[Bug 68603] Request Context path and Query param gets replaced
https://bz.apache.org/bugzilla/show_bug.cgi?id=68603 --- Comment #17 from Naresh --- (In reply to Noah Adams from comment #15) > I believe this bug is a duplicate of > https://bz.apache.org/bugzilla/show_bug.cgi?id=68495 and I uploaded a test > case there. Happy to see that the issue is fixes... Have also mentioned similar POC with demonstration video but mark Thomas mentioned that the issue is not reproducible... So we went on with the temp fix on our side ... @Mark Thomas, This(https://bz.apache.org/bugzilla/show_bug.cgi?id=68495) is what the issue mentioned by me.. Kindly change the status of this bug if needed -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 68603] Request Context path and Query param gets replaced
https://bz.apache.org/bugzilla/show_bug.cgi?id=68603 --- Comment #16 from Naresh --- (In reply to Noah Adams from comment #15) > I believe this bug is a duplicate of > https://bz.apache.org/bugzilla/show_bug.cgi?id=68495 and I uploaded a test > case there. Yeah Noah Adams, The issue is the same... -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 68603] Request Context path and Query param gets replaced
https://bz.apache.org/bugzilla/show_bug.cgi?id=68603 --- Comment #15 from Noah Adams --- I believe this bug is a duplicate of https://bz.apache.org/bugzilla/show_bug.cgi?id=68495 and I uploaded a test case there. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 68603] Request Context path and Query param gets replaced
https://bz.apache.org/bugzilla/show_bug.cgi?id=68603 Mark Thomas changed: What|Removed |Added Resolution|--- |WORKSFORME Status|REOPENED|RESOLVED --- Comment #14 from Mark Thomas --- This will remain WORKSFORME until steps are provided that can be used to reproduce this issue. Please ensure that you test the reproducer on a genuinely clean Tomcat install using a Tomcat distribution provided by the Tomcat project. You may wish to setup a clean machine or VM for testing. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 68603] Request Context path and Query param gets replaced
https://bz.apache.org/bugzilla/show_bug.cgi?id=68603 Naresh changed: What|Removed |Added Status|RESOLVED|REOPENED Resolution|WORKSFORME |--- --- Comment #13 from Naresh --- (In reply to Mark Thomas from comment #12) > And again, this works for me with a clean build of 9.0.x. > > Have you install New Relic or any other additional software on the Tomcat > instance you are using to produce this issue? no new relic/additional software is used have just unzipped the new tomcat and added the webapps to it. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 68603] Request Context path and Query param gets replaced
https://bz.apache.org/bugzilla/show_bug.cgi?id=68603 --- Comment #12 from Mark Thomas --- And again, this works for me with a clean build of 9.0.x. Have you install New Relic or any other additional software on the Tomcat instance you are using to produce this issue? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 68603] Request Context path and Query param gets replaced
https://bz.apache.org/bugzilla/show_bug.cgi?id=68603 --- Comment #11 from Naresh --- Created attachment 39585 --> https://bz.apache.org/bugzilla/attachment.cgi?id=39585=edit POC of the issue mark, It's just simple reproduce steps, kindly refer the demo video inside zip and check once. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 68603] Request Context path and Query param gets replaced
https://bz.apache.org/bugzilla/show_bug.cgi?id=68603 Mark Thomas changed: What|Removed |Added Resolution|--- |WORKSFORME Status|NEW |RESOLVED --- Comment #10 from Mark Thomas --- Tested with the provided application - it does not reproduce the described issue. I also extended the test case to POST to index.jsp to provide the name parameter. Again, it did not reproduce the described issue. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 68603] Request Context path and Query param gets replaced
https://bz.apache.org/bugzilla/show_bug.cgi?id=68603 --- Comment #9 from Mark Thomas --- Are you using NewRelic by any chance? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 68603] Request Context path and Query param gets replaced
https://bz.apache.org/bugzilla/show_bug.cgi?id=68603 Naresh changed: What|Removed |Added Status|NEEDINFO|NEW --- Comment #8 from Naresh --- (In reply to Mark Thomas from comment #6) > Again, please provide the simplest possible test case that demonstrates this > issue (including source) and we will investigate. > > Without the requested information this issue will get resolved as WORKSFORME. mark, Sorry for the response delay. Have attached the sample code... please let me know if you need clarification -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 68603] Request Context path and Query param gets replaced
https://bz.apache.org/bugzilla/show_bug.cgi?id=68603 Naresh changed: What|Removed |Added CC||nareshnk1...@gmail.com --- Comment #7 from Naresh --- Created attachment 39584 --> https://bz.apache.org/bugzilla/attachment.cgi?id=39584=edit Bug 68603 -Sample webapp(/test) to recreate the issue with the issue screenshot present In the test attachment you can find the webapp to recreate the issue. And the screenshot will be present describing the stacktrace of the issue. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 68603] Request Context path and Query param gets replaced
https://bz.apache.org/bugzilla/show_bug.cgi?id=68603 Mark Thomas changed: What|Removed |Added Status|NEW |NEEDINFO --- Comment #6 from Mark Thomas --- Again, please provide the simplest possible test case that demonstrates this issue (including source) and we will investigate. Without the requested information this issue will get resolved as WORKSFORME. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 68603] Request Context path and Query param gets replaced
https://bz.apache.org/bugzilla/show_bug.cgi?id=68603 Naresh changed: What|Removed |Added Status|NEEDINFO|NEW --- Comment #5 from Naresh --- (In reply to Christopher Schultz from comment #4) > (In reply to Naresh from comment #2) > > Take for example before login request URI is "/bill/login" with request body > > of "leacsrf=c8b01130-3e28-4f29-b9e6-f9f54f3f2501". > > Is this a query string in the URL, or is this the request body? > > > Scenario is after authentication the current request URI(/bill/login) is > > changed with "srf=c8b01130-3e28" and the request query param is changed to > > "4f29-b9e6-f9f54f3f2501" > > What is consuming the response? Just Tomcat via a call to > request.getParameter*? Is this a query string in the URL, or is this the request body? Request body What is consuming the response? Just Tomcat via a call to request.getParameter*? yes -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 68603] Request Context path and Query param gets replaced
https://bz.apache.org/bugzilla/show_bug.cgi?id=68603 --- Comment #4 from Christopher Schultz --- (In reply to Naresh from comment #2) > Take for example before login request URI is "/bill/login" with request body > of "leacsrf=c8b01130-3e28-4f29-b9e6-f9f54f3f2501". Is this a query string in the URL, or is this the request body? > Scenario is after authentication the current request URI(/bill/login) is > changed with "srf=c8b01130-3e28" and the request query param is changed to > "4f29-b9e6-f9f54f3f2501" What is consuming the response? Just Tomcat via a call to request.getParameter*? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 68603] Request Context path and Query param gets replaced
https://bz.apache.org/bugzilla/show_bug.cgi?id=68603 Mark Thomas changed: What|Removed |Added Status|REOPENED|NEEDINFO --- Comment #3 from Mark Thomas --- That shouldn't happen. Please provide the simplest possible test case that demonstrates this issue (including source) and we will investigate. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 68603] Request Context path and Query param gets replaced
https://bz.apache.org/bugzilla/show_bug.cgi?id=68603 Naresh changed: What|Removed |Added Status|RESOLVED|REOPENED Resolution|DUPLICATE |--- --- Comment #2 from Naresh --- (In reply to Mark Thomas from comment #1) > FORM authentication is REQUIRED to restore the original request after a > successful authentication. > > Please use the users mailing if you require assistance with using FORM > authentication. > > *** This bug has been marked as a duplicate of bug 68593 *** I do understand...The case is different over here, the request ("/bill/login") is from the same context("/bill") before and after login... Take for example before login request URI is "/bill/login" with request body of "leacsrf=c8b01130-3e28-4f29-b9e6-f9f54f3f2501". Scenario is after authentication the current request URI(/bill/login) is changed with "srf=c8b01130-3e28" and the request query param is changed to "4f29-b9e6-f9f54f3f2501" Is this the Intended flow... can you please let me know why the request URI is changed with the content of the body which is not to be happened? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 68603] Request Context path and Query param gets replaced
https://bz.apache.org/bugzilla/show_bug.cgi?id=68603 Mark Thomas changed: What|Removed |Added Resolution|--- |DUPLICATE Status|NEW |RESOLVED OS||All --- Comment #1 from Mark Thomas --- FORM authentication is REQUIRED to restore the original request after a successful authentication. Please use the users mailing if you require assistance with using FORM authentication. *** This bug has been marked as a duplicate of bug 68593 *** -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org