jetpack 0.1.0 → 0.1.3

data/src/java/jetpack/filter/IgnoreUnknownHttpMethodsFilter.java

@@ -0,0 +1,43 @@
+package jetpack.filter;
+
+import java.io.IOException;
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+public class IgnoreUnknownHttpMethodsFilter implements Filter {
+
+    java.util.List<String> allowedMethodList;
+
+    public void init(FilterConfig filterConfig) throws ServletException {
+        allowedMethodList = new java.util.ArrayList<String>();
+        allowedMethodList.add("GET");
+        allowedMethodList.add("PUT");
+        allowedMethodList.add("DELETE");
+        allowedMethodList.add("POST");
+        allowedMethodList.add("HEAD");
+    }
+
+    public void destroy() {
+        allowedMethodList = null;
+    }
+
+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
+        throws IOException, ServletException {
+
+        HttpServletRequest req = (HttpServletRequest)request;
+
+        if ( allowedMethodList.contains(req.getMethod()) ) {
+          chain.doFilter(request, response);
+        } else {
+          HttpServletResponse res = (HttpServletResponse)response;
+          res.sendError(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
+          return;
+        }
+    }
+}

data/src/java/jetpack/filter/ValidUrlFilter.java

@@ -0,0 +1,62 @@
+package jetpack.filter;
+
+import java.io.IOException;
+import java.util.regex.Pattern;
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.apache.commons.validator.routines.RegexValidator;
+import org.apache.commons.validator.routines.UrlValidator;
+
+public class ValidUrlFilter implements Filter {
+
+    UrlValidator urlValidator;
+
+    public void init(FilterConfig filterConfig) throws ServletException {
+        String[] schemes = {"http","https"};
+        RegexValidator authorityValidator = new RegexValidator("^([\\p{Alnum}\\-\\.]*)(:\\d*)?(.*)?", false);
+        urlValidator = new UrlValidator(schemes, authorityValidator, UrlValidator.ALLOW_LOCAL_URLS);
+    }
+
+    public void destroy() {
+        urlValidator = null;
+    }
+
+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
+        throws IOException, ServletException {
+
+        HttpServletRequest req = (HttpServletRequest)request;
+
+        String requestUrl = req.getRequestURL().toString();
+        String queryString = req.getQueryString();
+        if (queryString != null) {
+            requestUrl += "?" + queryString;
+        }
+
+        if (urlValidator.isValid(requestUrl) && isValidQuery(queryString)) {
+           chain.doFilter(request, response);
+        } else {
+           HttpServletResponse res = (HttpServletResponse)response;
+           res.sendError(HttpServletResponse.SC_BAD_REQUEST);
+           return;
+        }
+    }
+
+    // commons validator allows any character in query string, we want to restrict it a bit
+    // and not allow unescaped angle brackets for example.
+    private static final String QUERY_REGEX = "^([-\\w:@&=~+,.!*'%$_;\\(\\)]*)$";
+    private static final Pattern QUERY_PATTERN = Pattern.compile(QUERY_REGEX);
+
+    protected boolean isValidQuery(String query) {
+        if (query == null) {
+            return true;
+        }
+
+        return QUERY_PATTERN.matcher(query).matches();
+    }
+}

data/web_inf_files/web.xml.erb

@@ -11,6 +11,12 @@
     <param-value>1</param-value>
   </context-param>
 
+  <context-param>
+    <param-name>jruby.compat.version</param-name>
+    <param-value><%= @settings.ruby_version %></param-value>
+  </context-param>
+
+
   <context-param>
     <param-name>rails.root</param-name>
     <param-value>.</param-value>
@@ -31,17 +37,53 @@
     <param-value><%= @gem_path %></param-value>
   </context-param>
 
+<% if @settings.jetty_filters? %>
+  <filter>
+    <filter-name>IgnoreUnknownHttpMethodsFilter</filter-name>
+    <filter-class>jetpack.filter.IgnoreUnknownHttpMethodsFilter</filter-class>
+  </filter>
+
+  <filter-mapping>
+    <filter-name>IgnoreUnknownHttpMethodsFilter</filter-name>
+    <url-pattern>/*</url-pattern>
+  </filter-mapping>
+
   <filter>
-    <filter-name>RackFilter</filter-name>
-    <filter-class>org.jruby.rack.RackFilter</filter-class>
+    <filter-name>ValidUrlFilter</filter-name>
+    <filter-class>jetpack.filter.ValidUrlFilter</filter-class>
   </filter>
 
   <filter-mapping>
-    <filter-name>RackFilter</filter-name>
+    <filter-name>ValidUrlFilter</filter-name>
     <url-pattern>/*</url-pattern>
   </filter-mapping>
+<% end %>
+
+  <filter>
+    <filter-name>GzipFilter</filter-name>
+    <filter-class>org.eclipse.jetty.servlets.GzipFilter</filter-class>
+    <init-param>
+      <param-name>mimeTypes</param-name>
+      <param-value>text/html,text/plain,text/xml,application/xhtml+xml,text/css,application/javascript,image/svg+xml</param-value>
+    </init-param>
+  </filter>
+
+  <filter-mapping>
+    <filter-name>GzipFilter</filter-name>
+    <url-pattern>/*</url-pattern>
+  </filter-mapping>
+
+  <servlet>
+    <servlet-name>RackServlet</servlet-name>
+    <servlet-class>org.jruby.rack.RackServlet</servlet-class>
+  </servlet>
+
+  <servlet-mapping>
+    <servlet-name>RackServlet</servlet-name>
+    <url-pattern>/*</url-pattern>
+  </servlet-mapping>
 
   <listener>
-    <listener-class>org.jruby.rack.rails.RailsServletContextListener</listener-class>
+    <listener-class><%= @listener %></listener-class>
   </listener>
 </web-app>

metadata

@@ -1,51 +1,73 @@
---- !ruby/object:Gem::Specification
+--- !ruby/object:Gem::Specification 
 name: jetpack
-version: !ruby/object:Gem::Version
-  version: 0.1.0
+version: !ruby/object:Gem::Version 
+  hash: 29
   prerelease: 
+  segments: 
+  - 0
+  - 1
+  - 3
+  version: 0.1.3
 platform: ruby
-authors:
+authors: 
 - Steve Conover
+- Xavier Shay
+- Taylor Phillips
+- Chris Heisterkamp
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-01-19 00:00:00.000000000 Z
-dependencies:
-- !ruby/object:Gem::Dependency
+
+date: 2013-01-16 00:00:00 Z
+dependencies: 
+- !ruby/object:Gem::Dependency 
   name: bundler
-  requirement: &2166391640 !ruby/object:Gem::Requirement
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
     none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
   type: :development
-  prerelease: false
-  version_requirements: *2166391640
+  version_requirements: *id001
 description: 
-email:
+email: 
 - steve@squareup.com
-executables:
+- xavier@squareup.com
+- taylor@squareup.com
+- cheister@squareup.com
+executables: 
 - jetpack
 extensions: []
+
 extra_rdoc_files: []
-files:
+
+files: 
 - .gitignore
 - .wrong
 - Gemfile
 - Gemfile.lock
+- LICENSE
 - README.markdown
 - Rakefile
 - bin/jetpack
 - bin_files/.rake_runner.erb
+- bin_files/launch.erb
 - bin_files/rake.erb
 - bin_files/ruby.erb
-- gems/bundler-1.0.18.gem
-- gems/bundler-1.1.rc.gem
+- gems/bundler-1.1.0.gem
 - gems/jruby-openssl-0.7.4.gem
 - install_gem.sh
 - jetpack.gemspec
+- jetty_files/etc/fake.crt
+- jetty_files/etc/fake.jceks
+- jetty_files/etc/fake.key
 - jetty_files/etc/fake.p12
+- jetty_files/etc/fake.pem
 - jetty_files/etc/jetty.xml.erb
 - jetty_files/jetty-init.erb
 - jetty_files/run/.gitkeep
@@ -55,6 +77,8 @@ files:
 - script/ci
 - spec/basics_spec.rb
 - spec/bundler_spec.rb
+- spec/filter_spec.rb
+- spec/rack_spec.rb
 - spec/ruby_19_spec.rb
 - spec/sample_projects/has_gems_via_bundler/Gemfile
 - spec/sample_projects/has_gems_via_bundler/Gemfile.lock
@@ -70,6 +94,10 @@ files:
 - spec/sample_projects/has_gems_via_bundler_bad_gemfile_lock/config/jetpack.yml
 - spec/sample_projects/no_dependencies/Rakefile
 - spec/sample_projects/no_dependencies/config/jetpack.yml
+- spec/sample_projects/rack_19/Gemfile
+- spec/sample_projects/rack_19/Gemfile.lock
+- spec/sample_projects/rack_19/config.ru
+- spec/sample_projects/rack_19/config/jetpack.yml
 - spec/sample_projects/webapp/Gemfile
 - spec/sample_projects/webapp/Gemfile.lock
 - spec/sample_projects/webapp/app/controllers/application_controller.rb
@@ -86,37 +114,66 @@ files:
 - spec/sample_projects/webapp/config/routes.rb
 - spec/sample_projects/webapp/public/index.html
 - spec/sample_projects/webapp/script/rails
+- spec/sample_projects/webapp_filters/Gemfile
+- spec/sample_projects/webapp_filters/Gemfile.lock
+- spec/sample_projects/webapp_filters/app/controllers/application_controller.rb
+- spec/sample_projects/webapp_filters/config.ru
+- spec/sample_projects/webapp_filters/config/application.rb
+- spec/sample_projects/webapp_filters/config/boot.rb
+- spec/sample_projects/webapp_filters/config/environment.rb
+- spec/sample_projects/webapp_filters/config/environments/development.rb
+- spec/sample_projects/webapp_filters/config/environments/test.rb
+- spec/sample_projects/webapp_filters/config/initializers/secret_token.rb
+- spec/sample_projects/webapp_filters/config/jetpack.yml
+- spec/sample_projects/webapp_filters/config/jetpack_files/vendor/jetty/etc/custom-project-specific-jetty.xml
+- spec/sample_projects/webapp_filters/config/jetpack_files/vendor/jetty/etc/template-from-project-jetty.xml.erb
+- spec/sample_projects/webapp_filters/config/routes.rb
+- spec/sample_projects/webapp_filters/public/index.html
+- spec/sample_projects/webapp_filters/script/rails
 - spec/spec_helper.rb
 - spec/suite.rb
 - spec/web_spec.rb
+- src/java/jetpack/filter/IgnoreUnknownHttpMethodsFilter.java
+- src/java/jetpack/filter/ValidUrlFilter.java
 - web_inf_files/web.xml.erb
 homepage: https://github.com/square/jetpack
 licenses: []
+
 post_install_message: 
 rdoc_options: []
-require_paths:
+
+require_paths: 
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement
+required_ruby_version: !ruby/object:Gem::Requirement 
   none: false
-  requirements:
-  - - ! '>='
-    - !ruby/object:Gem::Version
-      version: '0'
-required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
   none: false
-  requirements:
-  - - ! '>='
-    - !ruby/object:Gem::Version
-      version: '0'
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
 requirements: []
+
 rubyforge_project: 
-rubygems_version: 1.8.10
+rubygems_version: 1.8.24
 signing_key: 
 specification_version: 3
 summary: Jetpack prepares your jRuby project for jvm deployment.
-test_files:
+test_files: 
 - spec/basics_spec.rb
 - spec/bundler_spec.rb
+- spec/filter_spec.rb
+- spec/rack_spec.rb
 - spec/ruby_19_spec.rb
 - spec/sample_projects/has_gems_via_bundler/Gemfile
 - spec/sample_projects/has_gems_via_bundler/Gemfile.lock
@@ -132,6 +189,10 @@ test_files:
 - spec/sample_projects/has_gems_via_bundler_bad_gemfile_lock/config/jetpack.yml
 - spec/sample_projects/no_dependencies/Rakefile
 - spec/sample_projects/no_dependencies/config/jetpack.yml
+- spec/sample_projects/rack_19/Gemfile
+- spec/sample_projects/rack_19/Gemfile.lock
+- spec/sample_projects/rack_19/config.ru
+- spec/sample_projects/rack_19/config/jetpack.yml
 - spec/sample_projects/webapp/Gemfile
 - spec/sample_projects/webapp/Gemfile.lock
 - spec/sample_projects/webapp/app/controllers/application_controller.rb
@@ -148,6 +209,23 @@ test_files:
 - spec/sample_projects/webapp/config/routes.rb
 - spec/sample_projects/webapp/public/index.html
 - spec/sample_projects/webapp/script/rails
+- spec/sample_projects/webapp_filters/Gemfile
+- spec/sample_projects/webapp_filters/Gemfile.lock
+- spec/sample_projects/webapp_filters/app/controllers/application_controller.rb
+- spec/sample_projects/webapp_filters/config.ru
+- spec/sample_projects/webapp_filters/config/application.rb
+- spec/sample_projects/webapp_filters/config/boot.rb
+- spec/sample_projects/webapp_filters/config/environment.rb
+- spec/sample_projects/webapp_filters/config/environments/development.rb
+- spec/sample_projects/webapp_filters/config/environments/test.rb
+- spec/sample_projects/webapp_filters/config/initializers/secret_token.rb
+- spec/sample_projects/webapp_filters/config/jetpack.yml
+- spec/sample_projects/webapp_filters/config/jetpack_files/vendor/jetty/etc/custom-project-specific-jetty.xml
+- spec/sample_projects/webapp_filters/config/jetpack_files/vendor/jetty/etc/template-from-project-jetty.xml.erb
+- spec/sample_projects/webapp_filters/config/routes.rb
+- spec/sample_projects/webapp_filters/public/index.html
+- spec/sample_projects/webapp_filters/script/rails
 - spec/spec_helper.rb
 - spec/suite.rb
 - spec/web_spec.rb
+has_rdoc: