Fixed issues with set content encoding header reported in #150

Author: sapessi

aws-serverless-java-container-core/src/main/java/com/amazonaws/serverless/proxy/internal/servlet/AwsProxyHttpServletRequest.java

@@ -86,6 +86,7 @@ public class AwsProxyHttpServletRequest extends AwsHttpServletRequest {
     private SecurityContext securityContext;
     private Map<String, List<String>> urlEncodedFormParameters;
     private Map<String, Part> multipartFormParameters;
+    private Map<String, String> caseInsensitiveHeaders;
     private EncodingQueryStringParameterMap queryStringParameters;
     private static Logger log = LoggerFactory.getLogger(AwsProxyHttpServletRequest.class);
     private ContainerConfig config;
@@ -108,6 +109,9 @@ public AwsProxyHttpServletRequest(AwsProxyRequest awsProxyRequest, Context lambd
 
         this.queryStringParameters = new EncodingQueryStringParameterMap(config.isQueryStringCaseSensitive(), config.getUriEncoding());
         this.queryStringParameters.putAllMapEncoding(request.getQueryStringParameters());
+
+        this.caseInsensitiveHeaders = new TreeMap<>(String.CASE_INSENSITIVE_ORDER);
+        this.caseInsensitiveHeaders.putAll(awsProxyRequest.getHeaders());
     }
 
 
@@ -171,10 +175,10 @@ public Enumeration<String> getHeaders(String s) {
 
     @Override
     public Enumeration<String> getHeaderNames() {
-        if (request.getHeaders() == null) {
+        if (caseInsensitiveHeaders == null) {
             return Collections.emptyEnumeration();
         }
-        return Collections.enumeration(request.getHeaders().keySet());
+        return Collections.enumeration(caseInsensitiveHeaders.keySet());
     }
 
 
@@ -349,30 +353,29 @@ public String getCharacterEncoding() {
     @Override
     public void setCharacterEncoding(String s)
             throws UnsupportedEncodingException {
-        String currentContentType = request.getHeaders().get(HttpHeaders.CONTENT_TYPE);
-        if (currentContentType == null) {
-            request.getHeaders().put(
-                    HttpHeaders.CONTENT_TYPE,
-                    HEADER_VALUE_SEPARATOR + " " + ENCODING_VALUE_KEY + HEADER_KEY_VALUE_SEPARATOR + s);
+        String currentContentType = getHeaderCaseInsensitive(HttpHeaders.CONTENT_TYPE);
+        if (currentContentType == null || "".equals(currentContentType)) {
+            log.error("Called set character encoding to " + SecurityUtils.crlf(s) + " on a request without a content type. Character encoding will not be set");
             return;
         }
 
         if (currentContentType.contains(HEADER_VALUE_SEPARATOR)) {
             String[] contentTypeValues = currentContentType.split(HEADER_VALUE_SEPARATOR);
             StringBuilder contentType = new StringBuilder(contentTypeValues[0]);
 
-            for (String contentTypeValue : contentTypeValues) {
+            for (int i = 1; i < contentTypeValues.length; i++) {
+                String contentTypeValue = contentTypeValues[i];
                 String contentTypeString = HEADER_VALUE_SEPARATOR + " " + contentTypeValue;
                 if (contentTypeValue.trim().startsWith(ENCODING_VALUE_KEY)) {
                     contentTypeString = HEADER_VALUE_SEPARATOR + " " + ENCODING_VALUE_KEY + HEADER_KEY_VALUE_SEPARATOR + s;
                 }
                 contentType.append(contentTypeString);
             }
 
-            request.getHeaders().put(HttpHeaders.CONTENT_TYPE, contentType.toString());
+            setHeaderCaseInsensitive(HttpHeaders.CONTENT_TYPE.toLowerCase(Locale.getDefault()), contentType.toString());
         } else {
-            request.getHeaders().put(
-                    HttpHeaders.CONTENT_TYPE,
+            setHeaderCaseInsensitive(
+                    HttpHeaders.CONTENT_TYPE.toLowerCase(Locale.getDefault()),
                     currentContentType + HEADER_VALUE_SEPARATOR + " " + ENCODING_VALUE_KEY + HEADER_KEY_VALUE_SEPARATOR + s);
         }
     }
@@ -400,7 +403,12 @@ public long getContentLengthLong() {
 
     @Override
     public String getContentType() {
-        return getHeaderCaseInsensitive(HttpHeaders.CONTENT_TYPE);
+        String contentTypeHeader = getHeaderCaseInsensitive(HttpHeaders.CONTENT_TYPE);
+        if (contentTypeHeader == null || "".equals(contentTypeHeader.trim())) {
+            return null;
+        }
+
+        return contentTypeHeader;
     }
 
 
@@ -414,7 +422,17 @@ public ServletInputStream getInputStream()
         if (request.isBase64Encoded()) {
             bodyBytes = Base64.getMimeDecoder().decode(request.getBody());
         } else {
-            bodyBytes = request.getBody().getBytes(StandardCharsets.UTF_8);
+            String encoding = getCharacterEncoding();
+            if (encoding == null) {
+                encoding = StandardCharsets.ISO_8859_1.name();
+            }
+            try {
+                bodyBytes = request.getBody().getBytes(encoding);
+            } catch (Exception e) {
+                log.error("Could not read request with character encoding: " + SecurityUtils.crlf(encoding), e);
+                bodyBytes = request.getBody().getBytes(StandardCharsets.ISO_8859_1.name());
+            }
+
         }
         ByteArrayInputStream requestBodyStream = new ByteArrayInputStream(bodyBytes);
         return new AwsServletInputStream(requestBodyStream);
@@ -649,15 +667,21 @@ private String getHeaderCaseInsensitive(String key) {
             return request.getRequestContext().getIdentity().getUserAgent();
         }
 
-        if (request.getHeaders() == null) {
+        if (caseInsensitiveHeaders == null) {
             return null;
         }
-        for (String requestHeaderKey : request.getHeaders().keySet()) {
-            if (key.toLowerCase(Locale.ENGLISH).equals(requestHeaderKey.toLowerCase(Locale.ENGLISH))) {
-                return request.getHeaders().get(requestHeaderKey);
+        return caseInsensitiveHeaders.get(key);
+    }
+
+    private void setHeaderCaseInsensitive(String key, String value) {
+        if (caseInsensitiveHeaders == null) {
+            caseInsensitiveHeaders = new TreeMap<>(String.CASE_INSENSITIVE_ORDER);
+            if (request.getHeaders() != null) {
+                caseInsensitiveHeaders.putAll(request.getHeaders());
             }
         }
-        return null;
+
+        caseInsensitiveHeaders.put(key, value);
     }
 
     private String[] getFormBodyParameterCaseInsensitive(String key) {

aws-serverless-java-container-core/src/test/java/com/amazonaws/serverless/proxy/internal/servlet/AwsProxyHttpServletRequestTest.java

@@ -9,10 +9,13 @@
 import javax.ws.rs.core.HttpHeaders;
 import javax.ws.rs.core.MediaType;
 
+import java.io.UnsupportedEncodingException;
+import java.nio.charset.StandardCharsets;
 import java.time.Instant;
 import java.time.ZonedDateTime;
 import java.util.Collections;
 import java.util.List;
+import java.util.Locale;
 import java.util.Map;
 
 import static org.junit.Assert.*;
@@ -29,11 +32,6 @@ public class AwsProxyHttpServletRequestTest {
     private static final String REFERER = "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/User-Agent/Firefox";
     private static ZonedDateTime REQUEST_DATE = ZonedDateTime.now();
 
-    private static final AwsProxyRequest REQUEST_WITH_HEADERS = new AwsProxyRequestBuilder("/hello", "GET")
-            .header(CUSTOM_HEADER_KEY, CUSTOM_HEADER_VALUE)
-            .header(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON)
-            .header(AwsProxyHttpServletRequest.CF_PROTOCOL_HEADER_NAME, REQUEST_SCHEME_HTTP)
-            .build();
     private static final AwsProxyRequest REQUEST_FORM_URLENCODED = new AwsProxyRequestBuilder("/hello", "POST")
             .form(FORM_PARAM_NAME, FORM_PARAM_NAME_VALUE).build();
     private static final AwsProxyRequest REQUEST_INVALID_FORM_URLENCODED = new AwsProxyRequestBuilder("/hello", "GET")
@@ -54,10 +52,11 @@ public class AwsProxyHttpServletRequestTest {
     private static final AwsProxyRequest REQUEST_USER_AGENT_REFERER = new AwsProxyRequestBuilder("/hello", "POST")
             .userAgent(USER_AGENT)
             .referer(REFERER).build();
-
     private static final AwsProxyRequest REQUEST_WITH_DATE = new AwsProxyRequestBuilder("/hello", "GET")
             .header(HttpHeaders.DATE, AwsHttpServletRequest.dateFormatter.format(REQUEST_DATE))
             .build();
+    private static final AwsProxyRequest REQUEST_WITH_LOWERCASE_HEADER = new AwsProxyRequestBuilder("/hello", "POST")
+            .header(HttpHeaders.CONTENT_TYPE.toLowerCase(Locale.getDefault()), MediaType.APPLICATION_JSON).build();
 
     private static final AwsProxyRequest REQUEST_NULL_QUERY_STRING;
     static {
@@ -72,7 +71,7 @@ public class AwsProxyHttpServletRequestTest {
 
     @Test
     public void headers_getHeader_validRequest() {
-        HttpServletRequest request = new AwsProxyHttpServletRequest(REQUEST_WITH_HEADERS, null, null);
+        HttpServletRequest request = new AwsProxyHttpServletRequest(getRequestWithHeaders(), null, null);
         assertNotNull(request.getHeader(CUSTOM_HEADER_KEY));
         assertEquals(CUSTOM_HEADER_VALUE, request.getHeader(CUSTOM_HEADER_KEY));
         assertEquals(MediaType.APPLICATION_JSON, request.getContentType());
@@ -147,15 +146,15 @@ public void scheme_getScheme_https() {
 
     @Test
     public void scheme_getScheme_http() {
-        HttpServletRequest request = new AwsProxyHttpServletRequest(REQUEST_WITH_HEADERS, null, null);
+        HttpServletRequest request = new AwsProxyHttpServletRequest(getRequestWithHeaders(), null, null);
         assertNotNull(request);
         assertNotNull(request.getScheme());
         assertEquals(REQUEST_SCHEME_HTTP, request.getScheme());
     }
 
     @Test
     public void cookie_getCookies_noCookies() {
-        HttpServletRequest request = new AwsProxyHttpServletRequest(REQUEST_WITH_HEADERS, null, null);
+        HttpServletRequest request = new AwsProxyHttpServletRequest(getRequestWithHeaders(), null, null);
         assertNotNull(request);
         assertNotNull(request.getCookies());
         assertEquals(0, request.getCookies().length);
@@ -243,4 +242,106 @@ public void queryParameter_getParameterMap_avoidDuplicationOnMultipleCalls() {
         assertNotNull(params.get(FORM_PARAM_TEST));
         assertEquals(1, params.get(FORM_PARAM_TEST).length);
     }
+
+    @Test
+    public void charEncoding_getEncoding_expectNoEncodingWithoutContentType() {
+         HttpServletRequest request = new AwsProxyHttpServletRequest(REQUEST_SINGLE_COOKIE, null, null);
+         try {
+             request.setCharacterEncoding(StandardCharsets.UTF_8.name());
+             // we have not specified a content type so the encoding will not be set
+             assertEquals(null, request.getCharacterEncoding());
+             assertEquals(null, request.getContentType());
+         } catch (UnsupportedEncodingException e) {
+             fail("Unsupported encoding");
+             e.printStackTrace();
+         }
+    }
+
+    @Test
+    public void charEncoding_getEncoding_expectContentTypeOnly() {
+        HttpServletRequest request = new AwsProxyHttpServletRequest(getRequestWithHeaders(), null, null);
+        // we have not specified a content type so the encoding will not be set
+        assertEquals(null, request.getCharacterEncoding());
+        assertEquals(MediaType.APPLICATION_JSON, request.getContentType());
+        try {
+            request.setCharacterEncoding(StandardCharsets.UTF_8.name());
+            String newHeaderValue = MediaType.APPLICATION_JSON + "; charset=" + StandardCharsets.UTF_8.name();
+            assertEquals(newHeaderValue, request.getHeader(HttpHeaders.CONTENT_TYPE));
+            assertEquals(newHeaderValue, request.getContentType());
+            assertEquals(StandardCharsets.UTF_8.name(), request.getCharacterEncoding());
+        } catch (UnsupportedEncodingException e) {
+            fail("Unsupported encoding");
+            e.printStackTrace();
+        }
+    }
+
+    @Test
+    public void charEncoding_addCharEncodingTwice_expectSingleMediaTypeAndEncoding() {
+        HttpServletRequest request = new AwsProxyHttpServletRequest(getRequestWithHeaders(), null, null);
+        // we have not specified a content type so the encoding will not be set
+        assertEquals(null, request.getCharacterEncoding());
+        assertEquals(MediaType.APPLICATION_JSON, request.getContentType());
+
+        try {
+            request.setCharacterEncoding(StandardCharsets.UTF_8.name());
+            String newHeaderValue = MediaType.APPLICATION_JSON + "; charset=" + StandardCharsets.UTF_8.name();
+            assertEquals(newHeaderValue, request.getHeader(HttpHeaders.CONTENT_TYPE));
+            assertEquals(newHeaderValue, request.getContentType());
+            assertEquals(StandardCharsets.UTF_8.name(), request.getCharacterEncoding());
+
+
+            request.setCharacterEncoding(StandardCharsets.ISO_8859_1.name());
+            newHeaderValue = MediaType.APPLICATION_JSON + "; charset=" + StandardCharsets.ISO_8859_1.name();
+            assertEquals(newHeaderValue, request.getHeader(HttpHeaders.CONTENT_TYPE));
+            assertEquals(newHeaderValue, request.getContentType());
+            assertEquals(StandardCharsets.ISO_8859_1.name(), request.getCharacterEncoding());
+        } catch (UnsupportedEncodingException e) {
+            fail("Unsupported encoding");
+            e.printStackTrace();
+        }
+    }
+
+    @Test
+    public void contentType_lowerCaseHeaderKey_expectUpdatedMediaType() {
+        HttpServletRequest request = new AwsProxyHttpServletRequest(REQUEST_WITH_LOWERCASE_HEADER, null, null);
+        try {
+            request.setCharacterEncoding(StandardCharsets.UTF_8.name());
+            String newHeaderValue = MediaType.APPLICATION_JSON + "; charset=" + StandardCharsets.UTF_8.name();
+            assertEquals(newHeaderValue, request.getHeader(HttpHeaders.CONTENT_TYPE));
+            assertEquals(newHeaderValue, request.getContentType());
+            assertEquals(StandardCharsets.UTF_8.name(), request.getCharacterEncoding());
+
+        } catch (UnsupportedEncodingException e) {
+            fail("Unsupported encoding");
+            e.printStackTrace();
+        }
+    }
+
+    @Test
+    public void contentType_duplicateCase_expectSingleContentTypeHeader() {
+        AwsProxyRequest proxyRequest = getRequestWithHeaders();
+        HttpServletRequest request = new AwsProxyHttpServletRequest(proxyRequest, null, null);
+
+        try {
+            request.setCharacterEncoding(StandardCharsets.ISO_8859_1.name());
+            assertNotNull(request.getHeader(HttpHeaders.CONTENT_TYPE));
+            assertNotNull(request.getHeader(HttpHeaders.CONTENT_TYPE.toLowerCase(Locale.getDefault())));
+
+            assertFalse(proxyRequest.getHeaders().containsKey(HttpHeaders.CONTENT_TYPE) && proxyRequest.getHeaders().containsKey(HttpHeaders.CONTENT_TYPE.toLowerCase(Locale.getDefault())));
+        } catch (UnsupportedEncodingException e) {
+            fail("Unsupported encoding");
+            e.printStackTrace();
+        }
+
+
+
+    }
+
+    private AwsProxyRequest getRequestWithHeaders() {
+        return new AwsProxyRequestBuilder("/hello", "GET")
+                       .header(CUSTOM_HEADER_KEY, CUSTOM_HEADER_VALUE)
+                       .header(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON)
+                       .header(AwsProxyHttpServletRequest.CF_PROTOCOL_HEADER_NAME, REQUEST_SCHEME_HTTP)
+                       .build();
+    }
 }