Author: markt
Date: Sat Oct 3 18:23:22 2009
New Revision: 821386
URL: http://svn.apache.org/viewvc?rev=821386&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=47320
Don't rely on the platform default encoding being suitable to parse the session
ID
Modified:
tomcat/tc6.0.x/trunk/ (props changed)
tomcat/tc6.0.x/trunk/STATUS.txt
tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/LocalStrings.properties
tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
Propchange: tomcat/tc6.0.x/trunk/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Sat Oct 3 18:23:22 2009
@@ -1 +1 @@
-/tomcat/trunk:601180,606992,612607,630314,640888,652744,653247,673796,673820,677910,683982,684001,684081,684234,684269-684270,685177,687503,687645,689402,690781,691392,691805,692748,693378,694992,695053,695311,696780,696782,698012,698227,698236,698613,699427,699634,701355,709294,709811,709816,710063,710066,710125,710205,711126,711600,712461,712467,718360,719119,719124,719602,719626,719628,720046,720069,721040,721286,721708,721886,723404,723738,726052,727303,728032,728768,728947,729057,729567,729569,729571,729681,729809,729815,729934,730250,730590,731651,732859,732863,734734,740675,740684,742677,742697,742714,744160,744238,746321,746384,746425,747834,747863,748344,750258,750291,750921,751286-751287,751289,751295,753039,757335,757774,758365,758596,758616,758664,759074,761601,762868,762929,762936-762937,763166,763183,763193,763228,763262,763298,763302,763325,763599,763611,763654,763681,763706,764985,764997,765662,768335,769979,770716,770809,770876,776921,776924,776935,776945,77
7464,777466,777576,777625,778379,778523-778524,781528,781779,782145,782791,783316,783696,783724,783756,783762,783766,783863,783934,784453,784602,784614,785381,785688,785768,785859,786468,786487,786490,786496,786667,787627,787770,787985,789389,790405,791041,791184,791194,791243,791326,791328,791789,792740,793372,793757,793882,793981,794082,794673,794822,795043,795152,795210,795457,795466,797168,797425,797596,797607,802727,802940,804462,804544,804734,805153,809603,812125,812137,812432,813001,813013,813866,814180,815972,817442
+/tomcat/trunk:601180,606992,612607,630314,640888,652744,653247,673796,673820,677910,683982,684001,684081,684234,684269-684270,685177,687503,687645,689402,690781,691392,691805,692748,693378,694992,695053,695311,696780,696782,698012,698227,698236,698613,699427,699634,701355,709294,709811,709816,710063,710066,710125,710205,711126,711600,712461,712467,718360,719119,719124,719602,719626,719628,720046,720069,721040,721286,721708,721886,723404,723738,726052,727303,728032,728768,728947,729057,729567,729569,729571,729681,729809,729815,729934,730250,730590,731651,732859,732863,734734,740675,740684,742677,742697,742714,744160,744238,746321,746384,746425,747834,747863,748344,750258,750291,750921,751286-751287,751289,751295,753039,757335,757774,758365,758596,758616,758664,759074,761601,762868,762929,762936-762937,763166,763183,763193,763228,763262,763298,763302,763325,763599,763611,763654,763681,763706,764985,764997,765662,768335,769979,770716,770809,770876,776921,776924,776935,776945,77
7464,777466,777576,777625,778379,778523-778524,781528,781779,782145,782791,783316,783696,783724,783756,783762,783766,783863,783934,784453,784602,784614,785381,785688,785768,785859,786468,786487,786490,786496,786667,787627,787770,787985,789389,790405,791041,791184,791194,791243,791326,791328,791789,792740,793372,793757,793882,793981,794082,794673,794822,795043,795152,795210,795457,795466,797168,797425,797596,797607,802727,802940,804462,804544,804734,805153,809603,812125,812137,812432,813001,813013,813866,814180,815972,817442,819339
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=821386&r1=821385&r2=821386&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Sat Oct 3 18:23:22 2009
@@ -320,13 +320,6 @@
+1: rjung, pero
-1:
-* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=47320
- Don't rely on the platform default encoding being suitable to parse the
- session ID
- http://svn.apache.org/viewvc?rev=819339&view=rev
- +1: markt, pero, kkolinko
- -1:
-
* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=47324
Correct submit URL so it works behind a reverse proxy for session list page
Patch by Maik Jablonski
Modified:
tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java?rev=821386&r1=821385&r2=821386&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
(original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
Sat Oct 3 18:23:22 2009
@@ -19,6 +19,7 @@
package org.apache.catalina.connector;
import java.io.IOException;
+import java.io.UnsupportedEncodingException;
import org.apache.catalina.CometEvent;
import org.apache.catalina.Context;
@@ -521,6 +522,12 @@
int semicolon = uriBC.indexOf(match, 0, match.length(), 0);
if (semicolon > 0) {
+ // What encoding to use? Some platforms, eg z/os, use a default
+ // encoding that doesn't give the expected result so be explicit
+ String enc = connector.getURIEncoding();
+ if (enc == null) {
+ enc = "ISO-8859-1";
+ }
// Parse session ID, and extract it from the decoded request URI
int start = uriBC.getStart();
@@ -528,25 +535,32 @@
int sessionIdStart = semicolon + match.length();
int semicolon2 = uriBC.indexOf(';', sessionIdStart);
- if (semicolon2 >= 0) {
- request.setRequestedSessionId
- (new String(uriBC.getBuffer(), start + sessionIdStart,
- semicolon2 - sessionIdStart));
- // Extract session ID from request URI
- byte[] buf = uriBC.getBuffer();
- for (int i = 0; i < end - start - semicolon2; i++) {
- buf[start + semicolon + i]
- = buf[start + i + semicolon2];
- }
- uriBC.setBytes(buf, start, end - start - semicolon2 +
semicolon);
- } else {
- request.setRequestedSessionId
- (new String(uriBC.getBuffer(), start + sessionIdStart,
- (end - start) - sessionIdStart));
- uriBC.setEnd(start + semicolon);
+ try {
+ if (semicolon2 >= 0) {
+ request.setRequestedSessionId
+ (new String(uriBC.getBuffer(), start + sessionIdStart,
+ semicolon2 - sessionIdStart, enc));
+ // Extract session ID from request URI
+ byte[] buf = uriBC.getBuffer();
+ for (int i = 0; i < end - start - semicolon2; i++) {
+ buf[start + semicolon + i]
+ = buf[start + i + semicolon2];
+ }
+ uriBC.setBytes(buf, start,
+ end - start - semicolon2 + semicolon);
+ } else {
+ request.setRequestedSessionId
+ (new String(uriBC.getBuffer(), start + sessionIdStart,
+ (end - start) - sessionIdStart, enc));
+ uriBC.setEnd(start + semicolon);
+ }
+ request.setRequestedSessionURL(true);
+ } catch (UnsupportedEncodingException uee) {
+ // Make sure no session ID is returned
+ request.setRequestedSessionId(null);
+ request.setRequestedSessionURL(false);
+ log.warn(sm.getString("coyoteAdapter.parseSession", enc), uee);
}
- request.setRequestedSessionURL(true);
-
} else {
request.setRequestedSessionId(null);
request.setRequestedSessionURL(false);
Modified:
tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/LocalStrings.properties
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/LocalStrings.properties?rev=821386&r1=821385&r2=821386&view=diff
==============================================================================
---
tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/LocalStrings.properties
(original)
+++
tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/LocalStrings.properties
Sat Oct 3 18:23:22 2009
@@ -36,6 +36,7 @@
#
coyoteAdapter.service=An exception or error occurred in the container during
the request processing
coyoteAdapter.read=The servlet did not read all available bytes during the
processing of the read event
+coyoteAdapter.parseSession=Unable to parse the session ID using encoding
[{0}]. The session ID in the URL will be ignored.
#
# CoyoteResponse
Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=821386&r1=821385&r2=821386&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Sat Oct 3 18:23:22 2009
@@ -220,6 +220,10 @@
mapper. (markt)
</fix>
<fix>
+ <bug>47320</bug>: Don't rely on the platform default encoding being
+ suitable to parse the session ID. (markt)
+ </fix>
+ <fix>
<bug>47499</bug>: Don't swallow bind exceptions. (markt)
</fix>
</changelog>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
