You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2017/05/24 19:35:00 UTC
svn commit: r1796090 - in /tomcat/trunk:
java/org/apache/coyote/http2/Stream.java
test/org/apache/coyote/http2/TestStream.java webapps/docs/changelog.xml
Author: markt
Date: Wed May 24 19:35:00 2017
New Revision: 1796090
URL: http://svn.apache.org/viewvc?rev=1796090&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=61120
Do not ignore path parameters when processing HTTP/2 requests.
Added:
tomcat/trunk/test/org/apache/coyote/http2/TestStream.java (with props)
Modified:
tomcat/trunk/java/org/apache/coyote/http2/Stream.java
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/java/org/apache/coyote/http2/Stream.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/Stream.java?rev=1796090&r1=1796089&r2=1796090&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/http2/Stream.java (original)
+++ tomcat/trunk/java/org/apache/coyote/http2/Stream.java Wed May 24 19:35:00 2017
@@ -18,6 +18,7 @@ package org.apache.coyote.http2;
import java.io.IOException;
import java.nio.ByteBuffer;
+import java.nio.charset.StandardCharsets;
import java.security.AccessController;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
@@ -299,18 +300,18 @@ class Stream extends AbstractStream impl
getConnectionId(), getIdentifier()));
}
int queryStart = value.indexOf('?');
+ String uri;
if (queryStart == -1) {
- coyoteRequest.requestURI().setString(value);
- coyoteRequest.decodedURI().setString(
- coyoteRequest.getURLDecoder().convert(value, false));
+ uri = value;
} else {
- String uri = value.substring(0, queryStart);
+ uri = value.substring(0, queryStart);
String query = value.substring(queryStart + 1);
- coyoteRequest.requestURI().setString(uri);
- coyoteRequest.decodedURI().setString(
- coyoteRequest.getURLDecoder().convert(uri, false));
coyoteRequest.queryString().setString(query);
}
+ // Bug 61120. Set the URI as bytes rather than String so any path
+ // parameters are correctly processed
+ byte[] uriBytes = uri.getBytes(StandardCharsets.ISO_8859_1);
+ coyoteRequest.requestURI().setBytes(uriBytes, 0, uriBytes.length);
break;
}
case ":authority": {
Added: tomcat/trunk/test/org/apache/coyote/http2/TestStream.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/coyote/http2/TestStream.java?rev=1796090&view=auto
==============================================================================
--- tomcat/trunk/test/org/apache/coyote/http2/TestStream.java (added)
+++ tomcat/trunk/test/org/apache/coyote/http2/TestStream.java Wed May 24 19:35:00 2017
@@ -0,0 +1,97 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.coyote.http2;
+
+import java.io.IOException;
+import java.nio.ByteBuffer;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.junit.Assert;
+import org.junit.Test;
+
+import org.apache.catalina.Context;
+import org.apache.catalina.startup.Tomcat;
+
+public class TestStream extends Http2TestBase {
+
+ /*
+ * https://bz.apache.org/bugzilla/show_bug.cgi?id=61120
+ */
+ @Test
+ public void testPathParam() throws Exception {
+
+ enableHttp2();
+
+ Tomcat tomcat = getTomcatInstance();
+
+ Context ctxt = tomcat.addContext("", null);
+ Tomcat.addServlet(ctxt, "simple", new SimpleServlet());
+ ctxt.addServletMappingDecoded("/simple", "simple");
+ Tomcat.addServlet(ctxt, "pathparam", new PathParam());
+ ctxt.addServletMappingDecoded("/pathparam", "pathparam");
+
+ tomcat.start();
+
+ openClientConnection();
+ doHttpUpgrade();
+ sendClientPreface();
+ validateHttp2InitialResponse();
+
+ byte[] frameHeader = new byte[9];
+ ByteBuffer headersPayload = ByteBuffer.allocate(128);
+ buildGetRequest(frameHeader, headersPayload, null, 3,
+ "/pathparam;jsessionid=" + PathParam.EXPECTED_SESSION_ID);
+ writeFrame(frameHeader, headersPayload);
+
+ readSimpleGetResponse();
+
+ Assert.assertEquals(
+ "3-HeadersStart\n" +
+ "3-Header-[:status]-[200]\n" +
+ "3-Header-[content-type]-[text/plain;charset=UTF-8]\n" +
+ "3-Header-[date]-[Wed, 11 Nov 2015 19:18:42 GMT]\n" +
+ "3-HeadersEnd\n" +
+ "3-Body-2\n" +
+ "3-EndOfStream\n", output.getTrace());
+ }
+
+
+ private static final class PathParam extends HttpServlet {
+
+ private static final long serialVersionUID = 1L;
+
+ public static final String EXPECTED_SESSION_ID = "0123456789ABCDEF";
+
+ @Override
+ protected void doGet(HttpServletRequest request, HttpServletResponse response)
+ throws ServletException, IOException {
+
+ response.setContentType("text/plain");
+ response.setCharacterEncoding("UTF-8");
+
+ if (EXPECTED_SESSION_ID.equals(request.getRequestedSessionId())) {
+ response.getWriter().write("OK");
+ } else {
+ response.getWriter().write("FAIL");
+ }
+ }
+ }
+}
Propchange: tomcat/trunk/test/org/apache/coyote/http2/TestStream.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1796090&r1=1796089&r2=1796090&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Wed May 24 19:35:00 2017
@@ -69,6 +69,10 @@
<bug>61086</bug>: Explicitly signal an empty request body for HTTP 205
responses. (markt)
</fix>
+ <fix>
+ <bug>61120</bug>: Do not ignore path parameters when processing HTTP/2
+ requests. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Jasper">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org