View Javadoc

1   //
2   //  ========================================================================
3   //  Copyright (c) 1995-2013 Mort Bay Consulting Pty. Ltd.
4   //  ------------------------------------------------------------------------
5   //  All rights reserved. This program and the accompanying materials
6   //  are made available under the terms of the Eclipse Public License v1.0
7   //  and Apache License v2.0 which accompanies this distribution.
8   //
9   //      The Eclipse Public License is available at
10  //      http://www.eclipse.org/legal/epl-v10.html
11  //
12  //      The Apache License v2.0 is available at
13  //      http://www.opensource.org/licenses/apache2.0.php
14  //
15  //  You may elect to redistribute this code under either of these licenses.
16  //  ========================================================================
17  //
18  
19  package org.eclipse.jetty.util;
20  
21  import java.io.BufferedInputStream;
22  import java.io.BufferedOutputStream;
23  import java.io.BufferedReader;
24  import java.io.ByteArrayInputStream;
25  import java.io.File;
26  import java.io.FileInputStream;
27  import java.io.FileOutputStream;
28  import java.io.FilterInputStream;
29  import java.io.IOException;
30  import java.io.InputStream;
31  import java.io.InputStreamReader;
32  import java.io.OutputStream;
33  import java.util.ArrayList;
34  import java.util.Collection;
35  import java.util.Collections;
36  import java.util.List;
37  import java.util.Locale;
38  
39  import javax.servlet.MultipartConfigElement;
40  import javax.servlet.ServletException;
41  import javax.servlet.http.Part;
42  
43  import org.eclipse.jetty.util.log.Log;
44  import org.eclipse.jetty.util.log.Logger;
45  
46  
47  
48  /**
49   * MultiPartInputStream
50   *
51   * Handle a MultiPart Mime input stream, breaking it up on the boundary into files and strings.
52   */
53  public class MultiPartInputStreamParser
54  {
55      private static final Logger LOG = Log.getLogger(MultiPartInputStreamParser.class);
56      public static final MultipartConfigElement  __DEFAULT_MULTIPART_CONFIG = new MultipartConfigElement(System.getProperty("java.io.tmpdir"));
57      protected InputStream _in;
58      protected MultipartConfigElement _config;
59      protected String _contentType;
60      protected MultiMap _parts;
61      protected File _tmpDir;
62      protected File _contextTmpDir;
63      protected boolean _deleteOnExit;
64  
65  
66  
67      public class MultiPart implements Part
68      {
69          protected String _name;
70          protected String _filename;
71          protected File _file;
72          protected OutputStream _out;
73          protected ByteArrayOutputStream2 _bout;
74          protected String _contentType;
75          protected MultiMap _headers;
76          protected long _size = 0;
77          protected boolean _temporary = true;
78  
79          public MultiPart (String name, String filename)
80          throws IOException
81          {
82              _name = name;
83              _filename = filename;
84          }
85  
86          protected void setContentType (String contentType)
87          {
88              _contentType = contentType;
89          }
90  
91  
92          protected void open()
93          throws IOException
94          {
95              //We will either be writing to a file, if it has a filename on the content-disposition
96              //and otherwise a byte-array-input-stream, OR if we exceed the getFileSizeThreshold, we
97              //will need to change to write to a file.
98              if (_filename != null && _filename.trim().length() > 0)
99              {
100                 createFile();
101             }
102             else
103             {
104                 //Write to a buffer in memory until we discover we've exceed the
105                 //MultipartConfig fileSizeThreshold
106                 _out = _bout= new ByteArrayOutputStream2();
107             }
108         }
109 
110         protected void close()
111         throws IOException
112         {
113             _out.close();
114         }
115 
116 
117         protected void write (int b)
118         throws IOException
119         {
120             if (MultiPartInputStreamParser.this._config.getMaxFileSize() > 0 && _size + 1 > MultiPartInputStreamParser.this._config.getMaxFileSize())
121                 throw new IllegalStateException ("Multipart Mime part "+_name+" exceeds max filesize");
122 
123             if (MultiPartInputStreamParser.this._config.getFileSizeThreshold() > 0 && _size + 1 > MultiPartInputStreamParser.this._config.getFileSizeThreshold() && _file==null)
124                 createFile();
125             _out.write(b);
126             _size ++;
127         }
128 
129         protected void write (byte[] bytes, int offset, int length)
130         throws IOException
131         {
132             if (MultiPartInputStreamParser.this._config.getMaxFileSize() > 0 && _size + length > MultiPartInputStreamParser.this._config.getMaxFileSize())
133                 throw new IllegalStateException ("Multipart Mime part "+_name+" exceeds max filesize");
134 
135             if (MultiPartInputStreamParser.this._config.getFileSizeThreshold() > 0 && _size + length > MultiPartInputStreamParser.this._config.getFileSizeThreshold() && _file==null)
136                 createFile();
137 
138             _out.write(bytes, offset, length);
139             _size += length;
140         }
141 
142         protected void createFile ()
143         throws IOException
144         {
145             _file = File.createTempFile("MultiPart", "", MultiPartInputStreamParser.this._tmpDir);
146             if (_deleteOnExit)
147                 _file.deleteOnExit();
148             FileOutputStream fos = new FileOutputStream(_file);
149             BufferedOutputStream bos = new BufferedOutputStream(fos);
150 
151             if (_size > 0 && _out != null)
152             {
153                 //already written some bytes, so need to copy them into the file
154                 _out.flush();
155                 _bout.writeTo(bos);
156                 _out.close();
157                 _bout = null;
158             }
159             _out = bos;
160         }
161 
162 
163 
164         protected void setHeaders(MultiMap headers)
165         {
166             _headers = headers;
167         }
168 
169         /**
170          * @see javax.servlet.http.Part#getContentType()
171          */
172         public String getContentType()
173         {
174             return _contentType;
175         }
176 
177         /**
178          * @see javax.servlet.http.Part#getHeader(java.lang.String)
179          */
180         public String getHeader(String name)
181         {
182             if (name == null)
183                 return null;
184             return (String)_headers.getValue(name.toLowerCase(Locale.ENGLISH), 0);
185         }
186 
187         /**
188          * @see javax.servlet.http.Part#getHeaderNames()
189          */
190         public Collection<String> getHeaderNames()
191         {
192             return _headers.keySet();
193         }
194 
195         /**
196          * @see javax.servlet.http.Part#getHeaders(java.lang.String)
197          */
198         public Collection<String> getHeaders(String name)
199         {
200            return _headers.getValues(name);
201         }
202 
203         /**
204          * @see javax.servlet.http.Part#getInputStream()
205          */
206         public InputStream getInputStream() throws IOException
207         {
208            if (_file != null)
209            {
210                //written to a file, whether temporary or not
211                return new BufferedInputStream (new FileInputStream(_file));
212            }
213            else
214            {
215                //part content is in memory
216                return new ByteArrayInputStream(_bout.getBuf(),0,_bout.size());
217            }
218         }
219 
220         public byte[] getBytes()
221         {
222             if (_bout!=null)
223                 return _bout.toByteArray();
224             return null;
225         }
226 
227         /**
228          * @see javax.servlet.http.Part#getName()
229          */
230         public String getName()
231         {
232            return _name;
233         }
234 
235         /**
236          * @see javax.servlet.http.Part#getSize()
237          */
238         public long getSize()
239         {
240             return _size;         
241         }
242 
243         /**
244          * @see javax.servlet.http.Part#write(java.lang.String)
245          */
246         public void write(String fileName) throws IOException
247         {
248             if (_file == null)
249             {
250                 _temporary = false;
251                 
252                 //part data is only in the ByteArrayOutputStream and never been written to disk
253                 _file = new File (_tmpDir, fileName);
254 
255                 BufferedOutputStream bos = null;
256                 try
257                 {
258                     bos = new BufferedOutputStream(new FileOutputStream(_file));
259                     _bout.writeTo(bos);
260                     bos.flush();
261                 }
262                 finally
263                 {
264                     if (bos != null)
265                         bos.close();
266                     _bout = null;
267                 }
268             }
269             else
270             {
271                 //the part data is already written to a temporary file, just rename it
272                 _temporary = false;
273                 
274                 File f = new File(_tmpDir, fileName);
275                 if (_file.renameTo(f))
276                     _file = f;
277             }
278         }
279 
280         /**
281          * Remove the file, whether or not Part.write() was called on it
282          * (ie no longer temporary)
283          * @see javax.servlet.http.Part#delete()
284          */
285         public void delete() throws IOException
286         {
287             if (_file != null && _file.exists())
288                 _file.delete();     
289         }
290         
291         /**
292          * Only remove tmp files.
293          * 
294          * @throws IOException
295          */
296         public void cleanUp() throws IOException
297         {
298             if (_temporary && _file != null && _file.exists())
299                 _file.delete();
300         }
301 
302 
303         /**
304          * Get the file, if any, the data has been written to.
305          * @return
306          */
307         public File getFile ()
308         {
309             return _file;
310         }
311 
312 
313         /**
314          * Get the filename from the content-disposition.
315          * @return null or the filename
316          */
317         public String getContentDispositionFilename ()
318         {
319             return _filename;
320         }
321     }
322 
323 
324 
325 
326     /**
327      * @param in Request input stream
328      * @param contentType Content-Type header
329      * @param config MultipartConfigElement
330      * @param contextTmpDir javax.servlet.context.tempdir
331      */
332     public MultiPartInputStreamParser (InputStream in, String contentType, MultipartConfigElement config, File contextTmpDir)
333     {
334         _in = new ReadLineInputStream(in);
335        _contentType = contentType;
336        _config = config;
337        _contextTmpDir = contextTmpDir;
338        if (_contextTmpDir == null)
339            _contextTmpDir = new File (System.getProperty("java.io.tmpdir"));
340        
341        if (_config == null)
342            _config = new MultipartConfigElement(_contextTmpDir.getAbsolutePath());
343     }
344 
345     /**
346      * Get the already parsed parts.
347      * 
348      * @return
349      */
350     public Collection<Part> getParsedParts()
351     {
352         if (_parts == null)
353             return Collections.emptyList();
354 
355         Collection<Object> values = _parts.values();
356         List<Part> parts = new ArrayList<Part>();
357         for (Object o: values)
358         {
359             List<Part> asList = LazyList.getList(o, false);
360             parts.addAll(asList);
361         }
362         return parts;
363     }
364 
365     /**
366      * Delete any tmp storage for parts, and clear out the parts list.
367      * 
368      * @throws MultiException
369      */
370     public void deleteParts ()
371     throws MultiException
372     {
373         Collection<Part> parts = getParsedParts();
374         MultiException err = new MultiException();
375         for (Part p:parts)
376         {
377             try
378             {
379                 ((MultiPartInputStreamParser.MultiPart)p).cleanUp();
380             } 
381             catch(Exception e)
382             {     
383                 err.add(e); 
384             }
385         }
386         _parts.clear();
387         
388         err.ifExceptionThrowMulti();
389     }
390 
391    
392     /**
393      * Parse, if necessary, the multipart data and return the list of Parts.
394      * 
395      * @return
396      * @throws IOException
397      * @throws ServletException
398      */
399     public Collection<Part> getParts()
400     throws IOException, ServletException
401     {
402         parse();
403         Collection<Object> values = _parts.values();
404         List<Part> parts = new ArrayList<Part>();
405         for (Object o: values)
406         {
407             List<Part> asList = LazyList.getList(o, false);
408             parts.addAll(asList);
409         }
410         return parts;
411     }
412 
413 
414     /**
415      * Get the named Part.
416      * 
417      * @param name
418      * @return
419      * @throws IOException
420      * @throws ServletException
421      */
422     public Part getPart(String name)
423     throws IOException, ServletException
424     {
425         parse();
426         return (Part)_parts.getValue(name, 0);
427     }
428 
429 
430     /**
431      * Parse, if necessary, the multipart stream.
432      * 
433      * @throws IOException
434      * @throws ServletException
435      */
436     protected void parse ()
437     throws IOException, ServletException
438     {
439         //have we already parsed the input?
440         if (_parts != null)
441             return;
442 
443         //initialize
444         long total = 0; //keep running total of size of bytes read from input and throw an exception if exceeds MultipartConfigElement._maxRequestSize
445         _parts = new MultiMap();
446 
447         //if its not a multipart request, don't parse it
448         if (_contentType == null || !_contentType.startsWith("multipart/form-data"))
449             return;
450 
451         //sort out the location to which to write the files
452 
453         if (_config.getLocation() == null)
454             _tmpDir = _contextTmpDir;
455         else if ("".equals(_config.getLocation()))
456             _tmpDir = _contextTmpDir;
457         else
458         {
459             File f = new File (_config.getLocation());
460             if (f.isAbsolute())
461                 _tmpDir = f;
462             else
463                 _tmpDir = new File (_contextTmpDir, _config.getLocation());
464         }
465 
466         if (!_tmpDir.exists())
467             _tmpDir.mkdirs();
468 
469         String contentTypeBoundary = "";
470         if (_contentType.indexOf("boundary=") >= 0)
471             contentTypeBoundary = QuotedStringTokenizer.unquote(value(_contentType.substring(_contentType.indexOf("boundary="))).trim());
472         
473         String boundary="--"+contentTypeBoundary;
474         byte[] byteBoundary=(boundary+"--").getBytes(StringUtil.__ISO_8859_1);
475 
476         // Get first boundary
477         String line=((ReadLineInputStream)_in).readLine();
478         
479         if (line == null)
480             throw new IOException("Missing content for multipart request");
481         
482         boolean badFormatLogged = false;
483         line=line.trim();
484         while (line != null && !line.equals(boundary))
485         {
486             if (!badFormatLogged)
487             {
488                 LOG.warn("Badly formatted multipart request");
489                 badFormatLogged = true;
490             }
491             line=((ReadLineInputStream)_in).readLine();
492             line=(line==null?line:line.trim());
493         }
494 
495         if (line == null)
496             throw new IOException("Missing initial multi part boundary");
497 
498         // Read each part
499         boolean lastPart=false;
500         String contentDisposition=null;
501         String contentType=null;
502         String contentTransferEncoding=null;
503         outer:while(!lastPart)
504         {
505             MultiMap headers = new MultiMap();
506             while(true)
507             {
508                 line=((ReadLineInputStream)_in).readLine();
509                 
510                 //No more input
511                 if(line==null)
512                     break outer;
513                 
514                 //end of headers:
515                 if("".equals(line))
516                     break;
517            
518                 total += line.length();
519                 if (_config.getMaxRequestSize() > 0 && total > _config.getMaxRequestSize())
520                     throw new IllegalStateException ("Request exceeds maxRequestSize ("+_config.getMaxRequestSize()+")");
521 
522                 //get content-disposition and content-type
523                 int c=line.indexOf(':',0);
524                 if(c>0)
525                 {
526                     String key=line.substring(0,c).trim().toLowerCase(Locale.ENGLISH);
527                     String value=line.substring(c+1,line.length()).trim();
528                     headers.put(key, value);
529                     if (key.equalsIgnoreCase("content-disposition"))
530                         contentDisposition=value;
531                     if (key.equalsIgnoreCase("content-type"))
532                         contentType = value;
533                     if(key.equals("content-transfer-encoding"))
534                         contentTransferEncoding=value;
535                 }
536             }
537 
538             // Extract content-disposition
539             boolean form_data=false;
540             if(contentDisposition==null)
541             {
542                 throw new IOException("Missing content-disposition");
543             }
544 
545             QuotedStringTokenizer tok=new QuotedStringTokenizer(contentDisposition,";", false, true);
546             String name=null;
547             String filename=null;
548             while(tok.hasMoreTokens())
549             {
550                 String t=tok.nextToken().trim();
551                 String tl=t.toLowerCase(Locale.ENGLISH);
552                 if(t.startsWith("form-data"))
553                     form_data=true;
554                 else if(tl.startsWith("name="))
555                     name=value(t);
556                 else if(tl.startsWith("filename="))
557                     filename=filenameValue(t);
558             }
559 
560             // Check disposition
561             if(!form_data)
562             {
563                 continue;
564             }
565             //It is valid for reset and submit buttons to have an empty name.
566             //If no name is supplied, the browser skips sending the info for that field.
567             //However, if you supply the empty string as the name, the browser sends the
568             //field, with name as the empty string. So, only continue this loop if we
569             //have not yet seen a name field.
570             if(name==null)
571             {
572                 continue;
573             }
574 
575             if ("base64".equalsIgnoreCase(contentTransferEncoding))
576             {
577                 _in = new Base64InputStream(_in);
578             }
579             else if ("quoted-printable".equalsIgnoreCase(contentTransferEncoding))
580             {
581                 _in = new FilterInputStream(_in)
582                 {
583                     @Override
584                     public int read() throws IOException
585                     {
586                         int c = in.read();
587                         if (c >= 0 && c == '=')
588                         {
589                             int hi = in.read();
590                             int lo = in.read();
591                             if (hi < 0 || lo < 0)
592                             {
593                                 throw new IOException("Unexpected end to quoted-printable byte");
594                             }
595                             char[] chars = new char[] { (char)hi, (char)lo };
596                             c = Integer.parseInt(new String(chars),16);
597                         }
598                         return c;
599                     }
600                 };
601             }
602 
603 
604 
605             //Have a new Part
606             MultiPart part = new MultiPart(name, filename);
607             part.setHeaders(headers);
608             part.setContentType(contentType);
609             _parts.add(name, part);
610 
611             part.open();
612 
613             try
614             {
615                 int state=-2;
616                 int c;
617                 boolean cr=false;
618                 boolean lf=false;
619 
620                 // loop for all lines
621                 while(true)
622                 {
623                     int b=0;
624                     while((c=(state!=-2)?state:_in.read())!=-1)
625                     {
626                         total ++;
627                         if (_config.getMaxRequestSize() > 0 && total > _config.getMaxRequestSize())
628                             throw new IllegalStateException("Request exceeds maxRequestSize ("+_config.getMaxRequestSize()+")");
629 
630                         state=-2;
631                         // look for CR and/or LF
632                         if(c==13||c==10)
633                         {
634                             if(c==13)
635                             {
636                                 _in.mark(1);
637                                 int tmp=_in.read();
638                                 if (tmp!=10)
639                                     _in.reset();
640                                 else
641                                     state=tmp;
642                             }
643                             break;
644                         }
645                         // look for boundary
646                         if(b>=0&&b<byteBoundary.length&&c==byteBoundary[b])
647                             b++;
648                         else
649                         {
650                             // this is not a boundary
651                             if(cr)
652                                 part.write(13);
653 
654                             if(lf)
655                                 part.write(10);
656 
657                             cr=lf=false;
658                             if(b>0)
659                                 part.write(byteBoundary,0,b);
660 
661                             b=-1;
662                             part.write(c);
663                         }
664                     }
665                     // check partial boundary
666                     if((b>0&&b<byteBoundary.length-2)||(b==byteBoundary.length-1))
667                     {
668                         if(cr)
669                             part.write(13);
670 
671                         if(lf)
672                             part.write(10);
673 
674                         cr=lf=false;
675                         part.write(byteBoundary,0,b);
676                         b=-1;
677                     }
678                     // boundary match
679                     if(b>0||c==-1)
680                     {
681                         if(b==byteBoundary.length)
682                             lastPart=true;
683                         if(state==10)
684                             state=-2;
685                         break;
686                     }
687                     // handle CR LF
688                     if(cr)
689                         part.write(13);
690 
691                     if(lf)
692                         part.write(10);
693 
694                     cr=(c==13);
695                     lf=(c==10||state==10);
696                     if(state==10)
697                         state=-2;
698                 }
699             }
700             finally
701             {
702 
703                 part.close();
704             }
705         }
706         if (!lastPart)
707             throw new IOException("Incomplete parts");
708     }
709     
710     public void setDeleteOnExit(boolean deleteOnExit)
711     {
712         _deleteOnExit = deleteOnExit;
713     }
714 
715 
716     public boolean isDeleteOnExit()
717     {
718         return _deleteOnExit;
719     }
720 
721 
722     /* ------------------------------------------------------------ */
723     private String value(String nameEqualsValue)
724     {
725         int idx = nameEqualsValue.indexOf('=');
726         String value = nameEqualsValue.substring(idx+1).trim();
727         return QuotedStringTokenizer.unquoteOnly(value);
728     }
729     
730     
731     /* ------------------------------------------------------------ */
732     private String filenameValue(String nameEqualsValue)
733     {
734         int idx = nameEqualsValue.indexOf('=');
735         String value = nameEqualsValue.substring(idx+1).trim();
736 
737         if (value.matches(".??[a-z,A-Z]\\:\\\\[^\\\\].*"))
738         {
739             //incorrectly escaped IE filenames that have the whole path
740             //we just strip any leading & trailing quotes and leave it as is
741             char first=value.charAt(0);
742             if (first=='"' || first=='\'')
743                 value=value.substring(1);
744             char last=value.charAt(value.length()-1);
745             if (last=='"' || last=='\'')
746                 value = value.substring(0,value.length()-1);
747 
748             return value;
749         }
750         else
751             //unquote the string, but allow any backslashes that don't
752             //form a valid escape sequence to remain as many browsers
753             //even on *nix systems will not escape a filename containing
754             //backslashes
755             return QuotedStringTokenizer.unquoteOnly(value, true);
756     }
757 
758     
759 
760     private static class Base64InputStream extends InputStream
761     {
762         BufferedReader _in;
763         String _line;
764         byte[] _buffer;
765         int _pos;
766 
767         public Base64InputStream (InputStream in)
768         {
769             _in = new BufferedReader(new InputStreamReader(in));
770         }
771 
772         @Override
773         public int read() throws IOException
774         {
775             if (_buffer==null || _pos>= _buffer.length)
776             {
777                 _line = _in.readLine();
778                 if (_line==null)
779                     return -1;
780                 if (_line.startsWith("--"))
781                     _buffer=(_line+"\r\n").getBytes();
782                 else if (_line.length()==0)
783                     _buffer="\r\n".getBytes();
784                 else
785                     _buffer=B64Code.decode(_line);
786 
787                 _pos=0;
788             }
789             return _buffer[_pos++];
790         }
791     }
792 }