You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Tyler Brazier (JIRA)" <ji...@apache.org> on 2015/09/23 20:55:05 UTC
[jira] [Updated] (CXF-6606) Encoded characters in URI are decoded
multiple times during preprocess
[ https://issues.apache.org/jira/browse/CXF-6606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tyler Brazier updated CXF-6606:
-------------------------------
Description:
When given a url like {{/api/%255E/users.json}}, {{RequestPreprocessor#preprocess}} first does {{handleExtensionMappings}}, which creates a {{PathSegmentImpl}} with a single arg constructor, decoding the path. The path on {{Message}} is set to the decoded path with a call to {{updatePath}} if the {{.json}} extension was found within the extension mappings. Back in {{RequestPreprocessor#preprocess}}, the path returned will be decoded again within the call to {{UriInfoImpl#getPath}}.
This causes the {{%255E}} in the path to be decoded the first time as {{%5E}}, then the second time as {{^}}.
I believe this could be fixed by constructing {{PathSegment}} within {{handleLanguageMappings}} and {{handleExtensionMappings}} with a second {{false}} argument.
was:
When given a url like {{/api/%255E/users.json}}, {{RequestPreprocessor#preprocess}} first does {{handleExtensionMappings}}, which creates a {{PathSegmentImpl}} with a single arg constructor, decoding the path. The path on {{Message}} is set to the decoded path with a call to {{updatePath}} if the {{.json}} extension was found within the extension mappings. Back in {{RequestPreprocessor#preprocess}}, the path returned will be decoded again within the call to {{UriInfoImpl.getPath}}.
This causes the {{%255E}} in the path to be decoded the first time as {{%5E}}, then the second time as {{^}}.
I believe this could be fixed by constructing {{PathSegment}} within {{handleLanguageMappings}} and {{handleExtensionMappings}} with a second {{false}} argument.
> Encoded characters in URI are decoded multiple times during preprocess
> ----------------------------------------------------------------------
>
> Key: CXF-6606
> URL: https://issues.apache.org/jira/browse/CXF-6606
> Project: CXF
> Issue Type: Bug
> Components: JAX-RS
> Affects Versions: 3.1.2
> Reporter: Tyler Brazier
>
> When given a url like {{/api/%255E/users.json}}, {{RequestPreprocessor#preprocess}} first does {{handleExtensionMappings}}, which creates a {{PathSegmentImpl}} with a single arg constructor, decoding the path. The path on {{Message}} is set to the decoded path with a call to {{updatePath}} if the {{.json}} extension was found within the extension mappings. Back in {{RequestPreprocessor#preprocess}}, the path returned will be decoded again within the call to {{UriInfoImpl#getPath}}.
> This causes the {{%255E}} in the path to be decoded the first time as {{%5E}}, then the second time as {{^}}.
> I believe this could be fixed by constructing {{PathSegment}} within {{handleLanguageMappings}} and {{handleExtensionMappings}} with a second {{false}} argument.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)