tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From fha...@apache.org
Subject svn commit: r627743 - in /tomcat/trunk: java/org/apache/catalina/core/ApplicationContext.java java/org/apache/tomcat/util/http/ServerCookie.java webapps/docs/config/systemprops.xml
Date Thu, 14 Feb 2008 13:59:04 GMT
Author: fhanik
Date: Thu Feb 14 05:59:00 2008
New Revision: 627743

URL: http://svn.apache.org/viewvc?rev=627743&view=rev
Log:
Add STRICT compliance flag to impact cookie value handling to provide backwards compatibility
Add STRICT complanice flag to impact ServletContext.getResource(AsStream) to be backwards
compatible

Modified:
    tomcat/trunk/java/org/apache/catalina/core/ApplicationContext.java
    tomcat/trunk/java/org/apache/tomcat/util/http/ServerCookie.java
    tomcat/trunk/webapps/docs/config/systemprops.xml

Modified: tomcat/trunk/java/org/apache/catalina/core/ApplicationContext.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/ApplicationContext.java?rev=627743&r1=627742&r2=627743&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/core/ApplicationContext.java (original)
+++ tomcat/trunk/java/org/apache/catalina/core/ApplicationContext.java Thu Feb 14 05:59:00
2008
@@ -52,6 +52,7 @@
 import org.apache.tomcat.util.buf.CharChunk;
 import org.apache.tomcat.util.buf.MessageBytes;
 import org.apache.tomcat.util.http.mapper.MappingData;
+import org.apache.catalina.Globals;
 
 
 /**
@@ -453,9 +454,12 @@
     public URL getResource(String path)
         throws MalformedURLException {
 
-        if (path == null || !path.startsWith("/")) {
+        if (path == null)
             throw new MalformedURLException(sm.getString("applicationContext.requestDispatcher.iae",
path));
-        }
+
+        if (!path.startsWith("/") && Globals.STRICT_SERVLET_COMPLIANCE)
+            throw new MalformedURLException(sm.getString("applicationContext.requestDispatcher.iae",
path));
+
         
         path = normalize(path);
         if (path == null)
@@ -507,9 +511,12 @@
     public InputStream getResourceAsStream(String path) {
 
         path = normalize(path);
-        if (path == null || !path.startsWith("/"))
+        if (path == null)
             return (null);
 
+        if (!path.startsWith("/") && Globals.STRICT_SERVLET_COMPLIANCE)
+            return null;
+        
         DirContext resources = context.getResources();
         if (resources != null) {
             try {

Modified: tomcat/trunk/java/org/apache/tomcat/util/http/ServerCookie.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/http/ServerCookie.java?rev=627743&r1=627742&r2=627743&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/http/ServerCookie.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/http/ServerCookie.java Thu Feb 14 05:59:00 2008
@@ -51,6 +51,8 @@
     private int maxAge = -1;
     private int version = 0;
 
+    protected static boolean switchToV1Cookies = !Boolean.valueOf(System.getProperty("org.apache.catalina.STRICT_SERVLET_COMPLIANCE",
"false")).booleanValue();
+
     // Note: Servlet Spec =< 2.5 only refers to Netscape and RFC2109,
     // not RFC2965
 
@@ -248,7 +250,7 @@
         buf.append("=");
         // Servlet implementation does not check anything else
         
-        maybeQuote2(version, buf, value);
+        version = maybeQuote2(version, buf, value);
 
         // Add version 1 specific information
         if (version == 1) {
@@ -329,7 +331,7 @@
      * @param buf
      * @param value
      */
-    public static void maybeQuote2 (int version, StringBuffer buf, String value) {
+    public static int maybeQuote2 (int version, StringBuffer buf, String value) {
         if (value==null || value.length()==0) {
             buf.append("\"\"");
         }else if (containsCTL(value,version)) 
@@ -338,6 +340,11 @@
             buf.append('"');
             buf.append(escapeDoubleQuotes(value,1,value.length()-1));
             buf.append('"');
+        } else if (switchToV1Cookies && version==0 && !isToken2(value)) {
+            buf.append('"');
+            buf.append(escapeDoubleQuotes(value,0,value.length()));
+            buf.append('"');
+            version = 1;
         } else if (version==0 && !isToken(value)) {
             buf.append('"');
             buf.append(escapeDoubleQuotes(value,0,value.length()));
@@ -349,6 +356,7 @@
         }else {
             buf.append(value);
         }
+        return version;
     }
 
 

Modified: tomcat/trunk/webapps/docs/config/systemprops.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/systemprops.xml?rev=627743&r1=627742&r2=627743&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/config/systemprops.xml (original)
+++ tomcat/trunk/webapps/docs/config/systemprops.xml Thu Feb 14 05:59:00 2008
@@ -34,6 +34,7 @@
 </section>
 
 
+
 <section name="Clustering">
   <properties>
 
@@ -194,6 +195,15 @@
       <li>every request that is associated with a session will cause the
       session's last accessed time to be updated regardless of whether or not
       the request explicity accesses the session. (SRV.7.6)  
+      </li>
+      <li>
+        cookies will be parsed strictly, by default v0 cookies will not work with any invalid
characters.
+        <br/>If set to false, any v0 cookie with invalid character will be switched
to a v1 cookie and 
+        the value will be quoted.
+      </li>
+      <li>
+        <code>ServletContext.getResource/getResourceAsStream</code> must start
with "/"<br/>
+        if set to false, code like <code>getResource("myfolder/myresource.txt")</code>
will work
       </li>
       </ul>
       </p>



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message