From dev-return-189388-archive-asf-public=cust-asf.ponee.io@tomcat.apache.org Fri Mar 2 17:33:20 2018 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx-eu-01.ponee.io (Postfix) with SMTP id CB26218062F for ; Fri, 2 Mar 2018 17:33:19 +0100 (CET) Received: (qmail 17558 invoked by uid 500); 2 Mar 2018 16:33:18 -0000 Mailing-List: contact dev-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Developers List" Delivered-To: mailing list dev@tomcat.apache.org Received: (qmail 17547 invoked by uid 99); 2 Mar 2018 16:33:18 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd2-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 02 Mar 2018 16:33:18 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id 19FF81A0650 for ; Fri, 2 Mar 2018 16:33:18 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -2.311 X-Spam-Level: X-Spam-Status: No, score=-2.311 tagged_above=-999 required=6.31 tests=[RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=disabled Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024) with ESMTP id XAn3vTRO9yCj for ; Fri, 2 Mar 2018 16:33:17 +0000 (UTC) Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTP id 2FFBD5F126 for ; Fri, 2 Mar 2018 16:33:17 +0000 (UTC) Received: from asf-bz1-us-mid.priv.apache.org (nat1-us-mid.apache.org [23.253.172.122]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTPS id BA15DE00EA for ; Fri, 2 Mar 2018 16:33:16 +0000 (UTC) Received: by asf-bz1-us-mid.priv.apache.org (ASF Mail Server at asf-bz1-us-mid.priv.apache.org, from userid 33) id E70166195F; Fri, 2 Mar 2018 16:33:15 +0000 (UTC) From: bugzilla@apache.org To: dev@tomcat.apache.org Subject: [Bug 62150] Relative Paths have changd Date: Fri, 02 Mar 2018 16:33:15 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Tomcat 8 X-Bugzilla-Component: Catalina X-Bugzilla-Version: 8.5.16 X-Bugzilla-Keywords: X-Bugzilla-Severity: enhancement X-Bugzilla-Who: remm@apache.org X-Bugzilla-Status: NEW X-Bugzilla-Resolution: X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: dev@tomcat.apache.org X-Bugzilla-Target-Milestone: ---- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_severity Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bz.apache.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 https://bz.apache.org/bugzilla/show_bug.cgi?id=3D62150 Remy Maucherat changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|normal |enhancement --- Comment #6 from Remy Maucherat --- Ok, so the option is to put a normalize step in Request.getRequestDispatche= r if this is a relative path. The problem is it's a bit more annoying to do it earlier as it needs splitting the query string before putting it back. If you think it is compliant, let's do nothing. Or it could be something optional with a config setting (there's context.getDispatchersUseEncodedPat= hs too). I'll update the bug to be a possible enhancement. Overall, the spec provides requestURI, but it's mostly useless as you have = to replicate the same complex processing on it that the container does to avoid security problems. --=20 You are receiving this mail because: You are the assignee for the bug.= --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org For additional commands, e-mail: dev-help@tomcat.apache.org