svn commit: r1558822 - in /tomcat/tc6.0.x/trunk: STATUS.txt java/org/apache/catalina/connector/CoyoteAdapter.java webapps/docs/changelog.xml

Thu, 16 Jan 2014 07:00:34 -0800 

Author: markt
Date: Thu Jan 16 14:59:02 2014
New Revision: 1558822

URL: http://svn.apache.org/r1558822
Log:
Ensure that sessions IDs are not parsed from URLs for Contexts where 
disableURLRewriting is true

Modified:
    tomcat/tc6.0.x/trunk/STATUS.txt
    tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
    tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml

Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1558822&r1=1558821&r2=1558822&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Thu Jan 16 14:59:02 2014
@@ -66,12 +66,6 @@ PATCHES PROPOSED TO BACKPORT:
   +1: markt, mturk, funkman, remm
   -1:
 
-* Ensure that sessions IDs are not parsed from URLs for Contexts where
-  disableURLRewriting is true.
-  
http://people.apache.org/~markt/patches/2014-01-14-disableURLRewriting-tc6-v1.patch
-  +1: markt,funkman, remm
-  -1:
-
 
 PATCHES/ISSUES THAT ARE STALLED:
 

Modified: 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java?rev=1558822&r1=1558821&r2=1558822&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java 
(original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java 
Thu Jan 16 14:59:02 2014
@@ -508,12 +508,6 @@ public class CoyoteAdapter implements Ad
             return false;
         }
 
-        // Had to do this after the context was set.
-        // Unfortunately parseSessionId is still necessary as it
-        // affects the final URL. Safe as session cookies still
-        // haven't been parsed.
-        if (isURLRewritingDisabled(request))
-            clearRequestedSessionURL(request);
         request.setWrapper((Wrapper) request.getMappingData().wrapper);
 
         // Filter trace method
@@ -546,7 +540,7 @@ public class CoyoteAdapter implements Ad
         // Parse session Id
         String sessionID =
             request.getPathParameter(Globals.SESSION_PARAMETER_NAME);
-        if (sessionID != null) {
+        if (sessionID != null && !isURLRewritingDisabled(request)) {
             request.setRequestedSessionId(sessionID);
             request.setRequestedSessionURL(true);
         }

Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=1558822&r1=1558821&r2=1558822&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Thu Jan 16 14:59:02 2014
@@ -95,6 +95,10 @@
         <code>org.apache.catalina.STRICT_SERVLET_COMPLIANCE</code> is set to
         <code>true</code>. (markt) 
       </fix>
+      <fix>
+        Ensure that sessions IDs are not parsed from URLs for Contexts where
+        <code>disableURLRewriting</code> is <code>true</code>. (markt)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Coyote">



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to