You are viewing a plain text version of this content. The canonical link for it is here.

Posted to watchdog-dev@jakarta.apache.org by "Davidson, Misha" <MD...@silverstream.com> on 2000/08/25 00:48:15 UTC

Problems with redirects and ServletHttpRequests

Hi,

I have noticed a couple of problems with watchdog jsp tests.
I think they have been there all along, but I never ran the tests
in a way that exposed them.

First problem has to do with the "literal" nature of the test. When
watchdog compares a server response with an expected result, it
does so literally, without following the HTTP protocol. For example
if the test hits
	/foo/bar.jsp
expecting to get back
	THIS IS FOO_BAR
but the server responds with
	HTTP/1.0 307 Temporary Redirect
	Location: /foo/bar;sessionID=12345
the test does not follow the redirect. Instead it complains that the
result does not match the expected one. This behavior is probably
incorrect.

Another problem has to do with an "unsafe" scriptlet in
	/jsp/core_syntax/beantests/useBean/positiveSessionScope.jsp (13, 17)
it starts like this
  	Cookie[] cok=request.getCookies();
    	for(int j=0;j<cok.length;j++) ...
and request is of type
	javax.servlet.http.HttpServletRequest
The problem is that
	request.getCookies()
may return a null value as described in JDK 1.2 javadoc, particularly if 
cookieless
sessions are used. Therefore, the scriptlet should check for null before 
calling
	cok.length
Since it does not, a null pointer exception occurs.

Thanks,
-Misha