Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

410405 Avoid NPE for requestDispatcher(../) 

Test double encoded dot dot
This commit is contained in:
Greg Wilkins 2013-06-11 15:30:40 +10:00
parent 9b8a78392c
commit 2d661f18dd
2 changed files with 14 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
jetty-server/src/main/java/org/eclipse/jetty/server/handler/ContextHandler.java
View File

@ -1867,8 +1867,6 @@ public class ContextHandler extends ScopedHandler implements Attributes, Server.
query = uriInContext.substring(q + 1);
uriInContext = uriInContext.substring(0,q);
}
// if ((q = uriInContext.indexOf(';')) > 0)
// uriInContext = uriInContext.substring(0,q);
String pathInContext = URIUtil.canonicalPath(URIUtil.decodePath(uriInContext));
if (pathInContext!=null)

15
jetty-servlet/src/test/java/org/eclipse/jetty/servlet/DispatcherTest.java
View File

@ -232,7 +232,20 @@ public class DispatcherTest
_contextHandler.addServlet(DispatchServletServlet.class, "/dispatch/*");
_contextHandler.addServlet(RogerThatServlet.class, "/roger/that");
String requests="GET /context/dispatch/test?forward=%2e%2e/roger/that HTTP/1.0\n" + "Host: localhost\n\n";
String requests="GET /context/dispatch/test?forward=/%2e%2e/roger/that HTTP/1.0\n" + "Host: localhost\n\n";
String responses = _connector.getResponses(requests);
assertThat(responses,startsWith("HTTP/1.1 404 "));
}
@Test
public void testServletForwardEncodedDotDot() throws Exception
{
_contextHandler.addServlet(DispatchServletServlet.class, "/dispatch/*");
_contextHandler.addServlet(RogerThatServlet.class, "/roger/that");
String requests="GET /context/dispatch/test?forward=/%252e%252e/roger/that HTTP/1.0\n" + "Host: localhost\n\n";
String responses = _connector.getResponses(requests);