You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by Bob Tanner <ta...@real-time.com> on 2000/08/09 20:47:43 UTC

sendRedirect with relative url and SSL

% java -version
java version "1.2.2"
Classic VM (build 1.2.2_006, green threads, nojit)

% uname -a
Linux 2.2.14-4 #1 Tue Feb 8 14:32:26 CST 2000 i686 unknown

Tomcat Web Server 3.3 dev

Looks like the external redirect with SSL bug still exists in Tomcat 3.3 dev.
This is a thread from earlier in Aug, thread url included below:

http://archives2.real-time.com/pipermail/tomcat-users/2000-August/002714.html

The summary is: When you do a sendRedirect() from inside an SSL page, the url is
re-written as http (no s) BUT the SSL-defined port is tacked on so things get
flakey.


-- 
Bob Tanner <ta...@real-time.com>       | Phone : (612)943-8700
http://www.mn-linux.org                 | Fax   : (612)943-8500
Key fingerprint =  6C E9 51 4F D5 3E 4C 66 62 A9 10 E5 35 85 39 D9

Re: sendRedirect with relative url and SSL

Posted by Russ White <ru...@earthlink.net>.

I worked around the problem by adding this line:

if (socket instanceof javax.net.ssl.SSLSocket) this.scheme="https";

in tis method:

public void setSocket(Socket socket) throws IOException {
 if( sin==null)
     sin = new RecycleBufferedInputStream ( socket.getInputStream());
 else
     sin.setInputStream( socket.getInputStream());
 in = new BufferedServletInputStream(this);
        this.socket = socket;
     moreRequests = true;
        if (socket instanceof javax.net.ssl.SSLSocket) this.scheme="https";
}

in HttpRequestAdapter

Now everything works fine.

Russ White

----- Original Message -----
From: "Bob Tanner" <ta...@real-time.com>
To: <to...@jakarta.apache.org>
Sent: Wednesday, August 09, 2000 2:47 PM
Subject: sendRedirect with relative url and SSL


> % java -version
> java version "1.2.2"
> Classic VM (build 1.2.2_006, green threads, nojit)
>
> % uname -a
> Linux 2.2.14-4 #1 Tue Feb 8 14:32:26 CST 2000 i686 unknown
>
> Tomcat Web Server 3.3 dev
>
> Looks like the external redirect with SSL bug still exists in Tomcat 3.3
dev.
> This is a thread from earlier in Aug, thread url included below:
>
>
http://archives2.real-time.com/pipermail/tomcat-users/2000-August/002714.htm
l
>
> The summary is: When you do a sendRedirect() from inside an SSL page, the
url is
> re-written as http (no s) BUT the SSL-defined port is tacked on so things
get
> flakey.
>
>
> --
> Bob Tanner <ta...@real-time.com>       | Phone : (612)943-8700
> http://www.mn-linux.org                 | Fax   : (612)943-8500
> Key fingerprint =  6C E9 51 4F D5 3E 4C 66 62 A9 10 E5 35 85 39 D9
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>
>