tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe, Jr." <>
Subject Re: svn commit: r544137 - /tomcat/connectors/trunk/jk/native/common/jk_uri_worker_map.c
Date Mon, 04 Jun 2007 19:02:58 GMT wrote:
> Author: mturk
> Date: Mon Jun  4 05:08:33 2007
> New Revision: 544137
> URL:
> Log:
> Add simple URI normalizer that can deal with things like %252e%252e. This is mostly copy/paste
from the IIS module

You have me way confused ;-)

The uri you are processing in the httpd connector has already been unfolded.
So your desire is to double-unfold the uri?  This has some very ugly side
effects for legitimately escaped paths, and if it is a security precaution,
don't you just leave yet-a-new-hole for triply-folded uris?

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message