You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2009/04/08 19:12:19 UTC
svn commit: r763322 -
/tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
Author: markt
Date: Wed Apr 8 17:12:18 2009
New Revision: 763322
URL: http://svn.apache.org/viewvc?rev=763322&view=rev
Log:
Fix NPE when not using cookies for session IDs
Modified:
tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
Modified: tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java?rev=763322&r1=763321&r2=763322&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java (original)
+++ tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java Wed Apr 8 17:12:18 2009
@@ -510,6 +510,16 @@
}
// Parse session Id
+ if (!request.getServletContext().getEffectiveSessionTrackingModes()
+ .contains(SessionTrackingMode.URL)) {
+ /*
+ * If we saw an ID in the URL but this is disabled - remove it
+ * Can't handle it when we parse the URL as we don't have the
+ * context at that point
+ */
+ request.setRequestedSessionId(null);
+ request.setRequestedSessionURL(false);
+ }
parseSessionCookiesId(req, request);
parseSessionSslId(request);
return true;
@@ -543,9 +553,7 @@
ByteChunk uriBC = req.requestURI().getByteChunk();
int semicolon = uriBC.indexOf(match, 0, match.length(), 0);
- if (semicolon > 0 &&
- request.getServletContext().getEffectiveSessionTrackingModes()
- .contains(SessionTrackingMode.URL)) {
+ if (semicolon > 0) {
// Parse session ID, and extract it from the decoded request URI
int start = uriBC.getStart();
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org