felix-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Xavier Fournet (JIRA)" <j...@apache.org>
Subject [jira] [Created] (FELIX-5093) HttpServletRequest.getRequestURI is broken for escaped char in URL since 3.1.0
Date Mon, 02 Nov 2015 19:04:28 GMT
Xavier Fournet created FELIX-5093:
-------------------------------------

             Summary: HttpServletRequest.getRequestURI is broken for escaped char in URL since
3.1.0
                 Key: FELIX-5093
                 URL: https://issues.apache.org/jira/browse/FELIX-5093
             Project: Felix
          Issue Type: Bug
          Components: HTTP Service
    Affects Versions: http.jetty-3.1.0, http.jetty-3.1.2
            Reporter: Xavier Fournet
            Priority: Blocker


The HttpServletRequest.getRequestURI must return the URI without processing % escaping. Since
version 3.1.0 this processing is done, so the returned value is incorrect. For exemple this
can lead to error in Apache Shiro when it try to unescape % of an URI.

See the attached jar for a bundle that can be used to reproduce the problem:
* load the bundle
* with a browser go on http://localhost:8080/requesturibug/test%2Ftest%25test

With HTTP Jetty < 3.0.0 it prints:
{noformat}
Request URI: /requesturibug/test%2Ftest%25test (org.apache.felix.http.base.internal.handler.ServletHandlerRequest)
Wrapped URI: /requesturibug/test%2Ftest%25test (org.apache.felix.http.base.internal.dispatch.FilterPipeline$FilterRequestWrapper)
Wrapped URI: /requesturibug/test%2Ftest%25test (org.apache.felix.http.base.internal.DispatcherServlet$AttributeEventRequest)
Wrapped URI: /requesturibug/test%2Ftest%25test (org.eclipse.jetty.server.Request)
{noformat}

=> request URI is ok

With HTTP Jetty 3.0.0 or 3.0.2 it prints:
{noformat}
Request URI: /requesturibug/test/test%test (org.apache.felix.http.base.internal.dispatch.ServletRequestWrapper)
Wrapped URI: /requesturibug/test%2Ftest%25test (org.eclipse.jetty.server.Request)
{noformat}

=> request URI is wrong while the underlying request URI returned by Jetty itself is correct




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message