remm 02/03/14 12:58:24
Modified: catalina/src/share/org/apache/catalina/authenticator
AuthenticatorBase.java FormAuthenticator.java
catalina/src/share/org/apache/catalina/core
StandardContextMapper.java
StandardContextValve.java StandardHostMapper.java
StandardWrapperValve.java
Log:
- Update all components which make use of the URI for mapping to use the
decoded URI.
Revision Changes Path
1.31 +7 -9
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java
Index: AuthenticatorBase.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java,v
retrieving revision 1.30
retrieving revision 1.31
diff -u -r1.30 -r1.31
--- AuthenticatorBase.java 1 Mar 2002 19:37:44 -0000 1.30
+++ AuthenticatorBase.java 14 Mar 2002 20:58:24 -0000 1.31
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java,v
1.30 2002/03/01 19:37:44 craigmcc Exp $
- * $Revision: 1.30 $
- * $Date: 2002/03/01 19:37:44 $
+ * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java,v
1.31 2002/03/14 20:58:24 remm Exp $
+ * $Revision: 1.31 $
+ * $Date: 2002/03/14 20:58:24 $
*
* ====================================================================
*
@@ -121,7 +121,7 @@
* requests. Requests of any other type will simply be passed through.
*
* @author Craig R. McClanahan
- * @version $Revision: 1.30 $ $Date: 2002/03/01 19:37:44 $
+ * @version $Revision: 1.31 $ $Date: 2002/03/14 20:58:24 $
*/
@@ -452,8 +452,7 @@
// where the login form (and therefore the "j_security_check" URI
// to which it submits) might be outside the secured area
String contextPath = this.context.getPath();
- String requestURI =
- ((HttpServletRequest) request.getRequest()).getRequestURI();
+ String requestURI = hrequest.getDecodedRequestURI();
if (requestURI.startsWith(contextPath) &&
requestURI.endsWith(Constants.FORM_ACTION)) {
if (!authenticate(hrequest, hresponse, config)) {
@@ -557,8 +556,7 @@
LoginConfig config = context.getLoginConfig();
if ((config != null) &&
(Constants.FORM_METHOD.equals(config.getAuthMethod()))) {
- String requestURI =
- ((HttpServletRequest) request.getRequest()).getRequestURI();
+ String requestURI = request.getDecodedRequestURI();
String loginPage = context.getPath() + config.getLoginPage();
if (loginPage.equals(requestURI)) {
if (debug >= 1)
@@ -764,7 +762,7 @@
// Check each defined security constraint
HttpServletRequest hreq = (HttpServletRequest) request.getRequest();
- String uri = hreq.getRequestURI();
+ String uri = request.getDecodedRequestURI();
String contextPath = hreq.getContextPath();
if (contextPath.length() > 0)
uri = uri.substring(contextPath.length());
1.20 +5 -5
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/FormAuthenticator.java
Index: FormAuthenticator.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/FormAuthenticator.java,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -r1.19 -r1.20
--- FormAuthenticator.java 19 Oct 2001 16:23:57 -0000 1.19
+++ FormAuthenticator.java 14 Mar 2002 20:58:24 -0000 1.20
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/FormAuthenticator.java,v
1.19 2001/10/19 16:23:57 craigmcc Exp $
- * $Revision: 1.19 $
- * $Date: 2001/10/19 16:23:57 $
+ * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/FormAuthenticator.java,v
1.20 2002/03/14 20:58:24 remm Exp $
+ * $Revision: 1.20 $
+ * $Date: 2002/03/14 20:58:24 $
*
* ====================================================================
*
@@ -88,7 +88,7 @@
* Authentication, as described in the Servlet API Specification, Version 2.2.
*
* @author Craig R. McClanahan
- * @version $Revision: 1.19 $ $Date: 2001/10/19 16:23:57 $
+ * @version $Revision: 1.20 $ $Date: 2002/03/14 20:58:24 $
*/
public class FormAuthenticator
@@ -212,7 +212,7 @@
// Acquire references to objects we will need to evaluate
String contextPath = hreq.getContextPath();
- String requestURI = hreq.getRequestURI();
+ String requestURI = request.getDecodedRequestURI();
response.setContext(request.getContext());
// Is this a request for the login page itself? Test here to avoid
1.8 +5 -46
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardContextMapper.java
Index: StandardContextMapper.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardContextMapper.java,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- StandardContextMapper.java 3 Jan 2002 20:23:51 -0000 1.7
+++ StandardContextMapper.java 14 Mar 2002 20:58:24 -0000 1.8
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardContextMapper.java,v
1.7 2002/01/03 20:23:51 remm Exp $
- * $Revision: 1.7 $
- * $Date: 2002/01/03 20:23:51 $
+ * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardContextMapper.java,v
1.8 2002/03/14 20:58:24 remm Exp $
+ * $Revision: 1.8 $
+ * $Date: 2002/03/14 20:58:24 $
*
* ====================================================================
*
@@ -85,7 +85,7 @@
* <code>StandardContext</code>, because it relies on internal APIs.
*
* @author Craig R. McClanahan
- * @version $Revision: 1.7 $ $Date: 2002/01/03 20:23:51 $
+ * @version $Revision: 1.8 $ $Date: 2002/03/14 20:58:24 $
*/
public final class StandardContextMapper
@@ -192,28 +192,13 @@
// Identify the context-relative URI to be mapped
String contextPath =
((HttpServletRequest) request.getRequest()).getContextPath();
- String requestURI =
- ((HttpServletRequest) request.getRequest()).getRequestURI();
+ String requestURI = ((HttpRequest) request).getDecodedRequestURI();
String relativeURI = requestURI.substring(contextPath.length());
if (debug >= 1)
context.log("Mapping contextPath='" + contextPath +
"' with requestURI='" + requestURI +
"' and relativeURI='" + relativeURI + "'");
- // Decode the relative URI, because we will ultimately return both
- // servletPath and pathInfo as decoded strings
- try {
- relativeURI = RequestUtil.URLDecode(relativeURI);
- validate(relativeURI);
- if (debug >= 1)
- context.log("Decoded relativeURI='" + relativeURI + "'");
- } catch (Exception e) {
- // context.log(sm.getString("standardContext.urlDecode",
- // relativeURI), e);
- throw new IllegalArgumentException
- (sm.getString("standardContext.urlDecode", relativeURI));
- }
-
// Apply the standard request URI mapping rules from the specification
Wrapper wrapper = null;
String servletPath = relativeURI;
@@ -302,32 +287,6 @@
((HttpRequest) request).setPathInfo(pathInfo);
}
return (wrapper);
-
- }
-
-
- // -------------------------------------------------------- Private Methods
-
-
- /**
- * Throw an exception if the specified relative URI (assumed to be already
- * decoded) contains any control characters. See RFC 2396, Section 2.4.3,
- * for a discussion of why these characters are not allowed in URIs.
- *
- * @param relativeURI The decoded relative URI to be validated
- *
- * @exception IllegalArgumentException if the specified relative URI
- * contains invalid characters
- */
- private void validate(String relativeURI) {
-
- int n = relativeURI.length();
- for (int i = 0; i < n; i++) {
- char c = relativeURI.charAt(i);
- if ((c < '\u0020') || (c == '\u007f'))
- throw new IllegalArgumentException
- (sm.getString("standardContext.urlValidate", relativeURI));
- }
}
1.16 +6 -5
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardContextValve.java
Index: StandardContextValve.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardContextValve.java,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- StandardContextValve.java 4 Jan 2002 16:33:40 -0000 1.15
+++ StandardContextValve.java 14 Mar 2002 20:58:24 -0000 1.16
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardContextValve.java,v
1.15 2002/01/04 16:33:40 remm Exp $
- * $Revision: 1.15 $
- * $Date: 2002/01/04 16:33:40 $
+ * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardContextValve.java,v
1.16 2002/03/14 20:58:24 remm Exp $
+ * $Revision: 1.16 $
+ * $Date: 2002/03/14 20:58:24 $
*
* ====================================================================
*
@@ -75,6 +75,7 @@
import org.apache.naming.resources.DirContextURLStreamHandler;
import org.apache.catalina.Container;
import org.apache.catalina.Context;
+import org.apache.catalina.HttpRequest;
import org.apache.catalina.Request;
import org.apache.catalina.Response;
import org.apache.catalina.ValveContext;
@@ -92,7 +93,7 @@
* when processing HTTP requests.
*
* @author Craig R. McClanahan
- * @version $Revision: 1.15 $ $Date: 2002/01/04 16:33:40 $
+ * @version $Revision: 1.16 $ $Date: 2002/03/14 20:58:24 $
*/
final class StandardContextValve
@@ -157,7 +158,7 @@
// Disallow any direct access to resources under WEB-INF or META-INF
HttpServletRequest hreq = (HttpServletRequest) request.getRequest();
String contextPath = hreq.getContextPath();
- String requestURI = hreq.getRequestURI();
+ String requestURI = ((HttpRequest) request).getDecodedRequestURI();
String relativeURI =
requestURI.substring(contextPath.length()).toUpperCase();
if (relativeURI.equals("/META-INF") ||
1.4 +5 -6
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardHostMapper.java
Index: StandardHostMapper.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardHostMapper.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- StandardHostMapper.java 22 Jul 2001 20:25:08 -0000 1.3
+++ StandardHostMapper.java 14 Mar 2002 20:58:24 -0000 1.4
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardHostMapper.java,v
1.3 2001/07/22 20:25:08 pier Exp $
- * $Revision: 1.3 $
- * $Date: 2001/07/22 20:25:08 $
+ * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardHostMapper.java,v
1.4 2002/03/14 20:58:24 remm Exp $
+ * $Revision: 1.4 $
+ * $Date: 2002/03/14 20:58:24 $
*
* ====================================================================
*
@@ -84,7 +84,7 @@
* <code>StandardHost</code>, because it relies on internal APIs.
*
* @author Craig R. McClanahan
- * @version $Revision: 1.3 $ $Date: 2001/07/22 20:25:08 $
+ * @version $Revision: 1.4 $ $Date: 2002/03/14 20:58:24 $
*/
public class StandardHostMapper
@@ -184,8 +184,7 @@
return (request.getContext());
// Perform mapping on our request URI
- String uri =
- ((HttpServletRequest) request.getRequest()).getRequestURI();
+ String uri = ((HttpRequest) request).getDecodedRequestURI();
Context context = host.map(uri);
// Update the request (if requested) and return the selected Context
1.33 +5 -5
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardWrapperValve.java
Index: StandardWrapperValve.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardWrapperValve.java,v
retrieving revision 1.32
retrieving revision 1.33
diff -u -r1.32 -r1.33
--- StandardWrapperValve.java 8 Feb 2002 16:04:31 -0000 1.32
+++ StandardWrapperValve.java 14 Mar 2002 20:58:24 -0000 1.33
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardWrapperValve.java,v
1.32 2002/02/08 16:04:31 remm Exp $
- * $Revision: 1.32 $
- * $Date: 2002/02/08 16:04:31 $
+ * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardWrapperValve.java,v
1.33 2002/03/14 20:58:24 remm Exp $
+ * $Revision: 1.33 $
+ * $Date: 2002/03/14 20:58:24 $
*
* ====================================================================
*
@@ -103,7 +103,7 @@
* <code>StandardWrapper</code> container implementation.
*
* @author Craig R. McClanahan
- * @version $Revision: 1.32 $ $Date: 2002/02/08 16:04:31 $
+ * @version $Revision: 1.33 $ $Date: 2002/03/14 20:58:24 $
*/
final class StandardWrapperValve
@@ -370,7 +370,7 @@
String contextPath = hreq.getContextPath();
if (contextPath == null)
contextPath = "";
- String requestURI = hreq.getRequestURI();
+ String requestURI = ((HttpRequest) request).getDecodedRequestURI();
if (requestURI.length() >= contextPath.length())
requestPath = requestURI.substring(contextPath.length());
}
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
