How to migrate from legacy compliance mode #12806
Comments
|
I would think that while you are in legacy modes, use the ComplianceViolation.Listener and capture where things are triggering the violations. Make note of those violations and then work on producing the requests in a way that those violations do not trigger anymore. |
|
The problem is that while we are in legacy modes, the ComplianceViolation.Listener is not invoked - see https://github.com/jetty/jetty.project/blob/61f773643ee366a52097d02a486696496560f820/jetty-core/jetty-http/src/main/java/org/eclipse/jetty/http/UriCompliance.java#L429C1-L452C6 The listener is invoked only if |
Yeah, that's a bug. |
Jetty Version
12.0.9
Jetty Environment
ee8
Java Version
21
Question
Hi community, I would like to ask question about Jetty compliance mode. We are in a situation that we use legacy compliance mode for URIs and Cookies as it was easier for us to be backward compatible when we moved our application into Jetty. We are trying to figure out how to move on from this state.
In the first step, we would like to identify requests with violations and only log them so we can investigate origin of the requests and fix it. ComplianceViolation.Listener seems to be a great fit for this use case, but it catches only violations not present in compliance mode. So we cannot be backward compatible and in the same time log the violations.
It would help us if the ComplianceViolation.Listener was invoked even if the violation is present in the compliance mode. What do you think?
The text was updated successfully, but these errors were encountered: