luehe 2004/01/26 15:13:51 Modified: catalina/src/share/org/apache/catalina/core ApplicationContext.java Log: Fixed Bugtraq 4873423 by ignoring any (trailing) path params (separated by ";") when attempting to map <path> passed to ServletContext.getRequestDispatcher(<path>). For example, with this change, the following path will be correctly mapped to /test.jsp: <jsp:forward page="/test.jsp;abcd=xyz"/> This is consistent with how CoyoteAdapter has the mapper ignore any path params separated by ";" in an initial request URI. Revision Changes Path 1.22 +22 -7 jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/ApplicationContext.java Index: ApplicationContext.java =================================================================== RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/ApplicationContext.java,v retrieving revision 1.21 retrieving revision 1.22 diff -u -r1.21 -r1.22 --- ApplicationContext.java 24 Nov 2003 21:48:27 -0000 1.21 +++ ApplicationContext.java 26 Jan 2004 23:13:51 -0000 1.22 @@ -439,6 +439,8 @@ } else { uriMB.recycle(); } + + // Get query string String queryString = null; int pos = path.indexOf('?'); if (pos >= 0) { @@ -446,7 +448,7 @@ } else { pos = path.length(); } - + // Retrieve the thread local mapping data MappingData mappingData = (MappingData) localMappingData.get(); if (mappingData == null) { @@ -458,11 +460,24 @@ CharChunk uriCC = uriMB.getCharChunk(); try { uriCC.append(context.getPath(), 0, context.getPath().length()); - uriCC.append(path, 0, pos); + /* + * Ignore any trailing path params (separated by ';') for mapping + * purposes + */ + int semicolon = path.indexOf(';'); + uriCC.append(path, 0, semicolon > 0 ? semicolon : pos); context.getMapper().map(uriMB, mappingData); if (mappingData.wrapper == null) { return (null); } + /* + * Append any trailing path params (separated by ';') that were + * ignored for mapping purposes, so that they're reflected in the + * RequestDispatcher's requestURI + */ + if (semicolon > 0) { + uriCC.append(path, semicolon, pos - semicolon); + } } catch (Exception e) { // Should never happen log(sm.getString("applicationContext.mapping.error"), e); @@ -474,7 +489,7 @@ String pathInfo = mappingData.pathInfo.toString(); mappingData.recycle(); - + // Construct a RequestDispatcher to process this request return (RequestDispatcher) new ApplicationDispatcher (wrapper, uriCC.toString(), wrapperPath, pathInfo,
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]