cvs commit: jakarta-tomcat-connectors/jk/native2/server/isapi jk_isapi_plugin.c

Tue, 04 Feb 2003 12:45:33 -0800 

nacho       2003/02/04 12:45:50

  Modified:    jk/native2/server/isapi jk_isapi_plugin.c
  Log:
  Fix for Bug#16759 ISAPI_REDIRECTOR Handles %2F improperly
  
  Now a uri considered not valid or bad by jk2 is passed down the filter chain,
  so letting the server continue processing, also relaxed logging to info as
  they are not errors anymore..
  
  Revision  Changes    Path
  1.54      +10 -6     
jakarta-tomcat-connectors/jk/native2/server/isapi/jk_isapi_plugin.c
  
  Index: jk_isapi_plugin.c
  ===================================================================
  RCS file: 
/home/cvs/jakarta-tomcat-connectors/jk/native2/server/isapi/jk_isapi_plugin.c,v
  retrieving revision 1.53
  retrieving revision 1.54
  diff -u -r1.53 -r1.54
  --- jk_isapi_plugin.c 4 Feb 2003 07:44:23 -0000       1.53
  +++ jk_isapi_plugin.c 4 Feb 2003 20:45:49 -0000       1.54
  @@ -316,20 +316,24 @@
   
                   rc = jk_requtil_unescapeUrl(uri);
                   if (rc == BAD_REQUEST) {
  -                    env->l->jkLog(env, env->l,  JK_LOG_ERROR, 
  +                    env->l->jkLog(env, env->l,  JK_LOG_INFO, 
                              "HttpFilterProc [%s] contains one or more invalid escape 
sequences.\n", 
                              uri);
  -                    write_error_response(pfc,"400 Bad Request", HTML_ERROR_400);
  +                    // XXX: Let any other filter process the request, 
  +                    //      if they take any security measure or not doesnt matter.
  +                    //  write_error_response(pfc,"400 Bad Request", HTML_ERROR_400);
                       workerEnv->globalEnv->releaseEnv( workerEnv->globalEnv, env );
  -                    return SF_STATUS_REQ_FINISHED;
  +                    return SF_STATUS_REQ_NEXT_NOTIFICATION;
                   }
                   else if(rc == BAD_PATH) {
  -                    env->l->jkLog(env, env->l,  JK_LOG_EMERG, 
  +                    env->l->jkLog(env, env->l,  JK_LOG_INFO, 
                              "HttpFilterProc [%s] contains forbidden escape 
sequences.\n", 
                              uri);
  -                    write_error_response(pfc,"403 Forbidden", HTML_ERROR_403);
  +                    // XXX: Let any other filter process the request, 
  +                    //      if they take any security measure or not doesnt matter.
  +                    //  write_error_response(pfc,"403 Forbidden", HTML_ERROR_403);
                       workerEnv->globalEnv->releaseEnv( workerEnv->globalEnv, env );
  -                    return SF_STATUS_REQ_FINISHED;
  +                    return SF_STATUS_REQ_NEXT_NOTIFICATION;
                   }
                   jk_requtil_getParents(uri);
   
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to