You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Thoku Hansen <th...@gmail.com> on 2007/08/10 19:51:42 UTC
URL Decoding Question
Hi,
Does Tomcat decode a URL-encoded request before evaluating it against
servlet url-patterns?
I have a form whose submit action URL includes the jsessionid like this:
<form
action="Example.action;jsessionid=196273839CE41F0BFBA445F63D3880EB"
method="post">
When the form is submitted, the request is going through a kind of
proxy that performs a URL encode before forwarding the request.
When the request is received by Tomcat (v. 6.0.14) it looks like this:
http://foo/Example.action%3Bjsessionid%
3D196273839CE41F0BFBA445F63D3880EB
I have a servlet url-pattern for "*.action". It works fine for
request URLs like:
http://foo/Example.action
and also
http://foo/Example.action;jsessionid=196273839CE41F0BFBA445F63D3880EB
But when the re-encoded request URL is encountered (below again),
Tomcat gives a 404 error.
http://foo/Example.action%3Bjsessionid%
3D196273839CE41F0BFBA445F63D3880EB
I do not have any control over the proxy that is doing this re-encoding.
I have two questions:
1. Is the URL encoding that is being done in the above example
appropriate?
2. Shouldn't Tomcat be URL-decoding this and turning it into its
original form?
Hope you can shed some light on this.
Thanks,
T.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: URL Decoding Question
Posted by Bill Barker <wb...@wilshire.com>.
"Thoku Hansen" <th...@gmail.com> wrote in message
news:210E6334-1309-4B43-AEAE-63EEEDA7095C@gmail.com...
> Hi,
>
> Does Tomcat decode a URL-encoded request before evaluating it against
> servlet url-patterns?
>
> I have a form whose submit action URL includes the jsessionid like this:
> <form action="Example.action;jsessionid=196273839CE41F0BFBA445F63D3880EB"
> method="post">
>
> When the form is submitted, the request is going through a kind of proxy
> that performs a URL encode before forwarding the request.
> When the request is received by Tomcat (v. 6.0.14) it looks like this:
> http://foo/Example.action%3Bjsessionid% 3D196273839CE41F0BFBA445F63D3880EB
>
> I have a servlet url-pattern for "*.action". It works fine for request
> URLs like:
> http://foo/Example.action
> and also
> http://foo/Example.action;jsessionid=196273839CE41F0BFBA445F63D3880EB
>
> But when the re-encoded request URL is encountered (below again), Tomcat
> gives a 404 error.
> http://foo/Example.action%3Bjsessionid% 3D196273839CE41F0BFBA445F63D3880EB
>
> I do not have any control over the proxy that is doing this re-encoding.
>
> I have two questions:
> 1. Is the URL encoding that is being done in the above example
> appropriate?
No, ';' is a legitimate character in a URL, so by encoding it the proxy is
changing the name of the resource being asked for.
> 2. Shouldn't Tomcat be URL-decoding this and turning it into its original
> form?
>
No, because with the ';' it is a parameter to the URL, and with %3B it is
just a normal character in the URL (e.g. a file name that happens to have a
';' in it's name).
> Hope you can shed some light on this.
>
> Thanks,
>
> T.
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org