You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by Jeremy Nix <Je...@sfsltd.com> on 2005/09/27 19:29:36 UTC
Problems Parsing Request Paramers
First off, I apologize for the cross-post. I posted this same message
in the User's mailing list with no replies. So, my hope is that one of
you developers may have some insight into the problem that I'm having.
Certain users of my website are having issues with respect to submitting
a form on a page. Not all users are experiencing this problem, and I've
yet to replicate it myself so it makes the situation even more complex.
I have an icking suspicion that its related to the user's browser, but
I've tested on the same browser version/subversion without a glitch.
Here's the scenario:
1) User goes to page.
2) User fills out form.
3) User clicks submit.
4) JSP page then performs sanity checks against submitted data. In the
event of a failure on the sanity checks, page is redirected back to
previous page.
Simple enough. Well, users are filling out the form and clicking submit
with valid infromation, yet when I parse the parameters out of the
request, I'm finding none of the form values from the previous page. I
then decided to investigate further and log out all request information
in the event that these sanity checks fail. The following is what I
logged out:
------------------------------------------------------------------------
---------------------------------
Attributes:
"javax.servlet.request.cipher_suite" = ["SSL_RSA_WITH_RC4_128_MD5"]
"javax.servlet.request.key_size" = ["128"]
"javax.servlet.request.ssl_session" =
["433162398579970fee9289baa55559ac832b8558dcc409382f62cb67a3499b80"]
Parameters:
Cookies:
"JSESSIONID" = [FCB31837FFBD2C0D9F986C42B698BADE]
"contact_value" = [ABC]
"duplicate_type" = [None]
"duplicate_time" = []
"mortgage" = []
"lender_id_label" = []
"title_alternative" = []
"can_place_orders" = [Y]
"flood_default" = [126]
"can_cancel_lol" = [N]
"contact_label" = []
"lender_id_value" = [ABC]
"census" = []
"loan_no_label" = []
"delivery_method" = [Online]
"apprasail" = []
"delivery_address" = []
"title" = []
Headers:
"accept" = ["image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
application/vnd.ms-excel, application/msword,
application/vnd.ms-powerpoint, application/x-shockwave-flash, */*"]
"referer" =
["https://WEBSITE_URL/CreateOrder.jsp?applicant2HomePhone=&streetName=Ma
in+St&applicant2WorkPhone=&applicantOtherPhone=&ownerEstimate=&applicant
2WorkPhone2=&revisionOf=&applicantWorkPhoneExtension=&unitType=&preFixDi
r=E&applicant2OtherPhoneAreaCode=&applicantOtherPhone2=&applicantMname=L
&skipstep=none&zip4=&applicant2HomePhoneAreaCode=&applicant2OtherPhone=&
applicantLname=Doe&streetNum=&applicantHomePhoneAreaCode=&zip=40845&pass
code=Home&orderHeaderGeneralNotes=&applicantHomePhone2=&propertyLoanNumb
er=&productTitle=&applicantFname=John&applicant2WorkPhoneExtension=&appl
icant2WorkPhoneAreaCode=&applicant2Mname=J&unitNumber=&applicantWorkPhon
eAreaCode=&postFixDir=&productAppraisal=&propertyParcelNumber=&applicant
WorkPhone2=&applicantOtherPhoneAreaCode=&city=Hulen&applicantHomePhone=&
applicantWorkPhone=&applicant2Lname=Jane&applicant2OtherPhone2=&applican
t2HomePhone2=&streetType=&state=KY&contactId=10&productMortgagePrep=&pro
ductFlood=Yes&applicant2Fname=Doe"]
"accept-language" = ["en-us"]
"content-type" = ["application/x-www-form-urlencoded"]
"accept-encoding" = ["gzip, deflate"]
"user-agent" = ["Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;
.NET CLR 1.1.4322)"]
"host" = ["WEBSITE_DOMAIN"]
"connection" = ["Keep-Alive"]
"cache-control" = ["no-cache"]
"cookie" = ["JSESSIONID=FCB31837FFBD2C0D9F986C42B698BADE;
contact_value=ABC; duplicate_type=None; duplicate_time=; mortgage=;
lender_id_label=; title_alternative=; can_place_orders=Y;
flood_default=126; can_cancel_lol=N; contact_label=;
lender_id_value=ABC; census=; can_view_insurance_tracking=N;
loan_no_label=; delivery_method=Online; apprasail=; delivery_address=;
title="]
"content-length" = ["0"]
------------------------------------------------------------------------
---------------------------------
There are many interesting things about this request. First, the
content-length is 0. Not sure how this could happen...error in
browser?? Second, and the most intriguing...Notice the "referer" entry.
The referer entry actually contains all relevant information that I
needed in order to process this request, yet if you look at what
parameters I was actually able to parse off this request you will
see...NONE.
I'm stumped. Anybody else seen this before?
Environment:
JDK 1.4.2_08
Tomcat 5.5.9
_______________________
Jeremy Nix
Senior Application Developer
Southwest Financial Services, LTD.
(513) 621-6699 x1158
www.sfsltd.com
Re: Problems Parsing Request Paramers
Posted by Rick Knowles <ri...@knowleses.org>.
Yoav Shapira wrote:
>Hi,
>Could it be the referer URL is too long, causing the query string to be ignored
>or dropped? There's a limit (2048 characters, I think?) on GET requests in
>some browsers. But actually, you're seeing this on the server, so I'm not
>sure. Can you try testing with less parameters or an otherwise shorter query
>string?
>
>
I've seen this sort of thing too, but I thought it was 255 chars. From
RFC2616 section 3.2.1:
"Note: Servers ought to be cautious about depending on URI lengths above
255 bytes, because some older client or proxy implementations might not
properly support these lengths. "
Not quite set in stone, but a good general hint to avoid long URLs.
Rick
--
Servlet v2.4 container in a single 155KB jar file ? Try Winstone (http://winstone.sourceforge.net/)
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
Re: Problems Parsing Request Paramers
Posted by Yoav Shapira <yo...@apache.org>.
Hi,
Could it be the referer URL is too long, causing the query string to be ignored
or dropped? There's a limit (2048 characters, I think?) on GET requests in
some browsers. But actually, you're seeing this on the server, so I'm not
sure. Can you try testing with less parameters or an otherwise shorter query
string?
Yoav
--- Jeremy Nix <Je...@sfsltd.com> wrote:
> First off, I apologize for the cross-post. I posted this same message
> in the User's mailing list with no replies. So, my hope is that one of
> you developers may have some insight into the problem that I'm having.
>
> Certain users of my website are having issues with respect to submitting
> a form on a page. Not all users are experiencing this problem, and I've
> yet to replicate it myself so it makes the situation even more complex.
> I have an icking suspicion that its related to the user's browser, but
> I've tested on the same browser version/subversion without a glitch.
> Here's the scenario:
> 1) User goes to page.
> 2) User fills out form.
> 3) User clicks submit.
> 4) JSP page then performs sanity checks against submitted data. In the
> event of a failure on the sanity checks, page is redirected back to
> previous page.
>
> Simple enough. Well, users are filling out the form and clicking submit
> with valid infromation, yet when I parse the parameters out of the
> request, I'm finding none of the form values from the previous page. I
> then decided to investigate further and log out all request information
> in the event that these sanity checks fail. The following is what I
> logged out:
> ------------------------------------------------------------------------
> ---------------------------------
> Attributes:
> "javax.servlet.request.cipher_suite" = ["SSL_RSA_WITH_RC4_128_MD5"]
> "javax.servlet.request.key_size" = ["128"]
> "javax.servlet.request.ssl_session" =
> ["433162398579970fee9289baa55559ac832b8558dcc409382f62cb67a3499b80"]
> Parameters:
> Cookies:
> "JSESSIONID" = [FCB31837FFBD2C0D9F986C42B698BADE]
> "contact_value" = [ABC]
> "duplicate_type" = [None]
> "duplicate_time" = []
> "mortgage" = []
> "lender_id_label" = []
> "title_alternative" = []
> "can_place_orders" = [Y]
> "flood_default" = [126]
> "can_cancel_lol" = [N]
> "contact_label" = []
> "lender_id_value" = [ABC]
> "census" = []
> "loan_no_label" = []
> "delivery_method" = [Online]
> "apprasail" = []
> "delivery_address" = []
> "title" = []
> Headers:
> "accept" = ["image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
> application/vnd.ms-excel, application/msword,
> application/vnd.ms-powerpoint, application/x-shockwave-flash, */*"]
> "referer" =
> ["https://WEBSITE_URL/CreateOrder.jsp?applicant2HomePhone=&streetName=Ma
> in+St&applicant2WorkPhone=&applicantOtherPhone=&ownerEstimate=&applicant
> 2WorkPhone2=&revisionOf=&applicantWorkPhoneExtension=&unitType=&preFixDi
> r=E&applicant2OtherPhoneAreaCode=&applicantOtherPhone2=&applicantMname=L
> &skipstep=none&zip4=&applicant2HomePhoneAreaCode=&applicant2OtherPhone=&
> applicantLname=Doe&streetNum=&applicantHomePhoneAreaCode=&zip=40845&pass
> code=Home&orderHeaderGeneralNotes=&applicantHomePhone2=&propertyLoanNumb
> er=&productTitle=&applicantFname=John&applicant2WorkPhoneExtension=&appl
> icant2WorkPhoneAreaCode=&applicant2Mname=J&unitNumber=&applicantWorkPhon
> eAreaCode=&postFixDir=&productAppraisal=&propertyParcelNumber=&applicant
> WorkPhone2=&applicantOtherPhoneAreaCode=&city=Hulen&applicantHomePhone=&
> applicantWorkPhone=&applicant2Lname=Jane&applicant2OtherPhone2=&applican
> t2HomePhone2=&streetType=&state=KY&contactId=10&productMortgagePrep=&pro
> ductFlood=Yes&applicant2Fname=Doe"]
> "accept-language" = ["en-us"]
> "content-type" = ["application/x-www-form-urlencoded"]
> "accept-encoding" = ["gzip, deflate"]
> "user-agent" = ["Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;
> .NET CLR 1.1.4322)"]
> "host" = ["WEBSITE_DOMAIN"]
> "connection" = ["Keep-Alive"]
> "cache-control" = ["no-cache"]
> "cookie" = ["JSESSIONID=FCB31837FFBD2C0D9F986C42B698BADE;
> contact_value=ABC; duplicate_type=None; duplicate_time=; mortgage=;
> lender_id_label=; title_alternative=; can_place_orders=Y;
> flood_default=126; can_cancel_lol=N; contact_label=;
> lender_id_value=ABC; census=; can_view_insurance_tracking=N;
> loan_no_label=; delivery_method=Online; apprasail=; delivery_address=;
> title="]
> "content-length" = ["0"]
> ------------------------------------------------------------------------
> ---------------------------------
> There are many interesting things about this request. First, the
> content-length is 0. Not sure how this could happen...error in
> browser?? Second, and the most intriguing...Notice the "referer" entry.
> The referer entry actually contains all relevant information that I
> needed in order to process this request, yet if you look at what
> parameters I was actually able to parse off this request you will
> see...NONE.
>
> I'm stumped. Anybody else seen this before?
>
> Environment:
> JDK 1.4.2_08
> Tomcat 5.5.9
>
> _______________________
> Jeremy Nix
> Senior Application Developer
> Southwest Financial Services, LTD.
> (513) 621-6699 x1158
> www.sfsltd.com
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org