[jira] Resolved: (WICKET-178) Uncaught exception guesing urls using CryptedUrlWebRequestCodingStrategy

Tue, 26 Dec 2006 05:32:42 -0800 

     [ http://issues.apache.org/jira/browse/WICKET-178?page=all ]

Juergen Donnerstag resolved WICKET-178.
---------------------------------------

    Resolution: Fixed

Fixed 2.0

> Uncaught exception guesing urls using CryptedUrlWebRequestCodingStrategy
> ------------------------------------------------------------------------
>
>                 Key: WICKET-178
>                 URL: http://issues.apache.org/jira/browse/WICKET-178
>             Project: Wicket
>          Issue Type: Bug
>          Components: wicket
>    Affects Versions: 1.2.3
>         Environment: Windows XP
>            Reporter: Craig Lenzen
>            Priority: Minor
>
> When used the CryptedUrlWebRequestCodingStrategy strategy in my wicket 
> application I get an uncaught exception when trying to hack urls in the 
> browser address bar.
> Configuration:
>       @Override
>       protected IRequestCycleProcessor newRequestCycleProcessor() {
>               
>               return new CompoundRequestCycleProcessor(new 
> CryptedUrlWebRequestCodingStrategy(
>                               new WebRequestCodingStrategy()), 
>                       null, 
>                       null, 
>                       null, 
>                       null);
>               
>       } // newRequestCycleProcessor   
> Exception:
> java.lang.ArrayIndexOutOfBoundsException: 81
>      at wicket.util.crypt.Base64UrlSafe.decodeBase64(Base64UrlSafe.java:367)
>      at wicket.util.crypt.AbstractCrypt.decryptUrlSafe(AbstractCrypt.java:87)
>      at 
> wicket.protocol.http.request.CryptedUrlWebRequestCodingStrategy.decodeURL(CryptedUrlWebRequestCodingStrategy.java:256)
>      at 
> wicket.protocol.http.request.CryptedUrlWebRequestCodingStrategy.decode(CryptedUrlWebRequestCodingStrategy.java:91)
>      at wicket.Request.getRequestParameters(Request.java:163)
>      at wicket.RequestCycle.step(RequestCycle.java:992)
>      at wicket.RequestCycle.steps(RequestCycle.java:1084)
>      at wicket.RequestCycle.request(RequestCycle.java:454)
>      at wicket.protocol.http.WicketServlet.doGet(WicketServlet.java:219)
>      at javax.servlet.http.HttpServlet.service(HttpServlet.java:697)
>      at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
>      at 
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
>      at 
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
>      at 
> org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
>      at 
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
>      at 
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
>      at 
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
>      at 
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
>      at 
> org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175)
>      at 
> org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74)
>      at 
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
>      at 
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
>      at 
> org.jboss.web.tomcat.tc5.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:156)
>      at 
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
>      at 
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
>      at 
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
>      at 
> org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
>      at 
> org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
>      at 
> org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
>      at java.lang.Thread.run(Thread.java:595)
> I'd except that this exception would be caught an a user is taken to a user 
> friendly error page, possibly the default error page.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to