https://issues.apache.org/jira/browse/WICKET-6858
On Tue, Dec 8, 2020 at 11:19 AM Sven Meier <s...@meiers.net> wrote: > Hi Chris, > > that #toLowerCase() has been introduced with WICKET-4816. > > The commit does not mention anything about the requirement for a lower > case comparison, and the test does not enforce it either: > > > https://github.com/apache/wicket/commit/66bfc8851c0250c02ff6ee0af0f42407a7873ca5#diff-2eff23be497b622b61b1181a1a97d8dcd70143cde2f14d644df573b3ecf7b5f5 > > So this has probably been just an unnecessary precaution. > > Please open an issue. > > Thanks > Sven > > > On 08.12.20 08:48, Chris Colman wrote: > > Tomcat, and presumably other JEE app containers, now allow the > > specification of the name of the JSESSIONID parameter to use in the > > URL (even though cookies are largely used in place of this the initial > > hit on a web site will include the jsessionid parameter by default) > > > > This is done by setting a <Context> attribute called 'sessionCookieName' > > > > e.g. > > > > <Context sessionCookieName="JSESSIONID-Integration" ... > > > > > This can be specified in mixed case and Tomcat will preserve the case. > > > > Wicket allows a matching value to be specified via a Java -D command > > line option: > > > > e.g. > > > > -Dwicket.jsessionid.name=JSESSIONID-Integration > > > > However Wicket's Strings.stripJSessionId() method assumes that the > > JSESSIONID parameter name is always in lowercase which causes failures > > if it is not: > > > > > > public static String stripJSessionId(final String url) > > { > > if (Strings.isEmpty(url)) > > { > > return url; > > } > > > > // http://.../abc;jsessionid=...?param=... > > int ixSemiColon = > > url.toLowerCase(Locale.ROOT).indexOf(SESSION_ID_PARAM); <-- > > seemingly unnecessary, unwanted toLowerCase() call > > if (ixSemiColon == -1) > > { > > return url; > > } > > > > ... > > > > } > > > > > > Is there any need for the toLowerCase() method call in there? No app > > container should be performing a "to lower case" on the parameter name > > and URLs in general can have case sensitive parameter names in query > > parameters etc., so the toLowerCase seems redundant and it causes > > issues as detailed above. > > > > > > Regards, > > > > Chris > > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org > For additional commands, e-mail: users-h...@wicket.apache.org > >
