Bump spring-boot.version from 3.2.4 to 3.2.5

This updates Jetty to 12.0.8 where they changed the UriCompliance yet again. We need to use "UNSAFE" now. jetty/jetty.project#11495
adobe · Apr 28, 2024 · 3468740 · 3468740
1 parent ddac870
commit 3468740
Show file tree

Hide file tree

Showing 6 changed files with 24 additions and 6 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -147,9 +147,11 @@ Version 3.x is JDK17 LTS bytecode compatible, with Docker and JUnit / direct Jav
 
 * Features and fixes
   * Correctly handle chunked unsigned uploads (fixes #1662)
+  * Let Jetty handle "UNSAFE" characters in URIs, again (see #1686)
 * Version updates
   * Bump com.amazonaws:aws-java-sdk-s3 from 1.12.698 to 1.12.709
   * Bump aws-v2.version from 2.25.28 to 2.25.39
+  * Bump spring-boot.version from 3.2.4 to 3.2.5
   * Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.2 to 3.2.4
   * Bump org.apache.maven.plugins:maven-jar-plugin from 3.3.0 to 3.4.1
   * Bump github/codeql-action from 3.24.10 to 3.25.3

diff --git a/integration-tests/src/test/kotlin/com/adobe/testing/s3mock/its/ListObjectV1IT.kt b/integration-tests/src/test/kotlin/com/adobe/testing/s3mock/its/ListObjectV1IT.kt
@@ -171,7 +171,7 @@ internal class ListObjectV1IT : S3TestBase() {
   fun shouldListWithCorrectObjectNames(testInfo: TestInfo) {
     val bucketName = givenBucketV1(testInfo)
     val uploadFile = File(UPLOAD_FILE_NAME)
-    val weirdStuff = ("$&_ .,':\u0001") // use only characters that are safe or need special handling
+    val weirdStuff = charsSafe()
     val prefix = "shouldListWithCorrectObjectNames/"
     val key = "$prefix$weirdStuff${uploadFile.name}$weirdStuff"
     s3Client.putObject(PutObjectRequest(bucketName, key, uploadFile))
@@ -192,10 +192,9 @@ internal class ListObjectV1IT : S3TestBase() {
   fun shouldListV2WithCorrectObjectNames(testInfo: TestInfo) {
     val bucketName = givenBucketV1(testInfo)
     val uploadFile = File(UPLOAD_FILE_NAME)
-    val weirdStuff = ("$&_ .,':\u0001") // use only characters that are safe or need special handling
+    val weirdStuff = charsSafe()
     val prefix = "shouldListWithCorrectObjectNames/"
     val key = "$prefix$weirdStuff${uploadFile.name}$weirdStuff"
-
     s3Client.putObject(PutObjectRequest(bucketName, key, uploadFile))
 
     // AWS client ListObjects V2 defaults to no encoding whereas V1 defaults to URL

diff --git a/integration-tests/src/test/kotlin/com/adobe/testing/s3mock/its/ListObjectV2IT.kt b/integration-tests/src/test/kotlin/com/adobe/testing/s3mock/its/ListObjectV2IT.kt
@@ -117,7 +117,7 @@ internal class ListObjectV2IT : S3TestBase() {
   fun shouldListV2WithCorrectObjectNames(testInfo: TestInfo) {
     val bucketName = givenBucketV2(testInfo)
     val uploadFile = File(UPLOAD_FILE_NAME)
-    val weirdStuff = ("!-_.*'()") //safe characters as per S3 API
+    val weirdStuff = charsSafe()
     val prefix = "shouldListWithCorrectObjectNames/"
     val key = "$prefix$weirdStuff${uploadFile.name}$weirdStuff"
     s3ClientV2.putObject(PutObjectRequest

diff --git a/integration-tests/src/test/kotlin/com/adobe/testing/s3mock/its/S3TestBase.kt b/integration-tests/src/test/kotlin/com/adobe/testing/s3mock/its/S3TestBase.kt
@@ -646,13 +646,25 @@ internal abstract class S3TestBase {
         "$PREFIX${chars_safe_special()}"
       )
     }
+
+    @JvmStatic
+    protected fun charsSafeKey(): String {
+      return "$PREFIX${chars_safe_alphanumeric()}${chars_safe_special()}"
+    }
+
     @JvmStatic
     protected fun charsSpecial(): Stream<String> {
       return Stream.of(
         "$PREFIX${chars_specialHandling()}",
         //"$PREFIX${chars_specialHandling_unicode()}" //TODO: some of these chars to not work.
       )
     }
+
+    @JvmStatic
+    protected fun charsSpecialKey(): String {
+      return "$PREFIX${chars_specialHandling()}"
+    }
+
     @JvmStatic
     protected fun charsToAvoid(): Stream<String> {
       return Stream.of(
@@ -661,6 +673,11 @@ internal abstract class S3TestBase {
       )
     }
 
+    @JvmStatic
+    protected fun charsToAvoidKey(): String {
+      return "$PREFIX${chars_toAvoid()}"
+    }
+
     /**
      * Chars that are safe to use
      * https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html

diff --git a/pom.xml b/pom.xml
@@ -126,7 +126,7 @@
     <!-- Run Docker build by default -->
     <skipDocker>false</skipDocker>
     <sortpom-maven-plugin.version>3.4.1</sortpom-maven-plugin.version>
-    <spring-boot.version>3.2.4</spring-boot.version>
+    <spring-boot.version>3.2.5</spring-boot.version>
     <testcontainers.version>1.19.7</testcontainers.version>
     <testng.version>7.10.1</testng.version>
     <xmlunit-assertj3.version>2.9.1</xmlunit-assertj3.version>

diff --git a/server/src/main/java/com/adobe/testing/s3mock/S3MockConfiguration.java b/server/src/main/java/com/adobe/testing/s3mock/S3MockConfiguration.java
@@ -86,7 +86,7 @@ ServletWebServerFactory webServerFactory(S3MockProperties properties) {
                     .map(hc -> {
                       //disable UriCompliance checks. S3 allows object keys that do not conform to
                       //URI specs as defined here: https://datatracker.ietf.org/doc/html/rfc3986
-                      hc.setUriCompliance(UriCompliance.LEGACY);
+                      hc.setUriCompliance(UriCompliance.UNSAFE);
                       return hc.getCustomizer(SecureRequestCustomizer.class);
                     })
                     .filter(Objects::nonNull)