jetty.project icon indicating copy to clipboard operation
jetty.project copied to clipboard

Published 20 hours ago verified publisher icon jetty

Issue #13190 - Add CompactPathRule support for decoding and canonicalizing paths

Open joakime opened this issue 5 months ago • 2 comments
trafficstars

Adding methods to CompactPathRule

  • setDecoding(boolean)
  • setCanonicalizing(boolean)
  • addListener(Listener)

joakime avatar Jun 04 '25 21:06 joakime

My normal niggles about naming, but the approach is good. Please investigate if ComplainceListeners can be used rather than introducing a new type of listener

The ComplianceViolation.Listener takes as parameters passed into the listeners implementations ... (ComplianceViolation.Mode mode, ComplianceViolation violation, String details).

What would you suggest this be? An existing UriCompliance.Violation? or something new (like UriCompliance.Violation.PATH_NAVIGATION)?

Using ComplianceViolation.Listener feels like double work. Its difficult to fit into a mode / violation, as this CompactPathRule is an optional feature anyway. Also I think the existing violations are already being caught and reported anyway, even before we reach this new CompactPathRule.

joakime avatar Jun 06 '25 00:06 joakime

@joakime rather than setting "canonicalizing" and "decoding" on the rule, perhaps just set a ComplianceViolation.Mode on it and it can decide to canonicalize and/or decode by looking at the violations allowed by the mode. You then have the mode and can use the same listeners.
Essentially the rule will be making corrections for the allowed violations that it supports!

gregw avatar Jun 06 '25 07:06 gregw