On 08/02/2016 21:55, George Stanchev wrote:
> <quote>
>
> Hi,
>
> Recent changes to Tomcat altered the behavior of our applications a bit so
> I've got couple of questions. The versions in questions are 7.0.64 and
> 7.0.67. I am aware of which is also described in the changelog for 7.0.67.
There are two changes that are interacting here.
The first is moving the directory redirect from the Mapper to the
default servlet. This is:
mapperContextRootRedirectEnabled
and
mapperDirectoryRedirectEnabled
The default for both of these in 7.0.67 was false. In 7.0.68 the default
for mapperContextRootRedirectEnabled is going to change to true because
of issues like those you describe.
The second is allowing relative redirects.
> I have a filter acts on application "/myapp" that does a redirect in the
> following manner:
>
> httpResponse.sendRedirect("login?a=b&c=d")
>
> In Tomcat 7.0.65 I can see the following flow (the text after the 302 below
> is the value of the "Location" header as seen by network sniffer):
>
> GET http://hostname/myapp?m=n&o=p
> ==> 302: "http://hostname/myapp/?m=n&o=p";
> GET http://hostname/myapp/?m=n&o=p
> ==> 302: "http://hostname/myapp/login?a=b&c=d";
>
> The first redirect adds a trailing slash after "myapp", the second is
> generated by my redirect
So here the flow is
- request 1 received
- Mapper adds / and redirects
- request 2 (with trailing /) received
- Filter redirects (absolute)
> In Tomcat 7.0.67 with no "useRelativeRedirects" set on the context (which
> defaults it to "true"), I see
Here the flow is
- request 1 received
- Filter redirects
The problem is that the filter generates the wrong redirect because it
expects the trailing / to be present.
Now you could argue that the Filter should handle this but most Filters
won't.
> GET http://hostname/myapp?m=n&o=p
> ==> 302: "login?a=b&c=d"
>
> Now, this is expected behavior given the fix for [1]
>
> However, with useRelativeRedirects="false" I see
>
> GET http://hostname/myapp?m=n&o=p
> ==> 302: "http://hostname/login?a=b&c=d";
>
> The questions I have are 2: First, what happened with the trailing slash
> redirect. I vaguely remember discussions around it but I couldn't find them
> on the mailing list search index. And secondly but more importantly, in
> 7.0.64, the HttpServletRequest.sendRedirect() would use the application name
> to form the Location header value (as in .../myapp/login...) whereas in
> 7.0.67 the name of the application is missing from the absolute redirect.
>
> Is there any way to work around this and to have 7.0.67 behave like 7.0.64?
Setting mapperContextRootRedirectEnabled="true" on the Context should
fix it.
Mark
>
> George
>
> [1] http://bz.apache.org/bugzilla/show_bug.cgi?id=56917
> [2] https://tomcat.apache.org/tomcat-7.0-doc/changelog.html
>
> </quote>
>
> Stepped through the code, and what I thought it is an irrelevant question
> (what happened to the trailing slash redirect) might hold the key to the
> problem.
>
> In org.apache.catalina.connector.Response#toAbsolute(String
> location="login?a=b&c=d")
> ...
> boolean leadingSlash = location.startsWith("/"); // evaluates to false since
> it’s a relative URI
> ...
> if (!leadingSlash) { // false so we go in
> String relativePath = request.getDecodedRequestURI(); //
> evaluates to "/myapp"
> int pos = relativePath.lastIndexOf('/'); // evaluates to 0
> ...
> encodedURI = urlEncoder.encodeURL(relativePath, 0, pos); // pos is 0 so
> encodedURI is empty
> ...
> redirectURLCC.append(encodedURI); // " http://hostname + "" => same URL
> redirectURLCC.append('/');
> redirectURLCC.append(location, 0, location.length()); final:
> "http://hostname/login?a=b&c=d"; which is a wrong URL...
>
> "http://hostname/myapp/?m=n&o=p"; (with trailing slash before ?) works just
> fine.
>
> So my question becomes - how do I make it add the trailing slash as in
> 7.0.64...
>
> George
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
