billbarker 2004/06/19 17:28:07
Modified: catalina/src/share/org/apache/coyote/tomcat5
CoyoteResponse.java
Log:
Make the check for an absolute URI conform conform better to the RFC.
Now an absolute URI is anything of the form <scheme>:<scheme-specific-data>. This
allows protocols such as 'mailto' and 'news' as well as the standard URLs.
Fix for Bug #18147
Revision Changes Path
1.21 +18 -3
jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5/CoyoteResponse.java
Index: CoyoteResponse.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5/CoyoteResponse.java,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -r1.20 -r1.21
--- CoyoteResponse.java 19 Jun 2004 18:52:42 -0000 1.20
+++ CoyoteResponse.java 20 Jun 2004 00:28:07 -0000 1.21
@@ -1423,8 +1423,7 @@
boolean leadingSlash = location.startsWith("/");
- if (leadingSlash
- || (!leadingSlash && (location.indexOf("://") == -1))) {
+ if (leadingSlash || !hasScheme(location)) {
redirectURLCC.recycle();
@@ -1487,6 +1486,22 @@
}
+
+ /**
+ * Determine if a URI string has a <code>scheme</code> component.
+ */
+ private boolean hasScheme(String uri) {
+ int len = uri.length();
+ for(int i=0; i < len ; i++) {
+ char c = uri.charAt(i);
+ if(c == ':') {
+ return i > 0;
+ } else if(!URL.isSchemeChar(c)) {
+ return false;
+ }
+ }
+ return false;
+ }
/**
* Return the specified URL with the specified session identifier
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
