billbarker 02/02/21 22:21:55
Modified: catalina/src/share/org/apache/catalina/connector
HttpResponseBase.java
Log:
Prevent double-encoding of URLS.
Fix for bug #1450.
Based on submission by: Tilo Christ [EMAIL PROTECTED]
Reported by: Serg Maslyukov [EMAIL PROTECTED]
Revision Changes Path
1.48 +6 -4
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/HttpResponseBase.java
Index: HttpResponseBase.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/HttpResponseBase.java,v
retrieving revision 1.47
retrieving revision 1.48
diff -u -r1.47 -r1.48
--- HttpResponseBase.java 21 Feb 2002 19:02:10 -0000 1.47
+++ HttpResponseBase.java 22 Feb 2002 06:21:55 -0000 1.48
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/HttpResponseBase.java,v
1.47 2002/02/21 19:02:10 remm Exp $
- * $Revision: 1.47 $
- * $Date: 2002/02/21 19:02:10 $
+ * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/HttpResponseBase.java,v
1.48 2002/02/22 06:21:55 billbarker Exp $
+ * $Revision: 1.48 $
+ * $Date: 2002/02/22 06:21:55 $
*
* ====================================================================
*
@@ -104,7 +104,7 @@
*
* @author Craig R. McClanahan
* @author Remy Maucherat
- * @version $Revision: 1.47 $ $Date: 2002/02/21 19:02:10 $
+ * @version $Revision: 1.48 $ $Date: 2002/02/22 06:21:55 $
*/
public class HttpResponseBase
@@ -544,6 +544,8 @@
String file = url.getFile();
if ((file == null) || !file.startsWith(contextPath))
return (false);
+ if( file.indexOf(";jsessionid=" + session.getId()) >= 0 )
+ return (false);
}
// This URL belongs to our web application, so it is encodeable
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
