https://bz.apache.org/bugzilla/show_bug.cgi?id=60482
            Bug ID: 60482
           Summary: URL parameters parsed incorrectly using HTTP/2
                    connector
           Product: Tomcat 8
           Version: 8.5.9
          Hardware: PC
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Catalina
          Assignee: dev@tomcat.apache.org
          Reporter: adaniels...@gmail.com
  Target Milestone: ----

I'm using Tomcat 8.5.9. It appears that query strings containing percent
encoded ampersand (%26) and percent (%25) characters are not parsed correctly
when using the HTTP/2 connector. Using HTTP 1.1, it works fine.

To reproduce:

1) create ROOT/test.jsp with these contents:

foo=[<%= request.getParameter("foo") %>]


2) Set up an HTTPS connector in server.xml that upgrades to HTTP/2 and start
the server:
<Connector port="8443" scheme="https" secure="true" SSLEnabled="true"
compression="on" address="0.0.0.0">
        <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
        <SSLHostConfig protocols="TLSv1.1+TLSv1.2">
            <Certificate certificateKeyFile="conf\tls\key.pem"
                         certificateFile="conf\cert.crt"
                        
certificateChainFile="conf\tls\STAR_credentialsmart_net.ca-bundle" />
        </SSLHostConfig>
</Connector>


3) Browse to https://localhost:8443/test.jsp?foo=b%26a

The result is:
foo=[b]

4) Now comment out <UpgradeProtocol ...> in the HTTPS connector in server.xml
and restart.

5) Browse to https://localhost:8443/test.jsp?foo=b%26a

The result is:
foo=[b&a]

The access log also shows the URLs differently:
0:0:0:0:0:0:0:1 - - [15/Dec/2016:02:12:22 -0500] "GET /test.jsp?foo=b%26a
HTTP/1.1" 200 14
0:0:0:0:0:0:0:1 - - [15/Dec/2016:02:12:36 -0500] "GET /test.jsp?foo=b&a
HTTP/2.0" 200 12

And the logs show the message:
14-Dec-2016 23:48:59.846 FINE [catalina-exec-2]
org.apache.tomcat.util.http.Parameters.processParameters Parameter starting at
position [10] and ending at position [15] with a value of [10] was not followed
by an = character

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to