From 4e84166db5c5538e3984d9d2d6bb1f9902e65ee0 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Tue, 04 Nov 2014 17:38:17 -0500
Subject: [PATCH] Merged #217 "Exclude SSLv3 from Gitblit GO https protocols"

---
 src/main/java/com/gitblit/servlet/RawServlet.java |  123 ++++++++++++++++++++--------------------
 1 files changed, 61 insertions(+), 62 deletions(-)

diff --git a/src/main/java/com/gitblit/servlet/RawServlet.java b/src/main/java/com/gitblit/servlet/RawServlet.java
index 6e93307..682e555 100644
--- a/src/main/java/com/gitblit/servlet/RawServlet.java
+++ b/src/main/java/com/gitblit/servlet/RawServlet.java
@@ -28,8 +28,11 @@
 import java.util.Map;
 import java.util.TreeMap;
 
+import com.google.inject.Inject;
+import com.google.inject.Singleton;
 import javax.servlet.ServletContext;
 import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
@@ -48,7 +51,6 @@
 
 import com.gitblit.Constants;
 import com.gitblit.Keys;
-import com.gitblit.dagger.DaggerServlet;
 import com.gitblit.manager.IRepositoryManager;
 import com.gitblit.manager.IRuntimeManager;
 import com.gitblit.models.PathModel;
@@ -57,28 +59,30 @@
 import com.gitblit.utils.MarkdownUtils;
 import com.gitblit.utils.StringUtils;
 
-import dagger.ObjectGraph;
-
 /**
  * Serves the content of a branch.
  *
  * @author James Moger
  *
  */
-public class RawServlet extends DaggerServlet {
+@Singleton
+public class RawServlet extends HttpServlet {
 
 	private static final long serialVersionUID = 1L;
 
 	private transient Logger logger = LoggerFactory.getLogger(RawServlet.class);
 
-	private IRuntimeManager runtimeManager;
+	private final IRuntimeManager runtimeManager;
 
-	private IRepositoryManager repositoryManager;
+	private final IRepositoryManager repositoryManager;
 
-	@Override
-	protected void inject(ObjectGraph dagger) {
-		this.runtimeManager = dagger.get(IRuntimeManager.class);
-		this.repositoryManager = dagger.get(IRepositoryManager.class);
+	@Inject
+	public RawServlet(
+			IRuntimeManager runtimeManager,
+			IRepositoryManager repositoryManager) {
+
+		this.runtimeManager = runtimeManager;
+		this.repositoryManager = repositoryManager;
 	}
 
 	/**
@@ -101,16 +105,11 @@
 			fsc = c;
 		}
 		if (branch != null) {
-			branch = branch.replace('/', fsc);
+			branch = Repository.shortenRefName(branch).replace('/', fsc);
 		}
 
-		String encodedPath = path == null ? "" : path.replace(' ', '-');
-		encodedPath = encodedPath.replace('/', fsc);
-		try {
-			encodedPath = URLEncoder.encode(encodedPath, "UTF-8");
-		} catch (UnsupportedEncodingException e) {
-		}
-		return baseURL + Constants.RAW_PATH + repository + "/" + (branch == null ? "" : (branch + "/" + (path == null ? "" : encodedPath)));
+		String encodedPath = path == null ? "" : path.replace('/', fsc);
+		return baseURL + Constants.RAW_PATH + repository + "/" + (branch == null ? "" : (branch + "/" + encodedPath));
 	}
 
 	protected String getBranch(String repository, HttpServletRequest request) {
@@ -134,7 +133,8 @@
 		if (path.endsWith("/")) {
 			path = path.substring(0, path.length() - 1);
 		}
-		return path;
+		char c = runtimeManager.getSettings().getChar(Keys.web.forwardSlashCharacter, '/');
+		return path.replace('!', '/').replace(c, '/');
 	}
 
 	protected boolean renderIndex() {
@@ -175,10 +175,7 @@
 			} else {
 				repository = path.substring(0, slash);
 			}
-			offset += slash;
-			if (offset == 0) {
-				offset++;
-			}
+			offset = ( slash + 1 );
 			r = repositoryManager.getRepository(repository, false);
 			if (repository.equals(path)) {
 				// either only repository in url or no repository found
@@ -251,8 +248,6 @@
 						}
 					}
 
-					setContentType(response, contentType);
-
 					if (isTextType(contentType)) {
 
 						// load, interpret, and serve text content as UTF-8
@@ -260,41 +255,22 @@
 						String content = JGitUtils.getStringContent(r, commit.getTree(), requestedPath, encodings);
 						if (content == null) {
 							logger.error("RawServlet Failed to load {} {} {}", repository, commit.getName(), path);
-							String str = MessageFormat.format(
-									"# Error\nSorry, the requested resource **{0}** was not found.",
-									requestedPath);
-							response.setStatus(HttpServletResponse.SC_NOT_FOUND);
-							error(response, str);
+							notFound(response, requestedPath, branch);
 							return;
 						}
 
 						byte [] bytes = content.getBytes(Constants.ENCODING);
+						setContentType(response, contentType);
 						response.setContentLength(bytes.length);
 						ByteArrayInputStream is = new ByteArrayInputStream(bytes);
 						sendContent(response, JGitUtils.getCommitDate(commit), is);
 
 					} else {
-						// serve binary content
-						String filename = StringUtils.getLastPathElement(requestedPath);
-						try {
-					    	String userAgent = request.getHeader("User-Agent");
-							if (userAgent != null && userAgent.indexOf("MSIE 5.5") > -1) {
-							      response.setHeader("Content-Disposition", "filename=\""
-							    		  +  URLEncoder.encode(filename, Constants.ENCODING) + "\"");
-							} else if (userAgent != null && userAgent.indexOf("MSIE") > -1) {
-							      response.setHeader("Content-Disposition", "attachment; filename=\""
-							    		  +  URLEncoder.encode(filename, Constants.ENCODING) + "\"");
-							} else {
-									response.setHeader("Content-Disposition", "attachment; filename=\""
-									      + new String(filename.getBytes(Constants.ENCODING), "latin1") + "\"");
-							}
-						}
-						catch (UnsupportedEncodingException e) {
-							response.setHeader("Content-Disposition", "attachment; filename=\"" + filename + "\"");
-						}
-
 						// stream binary content directly from the repository
-						streamFromRepo(response, r, commit, requestedPath);
+						if (!streamFromRepo(request, response, r, commit, requestedPath)) {
+							logger.error("RawServlet Failed to load {} {} {}", repository, commit.getName(), path);
+							notFound(response, requestedPath, branch);
+						}
 					}
 					return;
 				} catch (Exception e) {
@@ -354,11 +330,7 @@
 			// no content, document list or 404 page
 			if (pathEntries.isEmpty()) {
 				// default 404 page
-				String str = MessageFormat.format(
-						"# Error\nSorry, the requested resource **{0}** was not found.",
-						requestedPath);
-				response.setStatus(HttpServletResponse.SC_NOT_FOUND);
-				error(response, str);
+				notFound(response, requestedPath, branch);
 				return;
 			} else {
 				//
@@ -424,12 +396,10 @@
 		}
 	}
 
-	private void streamFromRepo(HttpServletResponse response, Repository repository,
+	protected boolean streamFromRepo(HttpServletRequest request, HttpServletResponse response, Repository repository,
 			RevCommit commit, String requestedPath) throws IOException {
 
-		response.setDateHeader("Last-Modified", JGitUtils.getCommitDate(commit).getTime());
-		response.setHeader("Cache-Control", "public, max-age=3600, must-revalidate");
-
+		boolean served = false;
 		RevWalk rw = new RevWalk(repository);
 		TreeWalk tw = new TreeWalk(repository);
 		try {
@@ -447,10 +417,30 @@
 				}
 				tw.getObjectId(id, 0);
 
+				String filename = StringUtils.getLastPathElement(requestedPath);
+				try {
+			    	String userAgent = request.getHeader("User-Agent");
+					if (userAgent != null && userAgent.indexOf("MSIE 5.5") > -1) {
+					      response.setHeader("Content-Disposition", "filename=\""
+					    		  +  URLEncoder.encode(filename, Constants.ENCODING) + "\"");
+					} else if (userAgent != null && userAgent.indexOf("MSIE") > -1) {
+					      response.setHeader("Content-Disposition", "attachment; filename=\""
+					    		  +  URLEncoder.encode(filename, Constants.ENCODING) + "\"");
+					} else {
+							response.setHeader("Content-Disposition", "attachment; filename=\""
+							      + new String(filename.getBytes(Constants.ENCODING), "latin1") + "\"");
+					}
+				}
+				catch (UnsupportedEncodingException e) {
+					response.setHeader("Content-Disposition", "attachment; filename=\"" + filename + "\"");
+				}
+
 				long len = reader.getObjectSize(id, org.eclipse.jgit.lib.Constants.OBJ_BLOB);
+				setContentType(response, "application/octet-stream");
 				response.setIntHeader("Content-Length", (int) len);
 				ObjectLoader ldr = repository.open(id);
 				ldr.copyTo(response.getOutputStream());
+				served = true;
 			}
 		} finally {
 			tw.release();
@@ -458,11 +448,11 @@
 		}
 
 		response.flushBuffer();
+		return served;
 	}
 
-	private void sendContent(HttpServletResponse response, Date date, InputStream is) throws ServletException, IOException {
-		response.setDateHeader("Last-Modified", date.getTime());
-		response.setHeader("Cache-Control", "public, max-age=3600, must-revalidate");
+	protected void sendContent(HttpServletResponse response, Date date, InputStream is) throws ServletException, IOException {
+
 		try {
 			byte[] tmp = new byte[8192];
 			int len = 0;
@@ -475,6 +465,15 @@
 		response.flushBuffer();
 	}
 
+	protected void notFound(HttpServletResponse response, String requestedPath, String branch)
+			throws ParseException, ServletException, IOException {
+		String str = MessageFormat.format(
+				"# Error\nSorry, the requested resource **{0}** was not found in **{1}**.",
+				requestedPath, branch);
+		response.setStatus(HttpServletResponse.SC_NOT_FOUND);
+		error(response, str);
+	}
+
 	private void error(HttpServletResponse response, String mkd) throws ServletException,
 			IOException, ParseException {
 		String content = MarkdownUtils.transformMarkdown(mkd);

--
Gitblit v1.9.1