luehe 2004/06/16 18:08:08
Modified: catalina/src/share/org/apache/coyote/tomcat5
CoyoteResponse.java
Log:
Fixed Bugtraq 5062838 ("ServletResponse.setContentType sets response encoding after
getWriter was called")
According to Servlet API, a call to
ServletResponse.setContentType("<mime>; charset=<charset>")
1. has no effect if response has already been committed.
2. sets only the media type (<mime>), but *not* the response charset
if getWriter() has already been called.
TC currently violates 2.
Revision Changes Path
1.18 +11 -1
jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5/CoyoteResponse.java
Index: CoyoteResponse.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5/CoyoteResponse.java,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- CoyoteResponse.java 5 Jun 2004 05:13:47 -0000 1.17
+++ CoyoteResponse.java 17 Jun 2004 01:08:08 -0000 1.18
@@ -705,6 +705,16 @@
if (included)
return;
+ // Ignore charset if getWriter() has already been called
+ if (usingWriter) {
+ if (type != null) {
+ int index = type.indexOf(";");
+ if (index != -1) {
+ type = type.substring(0, index);
+ }
+ }
+ }
+
coyoteResponse.setContentType(type);
// Check to see if content type contains charset
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
