Fix potential NPE in websocket upgrade check (#15)

* Pick up latest version of io.mantisrx, use shaded ObjectMapper to serialize/deserialize objects * Remove jackson dependency * Handle NPE in websocket upgrade check * Fix breaking changes from zuul-core 2.1.8 Co-authored-by: Calvin Cheung <[email protected]>
Netflix · Aug 27, 2020 · 95cdc14 · 95cdc14
1 parent 1ce4f51
commit 95cdc14
Show file tree

Hide file tree

Showing 5 changed files with 13 additions and 5 deletions.
diff --git a/build.gradle b/build.gradle
@@ -81,7 +81,13 @@ dependencies {
         exclude group: 'com.google.guava', module: 'guava'
         exclude group: 'com.google.inject', module: 'guice'
     }
+    api('com.netflix.zuul:zuul-guice:latest.release') {
+        exclude group: 'com.google.guava', module: 'guava'
+        exclude group: 'com.google.inject', module: 'guice'
+    }
     implementation 'com.netflix.blitz4j:blitz4j:1.37.2'
+    implementation "com.netflix.governator:governator:1.+"
+    implementation "org.apache.commons:commons-lang3:3.+"
     api "io.mantisrx:mantis-discovery-proto:$mantisDiscoveryProtoVersion"
     api "io.mantisrx:mantis-client:$mantisClientVersion"
     api "io.mantisrx:mantis-runtime:$mantisClientVersion"

diff --git a/src/main/java/io/mantisrx/api/filters/JobDiscoveryCacheLoader.java b/src/main/java/io/mantisrx/api/filters/JobDiscoveryCacheLoader.java
@@ -40,7 +40,7 @@ public int filterOrder() {
     @Override
     public boolean shouldFilter(HttpResponseMessage response) {
         return response.getOutboundRequest().getPath().matches("^/api/v1/jobClusters/.*/latestJobDiscoveryInfo$")
-                && response.getHeaders().get(Constants.MANTISAPI_CACHED_HEADER).isEmpty()
+                && response.getHeaders().getAll(Constants.MANTISAPI_CACHED_HEADER).isEmpty()
                 && cacheEnabled.get();
     }
 

diff --git a/src/main/java/io/mantisrx/api/filters/MasterCacheLoader.java b/src/main/java/io/mantisrx/api/filters/MasterCacheLoader.java
@@ -75,6 +75,6 @@ public boolean shouldFilter(HttpResponseMessage msg) {
         return msg.getOutboundRequest().getContext().getRouteVIP() != null
                 && msg.getOutboundRequest().getContext().getRouteVIP().equalsIgnoreCase("api")
                 && msg.getInboundRequest().getMethod().equalsIgnoreCase("get")
-                && msg.getHeaders().get(Constants.MANTISAPI_CACHED_HEADER).size() == 0; // Set by the MasterCacheHitChecker, ensures we aren't re-caching.
+                && msg.getHeaders().getAll(Constants.MANTISAPI_CACHED_HEADER).size() == 0; // Set by the MasterCacheHitChecker, ensures we aren't re-caching.
     }
 }
diff --git a/src/main/java/io/mantisrx/api/filters/OutboundHeaders.java b/src/main/java/io/mantisrx/api/filters/OutboundHeaders.java
@@ -30,7 +30,7 @@ private void upsert(HttpResponseMessage resp, AsciiString name, String value) {
     }
 
     private void addHeaderIfMissing(HttpResponseMessage resp, AsciiString name, String value) {
-        if (resp.getHeaders().get(name.toString()).size() == 0) {
+        if (resp.getHeaders().getAll(name.toString()).size() == 0) {
             resp.getHeaders().add(name.toString(), value);
         }
     }

diff --git a/src/main/java/io/mantisrx/api/push/MantisSSEHandler.java b/src/main/java/io/mantisrx/api/push/MantisSSEHandler.java
@@ -148,8 +148,10 @@ private boolean isWebsocketUpgrade(HttpRequest request) {
         HttpHeaders headers = request.headers();
         // Header "Connection" contains "upgrade" (case insensitive) and
         // Header "Upgrade" equals "websocket" (case insensitive)
-        return headers.get(HttpHeaderNames.CONNECTION).toLowerCase().contains("upgrade") &&
-                headers.get(HttpHeaderNames.UPGRADE).toLowerCase().equals("websocket");
+        String connection = headers.get(HttpHeaderNames.CONNECTION);
+        String upgrade = headers.get(HttpHeaderNames.UPGRADE);
+        return connection != null && connection.toLowerCase().contains("upgrade") &&
+                upgrade != null && upgrade.toLowerCase().equals("websocket");
     }