You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by BugRat Mail System <to...@cortexity.com> on 2001/01/11 21:09:21 UTC
BugRat Report #746 has been filed.
Bug report #746 has just been filed.
You can view the report at the following URL:
<http://znutar.cortexity.com/BugRatViewer/ShowReport/746>
REPORT #746 Details.
Project: Tomcat
Category: Feature Requests
SubCategory: Enhancement
Class: suggest
State: received
Priority: medium
Severity: cosmetic
Confidence: public
Environment:
Release: 3.2.1
JVM Release: any
Operating System: any
OS Release: any
Platform: any
Synopsis:
Additional logging in jk_uri_worker_map.c, function map_uri_to_worker
Description:
I suggest that additional logging be added that specifically describes the mapping taking place within the Apache or IIS plugins by modifying the function map_uri_to_worker in jk_uri_worker_map.c. My version of the function is given below and differs only in the addition of 4 jk_log statements and the removal of one jk_log statement which was made redundant.
char *map_uri_to_worker(jk_uri_worker_map_t *uw_map,
const char *uri,
jk_logger_t *l)
{
jk_log(l, JK_LOG_DEBUG,
"Into jk_uri_worker_map_t::map_uri_to_worker\n");
if(uw_map && uri && '/' == uri[0]) {
unsigned i;
unsigned best_match = -1;
unsigned longest_match = 0;
char clean_uri[4096];
char *url_rewrite = strstr(uri, JK_PATH_SESSION_IDENTIFIER);
if(url_rewrite) {
strcpy(clean_uri, uri);
url_rewrite = strstr(clean_uri, JK_PATH_SESSION_IDENTIFIER);
*url_rewrite = '\0';
uri = clean_uri;
}
jk_log(l, JK_LOG_DEBUG, "Attempting to map URI %s\n", uri);
for(i = 0 ; i < uw_map->size ; i++) {
if(uw_map->maps[i].ctxt_len < longest_match) {
continue; /* can not be a best match anyway */
}
if(0 == strncmp(uw_map->maps[i].context,
uri,
uw_map->maps[i].ctxt_len)) {
if(MATCH_TYPE_EXACT == uw_map->maps[i].match_type) {
if(strlen(uri) == uw_map->maps[i].ctxt_len) {
jk_log( l,
JK_LOG_DEBUG,
"jk_uri_worker_map_t::map_uri_to_worker, Found an exact match %s -> %s\n",
uw_map->maps[i].worker_name,
uw_map->maps[i].context );
return uw_map->maps[i].worker_name;
}
} else if(MATCH_TYPE_CONTEXT == uw_map->maps[i].match_type) {
if(uw_map->maps[i].ctxt_len > longest_match) {
jk_log( l,
JK_LOG_DEBUG,
"jk_uri_worker_map_t::map_uri_to_worker, Found a context match %s -> %s\n",
uw_map->maps[i].worker_name,
uw_map->maps[i].context );
longest_match = uw_map->maps[i].ctxt_len;
best_match = i;
}
} else /* suffix match */ {
int suffix_start;
for(suffix_start = strlen(uri) - 1 ;
suffix_start > 0 && '.' != uri[suffix_start];
suffix_start--)
;
if('.' == uri[suffix_start]) {
const char *suffix = uri + suffix_start + 1;
/* for WinXX, fix the JsP != jsp problems */
#ifdef WIN32
if(0 == strcasecmp(suffix, uw_map->maps[i].suffix)) {
#else
if(0 == strcmp(suffix, uw_map->maps[i].suffix)) {
#endif
if(uw_map->maps[i].ctxt_len >= longest_match) {
jk_log( l,
JK_LOG_DEBUG,
"jk_uri_worker_map_t::map_uri_to_worker, Found a suffix match %s -> *.%s\n",
uw_map->maps[i].worker_name,
uw_map->maps[i].suffix );
longest_match = uw_map->maps[i].ctxt_len;
best_match = i;
}
}
}
}
}
}
if(-1 != best_match) {
return uw_map->maps[best_match].worker_name;
} else {
/*
* We are now in a security nightmare, it maybe that somebody sent
* us a uri that looks like /top-secret.jsp. and the web server will
* fumble and return the jsp content.
*
* To solve that we will check for path info following the suffix, we
* will also check that the end of the uri is not .suffix.
*/
int fraud = check_security_fraud(uw_map, uri, l);
if(fraud >= 0) {
jk_log(l, JK_LOG_EMERG,
"In jk_uri_worker_map_t::map_uri_to_worker, found a security fraud in [%s]\n",
uri);
return uw_map->maps[fraud].worker_name;
}
}
} else {
jk_log(l, JK_LOG_ERROR,
"In jk_uri_worker_map_t::map_uri_to_worker, wrong parameters\n");
}
jk_log(l, JK_LOG_DEBUG,
"jk_uri_worker_map_t::map_uri_to_worker, done without a match\n");
return NULL;
}