tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mladen Turk <>
Subject Re: svn commit: r544137 - /tomcat/connectors/trunk/jk/native/common/jk_uri_worker_map.c
Date Tue, 05 Jun 2007 04:38:33 GMT
William A. Rowe, Jr. wrote:
> wrote:
>> Author: mturk
>> Date: Mon Jun  4 05:08:33 2007
>> New Revision: 544137
>> URL:
>> Log:
>> Add simple URI normalizer that can deal with things like %252e%252e. This is mostly
copy/paste from the IIS module
> You have me way confused ;-)

Right. I confused many. Just look at the thread about the subject.
Almost nobody understood what was I talking about.

> The uri you are processing in the httpd connector has already been unfolded.
> So your desire is to double-unfold the uri?

No. Nothing is neither unfolded nor double unfolded.
This is internal for map_uri_to_worker.

How it works:
Imagine you have two applications on Tomcat appA and appB, and
you wish *only* to expose the appA via
JkMount /appA/* worker

mod_jk 1.2.22 (with default passing r->uri) will serve /appB/
mod_jk 1.2.23 (with default passing r->unparsed_uri) will return 404 from Tomcat
                becasue it will pass the original uri, not the one Httpd already
mod_jk 1.2.24 will return 404 from Httpd because there is no JkMount /appB/*

> This has some very ugly side
> effects for legitimately escaped paths, and if it is a security precaution,
> don't you just leave yet-a-new-hole for triply-folded uris?

Again, no. It doesn't touch the original uri.
Request for http://host/appA/%252e%252e/appB/ will be unfolded by
httpd to http://host/appA/%2e%2e/appB/ before it hits mod_jk.
Inside map_uri_to_worker it will be unescped (locally) to
/appA/../appB/ and the normalized to /appB/ and then it looks for
mounted path. In case one have JkMount /* or JkMount /appB/*, the
original uri host/appA/%2e%2e/appB/ will be passed to Tomcat.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message