You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2006/11/21 18:20:32 UTC

DO NOT REPLY [Bug 41008] New: - POST request ignores command line parameters

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=41008>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=41008

           Summary: POST request ignores command line parameters
           Product: Tomcat 5
           Version: 5.5.20
          Platform: PC
        OS/Version: Windows Server 2003
            Status: NEW
          Severity: normal
          Priority: P5
         Component: Servlets:CGI
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: thomas.wiesel@zuv.uni-bamberg.de


example:
<form method="POST" action="test.exe?test1"><input type="hidden"
value="test2"><input type="submit"></form>

this code does invoke the test.exe without passing the test1 command line parameter

the example works in apache httpd and ms iis

fix:

CGIServlet.java

           if (!"GET".equals(req.getMethod()) && !"POST".equals(req.getMethod()) &&
                    !"HEAD".equals(req.getMethod()))
                return;

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

DO NOT REPLY [Bug 41008] - POST request ignores command line parameters

Posted by bu...@apache.org.

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=41008>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=41008


markt@apache.org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|REOPENED                    |RESOLVED
         Resolution|                            |FIXED




------- Additional Comments From markt@apache.org  2006-11-24 15:59 -------
Thanks for the patch. It has been applied to SVN and will be in 5.5.21 and 6.0.3
onwards.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

DO NOT REPLY [Bug 41008] - POST request ignores command line parameters

Posted by bu...@apache.org.

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=41008>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=41008





------- Additional Comments From chris@sourcelabs.com  2006-11-22 22:10 -------
Created an attachment (id=19164)
 --> (http://issues.apache.org/bugzilla/attachment.cgi?id=19164&action=view)
Patch to include POST query method when determining if the query string should
be converted to CGI command line params

Attached patch updates CGIServlet so that POSTs will be included when
determining whether the query string should be converted to CGI command line
arguments.  It also cleans up the logic a bit.	This behavior mirrors the
behavior of the Apache httpd.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

DO NOT REPLY [Bug 41008] - POST request ignores command line parameters

Posted by bu...@apache.org.

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=41008>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=41008


thomas.wiesel@zuv.uni-bamberg.de changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |WORKSFORME




-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

DO NOT REPLY [Bug 41008] - POST request ignores command line parameters

Posted by bu...@apache.org.

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=41008>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=41008


thomas.wiesel@zuv.uni-bamberg.de changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |REOPENED
         Resolution|WORKSFORME                  |




------- Additional Comments From thomas.wiesel@zuv.uni-bamberg.de  2006-11-24 01:19 -------
(In reply to comment #1)
> Created an attachment (id=19164)
 --> (http://issues.apache.org/bugzilla/attachment.cgi?id=19164&action=view) [edit]
> Patch to include POST query method when determining if the query string should
> be converted to CGI command line params
> 
> Attached patch updates CGIServlet so that POSTs will be included when
> determining whether the query string should be converted to CGI command line
> arguments.  It also cleans up the logic a bit.	This behavior mirrors the
> behavior of the Apache httpd.

Patch works fine, thank you!

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org