Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

StatisticsServlet output is not valid #5539

Closed
joakime opened this issue Oct 30, 2020 · 4 comments · May be fixed by castuloramirez/java-docs-samples#8
Closed

StatisticsServlet output is not valid #5539

joakime opened this issue Oct 30, 2020 · 4 comments · May be fixed by castuloramirez/java-docs-samples#8
Assignees
@joakime
Labels
Bug For general bugs on Jetty side
Projects
Jetty 9.4.34

Comments

@joakime
Copy link
Contributor

joakime commented Oct 30, 2020

Jetty version
9.4.33.v20201020

Description
The XML produced by the StatisticsServlet is not sane.

https://github.com/eclipse/jetty.project/blob/ed1b165fa6218fb2ef1c33165796eb4f97bfc898/jetty-servlet/src/main/java/org/eclipse/jetty/servlet/StatisticsServlet.java#L205

Should probably also support output in json at least as well.
@joakime joakime self-assigned this Oct 30, 2020
@joakime joakime added the Bug For general bugs on Jetty side label Oct 30, 2020
@joakime joakime added this to To do in Jetty 9.4.34 via automation Oct 30, 2020
@joakime joakime moved this from To do to In progress in Jetty 9.4.34 Nov 1, 2020
gregw added a commit that referenced this issue Nov 2, 2020
@gregw
Fixes #5539 Stats XML format
f21c606 
Signed-off-by: gregw <gregw@webtide.com>
@gregw
Copy link
Contributor

gregw commented Nov 2, 2020

I've pushed a quick fix with f21c606.
Reopen (or new issue) if you want better generation and/or json

@gregw gregw closed this as completed Nov 2, 2020
Jetty 9.4.34 automation moved this from In progress to Done Nov 2, 2020
@joakime
Copy link
Contributor Author

joakime commented Nov 2, 2020

Reopening, as your fix is incomplete.
There's more XML issues then the 1 line identified by this issue.
The testing for well formed XML is also not present. (which would have shown the other issues as well)

@joakime joakime reopened this Nov 2, 2020
Jetty 9.4.34 automation moved this from Done to In progress Nov 2, 2020
@joakime
Copy link
Contributor Author

joakime commented Nov 2, 2020

I have a more comprehensive fix in the works.
PR will be forthcoming.

joakime added a commit that referenced this issue Nov 2, 2020
@joakime
Issue #5539 - Proper StatisticsServlet output format via content nego…
178924b 
…tiation

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
joakime added a commit that referenced this issue Nov 2, 2020
@joakime
Issue #5539 - Proper StatisticsServlet output format via content nego…
b02c6b1 
…tiation

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
joakime added a commit that referenced this issue Nov 2, 2020
@joakime
Issue #5539 - Deprecating 'xml' request parameter in StatisticsServlet
86bbe96 
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
@gregw gregw moved this from In progress to Done in Jetty 9.4.34 Nov 2, 2020
joakime added a commit that referenced this issue Nov 2, 2020
@joakime
Issue #5539 - Cleanup, adding javadoc, etc.
0962eac 
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
joakime added a commit that referenced this issue Nov 2, 2020
@joakime
Issue #5539 - Adding query parameter accept variation
07a30a7 
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
joakime added a commit that referenced this issue Nov 2, 2020
@joakime
Issue #5539 - Fixing javadoc
2afbc5d 
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
joakime added a commit that referenced this issue Nov 2, 2020
@joakime
Issue #5539 - Adding jetty-util-ajax missing dep to osgi tests
c4ce84b 
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
joakime added a commit that referenced this issue Nov 16, 2020
@joakime
Issue #5539 - Updating StatisticsServlet accept processing per review
4d415d6 
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
joakime added a commit that referenced this issue Nov 16, 2020
@joakime
Issue #5539 - Proper StatisticsServlet output format via content nego…
5362467 
…tiation

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
joakime added a commit that referenced this issue Nov 16, 2020
@joakime
Issue #5539 - Deprecating 'xml' request parameter in StatisticsServlet
02f35de 
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
joakime added a commit that referenced this issue Nov 16, 2020
@joakime
Issue #5539 - Cleanup, adding javadoc, etc.
b419db9 
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
joakime added a commit that referenced this issue Nov 16, 2020
@joakime
Issue #5539 - Adding query parameter accept variation
cc952f3 
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
joakime added a commit that referenced this issue Nov 16, 2020
@joakime
Issue #5539 - Fixing javadoc
c944035 
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
joakime added a commit that referenced this issue Nov 16, 2020
@joakime
Issue #5539 - Adding jetty-util-ajax missing dep to osgi tests
770be2d 
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
joakime added a commit that referenced this issue Nov 16, 2020
@joakime
Issue #5539 - Updating StatisticsServlet accept processing per review
683d9a9 
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
joakime added a commit that referenced this issue Nov 16, 2020
@joakime
Issue #5539 - Adding StatisticsServlet tests in test-distribution
314c65f 
+ Updating module definition for JSON

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
joakime added a commit that referenced this issue Nov 17, 2020
@joakime
Merge pull request #5560 from eclipse/jetty-9.4.x-5539-statisticsserv…
1448444 
…let-output

Issue #5539 - Proper StatisticsServlet output format via content negotiation
@joakime
Copy link
Contributor Author

joakime commented Jan 26, 2021

Merged in PR #5560, and is available on jetty version 9.4.35.v20201120

@joakime joakime closed this as completed Jan 26, 2021
wmfgerrit pushed a commit to wikimedia/operations-software-gerrit that referenced this issue Feb 2, 2021
@davido
Update jetty version to 9.4.35.v20201120
d1319c6 
Includes a fix for CVE-2020-27218 [1] that affects versions prior
to 9.4.35.v20201120.

As of: [2] new dependency was added to jetty-servlet: jetty-util-ajax.

[1] https://nvd.nist.gov/vuln/detail/CVE-2020-27218
[2] jetty/jetty.project#5539

Change-Id: I51549c9588f5748f36e145f8c4b347f97c08b4d8
@dependabot dependabot bot mentioned this issue Mar 15, 2021
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@joakime joakime

Labels
Bug For general bugs on Jetty side
Projects
No open projects
Jetty 9.4.34
Done
Milestone
No milestone
2 participants
@gregw @joakime