2013/1/10 Mark Thomas <ma...@apache.org>: > On 10/01/2013 15:45, r...@apache.org wrote: >> Author: remm >> Date: Thu Jan 10 15:45:47 2013 >> New Revision: 1431444 >> >> URL: http://svn.apache.org/viewvc?rev=1431444&view=rev > > <snip/> > >> + // The URL is chars or String, and has been sent using an >> in-memory >> + // protocol handler, we have to assume the URL has been properly >> + // decoded already >> + decodedURI.toChars(); >> + // Remove any path parameters >> + CharChunk uriCC = decodedURI.getCharChunk(); >> + int semicolon = uriCC.indexOf(';'); >> + if (semicolon > 0) { >> + decodedURI.setChars >> + (uriCC.getBuffer(), uriCC.getStart(), semicolon); >> + } > > The code is based on the assumption that path parameters will only ever > appear at the end of the URL. While that is the typically case, it is > not guaranteed to be the case. > > While I would prefer to see correct path parameter parsing, as a minimum > there needs to be a something along the lines of a TODO comment at that > point in the code to highlight the short-cut that is being taken. >
About the updated comment: > - // Remove any path parameters > + // Remove all path parameters; any needed path parameter should > be set > + // using the request object rather than passing it in the URL If we do not expect path parameters to be passed here, I would better throw new IllegalArgumentException() rather than silently changing the data. Best regards, Konstantin Kolinko --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
