351199 - HttpServletResponse.encodeURL() wrongly encodes an url without path when cookies are disabled
git-svn-id: svn+ssh://dev.eclipse.org/svnroot/rt/org.eclipse.jetty/jetty/trunk@3465 7e9141cc-0065-0410-87d8-b60c137991c4
This commit is contained in:
parent
f7ee9a98ee
commit
c88fc8cd25
|
@ -3,6 +3,7 @@ jetty-7.4.4-SNAPSHOT
|
|||
+ 308851 Converted all jetty-client module tests to JUnit 4
|
||||
+ 345268 JDBCSessionManager does not work with maxInactiveInterval = -1
|
||||
+ 351039 Forward dispatch should retain locale
|
||||
+ 351199 HttpServletResponse.encodeURL() wrongly encodes an url without path when cookies are disabled
|
||||
|
||||
jetty-7.4.3.v20110701 01 July 2011
|
||||
+ 295832 ProxyServlet more extensible and configurable
|
||||
|
|
|
@ -148,15 +148,18 @@ public class Response implements HttpServletResponse
|
|||
if (sessionManager==null)
|
||||
return url;
|
||||
|
||||
HttpURI uri = null;
|
||||
if (sessionManager.isCheckingRemoteSessionIdEncoding() && URIUtil.hasScheme(url))
|
||||
{
|
||||
HttpURI uri = new HttpURI(url);
|
||||
uri = new HttpURI(url);
|
||||
String path = uri.getPath();
|
||||
path = (path == null?"":path);
|
||||
int port=uri.getPort();
|
||||
if (port<0)
|
||||
port = HttpSchemes.HTTPS.equalsIgnoreCase(uri.getScheme())?443:80;
|
||||
if (!request.getServerName().equalsIgnoreCase(uri.getHost()) ||
|
||||
request.getServerPort()!=port ||
|
||||
!uri.getPath().startsWith(request.getContextPath()))
|
||||
!path.startsWith(request.getContextPath())) //TODO the root context path is "", with which every non null string starts
|
||||
return url;
|
||||
}
|
||||
|
||||
|
@ -197,6 +200,10 @@ public class Response implements HttpServletResponse
|
|||
|
||||
String id=sessionManager.getNodeId(session);
|
||||
|
||||
if (uri == null)
|
||||
uri = new HttpURI(url);
|
||||
|
||||
|
||||
// Already encoded
|
||||
int prefix=url.indexOf(sessionURLPrefix);
|
||||
if (prefix!=-1)
|
||||
|
@ -215,9 +222,16 @@ public class Response implements HttpServletResponse
|
|||
int suffix=url.indexOf('?');
|
||||
if (suffix<0)
|
||||
suffix=url.indexOf('#');
|
||||
if (suffix<0)
|
||||
return url+sessionURLPrefix+id;
|
||||
if (suffix<0)
|
||||
{
|
||||
return url+
|
||||
((HttpSchemes.HTTPS.equalsIgnoreCase(uri.getScheme()) || HttpSchemes.HTTP.equalsIgnoreCase(uri.getScheme())) && uri.getPath()==null?"/":"") + //if no path, insert the root path
|
||||
sessionURLPrefix+id;
|
||||
}
|
||||
|
||||
|
||||
return url.substring(0,suffix)+
|
||||
((HttpSchemes.HTTPS.equalsIgnoreCase(uri.getScheme()) || HttpSchemes.HTTP.equalsIgnoreCase(uri.getScheme())) && uri.getPath()==null?"/":"")+ //if no path so insert the root path
|
||||
sessionURLPrefix+id+url.substring(suffix);
|
||||
}
|
||||
|
||||
|
|
|
@ -67,6 +67,7 @@ public class HttpURITest
|
|||
/*29*/ {"/?x=y",null, null, null,null,"/", null,"x=y",null},
|
||||
/*30*/ {"/?abc=test",null, null, null,null,"/", null,"abc=test",null},
|
||||
/*31*/ {"/#fragment",null, null, null,null,"/", null,null,"fragment"},
|
||||
/*32*/ {"http://localhost:8080", "http", "//localhost:8080", "localhost", "8080", null, null, null, null}
|
||||
};
|
||||
|
||||
@Test
|
||||
|
|
|
@ -346,6 +346,21 @@ public class ResponseTest
|
|||
assertEquals("http://other:8888/path/info;param?query=0&more=1#target",response.encodeURL("http://other:8888/path/info;param?query=0&more=1#target"));
|
||||
assertEquals("http://myhost/path/info;param?query=0&more=1#target",response.encodeURL("http://myhost/path/info;param?query=0&more=1#target"));
|
||||
assertEquals("http://myhost:8888/other/info;param?query=0&more=1#target",response.encodeURL("http://myhost:8888/other/info;param?query=0&more=1#target"));
|
||||
|
||||
request.setContextPath("");
|
||||
assertEquals("http://myhost:8888/;jsessionid=12345",response.encodeURL("http://myhost:8888"));
|
||||
assertEquals("https://myhost:8888/;jsessionid=12345",response.encodeURL("https://myhost:8888"));
|
||||
assertEquals("mailto:/foo", response.encodeURL("mailto:/foo"));
|
||||
assertEquals("http://myhost:8888/;jsessionid=12345",response.encodeURL("http://myhost:8888/"));
|
||||
assertEquals("http://myhost:8888/;jsessionid=12345", response.encodeURL("http://myhost:8888/;jsessionid=7777"));
|
||||
assertEquals("http://myhost:8888/;param;jsessionid=12345?query=0&more=1#target",response.encodeURL("http://myhost:8888/;param?query=0&more=1#target"));
|
||||
assertEquals("http://other:8888/path/info;param?query=0&more=1#target",response.encodeURL("http://other:8888/path/info;param?query=0&more=1#target"));
|
||||
manager.setCheckingRemoteSessionIdEncoding(false);
|
||||
assertEquals("/foo;jsessionid=12345", response.encodeURL("/foo"));
|
||||
assertEquals("/;jsessionid=12345", response.encodeURL("/"));
|
||||
assertEquals("/foo.html;jsessionid=12345#target", response.encodeURL("/foo.html#target"));
|
||||
assertEquals(";jsessionid=12345", response.encodeURL(""));
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
Loading…
Reference in New Issue