You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by na...@apache.org on 2003/02/04 21:45:50 UTC

cvs commit: jakarta-tomcat-connectors/jk/native2/server/isapi jk_isapi_plugin.c

nacho       2003/02/04 12:45:50

  Modified:    jk/native2/server/isapi jk_isapi_plugin.c
  Log:
  Fix for Bug#16759 ISAPI_REDIRECTOR Handles %2F improperly
  
  Now a uri considered not valid or bad by jk2 is passed down the filter chain,
  so letting the server continue processing, also relaxed logging to info as
  they are not errors anymore..
  
  Revision  Changes    Path
  1.54      +10 -6     jakarta-tomcat-connectors/jk/native2/server/isapi/jk_isapi_plugin.c
  
  Index: jk_isapi_plugin.c
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jk/native2/server/isapi/jk_isapi_plugin.c,v
  retrieving revision 1.53
  retrieving revision 1.54
  diff -u -r1.53 -r1.54
  --- jk_isapi_plugin.c	4 Feb 2003 07:44:23 -0000	1.53
  +++ jk_isapi_plugin.c	4 Feb 2003 20:45:49 -0000	1.54
  @@ -316,20 +316,24 @@
   
                   rc = jk_requtil_unescapeUrl(uri);
                   if (rc == BAD_REQUEST) {
  -                    env->l->jkLog(env, env->l,  JK_LOG_ERROR, 
  +                    env->l->jkLog(env, env->l,  JK_LOG_INFO, 
                              "HttpFilterProc [%s] contains one or more invalid escape sequences.\n", 
                              uri);
  -                    write_error_response(pfc,"400 Bad Request", HTML_ERROR_400);
  +                    // XXX: Let any other filter process the request, 
  +                    //      if they take any security measure or not doesnt matter.
  +                    //  write_error_response(pfc,"400 Bad Request", HTML_ERROR_400);
                       workerEnv->globalEnv->releaseEnv( workerEnv->globalEnv, env );
  -                    return SF_STATUS_REQ_FINISHED;
  +                    return SF_STATUS_REQ_NEXT_NOTIFICATION;
                   }
                   else if(rc == BAD_PATH) {
  -                    env->l->jkLog(env, env->l,  JK_LOG_EMERG, 
  +                    env->l->jkLog(env, env->l,  JK_LOG_INFO, 
                              "HttpFilterProc [%s] contains forbidden escape sequences.\n", 
                              uri);
  -                    write_error_response(pfc,"403 Forbidden", HTML_ERROR_403);
  +                    // XXX: Let any other filter process the request, 
  +                    //      if they take any security measure or not doesnt matter.
  +                    //  write_error_response(pfc,"403 Forbidden", HTML_ERROR_403);
                       workerEnv->globalEnv->releaseEnv( workerEnv->globalEnv, env );
  -                    return SF_STATUS_REQ_FINISHED;
  +                    return SF_STATUS_REQ_NEXT_NOTIFICATION;
                   }
                   jk_requtil_getParents(uri);
   
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org