You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by fh...@apache.org on 2007/03/16 17:37:37 UTC

svn commit: r519053 - /tomcat/connectors/branches/tc5.0.x/util/java/org/apache/tomcat/util/buf/UDecoder.java

Author: fhanik
Date: Fri Mar 16 09:37:37 2007
New Revision: 519053

URL: http://svn.apache.org/viewvc?view=rev&rev=519053
Log:
Add some options for handling URL chars, backport from TC 6.0.x

Modified:
    tomcat/connectors/branches/tc5.0.x/util/java/org/apache/tomcat/util/buf/UDecoder.java

Modified: tomcat/connectors/branches/tc5.0.x/util/java/org/apache/tomcat/util/buf/UDecoder.java
URL: http://svn.apache.org/viewvc/tomcat/connectors/branches/tc5.0.x/util/java/org/apache/tomcat/util/buf/UDecoder.java?view=diff&rev=519053&r1=519052&r2=519053
==============================================================================
--- tomcat/connectors/branches/tc5.0.x/util/java/org/apache/tomcat/util/buf/UDecoder.java (original)
+++ tomcat/connectors/branches/tc5.0.x/util/java/org/apache/tomcat/util/buf/UDecoder.java Fri Mar 16 09:37:37 2007
@@ -28,6 +28,8 @@
  *  @author Costin Manolache
  */
 public final class UDecoder {
+    protected static final boolean ALLOW_ENCODED_SLASH = 
+        Boolean.valueOf(System.getProperty("org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH", "false")).booleanValue();
     
     public UDecoder() 
     {
@@ -62,6 +64,8 @@
 	// idx will be the smallest positive inxes ( first % or + )
 	if( idx2 >= 0 && idx2 < idx ) idx=idx2;
 	if( idx < 0 ) idx=idx2;
+    
+    boolean noSlash = !(ALLOW_ENCODED_SLASH || query);
 
 	for( int j=idx; j<end; j++, idx++ ) {
 	    if( buff[ j ] == '+' && query) {
@@ -80,6 +84,11 @@
 		
 		j+=2;
 		int res=x2c( b1, b2 );
+        
+        if (noSlash && (res == '/')) {
+            throw new CharConversionException( "noSlash");
+        }
+        
 		buff[idx]=(byte)res;
 	    }
 	}
@@ -122,7 +131,9 @@
 	if( idx2 >= 0 && idx2 < idx ) idx=idx2; 
 	if( idx < 0 ) idx=idx2;
 
-	for( int j=idx; j<cend; j++, idx++ ) {
+    boolean noSlash = !(ALLOW_ENCODED_SLASH || query);
+	
+    for( int j=idx; j<cend; j++, idx++ ) {
 	    if( buff[ j ] == '+' && query ) {
 		buff[idx]=( ' ' );
 	    } else if( buff[ j ] != '%' ) {
@@ -140,6 +151,11 @@
 		
 		j+=2;
 		int res=x2c( b1, b2 );
+        
+        if (noSlash && (res == '/')) {
+            throw new CharConversionException( "noSlash");
+        }
+
 		buff[idx]=(char)res;
 	    }
 	}



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org