Mantis Bugtracker
  

Viewing Issue Advanced Details Jump to Notes ] View Simple ] Issue History ] Print ]
ID Category Severity Reproducibility Date Submitted Last Update
0006217 [Resin] minor always 03-09-19 15:17 03-21-19 16:32
Reporter stbu View Status public  
Assigned To ferg
Priority normal Resolution fixed Platform
Status closed   OS
Projection none   OS Version
ETA none Fixed in Version 4.0.62 Product Version 4.0.61
  Product Build
Summary 0006217: 500 Servlet Exception when .; appears in URL *not* directly after a /
Description When ".;" appears somewhere within the Context-Path of a web-app or a URL in general, but not directly after a "/" then a Servlet Exception is raised rather than a proper Response such as 400 Bad Request / The request contains an illegal URL.

If these ".;" are not allowed to appear within the URL then Resin should rather respond with a 400 than a 500.



500 Servlet Exception

[show] java.lang.IllegalArgumentException: /mywebapp/subfolder/index.;html is
an invalid URL.

java.lang.IllegalArgumentException: /mywebapp/subfolder/index.;html is
an invalid URL.
    at com.caucho.server.dispatch.ServletInvocation.stripPathParameters(ServletInvocation.java:355)
    at com.caucho.server.dispatch.ServletInvocation.setContextURI(ServletInvocation.java:104)
    at com.caucho.server.dispatch.Invocation.setURI(Invocation.java:175)
    at com.caucho.server.dispatch.InvocationDecoder.splitQueryAndUnescape(InvocationDecoder.java:255)
    at com.caucho.server.http.AbstractHttpRequest.buildInvocation(AbstractHttpRequest.java:1594)
    at com.caucho.server.http.AbstractHttpRequest.getInvocation(AbstractHttpRequest.java:1583)
    at com.caucho.server.http.HttpRequest.handleRequest(HttpRequest.java:825)
    at com.caucho.network.listen.TcpSocketLink.dispatchRequest(TcpSocketLink.java:1393)
    at com.caucho.network.listen.TcpSocketLink.handleRequest(TcpSocketLink.java:1349)
    at com.caucho.network.listen.TcpSocketLink.handleRequestsImpl(TcpSocketLink.java:1333)
    at com.caucho.network.listen.TcpSocketLink.handleRequests(TcpSocketLink.java:1241)
    at com.caucho.network.listen.TcpSocketLink.handleAcceptTaskImpl(TcpSocketLink.java:1037)
    at com.caucho.network.listen.ConnectionTask.runThread(ConnectionTask.java:117)
    at com.caucho.network.listen.ConnectionTask.run(ConnectionTask.java:93)
    at com.caucho.network.listen.SocketLinkThreadLauncher.handleTasks(SocketLinkThreadLauncher.java:175)
    at com.caucho.network.listen.TcpSocketAcceptThread.run(TcpSocketAcceptThread.java:61)
    at com.caucho.env.thread2.ResinThread2.runTasks(ResinThread2.java:173)
    at com.caucho.env.thread2.ResinThread2.run(ResinThread2.java:118)

Resin/4.0.61 Server: 'app-0'
Steps To Reproduce
Additional Information Steps to reproduce:
Download fresh Resin-4.0.61
cd webapps
mkdir -p mywebapp/subfolder
touch mywebapp/subfolder/index.html

Example problematic Requests causing 500 Servlet Exception
http://localhost:8080/mywebapp/subfolder/index.;html [^]
http://localhost:8080/mywebapp/sub.;folder/index.html [^]
http://localhost:8080/mywebapp.;/subfolder/index.html [^]

Note:
If the ".;" appears directly after a / the result is fine with a 400 Bad Request response such as:
http://localhost:8080/mywebapp/.;subfolder/index.html [^]
http://localhost:8080/mywebapp/subfolder/.;index.html [^]
Attached Files

- Relationships

- Notes
(0006877)
ferg
03-21-19 16:11

server/003y
 

- Issue History
Date Modified Username Field Change
03-09-19 15:17 stbu New Issue
03-09-19 15:17 stbu Issue Monitored: stbu
03-21-19 16:11 ferg Note Added: 0006877
03-21-19 16:11 ferg Assigned To  => ferg
03-21-19 16:11 ferg Status new => assigned
03-21-19 16:11 ferg Resolution open => fixed
03-21-19 16:11 ferg Fixed in Version  => 4.0.62
03-21-19 16:32 ferg Status assigned => closed


Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
30 total queries executed.
26 unique queries executed.
Powered by Mantis Bugtracker