On 09/04/2015 20:18, George Sexton wrote: > > > On 4/9/2015 1:10 PM, David kerber wrote: >> You can argue about whether it's smart to map servlets into .html, but >>> again my reading of the spec is that unequivocally, if the request path >>> matches a deployed context, the request must be routed to the >>> context/container. >> >> Then your reading is incorrect. The spec only applies to requests >> that reach the container in the first place. If something else >> handles it before it reaches the container, the spec is not applicable. >> > > Allow me to re-quote the spec: > > A ServletContext is rooted at a known path within a Web server. For > example, a servlet context could be located at > http://www.mycorp.com/catalog. All requests that begin with the /catalog > request path, known as the context path, are routed to the Web > application associated with the ServletContext. > > The spec explicitly includes the phrase "known path within a web server" > and it explicitly also states "All requests that begin with the /catalog > request path, known as the context path, are routed to the Web > application associated with the ServletContext." > > I don't see any conditionals that would allow violation of this. Arguing > otherwise is really not supported by the language.
<with my Servlet Expert Group member hat on> You are misunderstanding the specification. The specification only applies to requests that reach the Servlet Container. (You can safely replace 'Web Server' above with 'Servlet Container' in the text you quote). If you want to be picky about it, even once you reach the Servlet container that quote is not 100% accurate. The container is required (by the HTTP spec that is referenced from the Servlet spec) to reject mal-formed requests with a 400 response before they are passed to a Web Application even if enough of the request is well-formed to determine the intended Web Application. As others have already stated: - The Servlet specification does not care if you put a reverse proxy in front of the Servlet Container. - The Servlet specification does not care if a reverse proxy routes requests that the Servlet Container could correctly handle elsewhere. Once you insert a reverse proxy (or a load-balancer, or a firewall, or...) you have a larger system and it is up to the designer of that system to ensure that the components of the system work together as desired. Yes, it is possible to break an application by inserting a reverse proxy but that is just a broken system, not an specification compliance issue. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
