You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by ma...@apache.org on 2007/03/17 18:00:57 UTC

svn commit: r519369 - /tomcat/connectors/trunk/coyote/src/java/org/apache/coyote/tomcat4/CoyoteAdapter.java

Author: markt
Date: Sat Mar 17 10:00:55 2007
New Revision: 519369

URL: http://svn.apache.org/viewvc?view=rev&rev=519369
Log:
Add option for handling URL chars, backport from TC 6.0.x

Modified:
    tomcat/connectors/trunk/coyote/src/java/org/apache/coyote/tomcat4/CoyoteAdapter.java

Modified: tomcat/connectors/trunk/coyote/src/java/org/apache/coyote/tomcat4/CoyoteAdapter.java
URL: http://svn.apache.org/viewvc/tomcat/connectors/trunk/coyote/src/java/org/apache/coyote/tomcat4/CoyoteAdapter.java?view=diff&rev=519369&r1=519368&r2=519369
==============================================================================
--- tomcat/connectors/trunk/coyote/src/java/org/apache/coyote/tomcat4/CoyoteAdapter.java (original)
+++ tomcat/connectors/trunk/coyote/src/java/org/apache/coyote/tomcat4/CoyoteAdapter.java Sat Mar 17 10:00:55 2007
@@ -51,6 +51,10 @@
 final class CoyoteAdapter
     implements Adapter {
 
+    protected static final boolean ALLOW_BACKSLASH = Boolean.valueOf(
+            System.getProperty(
+                    "org.apache.coyote.tomcat4.CoyoteAdapter.ALLOW_BACKSLASH",
+                    "false")).booleanValue();
 
     // -------------------------------------------------------------- Constants
 
@@ -440,8 +444,12 @@
             return "/";
 
         // Normalize the slashes and add leading slash if necessary
-        if (normalized.indexOf('\\') >= 0)
-            normalized = normalized.replace('\\', '/');
+        if (normalized.indexOf('\\') >= 0) {
+            if ( ALLOW_BACKSLASH )
+                normalized = normalized.replace('\\', '/');
+            else 
+                return null;
+        }
         if (!normalized.startsWith("/"))
             normalized = "/" + normalized;
 
@@ -564,8 +572,12 @@
         // Replace '\' with '/'
         // Check for null byte
         for (pos = start; pos < end; pos++) {
-            if (b[pos] == (byte) '\\')
-                b[pos] = (byte) '/';
+            if (b[pos] == (byte) '\\') {
+                if (ALLOW_BACKSLASH)
+                    b[pos] = (byte) '/';
+                else 
+                    return false;
+            }
             if (b[pos] == (byte) 0)
                 return false;
         }



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org