d...

markt Wed, 27 Jul 2016 08:51:30 -0700

Author: markt
Date: Wed Jul 27 15:50:57 2016
New Revision: 1754282

URL: http://svn.apache.org/viewvc?rev=1754282&view=rev
Log:
Decode the path provided to the request dispatcher by default. The reasoning is:
- the servlet spec is clear (see 9.1.1) that path can include a query string;
- the query string is delimited by '?';
- '?' is a valid character in the path (if it is encoded);
- users may want to use '?'in the path;
- therefore users need to be able to provide an encoded path;
- therefore the RequestDispatcher needs to decode the path.


This change should be transparent unless an application is passing an unencoded 
% to the request dispatcher which should be fairly rare.

The behaviour is configurable via a Context attribute so the previous behaviour 
can easily be restored.

Added:
    
tomcat/tc8.5.x/trunk/test/org/apache/catalina/core/TestApplicationContextGetRequestDispatcher.java
      - copied unchanged from r1754281, 
tomcat/trunk/test/org/apache/catalina/core/TestApplicationContextGetRequestDispatcher.java
Modified:
    tomcat/tc8.5.x/trunk/   (props changed)
    tomcat/tc8.5.x/trunk/java/org/apache/catalina/Context.java
    tomcat/tc8.5.x/trunk/java/org/apache/catalina/connector/Request.java
    tomcat/tc8.5.x/trunk/java/org/apache/catalina/core/ApplicationContext.java
    tomcat/tc8.5.x/trunk/java/org/apache/catalina/core/LocalStrings.properties
    tomcat/tc8.5.x/trunk/java/org/apache/catalina/core/StandardContext.java
    tomcat/tc8.5.x/trunk/java/org/apache/catalina/startup/FailedContext.java
    tomcat/tc8.5.x/trunk/test/org/apache/catalina/core/TestAsyncContextImpl.java
    tomcat/tc8.5.x/trunk/test/org/apache/tomcat/unittest/TesterContext.java
    tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml
    tomcat/tc8.5.x/trunk/webapps/docs/config/context.xml

Propchange: tomcat/tc8.5.x/trunk/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Wed Jul 27 15:50:57 2016
@@ -1 +1 @@
-/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501
 
,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747536,1747
 
924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750899,1750975,1750995,1751061,1751097,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753358,1753363,1754111,1754140-1754141
+/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501
 
,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747536,1747
 
924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750899,1750975,1750995,1751061,1751097,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753358,1753363,1754111,1754140-1754141,1754281

Modified: tomcat/tc8.5.x/trunk/java/org/apache/catalina/Context.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/java/org/apache/catalina/Context.java?rev=1754282&r1=1754281&r2=1754282&view=diff
==============================================================================
--- tomcat/tc8.5.x/trunk/java/org/apache/catalina/Context.java (original)
+++ tomcat/tc8.5.x/trunk/java/org/apache/catalina/Context.java Wed Jul 27 
15:50:57 2016
@@ -1766,4 +1766,26 @@ public interface Context extends Contain
      * @see #setUseRelativeRedirects(boolean)
      */
     public boolean getUseRelativeRedirects();
+
+    /**
+     * Are paths used in calls to obtain a request dispatcher expected to be
+     * encoded? This affects both how Tomcat handles calls to obtain a request
+     * dispatcher as well as how Tomcat generates paths used to obtain request
+     * dispatchers internally.
+     *
+     * @param dispatchersUseEncodedPaths {@code true} to use encoded paths,
+     *        otherwise {@code false}
+     */
+    public void setDispatchersUseEncodedPaths(boolean 
dispatchersUseEncodedPaths);
+
+    /**
+     * Are paths used in calls to obtain a request dispatcher expected to be
+     * encoded? This applys to both how Tomcat handles calls to obtain a 
request
+     * dispatcher as well as how Tomcat generates paths used to obtain request
+     * dispatchers internally.
+     *
+     * @return {@code true} if encoded paths will be used, otherwise
+     *         {@code false}
+     */
+    public boolean getDispatchersUseEncodedPaths();
 }

Modified: tomcat/tc8.5.x/trunk/java/org/apache/catalina/connector/Request.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/java/org/apache/catalina/connector/Request.java?rev=1754282&r1=1754281&r2=1754282&view=diff
==============================================================================
--- tomcat/tc8.5.x/trunk/java/org/apache/catalina/connector/Request.java 
(original)
+++ tomcat/tc8.5.x/trunk/java/org/apache/catalina/connector/Request.java Wed 
Jul 27 15:50:57 2016
@@ -83,6 +83,7 @@ import org.apache.catalina.mapper.Mappin
 import org.apache.catalina.servlet4preview.http.Mapping;
 import org.apache.catalina.servlet4preview.http.PushBuilder;
 import org.apache.catalina.util.ParameterMap;
+import org.apache.catalina.util.URLEncoder;
 import org.apache.coyote.ActionCode;
 import org.apache.coyote.UpgradeToken;
 import org.apache.coyote.http11.upgrade.InternalHttpUpgradeHandler;
@@ -1372,14 +1373,22 @@ public class Request implements org.apac
 
         int pos = requestPath.lastIndexOf('/');
         String relative = null;
-        if (pos >= 0) {
-            relative = requestPath.substring(0, pos + 1) + path;
+        if (context.getDispatchersUseEncodedPaths()) {
+            if (pos >= 0) {
+                relative = URLEncoder.DEFAULT.encode(
+                        requestPath.substring(0, pos + 1), "UTF-8") + path;
+            } else {
+                relative = URLEncoder.DEFAULT.encode(requestPath, "UTF-8") + 
path;
+            }
         } else {
-            relative = requestPath + path;
+            if (pos >= 0) {
+                relative = requestPath.substring(0, pos + 1) + path;
+            } else {
+                relative = requestPath + path;
+            }
         }
 
         return context.getServletContext().getRequestDispatcher(relative);
-
     }
 
 

Modified: 
tomcat/tc8.5.x/trunk/java/org/apache/catalina/core/ApplicationContext.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/java/org/apache/catalina/core/ApplicationContext.java?rev=1754282&r1=1754281&r2=1754282&view=diff
==============================================================================
--- tomcat/tc8.5.x/trunk/java/org/apache/catalina/core/ApplicationContext.java 
(original)
+++ tomcat/tc8.5.x/trunk/java/org/apache/catalina/core/ApplicationContext.java 
Wed Jul 27 15:50:57 2016
@@ -17,9 +17,11 @@
 package org.apache.catalina.core;
 
 import java.io.InputStream;
+import java.io.UnsupportedEncodingException;
 import java.lang.reflect.InvocationTargetException;
 import java.net.MalformedURLException;
 import java.net.URL;
+import java.net.URLDecoder;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.EnumSet;
@@ -411,6 +413,26 @@ public class ApplicationContext implemen
         if (normalizedPath == null)
             return (null);
 
+        if (getContext().getDispatchersUseEncodedPaths()) {
+            // Decode
+            String decodedPath;
+            try {
+                decodedPath = URLDecoder.decode(normalizedPath, "UTF-8");
+            } catch (UnsupportedEncodingException e) {
+                // Impossible
+                return null;
+            }
+
+            // Security check to catch attempts to encode /../ sequences
+            normalizedPath = RequestUtil.normalize(decodedPath);
+            if (!decodedPath.equals(normalizedPath)) {
+                getContext().getLogger().warn(
+                        sm.getString("applicationContext.illegalDispatchPath", 
path),
+                        new IllegalArgumentException());
+                return null;
+            }
+        }
+
         pos = normalizedPath.length();
 
         // Use the thread local URI and mapping data

Modified: 
tomcat/tc8.5.x/trunk/java/org/apache/catalina/core/LocalStrings.properties
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/java/org/apache/catalina/core/LocalStrings.properties?rev=1754282&r1=1754281&r2=1754282&view=diff
==============================================================================
--- tomcat/tc8.5.x/trunk/java/org/apache/catalina/core/LocalStrings.properties 
(original)
+++ tomcat/tc8.5.x/trunk/java/org/apache/catalina/core/LocalStrings.properties 
Wed Jul 27 15:50:57 2016
@@ -22,6 +22,7 @@ applicationContext.addListener.ise=Liste
 applicationContext.addRole.ise=Roles cannot be added to context {0} as the 
context has been initialised
 applicationContext.addServlet.ise=Servlets cannot be added to context {0} as 
the context has been initialised
 applicationContext.attributeEvent=Exception thrown by attributes event listener
+applicationContext.illegalDispatchPath=An application attempted to obtain a 
request dispatcher with an illegal path [{0}] that was rejected because it 
contained an encoded directory traversal attempt
 applicationContext.invalidFilterName=Unable to add filter definition due to 
invalid filter name [{0}].
 applicationContext.invalidServletName=Unable to add servlet definition due to 
invalid servlet name [{0}].
 applicationContext.mapping.error=Error during mapping

Modified: 
tomcat/tc8.5.x/trunk/java/org/apache/catalina/core/StandardContext.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/java/org/apache/catalina/core/StandardContext.java?rev=1754282&r1=1754281&r2=1754282&view=diff
==============================================================================
--- tomcat/tc8.5.x/trunk/java/org/apache/catalina/core/StandardContext.java 
(original)
+++ tomcat/tc8.5.x/trunk/java/org/apache/catalina/core/StandardContext.java Wed 
Jul 27 15:50:57 2016
@@ -807,10 +807,29 @@ public class StandardContext extends Con
 
     private boolean useRelativeRedirects = !Globals.STRICT_SERVLET_COMPLIANCE;
 
+    private boolean dispatchersUseEncodedPaths = true;
+
 
     // ----------------------------------------------------- Context Properties
 
     @Override
+    public void setDispatchersUseEncodedPaths(boolean 
dispatchersUseEncodedPaths) {
+        this.dispatchersUseEncodedPaths = dispatchersUseEncodedPaths;
+    }
+
+
+    /**
+     * {@inheritDoc}
+     * <p>
+     * The default value for this implementation is {@code true}.
+     */
+    @Override
+    public boolean getDispatchersUseEncodedPaths() {
+        return dispatchersUseEncodedPaths;
+    }
+
+
+    @Override
     public void setUseRelativeRedirects(boolean useRelativeRedirects) {
         this.useRelativeRedirects = useRelativeRedirects;
     }

Modified: 
tomcat/tc8.5.x/trunk/java/org/apache/catalina/startup/FailedContext.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/java/org/apache/catalina/startup/FailedContext.java?rev=1754282&r1=1754281&r2=1754282&view=diff
==============================================================================
--- tomcat/tc8.5.x/trunk/java/org/apache/catalina/startup/FailedContext.java 
(original)
+++ tomcat/tc8.5.x/trunk/java/org/apache/catalina/startup/FailedContext.java 
Wed Jul 27 15:50:57 2016
@@ -783,4 +783,9 @@ public class FailedContext extends Lifec
     public void setUseRelativeRedirects(boolean useRelativeRedirects) { /* 
NO-OP */ }
     @Override
     public boolean getUseRelativeRedirects() { return true; }
+
+    @Override
+    public void setDispatchersUseEncodedPaths(boolean 
dispatchersUseEncodedPaths) { /* NO-OP */ }
+    @Override
+    public boolean getDispatchersUseEncodedPaths() { return true; }
 }
\ No newline at end of file

Modified: 
tomcat/tc8.5.x/trunk/test/org/apache/catalina/core/TestAsyncContextImpl.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/test/org/apache/catalina/core/TestAsyncContextImpl.java?rev=1754282&r1=1754281&r2=1754282&view=diff
==============================================================================
--- 
tomcat/tc8.5.x/trunk/test/org/apache/catalina/core/TestAsyncContextImpl.java 
(original)
+++ 
tomcat/tc8.5.x/trunk/test/org/apache/catalina/core/TestAsyncContextImpl.java 
Wed Jul 27 15:50:57 2016
@@ -2591,4 +2591,10 @@ public class TestAsyncContextImpl extend
             }
         }
     }
+
+
+    @Test
+    public void testAsyncDispatchEncoding() throws Exception {
+
+    }
 }

Modified: 
tomcat/tc8.5.x/trunk/test/org/apache/tomcat/unittest/TesterContext.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/test/org/apache/tomcat/unittest/TesterContext.java?rev=1754282&r1=1754281&r2=1754282&view=diff
==============================================================================
--- tomcat/tc8.5.x/trunk/test/org/apache/tomcat/unittest/TesterContext.java 
(original)
+++ tomcat/tc8.5.x/trunk/test/org/apache/tomcat/unittest/TesterContext.java Wed 
Jul 27 15:50:57 2016
@@ -1246,4 +1246,9 @@ public class TesterContext implements Co
     public void setUseRelativeRedirects(boolean useRelativeRedirects) { /* 
NO-OP */ }
     @Override
     public boolean getUseRelativeRedirects() { return true; }
+
+    @Override
+    public void setDispatchersUseEncodedPaths(boolean 
dispatchersUseEncodedPaths) { /* NO-OP */ }
+    @Override
+    public boolean getDispatchersUseEncodedPaths() { return true; }
 }

Modified: tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml?rev=1754282&r1=1754281&r2=1754282&view=diff
==============================================================================
--- tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml Wed Jul 27 15:50:57 2016
@@ -62,6 +62,12 @@
         Compatibility with rewrite from httpd for non existing headers.
         (jfclere)
       </fix>
+      <fix>
+        By default, treat paths used to obtain a request dispatcher as encoded.
+        This behaviour can be changed per web application via the
+        <code>dispatchersUseEncodedPaths</code> attribute of the Context.
+        (markt)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Coyote">

Modified: tomcat/tc8.5.x/trunk/webapps/docs/config/context.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/webapps/docs/config/context.xml?rev=1754282&r1=1754281&r2=1754282&view=diff
==============================================================================
--- tomcat/tc8.5.x/trunk/webapps/docs/config/context.xml (original)
+++ tomcat/tc8.5.x/trunk/webapps/docs/config/context.xml Wed Jul 27 15:50:57 
2016
@@ -334,6 +334,14 @@
         sufficient.</p>
       </attribute>
 
+      <attribute name="dispatchersUseEncodedPaths" required="false">
+        <p>Controls whether paths used in calls to obtain a request dispatcher
+        ares expected to be encoded. This affects both how Tomcat handles calls
+        to obtain a request dispatcher as well as how Tomcat generates paths
+        used to obtain request dispatchers internally. If not specified, the
+        default value of <code>true</code> is used.</p>
+      </attribute>
+
       <attribute name="failCtxIfServletStartFails" required="false">
         <p>Set to <code>true</code> to have the context fail its startup if any
         servlet that has load-on-startup &gt;=0 fails its own startup.</p>



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

svn commit: r1754282 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/catalina/ java/org/apache/catalina/connector/ java/org/apache/catalina/core/ java/org/apache/catalina/startup/ test/org/apache/catalina/core/ test/org/apache/tomcat/unittest/ webapps/d...

Reply via email to