You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by re...@apache.org on 2020/05/25 14:59:57 UTC

[tomcat] branch 9.0.x updated: 64470: Fix solidus handling

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
     new 9a9aa20  64470: Fix solidus handling
9a9aa20 is described below

commit 9a9aa2083cc8da8169eac9953de65e9a8bc75bfc
Author: remm <re...@apache.org>
AuthorDate: Mon May 25 16:59:41 2020 +0200

    64470: Fix solidus handling
    
    It should reflect the UDecoder.ALLOW_ENCODED_SLASH system property.
---
 java/org/apache/catalina/connector/Connector.java | 4 +++-
 webapps/docs/changelog.xml                        | 4 ++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/java/org/apache/catalina/connector/Connector.java b/java/org/apache/catalina/connector/Connector.java
index 9819aae..1e78bc8 100644
--- a/java/org/apache/catalina/connector/Connector.java
+++ b/java/org/apache/catalina/connector/Connector.java
@@ -42,6 +42,7 @@ import org.apache.tomcat.util.IntrospectionUtils;
 import org.apache.tomcat.util.buf.B2CConverter;
 import org.apache.tomcat.util.buf.CharsetUtil;
 import org.apache.tomcat.util.buf.EncodedSolidusHandling;
+import org.apache.tomcat.util.buf.UDecoder;
 import org.apache.tomcat.util.net.SSLHostConfig;
 import org.apache.tomcat.util.net.openssl.OpenSSLImplementation;
 import org.apache.tomcat.util.res.StringManager;
@@ -275,7 +276,8 @@ public class Connector extends LifecycleMBeanBase  {
     /**
      * The behavior when an encoded solidus (slash) is submitted.
      */
-    private EncodedSolidusHandling encodedSolidusHandling = EncodedSolidusHandling.REJECT;
+    private EncodedSolidusHandling encodedSolidusHandling =
+            UDecoder.ALLOW_ENCODED_SLASH ? EncodedSolidusHandling.DECODE : EncodedSolidusHandling.REJECT;
 
 
     /**
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index db6da26..1eca947 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -64,6 +64,10 @@
         Correct a regression in an earlier fix that broke the loading of
         configuration files such as keystores via URIs on Windows. (markt)
       </fix>
+      <fix>
+        <bug>64470</bug>: The default value of the solidus handling should
+        reflect the associated system property. (remm)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Coyote">


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org