tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tim Funk <funk...@joedog.org>
Subject Re: request.getParameter Error when "%" contained in parameter value
Date Mon, 16 Feb 2004 18:39:22 GMT
There looks to be a patch against this region of code in 4.1.30. (As compared 
to 4.1.29) Does the same thing happen there?

-Tim

Bill Faulk wrote:

> The same error occurs for "%25". If I put a "%" anywhere in the
> parameter I get a crash. "4%" would pass a parameter to query everything
> starting with 4 in my example. 
> 
> ---
> Bill Faulk
> bill.faulk@cis.com
> 801-302-8930
> 
> 
> -----Original Message-----
> From: Tim Funk [mailto:funkman@joedog.org] 
> Sent: Monday, February 16, 2004 11:12 AM
> To: Tomcat Users List
> Subject: Re: request.getParameter Error when "%" contained in parameter
> value
> 
> 
> Why don't you use: http://website/findnaics.jsp?code=%25
> 
> -Tim
> 
> Bill Faulk wrote:
> 
> 
>>I am using Tomcat 4.1.29 on Windows 2000 Server with Java SDK 1.4.2.
>>
>>On the user query forms in my application "%" is a valid wildcard for 
>>"all" as it is in the actual database query. I don't want to use blank
> 
> 
>>for all because I don't want users to accidentally search for all 
>>records; i.e. they have to actually enter % to search for all records 
>>in a value. Blank parameters are ignored.
>>
>>Passing % as a parameter via GET or POST causes the error
>>
>>http://website/findnaics.jsp?code=4%
>>
>>I am using POST methods for the forms as in...
>>
>><form method="POST" name="findform" action="findnaics.jsp">
>>
>>The request.getParameter line is actually generating the error if the 
>>parameter contains a %.
>>
>>String code = request.getParameter("code");
>>
>>I've seen this error when searching in regards to forwarding pages
>>(http://nagoya.apache.org/bugzilla/show_bug.cgi?id=3986) but it was 
>>considered "invalid" because forward expects an encoded url. However, 
>>I am simply passing a parameter and submitting a form. Doing something
> 
> 
>>like 'action = <%= response.encodeURL("findnaics.jsp") %>' doesn't do 
>>anything for me. Using quotes/backslash, etc. doesn't make any 
>>difference. These query parameters can be passed by both GET and POST 
>>so encoding the URL isn't an option even if it did work.
>>
>>When "%" is passed as a parameter I get the following error for the 
>>getParameter statement.
>>
>>java.io.CharConversionException: EOF
>>        at
>>org.apache.tomcat.util.buf.UDecoder.convert(UDecoder.java:177)
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message