Skip to content

[UNDERTOW-2370] Guard against non-servlet ctx request with ServletNam…#1758

Open
baranowb wants to merge 1 commit intoundertow-io:mainfrom
baranowb:UNDERTOW-2370
Open

[UNDERTOW-2370] Guard against non-servlet ctx request with ServletNam…#1758
baranowb wants to merge 1 commit intoundertow-io:mainfrom
baranowb:UNDERTOW-2370

Conversation

@baranowb
Copy link
Contributor

@baranowb baranowb commented Jul 15, 2025

…eAttribute in access log
Issue: https://issues.redhat.com/browse/UNDERTOW-2370

@baranowb baranowb requested review from fl4via and ropalka July 15, 2025 07:02
@baranowb baranowb added bug fix Contains bug fix(es) enhancement Enhances existing behaviour or code labels Jul 15, 2025
msfm
msfm suggested changes Jul 15, 2025
View reviewed changes
servlet/src/main/java/io/undertow/servlet/attribute/ServletNameAttribute.java Outdated
if (src != null) {
return src.getCurrentServlet().getManagedServlet().getServletInfo().getName();
} else {
return UNDEFINED;
Copy link
Contributor

@msfm msfm Jul 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you explain the reasoning behind intentionally returning "No-Servlet" here?

I was thinking that returning null would be sufficient, as it gets logged as - in the access log by default. This would also align with other ExchangeAttributes, which typically return null when a value isn't available.

Copy link
Contributor Author

@baranowb baranowb Sep 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

UX, looks better than "null".

Copy link
Contributor

@msfm msfm Sep 11, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To clarify, my suggestion of returning null does not result in the string "null" being logged. Instead, the access log mechanism converts it to -, which is the standard convention for an empty value in Undertow.

My main concern is consistency. All other ExchangeAttributes (like RequestHeaderAttribute, ResponseHeaderAttribute, RemoteUserAttribute, etc.) return null and are logged as -. Introducing a custom "No-Servlet" string here would create a special case and make the logs less uniform.

For this reason, I still believe that returning null is the most appropriate approach.

Copy link
Member

@fl4via fl4via Mar 4, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@baranowb if other attributes return null and it is printed as '-', I believe we need to return null here as well

fl4via
fl4via requested changes Mar 4, 2026
View reviewed changes
servlet/src/main/java/io/undertow/servlet/attribute/ServletNameAttribute.java Outdated
if (src != null) {
return src.getCurrentServlet().getManagedServlet().getServletInfo().getName();
} else {
return UNDEFINED;
Copy link
Member

@fl4via fl4via Mar 4, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@baranowb if other attributes return null and it is printed as '-', I believe we need to return null here as well

@fl4via fl4via added the waiting PR update Awaiting PR update(s) from contributor before merging label Mar 4, 2026
@baranowb baranowb removed the waiting PR update Awaiting PR update(s) from contributor before merging label Mar 6, 2026
@baranowb baranowb requested a review from fl4via March 6, 2026 09:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ropalka ropalka Awaiting requested review from ropalka

@fl4via fl4via Awaiting requested review from fl4via

1 more reviewer

@msfm msfm msfm requested changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

bug fix Contains bug fix(es) enhancement Enhances existing behaviour or code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@baranowb @msfm @fl4via