFilteringTest extends DomBuilderTest { " <server id='server1' port='8000' />", " </http>", "</container>"); - buildContainerCluster(xml); + assertStrictFiltering(true, xml); + } + + @Test + public void strict_filtering_enabled_by_default_if_filter_present() { + Element xml = parse( + "<container version='1.0'>", + " <http>", + " <filtering>", + " <request-chain id='request-chain'>", + " <filter id='my-filter' class='MyFilter'/>", + " </request-chain>", + " </filtering>", + " <server id='server1' port='8000' />", + " </http>", + "</container>"); + assertStrictFiltering(true, xml); + } + + @Test + public void strict_filtering_disabled_if_no_filter() { + Element xml = parse( + "<container version='1.0'>", + " <http>", + " <filtering>", + " </filtering>", + " <server id='server1' port='8000' />", + " </http>", + "</container>"); + assertStrictFiltering(false, xml); + } + + private void assertStrictFiltering(boolean expected, Element services) { + buildContainerCluster(services); ServerConfig config = root.getConfig(ServerConfig.class, "container/http/jdisc-jetty/server1"); - assertTrue(config.strictFiltering()); + assertEquals(expected, config.strictFiltering()); } private void buildContainerCluster(Element containerElem) { |