svn commit: r821386 - in /tomcat/tc6.0.x/trunk: ./ STATUS.txt java/org/apache/catalina/connector/CoyoteAdapter.java java/org/apache/catalina/connector/LocalStrings.properties webapps/docs/changelog.xml

Sat, 03 Oct 2009 11:24:22 -0700 

Author: markt
Date: Sat Oct  3 18:23:22 2009
New Revision: 821386

URL: http://svn.apache.org/viewvc?rev=821386&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=47320
Don't rely on the platform default encoding being suitable to parse the session 
ID

Modified:
    tomcat/tc6.0.x/trunk/   (props changed)
    tomcat/tc6.0.x/trunk/STATUS.txt
    tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
    
tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/LocalStrings.properties
    tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc6.0.x/trunk/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Sat Oct  3 18:23:22 2009
@@ -1 +1 @@
-/tomcat/trunk:601180,606992,612607,630314,640888,652744,653247,673796,673820,677910,683982,684001,684081,684234,684269-684270,685177,687503,687645,689402,690781,691392,691805,692748,693378,694992,695053,695311,696780,696782,698012,698227,698236,698613,699427,699634,701355,709294,709811,709816,710063,710066,710125,710205,711126,711600,712461,712467,718360,719119,719124,719602,719626,719628,720046,720069,721040,721286,721708,721886,723404,723738,726052,727303,728032,728768,728947,729057,729567,729569,729571,729681,729809,729815,729934,730250,730590,731651,732859,732863,734734,740675,740684,742677,742697,742714,744160,744238,746321,746384,746425,747834,747863,748344,750258,750291,750921,751286-751287,751289,751295,753039,757335,757774,758365,758596,758616,758664,759074,761601,762868,762929,762936-762937,763166,763183,763193,763228,763262,763298,763302,763325,763599,763611,763654,763681,763706,764985,764997,765662,768335,769979,770716,770809,770876,776921,776924,776935,776945,77
 
7464,777466,777576,777625,778379,778523-778524,781528,781779,782145,782791,783316,783696,783724,783756,783762,783766,783863,783934,784453,784602,784614,785381,785688,785768,785859,786468,786487,786490,786496,786667,787627,787770,787985,789389,790405,791041,791184,791194,791243,791326,791328,791789,792740,793372,793757,793882,793981,794082,794673,794822,795043,795152,795210,795457,795466,797168,797425,797596,797607,802727,802940,804462,804544,804734,805153,809603,812125,812137,812432,813001,813013,813866,814180,815972,817442
+/tomcat/trunk:601180,606992,612607,630314,640888,652744,653247,673796,673820,677910,683982,684001,684081,684234,684269-684270,685177,687503,687645,689402,690781,691392,691805,692748,693378,694992,695053,695311,696780,696782,698012,698227,698236,698613,699427,699634,701355,709294,709811,709816,710063,710066,710125,710205,711126,711600,712461,712467,718360,719119,719124,719602,719626,719628,720046,720069,721040,721286,721708,721886,723404,723738,726052,727303,728032,728768,728947,729057,729567,729569,729571,729681,729809,729815,729934,730250,730590,731651,732859,732863,734734,740675,740684,742677,742697,742714,744160,744238,746321,746384,746425,747834,747863,748344,750258,750291,750921,751286-751287,751289,751295,753039,757335,757774,758365,758596,758616,758664,759074,761601,762868,762929,762936-762937,763166,763183,763193,763228,763262,763298,763302,763325,763599,763611,763654,763681,763706,764985,764997,765662,768335,769979,770716,770809,770876,776921,776924,776935,776945,77
 
7464,777466,777576,777625,778379,778523-778524,781528,781779,782145,782791,783316,783696,783724,783756,783762,783766,783863,783934,784453,784602,784614,785381,785688,785768,785859,786468,786487,786490,786496,786667,787627,787770,787985,789389,790405,791041,791184,791194,791243,791326,791328,791789,792740,793372,793757,793882,793981,794082,794673,794822,795043,795152,795210,795457,795466,797168,797425,797596,797607,802727,802940,804462,804544,804734,805153,809603,812125,812137,812432,813001,813013,813866,814180,815972,817442,819339

Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=821386&r1=821385&r2=821386&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Sat Oct  3 18:23:22 2009
@@ -320,13 +320,6 @@
   +1: rjung, pero
   -1: 
 
-* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=47320
-  Don't rely on the platform default encoding being suitable to parse the
-  session ID
-  http://svn.apache.org/viewvc?rev=819339&view=rev
-  +1: markt, pero, kkolinko
-  -1: 
-
 * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=47324
   Correct submit URL so it works behind a reverse proxy for session list page
   Patch by Maik Jablonski

Modified: 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java?rev=821386&r1=821385&r2=821386&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java 
(original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java 
Sat Oct  3 18:23:22 2009
@@ -19,6 +19,7 @@
 package org.apache.catalina.connector;
 
 import java.io.IOException;
+import java.io.UnsupportedEncodingException;
 
 import org.apache.catalina.CometEvent;
 import org.apache.catalina.Context;
@@ -521,6 +522,12 @@
         int semicolon = uriBC.indexOf(match, 0, match.length(), 0);
 
         if (semicolon > 0) {
+            // What encoding to use? Some platforms, eg z/os, use a default
+            // encoding that doesn't give the expected result so be explicit 
+            String enc = connector.getURIEncoding();
+            if (enc == null) {
+                enc = "ISO-8859-1";
+            }
 
             // Parse session ID, and extract it from the decoded request URI
             int start = uriBC.getStart();
@@ -528,25 +535,32 @@
 
             int sessionIdStart = semicolon + match.length();
             int semicolon2 = uriBC.indexOf(';', sessionIdStart);
-            if (semicolon2 >= 0) {
-                request.setRequestedSessionId
-                    (new String(uriBC.getBuffer(), start + sessionIdStart, 
-                            semicolon2 - sessionIdStart));
-                // Extract session ID from request URI
-                byte[] buf = uriBC.getBuffer();
-                for (int i = 0; i < end - start - semicolon2; i++) {
-                    buf[start + semicolon + i] 
-                        = buf[start + i + semicolon2];
-                }
-                uriBC.setBytes(buf, start, end - start - semicolon2 + 
semicolon);
-            } else {
-                request.setRequestedSessionId
-                    (new String(uriBC.getBuffer(), start + sessionIdStart, 
-                            (end - start) - sessionIdStart));
-                uriBC.setEnd(start + semicolon);
+            try {
+                if (semicolon2 >= 0) {
+                    request.setRequestedSessionId
+                        (new String(uriBC.getBuffer(), start + sessionIdStart,
+                                semicolon2 - sessionIdStart, enc));
+                    // Extract session ID from request URI
+                    byte[] buf = uriBC.getBuffer();
+                    for (int i = 0; i < end - start - semicolon2; i++) {
+                        buf[start + semicolon + i] 
+                            = buf[start + i + semicolon2];
+                    }
+                    uriBC.setBytes(buf, start,
+                            end - start - semicolon2 + semicolon);
+                } else {
+                    request.setRequestedSessionId
+                        (new String(uriBC.getBuffer(), start + sessionIdStart, 
+                                (end - start) - sessionIdStart, enc));
+                    uriBC.setEnd(start + semicolon);
+                }
+                request.setRequestedSessionURL(true);
+            } catch (UnsupportedEncodingException uee) {
+                // Make sure no session ID is returned
+                request.setRequestedSessionId(null);
+                request.setRequestedSessionURL(false);
+                log.warn(sm.getString("coyoteAdapter.parseSession", enc), uee);
             }
-            request.setRequestedSessionURL(true);
-
         } else {
             request.setRequestedSessionId(null);
             request.setRequestedSessionURL(false);

Modified: 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/LocalStrings.properties
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/LocalStrings.properties?rev=821386&r1=821385&r2=821386&view=diff
==============================================================================
--- 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/LocalStrings.properties 
(original)
+++ 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/LocalStrings.properties 
Sat Oct  3 18:23:22 2009
@@ -36,6 +36,7 @@
 #
 coyoteAdapter.service=An exception or error occurred in the container during 
the request processing
 coyoteAdapter.read=The servlet did not read all available bytes during the 
processing of the read event
+coyoteAdapter.parseSession=Unable to parse the session ID using encoding 
[{0}]. The session ID in the URL will be ignored.
 
 #
 # CoyoteResponse

Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=821386&r1=821385&r2=821386&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Sat Oct  3 18:23:22 2009
@@ -220,6 +220,10 @@
         mapper. (markt)
       </fix>
       <fix>
+        <bug>47320</bug>: Don't rely on the platform default encoding being
+        suitable to parse the session ID. (markt)
+      </fix>
+      <fix>
         <bug>47499</bug>: Don't swallow bind exceptions. (markt)
       </fix>
     </changelog>



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to