> -----Original Message-----
> From: Ross Inglis [mailto:[EMAIL PROTECTED]]
> Sent: Friday, August 10, 2001 1:06 PM
> To: [EMAIL PROTECTED]
> Subject: Tomcat 3.2.3. getPathInfo() escape problem
>
>
> Hi All.
>
> I recently decided it was time to upgrade my servlet based
> web-server. After
> checking the
> latest versions etc I went with Apache 1.3.20, Tomcat 3.2.3 and Cocoon
> 2.0b2. (I'm running
> Windows NT). I figured I'd get all the grief over with in one go! :-)
>
> (For the record, I was previously running Apache JServ 1.1.2
> & Cocoon 1.7.4)
>
> After the expected problems working out the new configuration
> techniques,
> moving and
> tweaking servlets and editing XML, I got everything up and
> running pretty
> well.
>
> One new problem has appeared however, that my previous setup
> did not show.
>
> I have a servlet (ServletA) that generates a URL as part of a
> generated web
> page. It includes
> a file path on the server, and the URL generated looks like this:
>
> http://myserver/context/servlet/ServletB/file/path/file.xyz
>
> This URL directs another servlet (ServletB) to read the file
> "file/path/file.xyz". This all worked
> just fine until ServletA found a file named
> "file/path/broken+.xyz" and
> generated a URL with
> a '+' sign in it.. ServletB calls getPathInfo() on this and gets
> "file/path/broken .xyz" (+ replaced by space).
The servlet spec specifies that getPathInfo() returns a decoded string,
so this is correct behavior.
>
> OK. No problem I thought, I have forgotten to escape the '+'
> to %2b when I
> generate the URL.
> Some quick servlet code changes later, I tried again. Now the URL was
> generated as:
>
>
> http://myserver/context/servlet/ServletB/file/path/broken%2b.xyz
>
> But on the ServletB side getPathInfo() STILL returns "broken
> .xyz" (with the
> damn space!)
I don't see how Tomcat or Apache could incorrectly decode %2b into
a space. Could there be some caching going on and the old URL
is being used. Can you check some logs to verify the request is
coming in with %2b?
>
> I even tried double-escaping to:
>
> http://myserver/context/servlet/ServletB/file/path/broken%252b.xyz
>
> but that apparently blew away Tomcats (or Apache's) URL
> pattern matching and
> just returned
> Error 404.
For security reasons, Tomcat 3.2.3, 3.3, and 4.0 no longer allow '%'
to be escaped (i.e. %25) in a URL. Preventing something like
"myjsp%252Ejsp" (%252E = double escaped '.') from serving up JSP source
proved impractical otherwise.
>
> Anyone know whats going on here? It looks suspicously like
> something has
> unescaped the path
> information twice. Or am I getting confused about who whould
> escape that bad
> file name?
>
> I found nothing similar in the mailing lists or Apache bug database.
>
> Ross.
>
> (Spam protected email return.....remove nospam)
>
>
