svn commit: r819339 - in /tomcat/trunk/java/org/apache/catalina/connector: CoyoteAdapter.java LocalStrings.properties

[ma...@apache.org]

Author: markt
Date: Sun Sep 27 16:48:23 2009
New Revision: 819339

URL: http://svn.apache.org/viewvc?rev=819339&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=47320
Don't rely on the platform default encoding being suitable to parse the session ID

Modified:
    tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
    tomcat/trunk/java/org/apache/catalina/connector/LocalStrings.properties

Modified: tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java?rev=819339&r1=819338&r2=819339&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java (original)
+++ tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java Sun Sep 27 16:48:23 2009
@@ -19,6 +19,7 @@
 package org.apache.catalina.connector;
 
 import java.io.IOException;
+import java.io.UnsupportedEncodingException;
 import java.util.EnumSet;
 
 import javax.servlet.SessionTrackingMode;
@@ -640,6 +641,12 @@
         int semicolon = uriBC.indexOf(match, 0, match.length(), 0);
 
         if (semicolon > 0) {
+            // What encoding to use? Some platforms, eg z/os, use a default
+            // encoding that doesn't give the expected result so be explicit 
+            String enc = connector.getURIEncoding();
+            if (enc == null) {
+                enc = "ISO-8859-1";
+            }
 
             // Parse session ID, and extract it from the decoded request URI
             int start = uriBC.getStart();
@@ -647,25 +654,32 @@
 
             int sessionIdStart = semicolon + match.length();
             int semicolon2 = uriBC.indexOf(';', sessionIdStart);
-            if (semicolon2 >= 0) {
-                request.setRequestedSessionId
-                    (new String(uriBC.getBuffer(), start + sessionIdStart, 
-                            semicolon2 - sessionIdStart));
-                // Extract session ID from request URI
-                byte[] buf = uriBC.getBuffer();
-                for (int i = 0; i < end - start - semicolon2; i++) {
-                    buf[start + semicolon + i] 
-                        = buf[start + i + semicolon2];
-                }
-                uriBC.setBytes(buf, start, end - start - semicolon2 + semicolon);
-            } else {
-                request.setRequestedSessionId
-                    (new String(uriBC.getBuffer(), start + sessionIdStart, 
-                            (end - start) - sessionIdStart));
-                uriBC.setEnd(start + semicolon);
+            try {
+                if (semicolon2 >= 0) {
+                    request.setRequestedSessionId
+                        (new String(uriBC.getBuffer(), start + sessionIdStart,
+                                semicolon2 - sessionIdStart, enc));
+                    // Extract session ID from request URI
+                    byte[] buf = uriBC.getBuffer();
+                    for (int i = 0; i < end - start - semicolon2; i++) {
+                        buf[start + semicolon + i] 
+                            = buf[start + i + semicolon2];
+                    }
+                    uriBC.setBytes(buf, start,
+                            end - start - semicolon2 + semicolon);
+                } else {
+                    request.setRequestedSessionId
+                        (new String(uriBC.getBuffer(), start + sessionIdStart, 
+                                (end - start) - sessionIdStart, enc));
+                    uriBC.setEnd(start + semicolon);
+                }
+                request.setRequestedSessionURL(true);
+            } catch (UnsupportedEncodingException uee) {
+                // Make sure no session ID is returned
+                request.setRequestedSessionId(null);
+                request.setRequestedSessionURL(false);
+                log.warn(sm.getString("coyoteAdapter.parseSession", enc), uee);
             }
-            request.setRequestedSessionURL(true);
-
         } else {
             request.setRequestedSessionId(null);
             request.setRequestedSessionURL(false);

Modified: tomcat/trunk/java/org/apache/catalina/connector/LocalStrings.properties
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/connector/LocalStrings.properties?rev=819339&r1=819338&r2=819339&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/connector/LocalStrings.properties (original)
+++ tomcat/trunk/java/org/apache/catalina/connector/LocalStrings.properties Sun Sep 27 16:48:23 2009
@@ -36,6 +36,7 @@
 #
 coyoteAdapter.service=An exception or error occurred in the container during the request processing
 coyoteAdapter.read=The servlet did not read all available bytes during the processing of the read event
+coyoteAdapter.parseSession=Unable to parse the session ID using encoding [{0}]. The session ID in the URL will be ignored.
 
 #
 # CoyoteResponse



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org