tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 36569] - Redirects produce illegal URL's
Date Fri, 09 Sep 2005 16:21:05 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=36569>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=36569





------- Additional Comments From tdunning@veoh.com  2005-09-09 18:21 -------

On further examination, I think what you are right in essence ... the real
problem is that acegi is providing an invalid URL to Tomcat.

This raises the question, however, about whether sendRedirect shouldn't check
it's input and provide an informative error message so that errors like this are
caught early rather than much later.

Also, the resulting access after the invalid location is used could provide a
better message.  The GET message that begins the transaction looks somehting
like this:

       GET http://host.domain.tld/usrl?arg1=first second&arg2=foo HTTP/1.1

Tomcat interprets this as meaning that the protocol is "second&arg2=foo".  What
should really happen is that Tomcat should generate a 505 invalid request.

Changing the error checking is more important than it might appear to be due to
the widespread use of acegi.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message