Add -webExternalNames setting and fix WebServer.getConnection()#3377
Add -webExternalNames setting and fix WebServer.getConnection()#3377katzyn merged 2 commits intoh2database:masterfrom
Conversation
![sonatype-lift[bot]](proxy.php?url=https://avatars.githubusercontent.com/in/9843?s=60&v=4){kind=small}
| output.write(Integer.toHexString(bytes.length).getBytes()); | ||
| output.write("\r\n".getBytes()); | ||
| output.write(bytes); | ||
| output.write("\r\n".getBytes()); |
There was a problem hiding this comment.
DefaultCharset: Implicit use of the platform default charset, which can result in differing behaviour between JVM executions or incorrect behavior if the encoding of the data source doesn't match expectations. (details)
(at-me in a reply with help or ignore)
| if (bytes.length == 0) { | ||
| continue; | ||
| } | ||
| output.write(Integer.toHexString(bytes.length).getBytes()); |
There was a problem hiding this comment.
DefaultCharset: Implicit use of the platform default charset, which can result in differing behaviour between JVM executions or incorrect behavior if the encoding of the data source doesn't match expectations. (details)
(at-me in a reply with help or ignore)
| output.flush(); | ||
| } | ||
| message += "Content-Length: " + bytes.length + "\r\n"; | ||
| output.write("0\r\n\r\n".getBytes()); |
There was a problem hiding this comment.
DefaultCharset: Implicit use of the platform default charset, which can result in differing behaviour between JVM executions or incorrect behavior if the encoding of the data source doesn't match expectations. (details)
(at-me in a reply with help or ignore)
| message += "Transfer-Encoding: chunked\r\n"; | ||
| message += "\r\n"; | ||
| trace(message); | ||
| output.write(message.getBytes()); |
There was a problem hiding this comment.
DefaultCharset: Implicit use of the platform default charset, which can result in differing behaviour between JVM executions or incorrect behavior if the encoding of the data source doesn't match expectations. (details)
(at-me in a reply with help or ignore)
| message += "Content-Length: " + bytes.length + "\r\n"; | ||
| message += "\r\n"; | ||
| trace(message); | ||
| output.write(message.getBytes()); |
There was a problem hiding this comment.
DefaultCharset: Implicit use of the platform default charset, which can result in differing behaviour between JVM executions or incorrect behavior if the encoding of the data source doesn't match expectations. (details)
(at-me in a reply with help or ignore)
| } | ||
|
|
||
| /** | ||
| * @return host name |
There was a problem hiding this comment.
MissingSummary: A summary fragment is required; consider using the value of the @return block as a summary fragment instead. (details)
(at-me in a reply with help or ignore)
| } | ||
| String externalNames = server.getExternalNames(); | ||
| if (externalNames != null && !externalNames.isEmpty()) { | ||
| for (String s : externalNames.split(",")) { |
There was a problem hiding this comment.
StringSplitter: String.split(String) has surprising behavior (details)
(at-me in a reply with help or ignore)
| JdbcConnection connection = new JdbcConnection(url, null, user, password); | ||
| JdbcConnection connection = new JdbcConnection(url, null, user, password, forbidCreation); | ||
| if (networkConnectionInfo != null) { | ||
| connection.getSession().setNetworkConnectionInfo(networkConnectionInfo); |
There was a problem hiding this comment.
NULL_DEREFERENCE: object returned by getSession(connection) could be null and is dereferenced at line 290.
(at-me in a reply with help or ignore)
Not a true backport, but a full block of the dangerous options. In the original upstream PR there remains the option to enable these things. The change is too complex for 1.4.x. Upstream h2database#3377 out of https://github.com/h2database/h2database/releases/tag/version-2.1.210 Advisory GHSA-45hx-wfhj-473x
Not a true backport, but a full block of the dangerous options. In the original upstream PR there remains the option to enable these things. The change is too complex for 1.4.x. Upstream h2database#3377 out of https://github.com/h2database/h2database/releases/tag/version-2.1.210 Advisory GHSA-45hx-wfhj-473x
1 participant
No description provided.