coyote Response.java

luehe Tue, 27 Jul 2004 17:44:02 -0700

luehe       2004/07/27 17:43:17

  Modified:    coyote/src/java/org/apache/coyote Response.java
  Log:
  Fixed Bugtraq 6152759 ("Default charset not included in Content-Type
  response header if no char encoding was specified").
  
  According to the Servlet 2.4 spec, calling:
  
    ServletResponse.setContentType("text/html");
  
  must yield these results:
  
    ServletResponse.getContentType() -> "text/html"
  
    Content-Type response header -> "text/html;charset=ISO-8859-1"
  
  Notice the absence of a charset in the result of getContentType(), but
  its presence (set to the default ISO-8859-1) in the Content-Type
  response header.
  
  Tomcat is currently not including the default charset in the
  Content-Type response header if no char encoding was specified.
  
  Revision  Changes    Path
  1.33      +28 -0     
jakarta-tomcat-connectors/coyote/src/java/org/apache/coyote/Response.java
  
  Index: Response.java
  ===================================================================
  RCS file: 
/home/cvs/jakarta-tomcat-connectors/coyote/src/java/org/apache/coyote/Response.java,v
  retrieving revision 1.32
  retrieving revision 1.33
  diff -u -r1.32 -r1.33
  --- Response.java     24 Feb 2004 08:54:29 -0000      1.32
  +++ Response.java     28 Jul 2004 00:43:17 -0000      1.33
  @@ -21,6 +21,7 @@
   
   import org.apache.tomcat.util.buf.ByteChunk;
   import org.apache.tomcat.util.http.MimeHeaders;
  +import org.apache.tomcat.util.http.ContentType;
   
   /**
    * Response object.
  @@ -524,6 +525,33 @@
           return ret;
       }
       
  +
  +    /**
  +     * Returns the value of the Content-Type response header, based on the
  +     * current return value of getContentType().
  +     *
  +     * Notice that while the charset parameter must be omitted from the
  +     * return value of ServletResponse.getContentType() if no character
  +     * encoding has been specified, the spec requires that a charset (default:
  +     * ISO-8859-1) always be included in the Content-Type response header
  +     *
  +     * @return Value of Content-Type response header
  +     */
  +    public String getContentTypeResponseHeader() {
  +
  +        String header = getContentType();
  +        if (header != null) {
  +            if (!ContentType.hasCharset(header)) {
  +                // Must communicate response encoding to client
  +                header = header + ";charset="
  +                    + Constants.DEFAULT_CHARACTER_ENCODING;
  +            }
  +        }
  +
  +        return header;
  +    }
  +
  +
       public void setContentLength(int contentLength) {
           this.contentLength = contentLength;
       }


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

cvs commit: jakarta-tomcat-connectors/coyote/src/java/org/apache/coyote Response.java

Reply via email to