keith 2003/09/18 13:53:01
Modified: coyote/src/java/org/apache/coyote/tomcat4 CoyoteAdapter.java
Log:
Respond 400 to requests which contain '%' with no or invalid trailing hex digits
Revision Changes Path
1.20 +11 -5
jakarta-tomcat-connectors/coyote/src/java/org/apache/coyote/tomcat4/CoyoteAdapter.java
Index: CoyoteAdapter.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-connectors/coyote/src/java/org/apache/coyote/tomcat4/CoyoteAdapter.java,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -r1.19 -r1.20
--- CoyoteAdapter.java 3 Jul 2003 00:15:16 -0000 1.19
+++ CoyoteAdapter.java 18 Sep 2003 20:53:01 -0000 1.20
@@ -256,7 +256,13 @@
// URI decoding
req.decodedURI().duplicate(req.requestURI());
- req.getURLDecoder().convert(req.decodedURI(), false);
+ try {
+ req.getURLDecoder().convert(req.decodedURI(), false);
+ } catch (IOException ioe) {
+ res.setStatus(400);
+ res.setMessage("Invalid URI");
+ throw ioe;
+ }
req.decodedURI().setEncoding("UTF-8");
// Normalize decoded URI
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
