Tim is right, it's a problem with mod_jk. If you install Apache/mod_jk/Tomcat with the default configuration, URLs are decoded twice, once by mod_jk and once by Tomcat. This only caused problems for URLs containing '%' characters, because those are the only ones that are affected by the second decoding.
To stop this behaviour you need to set one of the following options in the mod_jk-configuring section of httpd.conf: JkOptions +ForwardURICompatUnparsed or JkOptions +ForwardURIEscaped Does anyone know what the difference between these two is? The page that Tim points to below says: ForwardURICompat - you told mod_jk to send the URI to Tomcat normally, which is less spec compliant but mod_rewrite compatible, use it for compatibility with Tomcat 3.2.x engines (on by default) ForwardURICompatUnparsed - the forwarded URI is unparsed, it's spec compliant but broke mod_rewrite ForwardURIEscaped - the forwarded URI is escaped and Tomcat (since 3.3 rc2) will do the decoding part I've found another page (http://jakarta.apache.org/tomcat/tomcat-4.1-doc/jk2/jk2/configwebcom.html), which says: ForwardURICompat - pass the URI untouched ForwardURICompatUnparsed - parse the URI until the '?' ForwardURIEscaped - pass the URI escaped Not much more enlightening. Any ideas? Ben -----Original Message----- From: Tim Funk [mailto:[EMAIL PROTECTED] Sent: 07 July 2003 18:30 To: Tomcat Users List Subject: Re: Double decoding of URL I cannot reproduce this (standalone 4.1.24 standalone). Do you get the same problem with the standalone connectors? Otherwise, have you played with the Jk options http://jakarta.apache.org/tomcat/tomcat-4.1-doc/jk2/jk/aphowto.html For example: +ForwardURIEscaped +ForwardURICompatUnparsed, or +ForwardURICompat ?? I have never used those options but if the are set (or unset) - then they might be causing your problem. -Tim Benjamin Butler-Cole wrote: > I agree that that is the expected behaviour. However the URL seems to be > decoded *twice*. > > 'a%25sdf' -> 'a%sdf' -> 'a f' > > The second decoding is converting '%sd' to ' ', presumably because it's > garbage. > > As Tim says, getRequestURL() doesn't decode the string, but I am seeing the > '%25' decoded to '%'. For a request to 'http://localhost/escape/a%25sdf', > the value of getRequestURL() is 'http://sekhmet.datcon.co.uk/escape/a%sdf'. > > > > -----Original Message----- > From: Tim Funk [mailto:[EMAIL PROTECTED] > Sent: 07 July 2003 16:53 > To: Tomcat Users List > Subject: Re: Double decoding of URL > > > The current behavior seems OK. > > getRequestURL() returns the URL. This method was originally in HttpUtils. It > > acts much like getRequestURI() which in the javadocs explicitly says: "The > web container does not decode this String" > > getPathInfo() OTOH according the the javadocs says... "Returns: a String, > decoded by the web container" > > -Tim > > Benjamin Butler-Cole wrote: > >>I am having a problem with Apache/mod_jk/Ajp13Connector/Tomcat. >> >>If I make a request to a servlet with '%' in the path, the URL appears to > > be > >>being decoded twice. >> >>I have a servlet mapping of escape -> escape.jsp. That JSP contains the >>following: >> >> <%= request.getPathInfo() %> >> <%= request.getRequestURL() %> >> >>A request to http://localhost/escape/a%25sdf returns >> >> /a f >> http://sekhmet.datcon.co.uk/escape/a%sdf >> >>And http://sekhmet/escape/a%21sdf gives >> >> /a!sdf >> http://sekhmet.datcon.co.uk/escape/a!sdf >> >>Note that getRequestURL() returns the URL *without* decoding it, while >>getPathInfo() does decode. So it looks like the URL is already decoded >>before it reaches Tomcat (by Apache or the connector). >> >>I would expect the values of getPathInfo() to be '/a%sdf' and '/a!sdf', > > and > >>the values of getRequestURL to contain '%25' and '%21'. >> >>Does anyone know what's going on? The relevant bits of my configuration >>files are below. >> >>Thanks >>Ben > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
