2011/12/23 Christopher Schultz <ch...@christopherschultz.net>: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > All, > > At the ApacheCon NA Tomcat meetup back in November, there was general > interest in seeing some example servlet Filters in the Tomcat examples > directory. I said I'd write some. It's time to put my money where my > mouth was. > > I have the following filters already in my current project would could > be edited a bit and put into Tomcat's examples. Is there any interest > in the following:
Only examples, or add them to catalina.filters ? > > 1. BrokenLocaleFilter -- fixes Opera 9's non-spec-compliant > Accept-Language locale formatting (O9 uses en_US instead of en-us) Fixed in Opera 9.01 [1], and latest version is 11.60. Is it still relevant? Anyway a broken browser will fail on a number of web sites. If I treat it as a an example of implementing a filter, I do not expect it to be of great demonstrative value. [1] http://www.opera.com/docs/changelogs/windows/901/ The language value in Accept-Language is defined as Language-Tag = Primary-subtag *( "-" Subtag ) Primary-subtag = 1*8ALPHA Subtag = 1*8(ALPHA / DIGIT) The above is from RFC 2616 errata + RFC 3066 http://skrb.org/ietf/http_errata.html (http://purl.org/NET/http-errata) The '_' is not a valid ALPHA character, so I think the value must be ignored. Usually there will be "en" in the list of languages sent by browser as well, so the web site might fall back to that. > > 2. EncodingFilter -- sets request's character encoding when the client > does not specify one. I think this is already in Tomcat -- I'll check SetCharacterEncodingFilter. I yesterday proposed its backport to 6.0 and 5.5 - one may vote. > 3. CredentialFilter -- looks for a Printipal in the request and a > missing User object in the HttpSession, and loads a User from > (wherever) and puts it into the session. Essentially, this allows > a webapp to do a "real" "login" after contained-manager > authentication has done its job. I would say that that "whatever" part will be very specific to your requirements. > > 4. HttpResponseSplittingPreventionFilter -- prevents HTTP response > headers from containing CR or LF characters (features response > wrapping) > > I also have this one sitting around. I think I wrote it on a dare for > the tomcat-user list: Maybe use a different name and provide stronger validation of headers and it might go into catalina.filters. > > 5. HttpConversationRecorderFilter -- this captures an entire HTTP > request and response and dumps them to (somewhere -- currently > stdout) after the request completes. > Features wrapping the request and response objects. > Features massive buffering (!) It might be interesting for debugging. It might be interesting as an example of wrapping. Is that buffering something special? I do not understand "massive" adjective here. > > I'd also be happy to try my hand at other filters the community thinks > would be generally useful as well as educational. > As a start I'd suggest to file them as separate issues in Bugzilla. I think we can go on from there. Best regards, Konstantin Kolinko --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
