You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by "Oleg Kalnichevski (JIRA)" <ji...@apache.org> on 2019/06/25 09:48:00 UTC
[jira] [Comment Edited] (HTTPCLIENT-1960) URIBuilder incorrect
handling of multiple leading slashes in path component
[ https://issues.apache.org/jira/browse/HTTPCLIENT-1960?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16740468#comment-16740468 ]
Oleg Kalnichevski edited comment on HTTPCLIENT-1960 at 6/25/19 9:47 AM:
------------------------------------------------------------------------
Yes the {{URIBuilder}} does conform to the RFC 3986 in the end. But the calls {{setPath("/etc/motd")}} and {{setPath("etc/motd")}} both result in the same URI, while they are different. Even {{setPath("//etc/motd")}} will have the same result.
An extra %2F cannot be added manually because {{setPath("/%2Fetc/motd")}} results in {{"/%252Fetc/motd"}} because the path will be (correctly) URI-encoded.
---
*Correction*: My statement about {{URIBuilder}} conformance to RFC 3986 was wrong, as later pointed out by [~rmcuenen]. Both {{java.net.URI}} and {{URIBuilder}} presently conform to RFC 2396 only.
was (Author: rmcuenen):
Yes the {{URIBuilder}} does conform to the RFC 3986 in the end. But the calls {{setPath("/etc/motd")}} and {{setPath("etc/motd")}} both result in the same URI, while they are different. Even {{setPath("//etc/motd")}} will have the same result.
An extra %2F cannot be added manually because {{setPath("/%2Fetc/motd")}} results in {{"/%252Fetc/motd"}} because the path will be (correctly) URI-encoded.
> URIBuilder incorrect handling of multiple leading slashes in path component
> ---------------------------------------------------------------------------
>
> Key: HTTPCLIENT-1960
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1960
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpClient (async), HttpClient (classic)
> Affects Versions: 4.5.5
> Reporter: Raymond Cuenen
> Assignee: Oleg Kalnichevski
> Priority: Major
> Fix For: 4.5.7, 5.0 Beta4
>
>
> If original path startsWith '/' it is removed by normalizePath; in that case it should be added again URI-encoded. For example: A path value of '/etc/motd' becomes:
> {code:java}
> ftp://myname@host.dom/etc/motd{code}
> while it should be:
> {code:java}
> ftp://myname@host.dom/%2Fetc/motd{code}
> Only when the path value is 'etc/motd' is should become "ftp://myname@host.dom/etc/motd"
>
> Fix for this issue in URIBuilder.java:
> {noformat}
> private String buildString() {
> ...
> if (this.encodedPath != null) {
> sb.append(normalizePath(this.encodedPath, sb.length() == 0));
> } else if (this.path != null) {
> String encodedPath = encodePath(normalizePath(this.path, sb.length() == 0));
> // Start fix for paths starting with '/'
> // If original path startsWith '/' it is removed by normalizePath; in that case it should be added again URI-encoded.
> if (this.path.startsWith("/")) {
> encodedPath = "/%2F" + encodedPath.substring(1);
> }
> // End fix
> sb.append(encodedPath);
> }
> ...
> }{noformat}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org