...@flyingfischer.ch
<i...@flyingfischer.ch> wrote:
> Am 13.10.2017 um 12:48 schrieb Alex O'Ree:
>> Well that explains a lot. Similar issue for me. With url encoding, tomcat
>> is dropping back slash and the plus symbol.
>
> While I think it is perfectly eligible to strive for
On 13/10/17 18:42, André Warnier (tomcat) wrote:
> On 13.10.2017 19:29, Mark Thomas wrote:
>> On 13/10/2017 18:15, André Warnier (tomcat) wrote:
>>> On 13.10.2017 18:17, Mark Thomas wrote:
On 13/10/2017 17:09, James H. H. Lampert wrote:
> Thanks to all of you who responded.
>
> I
On 10/13/17, 10:50 AM, Igal @ Lucee.org wrote:
On 10/13/2017 10:42 AM, André Warnier (tomcat) wrote:
Mmm. You are being a bit casuistic here. (Granted, not that I wasn't.)
In the real world, I would expect that 99% of what is ever POSTed,
/is/ form data.
Not you ?
10 years ago I would have
On 10/13/2017 10:42 AM, André Warnier (tomcat) wrote:
Mmm. You are being a bit casuistic here. (Granted, not that I wasn't.)
In the real world, I would expect that 99% of what is ever POSTed,
/is/ form data.
Not you ?
10 years ago I would have agreed, but with REST services there are many
On 13.10.2017 19:29, Mark Thomas wrote:
On 13/10/2017 18:15, André Warnier (tomcat) wrote:
On 13.10.2017 18:17, Mark Thomas wrote:
On 13/10/2017 17:09, James H. H. Lampert wrote:
Thanks to all of you who responded.
I found a web page that explains it in ways that I can wrap my
55-year-old
On 13/10/2017 18:15, André Warnier (tomcat) wrote:
> On 13.10.2017 18:17, Mark Thomas wrote:
>> On 13/10/2017 17:09, James H. H. Lampert wrote:
>>> Thanks to all of you who responded.
>>>
>>> I found a web page that explains it in ways that I can wrap my
>>> 55-year-old brain around, and has an
On 13.10.2017 18:17, Mark Thomas wrote:
On 13/10/2017 17:09, James H. H. Lampert wrote:
Thanks to all of you who responded.
I found a web page that explains it in ways that I can wrap my
55-year-old brain around, and has an easy-to-read reference chart.
On 13/10/2017 17:09, James H. H. Lampert wrote:
> Thanks to all of you who responded.
>
> I found a web page that explains it in ways that I can wrap my
> 55-year-old brain around, and has an easy-to-read reference chart.
>
> https://perishablepress.com/stop-using-unsafe-characters-in-urls/
>
>
Thanks to all of you who responded.
I found a web page that explains it in ways that I can wrap my
55-year-old brain around, and has an easy-to-read reference chart.
https://perishablepress.com/stop-using-unsafe-characters-in-urls/
Question: the problem first showed up on a web service that
Am 13.10.2017 um 12:48 schrieb Alex O'Ree:
> Well that explains a lot. Similar issue for me. With url encoding, tomcat
> is dropping back slash and the plus symbol.
While I think it is perfectly eligible to strive for a most perfect
alignement with standards and specs, I think Tomcat
Well that explains a lot. Similar issue for me. With url encoding, tomcat
is dropping back slash and the plus symbol.
On Oct 13, 2017 3:01 AM, "Mark Thomas" <ma...@apache.org> wrote:
> On 13/10/2017 07:38, Peter Kreuser wrote:
> > Chris,
> >
> >
> >
Am 13.10.2017 um 09:01 schrieb Mark Thomas:
> From memory, # isn't one of the allowed exceptions.
>
> The full list of invalid characters in the request line that Tomcat
> started to check for is:
> ' ', '\"', '#', '<', '>', '\\', '^', '`', '{', '|', '}'
>
> The allowed exceptions are (currently)
The allowed exceptions are (currently) '{', '|', '}'
Mark
>> James, please browse the mail archives.
>> From a quick look this seems to help, for a short term solution:
>
>> https://marc.info/?l=tomcat-user=150183715500537=2
>
>> Please nevertheless fix the client,
uick look this seems to help, for a short term solution:
https://marc.info/?l=tomcat-user=150183715500537=2
Please nevertheless fix the client, for a better world as Chris pointed out ;-P.
Best regards
Peter
>> The developer (in a different time zone) has explained about
>> URL-en
# to a server. It's a violation of
the spec, full stop. That isn't to say that Tomcat should fail in any
particular way, but Tomcat is well within its rights to say "a # is
not allowed in a URL, so this is a bad request".
> The developer (in a different time zone) has explained about
&g
ain, naked # in the URL. Now, running
on Tomcat 8.5, it's returning an error message ("HTTP/1.1 400").
The developer (in a different time zone) has explained about
URL-encoding, but hasn't said whether there was anything in his code to
make it stop tolerating the naked # sign.
Did th
...@pivotal.io]
Sent: Thursday, June 15, 2017 3:11 PM
To: Tomcat Users List <users@tomcat.apache.org>
Subject: Re: Tomcat URL encoding
You need to enable this through the ALLOW_BACKSLASH property:
https://tomcat.apache.org/tomcat-8.5-doc/config/systemprops.html
On Thu, Jun 15, 2017 at 2:44 P
On 15/06/2017 14:44, Cai, Charles [COMRES/RTC/RTC] wrote:
Hi Guys,
Looking for help here after search on the web for couple hours:
I'm currently doing some testing on Tomcat 8.5.9 I'm trying to encode all the
URL that is requesting to my server.
One thing I have noticed it wasn't working is
You need to enable this through the ALLOW_BACKSLASH property:
https://tomcat.apache.org/tomcat-8.5-doc/config/systemprops.html
On Thu, Jun 15, 2017 at 2:44 PM, Cai, Charles [COMRES/RTC/RTC] <
charles@emerson.com> wrote:
> Hi Guys,
>
> Looking for help here after search on the web for couple
Hi Guys,
Looking for help here after search on the web for couple hours:
I'm currently doing some testing on Tomcat 8.5.9 I'm trying to encode all the
URL that is requesting to my server.
One thing I have noticed it wasn't working is the `\` (back slash) can't be
allowed in the URL.
I'm
Thanks Chris,
I've created a pull request on github:
https://github.com/apache/tomcat85/pull/3
> and then look at the diffs manually
It's an almost complete rewrite and has very little in common with the old
encoder
Svetlin
2016-08-30 20:56 GMT+03:00 Christopher Schultz
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Svetlin,
On 8/28/16 12:57 PM, Svetlin Zarev wrote:
> Hi,
>
> Today I had some free time, so I implemented a more (memory and
> performance wise) efficient URLEncoder [1] and I'd like to
> contribute it if there is interest for improvement in that
Hi,
Today I had some free time, so I implemented a more (memory and performance
wise) efficient URLEncoder [1] and I'd like to contribute it if there is
interest for improvement in that area. My encoder has close to zero
allocation rate (unless there is very high concurrency for the encode()
Am 11.08.2016 um 21:16 schrieb Jose María Zaragoza:
2016-08-10 14:29 GMT+02:00 Lazar Kirchev :
Hello Christopher,
I tried with 32 MB and even 24 MB heap and the CPU usage and response time
remained the almost the same (the difference is negligible) as with 1 GB
heap.
2016-08-10 14:29 GMT+02:00 Lazar Kirchev :
> Hello Christopher,
>
> I tried with 32 MB and even 24 MB heap and the CPU usage and response time
> remained the almost the same (the difference is negligible) as with 1 GB
> heap. The cumulative allocated memory for the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Lazar,
On 8/10/16 8:29 AM, Lazar Kirchev wrote:
> I tried with 32 MB and even 24 MB heap and the CPU usage and
> response time remained the almost the same (the difference is
> negligible) as with 1 GB heap. The cumulative allocated memory for
>
Hello Christopher,
I tried with 32 MB and even 24 MB heap and the CPU usage and response time
remained the almost the same (the difference is negligible) as with 1 GB
heap. The cumulative allocated memory for the HeapByteBuffer remains about
400 MB, but of course the frequency of GCs is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Lazar,
On 8/9/16 8:40 AM, Lazar Kirchev wrote:
> Hello! When handling requests which make use of request dispatcher,
> Tomcat 7.0.70 allocates more memory in comparison to 7.0.69. This
> seems to come from the encoding of the path introduced with
Hello!
When handling requests which make use of request dispatcher, Tomcat 7.0.70
allocates more memory in comparison to 7.0.69. This seems to come from the
encoding of the path introduced with this change
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/
On 07/07/2016 19:49, Mekkelsen Madden, Steve wrote:
> This was reproduced in dev, staging, testqa on multiple servers. Yes, the
> response shown is JSON which is puzzling since that only appears when using
> NIO2. That's why there is so much confusion on this. At the end of the day,
> I
-Original Message-
From: Felix Schumacher [mailto:felix.schumac...@internetallee.de]
Sent: Thursday, July 07, 2016 12:53 PM
To: users@tomcat.apache.org
Subject: Re: SSL/TLS 8.5.3 upgrade from 8.0.32 using NIO2 url encoding issues
Am 07.07.2016 um 18:32 schrieb Mekkelsen Madden, Steve:
> Ev
users-unsubscr...@tomcat.apache.org please unsubsribe
From: "Mekkelsen Madden, Steve" <steve.mekkelsenmad...@pega.com>
To: Tomcat Users List <users@tomcat.apache.org>
Sent: Thursday, July 7, 2016 11:32 AM
Subject: RE: SSL/TLS 8.5.3 upgrade from 8.0.32 using NI
Message-
From: Felix Schumacher [mailto:felix.schumac...@internetallee.de]
Sent: Thursday, July 07, 2016 12:30 PM
To: users@tomcat.apache.org
Subject: Re: SSL/TLS 8.5.3 upgrade from 8.0.32 using NIO2 url encoding issues
Am 07.07.2016 um 15:04 schrieb Mekkelsen Madden, Steve:
Hi, sorry for delay
:
steve.mekkelsen.mad...@pega.com | www.pega.com
-Original Message-
From: Felix Schumacher [mailto:felix.schumac...@internetallee.de]
Sent: Thursday, July 07, 2016 12:30 PM
To: users@tomcat.apache.org
Subject: Re: SSL/TLS 8.5.3 upgrade from 8.0.32 using NIO2 url encoding issues
Am 07.07.2016 um 15:04
ers@tomcat.apache.org>
Subject: Re: SSL/TLS 8.5.3 upgrade from 8.0.32 using NIO2 url encoding issues
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Steve,
On 7/6/16 4:22 PM, Mekkelsen Madden, Steve wrote:
Here is the image I tried attaching. Sorry about that.
[redacted... my SMTP server
[mailto:ch...@christopherschultz.net]
Sent: Wednesday, July 06, 2016 4:45 PM
To: Tomcat Users List <users@tomcat.apache.org>
Subject: Re: SSL/TLS 8.5.3 upgrade from 8.0.32 using NIO2 url encoding issues
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Steve,
On 7/6/16 4:22 PM, Mekkelsen
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Steve,
On 7/6/16 4:22 PM, Mekkelsen Madden, Steve wrote:
> Here is the image I tried attaching. Sorry about that.
> [redacted... my SMTP server really doesn't like that URL]
So... what are we looking at, here?
I see a POST URL that looks
...@pega.com | www.pega.com
-Original Message-
From: Mekkelsen Madden, Steve
Sent: Wednesday, July 06, 2016 3:44 PM
To: users@tomcat.apache.org
Subject: RE: SSL/TLS 8.5.3 upgrade from 8.0.32 using NIO2 url encoding issues
Thanks Felix. See below
-Original Message-
From: Felix
On 06.07.2016 21:43, Mekkelsen Madden, Steve wrote:
I've attached a screenshot showing the request if that helps.
Unfortunately, as you may notice, this list strips most attachments.
It would thus be better if you uploaded that screenshot somewhere, and provided
a link to it.
Thanks Felix. See below
-Original Message-
From: Felix Schumacher [mailto:felix.schumac...@internetallee.de]
Sent: Wednesday, July 06, 2016 3:29 PM
To: users@tomcat.apache.org
Subject: Re: SSL/TLS 8.5.3 upgrade from 8.0.32 using NIO2 url encoding issues
Am 06.07.2016 um 19:14 schrieb
: Friday, July 01, 2016 12:56 PM
To: Tomcat Users List <users@tomcat.apache.org>
Subject: SSL/TLS 8.5.3 upgrade from 8.0.32 using NIO2 url encoding issues
Hi all,
Is anyone aware of why after upgrading from Tomcat 8.0.32x64 (Windows) to 8.5.3x64 using the
connector protocol of: pr
<users@tomcat.apache.org>
Subject: SSL/TLS 8.5.3 upgrade from 8.0.32 using NIO2 url encoding issues
Hi all,
Is anyone aware of why after upgrading from Tomcat 8.0.32x64 (Windows) to
8.5.3x64 using the connector protocol of:
protocol="org.apache.coyote.http11.Http11Nio2Protocol"
Hi all,
Is anyone aware of why after upgrading from Tomcat 8.0.32x64 (Windows) to
8.5.3x64 using the connector protocol of:
protocol="org.apache.coyote.http11.Http11Nio2Protocol" fails with url encoding
errors? Once it was changed back to
protocol="org.apache.coyote.http11.Ht
Dear Dan,
Thanks for your suggestion.
I tried it, but it didn't work for me (Tomcat started with parameter:
-Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true).
In my tomcat log:
127.0.0.1 - - [09/May/2013:15:34:54 +0200] GET
/angol-magyar-szotar/w%5C HTTP/1.1 400 -
Regards,
On May 9, 2013, at 11:05 AM, Lutischán Ferenc wrote:
Dear Dan,
Thanks for your suggestion.
I tried it, but it didn't work for me (Tomcat started with parameter:
-Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true).
In my tomcat log:
127.0.0.1 - - [09/May/2013:15:34:54 +0200]
Dear Users,
Tomcat 7.0.39.
I have problem with the following url in firefox 20:
http://dictzone.com/english-german-dictionary/a\ (it resulted in the
http://dictzone.com/english-german-dictionary/a%5C request).
It results is an emtpy page. This request don't arrive my servelt /
filter codes.
On May 8, 2013, at 8:46 AM, Lutischán Ferenc wrote:
Dear Users,
Tomcat 7.0.39.
I have problem with the following url in firefox 20:
http://dictzone.com/english-german-dictionary/a\ (it resulted in the
http://dictzone.com/english-german-dictionary/a%5C request).
Why do you have a \ on
Dear Dan,
Thank for your reply.
1. This site is a dictionary:
- Windows users often enter a \ in place of /
- Rarely there are \ in the phrases
2. The returned status code is: 400 Bad Request
3. Mappings:
servlet
servlet-nameindex/servlet-name
On May 8, 2013, at 9:09 AM, Lutischán Ferenc wrote:
Dear Dan,
Thank for your reply.
1. This site is a dictionary:
- Windows users often enter a \ in place of /
- Rarely there are \ in the phrases
I think what you're looking for is this…
alex wrote:
Mark Thomas wrote:
On 21/02/2011 04:25, alex wrote:
hi all,
I get 404 err, if I add %D0 to url, but I get just blank page if I add
%zD0 . I'm supposed to get bad request in this case. how do I fix this
problem?
Check the response headers.
If you don't see a 400 response, exactly
On 22/02/2011 13:27, alex wrote:
alex wrote:
Mark Thomas wrote:
On 21/02/2011 04:25, alex wrote:
hi all,
I get 404 err, if I add %D0 to url, but I get just blank page if I add
%zD0 . I'm supposed to get bad request in this case. how do I fix this
problem?
Check the response headers.
If
Mark Thomas wrote:
On 22/02/2011 13:27, alex wrote:
alex wrote:
Mark Thomas wrote:
On 21/02/2011 04:25, alex wrote:
hi all,
I get 404 err, if I add %D0 to url, but I get just blank page if I add
%zD0 . I'm supposed to get bad request in this case. how do I fix this
problem?
Check the
alex wrote:
Mark Thomas wrote:
On 22/02/2011 13:27, alex wrote:
alex wrote:
Mark Thomas wrote:
On 21/02/2011 04:25, alex wrote:
hi all,
I get 404 err, if I add %D0 to url, but I get just blank page if I
add
%zD0 . I'm supposed to get bad request in this case. how do I fix
this
problem?
André Warnier wrote:
alex wrote:
Mark Thomas wrote:
On 22/02/2011 13:27, alex wrote:
alex wrote:
Mark Thomas wrote:
On 21/02/2011 04:25, alex wrote:
hi all,
I get 404 err, if I add %D0 to url, but I get just blank page if
I add
%zD0 . I'm supposed to get bad request in this case. how do I
From: alex [mailto:alex.alex.alex.9...@gmail.com]
Subject: Re: related to bad url encoding?...
shouldn't it be 404 error if tomcat can't map this call?
Tomcat 7 has introduced revised handling for situations where there is no ROOT
webapp; you might want to try that. Regardless, you still
On 22/02/2011 17:26, Caldarale, Charles R wrote:
From: alex [mailto:alex.alex.alex.9...@gmail.com]
Subject: Re: related to bad url encoding?...
shouldn't it be 404 error if tomcat can't map this call?
Tomcat 7 has introduced revised handling for situations where there is no
ROOT webapp
Mark Thomas wrote:
On 22/02/2011 17:26, Caldarale, Charles R wrote:
From: alex [mailto:alex.alex.alex.9...@gmail.com]
Subject: Re: related to bad url encoding?...
shouldn't it be 404 error if tomcat can't map this call?
Tomcat 7 has introduced revised handling for situations where
On 22/02/2011 21:36, alex wrote:
Mark Thomas wrote:
On 22/02/2011 17:26, Caldarale, Charles R wrote:
From: alex [mailto:alex.alex.alex.9...@gmail.com] Subject: Re:
related to bad url encoding?...
shouldn't it be 404 error if tomcat can't map this call?
Tomcat 7 has introduced revised
alex wrote:
...
so, what do I do if I need to show error in this scenario and I run
standalone tomcat?
...
It seems to me that by the 400 status code, the error is already shown,
correctly.
Tomcat is doing the minimum, but it is doing it according to the RFC.
HTTP RFC 2616 says:
10.4
On 21/02/2011 04:25, alex wrote:
hi all,
I get 404 err, if I add %D0 to url, but I get just blank page if I add
%zD0 . I'm supposed to get bad request in this case. how do I fix this
problem?
Check the response headers.
If you don't see a 400 response, exactly which Tomcat version are you
Mark Thomas wrote:
On 21/02/2011 04:25, alex wrote:
hi all,
I get 404 err, if I add %D0 to url, but I get just blank page if I add
%zD0 . I'm supposed to get bad request in this case. how do I fix this
problem?
Check the response headers.
If you don't see a 400 response, exactly which Tomcat
hi all,
I get 404 err, if I add %D0 to url, but I get just blank page if I add
%zD0 . I'm supposed to get bad request in this case. how do I fix this
problem?
thanks.
-
To unsubscribe, e-mail:
André Warnier wrote:
It would appear (from the logs), that there is some double-encoding of the URI
going on.
[snip]
But, if somewhere along the line, a piece of code was receiving the encoded
URI http://.../test%5Bbrackets%5D.jsp;, and decided to re-encode it again
using the % hex hex method,
Jesse Klaasse wrote:
[...]
Good.
Now, I should add that using [ and ] in URL's is not really something I
would recommend, if only for legibility reasons. It will always make
people wonder if what they're seeing in the logfile is normal, or if
it's some programming syntax which escaped
Jesse Klaasse wrote:
[...]
Good.
Now, I should add that using [ and ] in URL's is not really something I
would recommend, if only for legibility reasons. It will always make
people wonder if what they're seeing in the logfile is normal, or if
it's some programming syntax which escaped
André Warnier wrote:
[...]
Now, I should add that using [ and ] in URL's is not really something I would
recommend, if only for legibility reasons. It will always make people wonder
if what they're seeing in the logfile is normal, or if it's some programming
syntax which escaped there.
And I
I have recently migrated a production server from IIS5 / Resin 3.0.14 to
IIS6 / JK1.2.25 / Tomcat 5.5.20. Now, there seems to be a problem with
the URL translation from IIS to Tomcat.
I have this file in a webapp, called test[brackets].jsp.
When I try
Hi,
I have just implemented url encoding in my app, so that it now works in
Opera, FF, IE7 with cookies either enabled or disabled. When cookies are
disabled, I get the jsessionid showing up in the url. (Most pages require
the user to be logged in ).
It doesn't work for ie6 though. With cookies
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michael,
Michael Dehmlow wrote:
The new session println() is called every time(even with the hack).
So, when you make a request with a URL including the jsessionid
parameter, it still gets ignored? This is one page, on one server,
right? Weird.
-
-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
View this message in context:
http://www.nabble.com/Force-URL-encoding-tf4415223.html#a12618863
Sent from the Tomcat
.
--
View this message in context:
http://www.nabble.com/Force-URL-encoding-tf4415223.html#a12594298
Sent from the Tomcat - User mailing list archive at Nabble.com.
-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe
cookies enabled. My thoughts right now are to create a
session filter that deletes the cookie on the way out the door. if this
seems like a good idea who should I go about deleting the the cookie.
--
View this message in context:
http://www.nabble.com/Force-URL-encoding-tf4415223.html#a12594298
. if this
seems like a good idea who should I go about deleting the the cookie.
--
View this message in context:
http://www.nabble.com/Force-URL-encoding-tf4415223.html#a12596041
Sent from the Tomcat - User mailing list archive at Nabble.com
has something to do with the
fact that encodeURL does not work.
--
View this message in context:
http://www.nabble.com/Force-URL-encoding-tf4415223.html#a12599331
Sent from the Tomcat - User mailing list archive at Nabble.com
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michael,
Michael Dehmlow wrote:
'%=response.encodeURL(test/) %'
This should work.
'%=test;jsessionid=+request.getSession().getId() %'
Don't do this; find out what the problem is and fix that. I realize this
is only a test, but it's good to
Hi there,
my problem is as follows: I am under LINUX. When I use
explicitly the symbol ~ in the URL, tomcat keeps track correctly of
the session. When the tilde is encoded as %7e tomcat forgets the
session. And I cannot avoid this, as the sendRedirect method encodes
the tilde by default. Any
/html/foo/bar+5%25/baz
Now - tomcat no longer errors - nothing in catalina logs - but - the
doGet method on the servlet no longer gets called at all.
Any info on why this is happening (false assumption on my part, bug in
tomcat, bug in my code, bug in url encoding etc)?
Totally lost at this end
Okay, i'm using tomcat 5.5 and mod_jk with apache 2. It looks like I've
got jk set up okay for the most part. I'm able to use the site as I did
before switching to mod_jk except for one thing. When I try to access
the following url I got a 404 from apache and tomcat never gets a chance
to touch
got it. needed AllowEncodedSlashes On.
On Tue, 2005-11-15 at 14:35 -0500, Dan Adams wrote:
Okay, i'm using tomcat 5.5 and mod_jk with apache 2. It looks like I've
got jk set up okay for the most part. I'm able to use the site as I did
before switching to mod_jk except for one thing. When I try
Hi I've the following problem that makes me
a little bit mad with encoding a URL:
JRUN
URLEncoder.encode(downloads.jsp?group=%=group%);
--Method works on JRUN
TOMCAT 5.0
URLEncoder.encode(downloads.jsp?group=%=group%,iso-8859-1);
--at the bottom of the explorer it is displayed wrong
when I
80 matches
Mail list logo