luehe 2004/01/26 15:13:51
Modified: catalina/src/share/org/apache/catalina/core
ApplicationContext.java
Log:
Fixed Bugtraq 4873423 by ignoring any (trailing) path params
(separated by ";") when attempting to map <path> passed to
ServletContext.getRequestDispatcher(<path>).
For example, with this change, the following path will be correctly mapped
to /test.jsp:
<jsp:forward page="/test.jsp;abcd=xyz"/>
This is consistent with how CoyoteAdapter has the mapper ignore any
path params separated by ";" in an initial request URI.
Revision Changes Path
1.22 +22 -7
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/ApplicationContext.java
Index: ApplicationContext.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/ApplicationContext.java,v
retrieving revision 1.21
retrieving revision 1.22
diff -u -r1.21 -r1.22
--- ApplicationContext.java 24 Nov 2003 21:48:27 -0000 1.21
+++ ApplicationContext.java 26 Jan 2004 23:13:51 -0000 1.22
@@ -439,6 +439,8 @@
} else {
uriMB.recycle();
}
+
+ // Get query string
String queryString = null;
int pos = path.indexOf('?');
if (pos >= 0) {
@@ -446,7 +448,7 @@
} else {
pos = path.length();
}
-
+
// Retrieve the thread local mapping data
MappingData mappingData = (MappingData) localMappingData.get();
if (mappingData == null) {
@@ -458,11 +460,24 @@
CharChunk uriCC = uriMB.getCharChunk();
try {
uriCC.append(context.getPath(), 0, context.getPath().length());
- uriCC.append(path, 0, pos);
+ /*
+ * Ignore any trailing path params (separated by ';') for mapping
+ * purposes
+ */
+ int semicolon = path.indexOf(';');
+ uriCC.append(path, 0, semicolon > 0 ? semicolon : pos);
context.getMapper().map(uriMB, mappingData);
if (mappingData.wrapper == null) {
return (null);
}
+ /*
+ * Append any trailing path params (separated by ';') that were
+ * ignored for mapping purposes, so that they're reflected in the
+ * RequestDispatcher's requestURI
+ */
+ if (semicolon > 0) {
+ uriCC.append(path, semicolon, pos - semicolon);
+ }
} catch (Exception e) {
// Should never happen
log(sm.getString("applicationContext.mapping.error"), e);
@@ -474,7 +489,7 @@
String pathInfo = mappingData.pathInfo.toString();
mappingData.recycle();
-
+
// Construct a RequestDispatcher to process this request
return (RequestDispatcher) new ApplicationDispatcher
(wrapper, uriCC.toString(), wrapperPath, pathInfo,
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
