You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2015/12/16 21:36:13 UTC
svn commit: r1720445 - in /tomcat/trunk:
java/org/apache/catalina/connector/Request.java
test/org/apache/catalina/connector/TestRequest.java
webapps/docs/changelog.xml
Author: markt
Date: Wed Dec 16 20:36:13 2015
New Revision: 1720445
URL: http://svn.apache.org/viewvc?rev=1720445&view=rev
Log:
Add path parameter handling to HttpServletRequest.getContextPath(). This is a follow-up to the fix for https://bz.apache.org/bugzilla/show_bug.cgi?id=57215
Modified:
tomcat/trunk/java/org/apache/catalina/connector/Request.java
tomcat/trunk/test/org/apache/catalina/connector/TestRequest.java
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/java/org/apache/catalina/connector/Request.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/connector/Request.java?rev=1720445&r1=1720444&r2=1720445&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/connector/Request.java (original)
+++ tomcat/trunk/java/org/apache/catalina/connector/Request.java Wed Dec 16 20:36:13 2015
@@ -1908,15 +1908,17 @@ public class Request implements HttpServ
}
lastSlash--;
}
- // Now allow for normalization and/or encoding. Essentially, keep
- // extending the candidate path up to the next slash until the decoded
- // and normalized candidate path is the same as the canonical path.
+ // Now allow for path parameters, normalization and/or encoding.
+ // Essentially, keep extending the candidate path up to the next slash
+ // until the decoded and normalized candidate path (with the path
+ // parameters removed) is the same as the canonical path.
String candidate;
if (pos == -1) {
candidate = uri;
} else {
candidate = uri.substring(0, pos);
}
+ candidate = removePathParameters(candidate);
candidate = UDecoder.URLDecode(candidate, connector.getURIEncoding());
candidate = org.apache.tomcat.util.http.RequestUtil.normalize(candidate);
boolean match = canonicalContextPath.equals(candidate);
@@ -1927,6 +1929,7 @@ public class Request implements HttpServ
} else {
candidate = uri.substring(0, pos);
}
+ candidate = removePathParameters(candidate);
candidate = UDecoder.URLDecode(candidate, connector.getURIEncoding());
candidate = org.apache.tomcat.util.http.RequestUtil.normalize(candidate);
match = canonicalContextPath.equals(candidate);
@@ -1945,6 +1948,32 @@ public class Request implements HttpServ
}
+ private String removePathParameters(String input) {
+ int nextSemiColon = input.indexOf(';');
+ // Shortcut
+ if (nextSemiColon == -1) {
+ return input;
+ }
+ StringBuilder result = new StringBuilder(input.length());
+ result.append(input.substring(0, nextSemiColon));
+ while (true) {
+ int nextSlash = input.indexOf('/', nextSemiColon);
+ if (nextSlash == -1) {
+ break;
+ }
+ nextSemiColon = input.indexOf(';', nextSlash);
+ if (nextSemiColon == -1) {
+ result.append(input.substring(nextSlash));
+ break;
+ } else {
+ result.append(input.substring(nextSlash, nextSemiColon));
+ }
+ }
+
+ return result.toString();
+ }
+
+
private int nextSlash(char[] uri, int startPos) {
int len = uri.length;
int pos = startPos;
@@ -1960,6 +1989,7 @@ public class Request implements HttpServ
return -1;
}
+
/**
* Return the set of Cookies received with this Request. Triggers parsing of
* the Cookie HTTP headers followed by conversion to Cookie objects if this
Modified: tomcat/trunk/test/org/apache/catalina/connector/TestRequest.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/catalina/connector/TestRequest.java?rev=1720445&r1=1720444&r2=1720445&view=diff
==============================================================================
--- tomcat/trunk/test/org/apache/catalina/connector/TestRequest.java (original)
+++ tomcat/trunk/test/org/apache/catalina/connector/TestRequest.java Wed Dec 16 20:36:13 2015
@@ -770,6 +770,26 @@ public class TestRequest extends TomcatB
}
@Test
+ public void testBug56501p() throws Exception {
+ doBug56501("/path/abc", "/path;a=b/abc/xxx", "/path;a=b/abc");
+ }
+
+ @Test
+ public void testBug56501q() throws Exception {
+ doBug56501("/path/abc", "/path/abc;a=b/xxx", "/path/abc;a=b");
+ }
+
+ @Test
+ public void testBug56501r() throws Exception {
+ doBug56501("/path/abc", "/path/abc/xxx;a=b", "/path/abc");
+ }
+
+ @Test
+ public void testBug56501s() throws Exception {
+ doBug56501("/path/abc", "/.;a=b/path/abc/xxx", "/.;a=b/path/abc");
+ }
+
+ @Test
public void testBug57215a() throws Exception {
doBug56501("/path", "//path", "//path");
}
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1720445&r1=1720444&r2=1720445&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Wed Dec 16 20:36:13 2015
@@ -132,6 +132,11 @@
NIO + OpenSSL if tomcat-native is available, rather than the APR
connector. (remm)
</update>
+ <fix>
+ Add path parameter handling to
+ <code>HttpServletRequest.getContextPath()</code>. This is a follow-up to
+ the fix for <bug>57215</bug>. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Coyote">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org