mod_jk: Forwarding URLs containing escaped slashes (e.g. for REST services) fail with syntactical-wrong double-escaping

[Jäkel, Guido <G....@dnb.de>]

Hi all,

I have problems to pass (REST-) URLs containing escaped slashes ('%2F') in path elements using the  Apache httpd  and  mod_jk  to the application server (in fact not Tomcat, but Wildfy. But this is of no matter, here).

This kind of URL may be accepted by the httpd using the option 'AllowEncodedSlashes=NoDecode'. But then, while using the mode 'ForwardURIProxy' for mod_jk , they are re-encoded in a bad way: As '%252F', because the percent sign itself is escaped by accident. The result is a syntactically bad URL which is rejected by the application server.

I already filed this last week as  https://bz.apache.org/bugzilla/show_bug.cgi?id=62459 . Please, may take some maintainer a look at this?

with greetings

Guido

RE: mod_jk: Forwarding URLs containing escaped slashes (e.g. for REST services) fail with syntactical-wrong double-escaping

[Jäkel, Guido <G....@dnb.de>]

Dear Markus,

I'm not using Tomcat as backend here. And in addition, this will not help in case of syntactically wrong URL patterns like '%252F' produced by mod_jk.

thank you, anyway -- maybe emphasizing this option is useful for others here using Tomcat.

Guido

>-----Original Message-----
>From: info@flyingfischer.ch [mailto:info@flyingfischer.ch]
>Sent: Wednesday, June 20, 2018 12:52 PM
>To: users@tomcat.apache.org
>Subject: Re: mod_jk: Forwarding URLs containing escaped slashes (e.g. for REST services) fail with syntactical-wrong double-
>escaping
>
>> Hi all,
>>
>> I have problems to pass (REST-) URLs containing escaped slashes ('%2F') in path elements using the  Apache httpd  and  mod_jk
>to the application server (in fact not Tomcat, but Wildfy. But this is of no matter, here).
>>
>> This kind of URL may be accepted by the httpd using the option 'AllowEncodedSlashes=NoDecode'. But then, while using the mode
>'ForwardURIProxy' for mod_jk , they are re-encoded in a bad way: As '%252F', because the percent sign itself is escaped by
>accident. The result is a syntactically bad URL which is rejected by the application server.
>>
>> I already filed this last week as  https://bz.apache.org/bugzilla/show_bug.cgi?id=62459 . Please, may take some maintainer a
>look at this?
>>
>> with greetings
>>
>> Guido
>>
>
>You may want to create setenv.sh in CATALINA_HOME/bin with the following
>option:
>
>export
>JAVA_OPTS="-Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true"
>
>
>Markus
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>For additional commands, e-mail: users-help@tomcat.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: mod_jk: Forwarding URLs containing escaped slashes (e.g. for REST services) fail with syntactical-wrong double-escaping

["info@flyingfischer.ch" <in...@flyingfischer.ch>]

> Hi all,
> 
> I have problems to pass (REST-) URLs containing escaped slashes ('%2F') in path elements using the  Apache httpd  and  mod_jk  to the application server (in fact not Tomcat, but Wildfy. But this is of no matter, here).
> 
> This kind of URL may be accepted by the httpd using the option 'AllowEncodedSlashes=NoDecode'. But then, while using the mode 'ForwardURIProxy' for mod_jk , they are re-encoded in a bad way: As '%252F', because the percent sign itself is escaped by accident. The result is a syntactically bad URL which is rejected by the application server.
> 
> I already filed this last week as  https://bz.apache.org/bugzilla/show_bug.cgi?id=62459 . Please, may take some maintainer a look at this?
> 
> with greetings
> 
> Guido
> 

You may want to create setenv.sh in CATALINA_HOME/bin with the following
option:

export
JAVA_OPTS="-Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true"


Markus

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org