351199 - HttpServletResponse.encodeURL() wrongly encodes an url without path when cookies are disabled

git-svn-id: svn+ssh://dev.eclipse.org/svnroot/rt/org.eclipse.jetty/jetty/trunk@3465 7e9141cc-0065-0410-87d8-b60c137991c4

VERSION.txt

@@ -3,6 +3,7 @@ jetty-7.4.4-SNAPSHOT
  + 308851 Converted all jetty-client module tests to JUnit 4
  + 345268 JDBCSessionManager does not work with maxInactiveInterval = -1
  + 351039 Forward dispatch should retain locale
+ + 351199 HttpServletResponse.encodeURL() wrongly encodes an url without path when cookies are disabled
 
 jetty-7.4.3.v20110701 01 July 2011
  + 295832 ProxyServlet more extensible and configurable

jetty-server/src/main/java/org/eclipse/jetty/server/Response.java

@@ -148,15 +148,18 @@ public class Response implements HttpServletResponse
         if (sessionManager==null)
             return url;
         
+        HttpURI uri = null;
         if (sessionManager.isCheckingRemoteSessionIdEncoding() && URIUtil.hasScheme(url))
         {
-            HttpURI uri = new HttpURI(url);
+            uri = new HttpURI(url);
+            String path = uri.getPath();
+            path = (path == null?"":path);
             int port=uri.getPort();
             if (port<0) 
                 port = HttpSchemes.HTTPS.equalsIgnoreCase(uri.getScheme())?443:80;
             if (!request.getServerName().equalsIgnoreCase(uri.getHost()) ||
                 request.getServerPort()!=port ||
-                !uri.getPath().startsWith(request.getContextPath()))
+                !path.startsWith(request.getContextPath())) //TODO the root context path is "", with which every non null string starts
                 return url;
         }
         
@@ -197,6 +200,10 @@ public class Response implements HttpServletResponse
 
         String id=sessionManager.getNodeId(session);
 
+        if (uri == null)
+                uri = new HttpURI(url);
+     
+        
         // Already encoded
         int prefix=url.indexOf(sessionURLPrefix);
         if (prefix!=-1)
@@ -216,8 +223,15 @@ public class Response implements HttpServletResponse
         if (suffix<0)
             suffix=url.indexOf('#');
         if (suffix<0) 
-            return url+sessionURLPrefix+id;
+        {          
+            return url+ 
+                   ((HttpSchemes.HTTPS.equalsIgnoreCase(uri.getScheme()) || HttpSchemes.HTTP.equalsIgnoreCase(uri.getScheme())) && uri.getPath()==null?"/":"") + //if no path, insert the root path
+                   sessionURLPrefix+id;
+        }
+     
+        
         return url.substring(0,suffix)+
+            ((HttpSchemes.HTTPS.equalsIgnoreCase(uri.getScheme()) || HttpSchemes.HTTP.equalsIgnoreCase(uri.getScheme())) && uri.getPath()==null?"/":"")+ //if no path so insert the root path
             sessionURLPrefix+id+url.substring(suffix);
     }
 

jetty-server/src/test/java/org/eclipse/jetty/server/HttpURITest.java

@@ -67,6 +67,7 @@ public class HttpURITest
        /*29*/ {"/?x=y",null, null, null,null,"/", null,"x=y",null},
        /*30*/ {"/?abc=test",null, null, null,null,"/", null,"abc=test",null},
        /*31*/ {"/#fragment",null, null, null,null,"/", null,null,"fragment"},
+       /*32*/ {"http://localhost:8080", "http", "//localhost:8080", "localhost", "8080", null, null, null, null}
     };
 
     @Test

jetty-server/src/test/java/org/eclipse/jetty/server/ResponseTest.java

@@ -346,6 +346,21 @@ public class ResponseTest
         assertEquals("http://other:8888/path/info;param?query=0&more=1#target",response.encodeURL("http://other:8888/path/info;param?query=0&more=1#target"));
         assertEquals("http://myhost/path/info;param?query=0&more=1#target",response.encodeURL("http://myhost/path/info;param?query=0&more=1#target"));
         assertEquals("http://myhost:8888/other/info;param?query=0&more=1#target",response.encodeURL("http://myhost:8888/other/info;param?query=0&more=1#target"));
+        
+        request.setContextPath("");
+        assertEquals("http://myhost:8888/;jsessionid=12345",response.encodeURL("http://myhost:8888"));
+        assertEquals("https://myhost:8888/;jsessionid=12345",response.encodeURL("https://myhost:8888"));    
+        assertEquals("mailto:/foo", response.encodeURL("mailto:/foo"));
+        assertEquals("http://myhost:8888/;jsessionid=12345",response.encodeURL("http://myhost:8888/"));
+        assertEquals("http://myhost:8888/;jsessionid=12345", response.encodeURL("http://myhost:8888/;jsessionid=7777"));
+        assertEquals("http://myhost:8888/;param;jsessionid=12345?query=0&more=1#target",response.encodeURL("http://myhost:8888/;param?query=0&more=1#target"));
+        assertEquals("http://other:8888/path/info;param?query=0&more=1#target",response.encodeURL("http://other:8888/path/info;param?query=0&more=1#target"));
+        manager.setCheckingRemoteSessionIdEncoding(false);
+        assertEquals("/foo;jsessionid=12345", response.encodeURL("/foo"));
+        assertEquals("/;jsessionid=12345", response.encodeURL("/"));
+        assertEquals("/foo.html;jsessionid=12345#target", response.encodeURL("/foo.html#target"));
+        assertEquals(";jsessionid=12345", response.encodeURL(""));
+        
     }
 
     @Test