cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sergey Beryozkin (JIRA)" <>
Subject [jira] [Commented] (CXF-5577) WebApplicationException thrown w/JSESSIONID as a path parameter
Date Tue, 25 Feb 2014 13:00:22 GMT


Sergey Beryozkin commented on CXF-5577:

It is a strange issue, took me a time to figure out what is going on.

Basically, what happens, when you have "/people/;a=b", is that a method with a "/{id}/" also
catches it.
So we start with "/people/;a=b" at the class level, the match produces a final "/;a=b" and
as it happens, this matches two methods, one with "/", another one with "/{id}/" cleanly,
the latter is preferred because it has a template var which has the ";a=b" value.

I think there's some weakness in the way the specification recommends building the template
expressions, it should probably explicitly disallow ";" characters (something I will raise
separately) but for now if you do "/{id:(\d)+}" then it will work correctly.

So in the end it is not a CXF issue,; it is to do with the JAX-RS template handling being
too open with respect to ";"

Thanks, Sergey

> WebApplicationException thrown w/JSESSIONID as a path parameter
> ---------------------------------------------------------------
>                 Key: CXF-5577
>                 URL:
>             Project: CXF
>          Issue Type: Bug
>          Components: JAX-RS
>    Affects Versions: 2.6.13, 2.7.10
>            Reporter: Terence Kent
>              Labels: jax-rs, jsessionid
>         Attachments:
> (This issue was originally posted as a question to here:
> Including a JSESSIONID path parameter will break REST paths which end with a forward
slash. For example, the path:
> <proto>://<host:port>/api/people/;JESSIONID=xxx
> Will result in a WebApplicationException being thrown. If the path does not end with
a forward slash, everything works as expected.

This message was sent by Atlassian JIRA

View raw message