tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jfarc...@apache.org
Subject cvs commit: jakarta-tomcat-connectors/coyote/src/java/org/apache/coyote/tomcat4 CoyoteResponse.java
Date Wed, 04 Dec 2002 17:43:05 GMT
jfarcand    2002/12/04 09:43:05

  Modified:    coyote/src/java/org/apache/coyote/tomcat4
                        CoyoteResponse.java
  Log:
  Fix for bugtraq 4772112 encodeURL does not encode session with empty URL (rfc2396)
  
  Revision  Changes    Path
  1.30      +12 -6     jakarta-tomcat-connectors/coyote/src/java/org/apache/coyote/tomcat4/CoyoteResponse.java
  
  Index: CoyoteResponse.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/coyote/src/java/org/apache/coyote/tomcat4/CoyoteResponse.java,v
  retrieving revision 1.29
  retrieving revision 1.30
  diff -u -r1.29 -r1.30
  --- CoyoteResponse.java	11 Nov 2002 11:01:04 -0000	1.29
  +++ CoyoteResponse.java	4 Dec 2002 17:43:05 -0000	1.30
  @@ -981,10 +981,16 @@
        * @param url URL to be encoded
        */
       public String encodeURL(String url) {
  -
  -        if (isEncodeable(toAbsolute(url))) {
  +        
  +        String absolute = toAbsolute(url);
  +        if (isEncodeable(absolute)) {
               HttpServletRequest hreq =
                   (HttpServletRequest) request.getRequest();
  +            
  +            // W3c spec clearly said 
  +            if (url.equalsIgnoreCase("")){
  +                url = absolute;
  +            }
               return (toEncoded(url, hreq.getSession().getId()));
           } else {
               return (url);
  
  
  

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message