tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kushagra Bindal <bindal.kusha...@gmail.com>
Subject Re: Double Slash Support in Tomcat 9.0.27
Date Fri, 29 Nov 2019 10:32:15 GMT
Hi Mark,

Thanks for providing the response.

Yes, you are right that we should design our application to remove // from
being used.

I will plan it accordingly, for the provided solution in below. Let me try
the same and I will revert back to you in case of any further queries and
concerns.

On Fri, Nov 29, 2019 at 2:56 PM M. Manna <manmedia@gmail.com> wrote:

> HI,
>
>
> On Fri, 29 Nov 2019 at 09:00, Kushagra Bindal <bindal.kushagra@gmail.com>
> wrote:
>
> > Hi,
> >
> > We are working on upgrading our enterprise application from 8.5.24 to
> > 9.0.27 version.
> >
> > What we have observed that in earlier version i.e. 8.5.24 we were able to
> > process process a REST URI have  double slash ("//") in it.
> >
> > But when we are upgrading it to 9.0.27 we found that now the same url
> which
> > was working earlier it is now throwing 404 status code.
> >
> > Now, the problem is that we can not remove these double slash (//)
> manually
> > as it is used widely.
> >
> > So, can someone please provide a possible solution of this issue?
> >
>
>  Tomcat processes HTTP query and URL using RFC 7230 standards. But multiple
> leading forward slash support was disabled by default for good reasons.
> This was done in 8.5.31 due to issues with Http Redirects involving
> Servlets.
>
> If you must use this, you have to modify your application context to add
> the override as true - the attribute is called
> "allowMultipleLeadingForwardSlashInPath".
>
> https://tomcat.apache.org/tomcat-8.5-doc/config/context.html
>
> But I would sincerely recommend that you work on such designs and correct
> them in your application. There is always a "way". This is one of the
> reasons web applications become obsolete requires huge maintenance.
>
> Thanks,
>
> >
> > --
> > Regards,
> > Kushagra Bindal
> > +91-9013792807
> >
>


-- 
Regards,
Kushagra Bindal
+91-9013792807

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message