ServletController getBaseURL can not handle encoded URIs in some cases
----------------------------------------------------------------------
Key: CXF-3403
URL: https://issues.apache.org/jira/browse/CXF-3403
Project: CXF
Issue Type: Bug
Components: Transports
Affects Versions: 2.3.3, 2.4
Reporter: Sergey Beryozkin
Assignee: Sergey Beryozkin
Fix For: 2.4, 2.3.4
ServletController.getBaseURL uses HttpServletRequest.getPathInfo() to determine
the base URL.
For example, given 'http://localhost:8080/services/1' and the pathInfo equal to
'/1' the base URL is 'http://localhost:8080/services'.
The problem with using the getPathInfo in the substring calculation is that it
loses matrix parameters on the last path segment, ex, given
'http://localhost:8080/services/1;a=b' which will be reported by
request.getRequestURL, the getPathInfo will report "/1" only and thus the base
URL will be wrong. To bypass this issue, the initial attempt was to decode
request.getRequestURL and strip off the final matrix params if any and only
then calculate the base path. This solution breaks with encoded %3B characters
- besides it is also slow (decoding costs).
Another problem with getPathInfo() in that given that it returns the decoded
value, the problem arise on some containers with requests URIs containing
double encoded '/' symbols.
A simpler and more reliable solution is needed
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
