[FIXED JENKINS-15437]

The exception handler ended up adding almost all the headers again, resulting in a lot of duplicate headers. Most critically, stapler was adding "Content-Encoding" header twice, breaking browsers.
jenkinsci · Jun 24, 2013 · d357554 · d357554
1 parent 134baf5
commit d357554
Show file tree

Hide file tree

Showing 4 changed files with 17 additions and 30 deletions.
diff --git a/changelog.html b/changelog.html
@@ -55,6 +55,9 @@
 <!-- Record your changes in the trunk here. -->
 <div id="trunk" style="display:none"><!--=TRUNK-BEGIN=-->
 <ul class=image>
+  <li class=bug>
+    Access denied error results in ERR_CONTENT_DECODING_FAILED on most browsers, masking the root cause.
+    (<a href="https://issues.jenkins-ci.org/browse/JENKINS-15437">issue 15437</a>)
   <li class=bug>
     Fixed the master/slave handshake problem when a slave runs on non-ASCII compatible encoding (such as EBCDIC.)
   <li class=rfe>

diff --git a/core/pom.xml b/core/pom.xml
@@ -42,7 +42,7 @@ THE SOFTWARE.
 
   <properties>
     <staplerFork>true</staplerFork>
-    <stapler.version>1.211</stapler.version>
+    <stapler.version>1.212</stapler.version>
     <spring.version>2.5.6.SEC03</spring.version>
   </properties>
 

diff --git a/core/src/main/java/hudson/security/AccessDeniedHandlerImpl.java b/core/src/main/java/hudson/security/AccessDeniedHandlerImpl.java
@@ -27,6 +27,7 @@
 import org.acegisecurity.AccessDeniedException;
 import org.acegisecurity.ui.AccessDeniedHandler;
 import org.kohsuke.stapler.Stapler;
+import org.kohsuke.stapler.WebApp;
 
 import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
@@ -52,25 +53,8 @@ public void handle(ServletRequest request, ServletResponse response, AccessDenie
 
         rsp.setStatus(HttpServletResponse.SC_FORBIDDEN);
         req.setAttribute("exception",accessDeniedException);
-        Stapler stapler = new Stapler();
-        stapler.init(new ServletConfig() {
-            public String getServletName() {
-                return "Stapler";
-            }
 
-            public ServletContext getServletContext() {
-                return Jenkins.getInstance().servletContext;
-            }
-
-            public String getInitParameter(String name) {
-                return null;
-            }
-
-            public Enumeration getInitParameterNames() {
-                return new Vector().elements();
-            }
-        });
-
-        stapler.invoke(req,rsp, Jenkins.getInstance(),"/accessDenied");
+        WebApp.get(Jenkins.getInstance().servletContext).getSomeStapler()
+                .invoke(req,rsp, Jenkins.getInstance(), "/accessDenied");
     }
 }
diff --git a/core/src/main/resources/lib/layout/layout.jelly b/core/src/main/resources/lib/layout/layout.jelly
@@ -53,9 +53,9 @@ THE SOFTWARE.
       (The permission will be checked against the "it" object.)
     </st:attribute>
   </st:documentation>
-<st:header name="Expires" value="0" />
-<st:header name="Cache-Control" value="no-cache,must-revalidate" />
-<st:header name="X-Hudson-Theme" value="default" />
+<st:setHeader name="Expires" value="0" />
+<st:setHeader name="Cache-Control" value="no-cache,must-revalidate" />
+<st:setHeader name="X-Hudson-Theme" value="default" />
 <st:contentType value="text/html;charset=UTF-8" />
 
   <j:new var="h" className="hudson.Functions" /><!-- instead of JSP functions -->
@@ -71,15 +71,15 @@ ${h.initPageVariables(context)}
 <j:set var="_" value="${h.configureAutoRefresh(request, response, attrs.norefresh!=null)}"/>
 
   <j:if test="${request.servletPath=='/' || request.servletPath==''}">
-    <st:header name="X-Hudson" value="1.395"/>
-    <st:header name="X-Jenkins" value="${servletContext.getAttribute('version')}"/>
-    <st:header name="X-Jenkins-Session" value="${app.SESSION_HASH}"/>
+    <st:setHeader name="X-Hudson" value="1.395"/>
+    <st:setHeader name="X-Jenkins" value="${servletContext.getAttribute('version')}"/>
+    <st:setHeader name="X-Jenkins-Session" value="${app.SESSION_HASH}"/>
     <j:if test="${app.tcpSlaveAgentListener!=null}">
       <!-- advertise the CLI TCP port -->
-      <st:header name="X-Hudson-CLI-Port" value="${app.tcpSlaveAgentListener.port}"/>
-      <st:header name="X-Jenkins-CLI-Port" value="${app.tcpSlaveAgentListener.port}"/>
-      <st:header name="X-Jenkins-CLI2-Port" value="${app.tcpSlaveAgentListener.port}"/>
-      <st:header name="X-Jenkins-CLI-Host" value="${app.tcpSlaveAgentListener.CLI_HOST_NAME}"/>
+      <st:setHeader name="X-Hudson-CLI-Port" value="${app.tcpSlaveAgentListener.port}"/>
+      <st:setHeader name="X-Jenkins-CLI-Port" value="${app.tcpSlaveAgentListener.port}"/>
+      <st:setHeader name="X-Jenkins-CLI2-Port" value="${app.tcpSlaveAgentListener.port}"/>
+      <st:setHeader name="X-Jenkins-CLI-Host" value="${app.tcpSlaveAgentListener.CLI_HOST_NAME}"/>
     </j:if>
     <j:forEach var="pd" items="${h.pageDecorators}">
       <st:include it="${pd}" page="httpHeaders.jelly" optional="true"/>