This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new 87d90f3ce4 As per comment, replace custom code with JRE call available
in Java 1.4+
87d90f3ce4 is described below
commit 87d90f3ce46e630bafb5d3f09cd6f3660908e887
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Thu Mar 6 15:56:30 2025 +0000
As per comment, replace custom code with JRE call available in Java 1.4+
The JRE call does %nn decode a few additional characters. Namely:
'!', '\'', '(', ')' and '~'
Strictly there is no need to encode any of the special characters but
encoding them should not cause any harm.
---
.../apache/jasper/runtime/JspRuntimeLibrary.java | 68 +++-------------------
webapps/docs/changelog.xml | 8 +++
2 files changed, 17 insertions(+), 59 deletions(-)
diff --git a/java/org/apache/jasper/runtime/JspRuntimeLibrary.java
b/java/org/apache/jasper/runtime/JspRuntimeLibrary.java
index 927bc7f012..fdfc39ab13 100644
--- a/java/org/apache/jasper/runtime/JspRuntimeLibrary.java
+++ b/java/org/apache/jasper/runtime/JspRuntimeLibrary.java
@@ -18,10 +18,11 @@ package org.apache.jasper.runtime;
import java.beans.PropertyEditor;
import java.beans.PropertyEditorManager;
-import java.io.ByteArrayOutputStream;
import java.io.IOException;
-import java.io.OutputStreamWriter;
import java.lang.reflect.Method;
+import java.net.URLEncoder;
+import java.nio.charset.Charset;
+import java.nio.charset.StandardCharsets;
import java.util.Enumeration;
import jakarta.servlet.RequestDispatcher;
@@ -1002,76 +1003,25 @@ public class JspRuntimeLibrary {
/**
* URL encodes a string, based on the supplied character encoding.
- * This performs the same function as java.next.URLEncode.encode
- * in J2SDK1.4, and should be removed if the only platform supported
- * is 1.4 or higher.
* @param s The String to be URL encoded.
* @param enc The character encoding
* @return The URL encoded String
*/
public static String URLEncode(String s, String enc) {
-
if (s == null) {
return "null";
}
-
if (enc == null) {
enc = "ISO-8859-1"; // The default request encoding
}
-
- StringBuilder out = new StringBuilder(s.length());
- ByteArrayOutputStream buf = new ByteArrayOutputStream();
- OutputStreamWriter writer = null;
+ Charset cs = null;
try {
- writer = new OutputStreamWriter(buf, enc);
- } catch (java.io.UnsupportedEncodingException ex) {
- // Use the default encoding?
- writer = new OutputStreamWriter(buf);
- }
-
- for (int i = 0; i < s.length(); i++) {
- int c = s.charAt(i);
- if (c == ' ') {
- out.append('+');
- } else if (isSafeChar(c)) {
- out.append((char)c);
- } else {
- // convert to external encoding before hex conversion
- try {
- writer.write(c);
- writer.flush();
- } catch(IOException e) {
- buf.reset();
- continue;
- }
- byte[] ba = buf.toByteArray();
- for (byte b : ba) {
- out.append('%');
- // Converting each byte in the buffer
- out.append(Character.forDigit((b >> 4) & 0xf, 16));
- out.append(Character.forDigit(b & 0xf, 16));
- }
- buf.reset();
- }
- }
- return out.toString();
- }
-
- private static boolean isSafeChar(int c) {
- if (c >= 'a' && c <= 'z') {
- return true;
- }
- if (c >= 'A' && c <= 'Z') {
- return true;
- }
- if (c >= '0' && c <= '9') {
- return true;
- }
- if (c == '-' || c == '_' || c == '.' || c == '!' ||
- c == '~' || c == '*' || c == '\'' || c == '(' || c == ')') {
- return true;
+ cs = Charset.forName(enc);
+ } catch (Throwable t) {
+ ExceptionUtils.handleThrowable(t);
+ cs = StandardCharsets.ISO_8859_1;
}
- return false;
+ return URLEncoder.encode(s, cs);
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 44a7ac5a90..e680afdc27 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -127,6 +127,14 @@
</fix>
</changelog>
</subsection>
+ <subsection name="Jasper">
+ <changelog>
+ <scode>
+ Replace custom URL encoding provided by the JSP runtime library with
+ calls to <code>java.net.URLEncoder.encode()</code>. (markt)
+ </scode>
+ </changelog>
+ </subsection>
</section>
<section name="Tomcat 10.1.37 (schultz)" rtext="not released">
<subsection name="Catalina">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
