Mantis Bugtracker
  

Viewing Issue Simple Details Jump to Notes ] View Advanced ] Issue History ] Print ]
ID Category Severity Reproducibility Date Submitted Last Update
0006217 [Resin] minor always 03-09-19 15:17 03-21-19 16:32
Reporter stbu View Status public  
Assigned To ferg
Priority normal Resolution fixed  
Status closed   Product Version 4.0.61
Summary 0006217: 500 Servlet Exception when .; appears in URL *not* directly after a /
Description When ".;" appears somewhere within the Context-Path of a web-app or a URL in general, but not directly after a "/" then a Servlet Exception is raised rather than a proper Response such as 400 Bad Request / The request contains an illegal URL.

If these ".;" are not allowed to appear within the URL then Resin should rather respond with a 400 than a 500.



500 Servlet Exception

[show] java.lang.IllegalArgumentException: /mywebapp/subfolder/index.;html is
an invalid URL.

java.lang.IllegalArgumentException: /mywebapp/subfolder/index.;html is
an invalid URL.
    at com.caucho.server.dispatch.ServletInvocation.stripPathParameters(ServletInvocation.java:355)
    at com.caucho.server.dispatch.ServletInvocation.setContextURI(ServletInvocation.java:104)
    at com.caucho.server.dispatch.Invocation.setURI(Invocation.java:175)
    at com.caucho.server.dispatch.InvocationDecoder.splitQueryAndUnescape(InvocationDecoder.java:255)
    at com.caucho.server.http.AbstractHttpRequest.buildInvocation(AbstractHttpRequest.java:1594)
    at com.caucho.server.http.AbstractHttpRequest.getInvocation(AbstractHttpRequest.java:1583)
    at com.caucho.server.http.HttpRequest.handleRequest(HttpRequest.java:825)
    at com.caucho.network.listen.TcpSocketLink.dispatchRequest(TcpSocketLink.java:1393)
    at com.caucho.network.listen.TcpSocketLink.handleRequest(TcpSocketLink.java:1349)
    at com.caucho.network.listen.TcpSocketLink.handleRequestsImpl(TcpSocketLink.java:1333)
    at com.caucho.network.listen.TcpSocketLink.handleRequests(TcpSocketLink.java:1241)
    at com.caucho.network.listen.TcpSocketLink.handleAcceptTaskImpl(TcpSocketLink.java:1037)
    at com.caucho.network.listen.ConnectionTask.runThread(ConnectionTask.java:117)
    at com.caucho.network.listen.ConnectionTask.run(ConnectionTask.java:93)
    at com.caucho.network.listen.SocketLinkThreadLauncher.handleTasks(SocketLinkThreadLauncher.java:175)
    at com.caucho.network.listen.TcpSocketAcceptThread.run(TcpSocketAcceptThread.java:61)
    at com.caucho.env.thread2.ResinThread2.runTasks(ResinThread2.java:173)
    at com.caucho.env.thread2.ResinThread2.run(ResinThread2.java:118)

Resin/4.0.61 Server: 'app-0'
Additional Information Steps to reproduce:
Download fresh Resin-4.0.61
cd webapps
mkdir -p mywebapp/subfolder
touch mywebapp/subfolder/index.html

Example problematic Requests causing 500 Servlet Exception
http://localhost:8080/mywebapp/subfolder/index.;html [^]
http://localhost:8080/mywebapp/sub.;folder/index.html [^]
http://localhost:8080/mywebapp.;/subfolder/index.html [^]

Note:
If the ".;" appears directly after a / the result is fine with a 400 Bad Request response such as:
http://localhost:8080/mywebapp/.;subfolder/index.html [^]
http://localhost:8080/mywebapp/subfolder/.;index.html [^]
Attached Files

- Relationships

- Notes
(0006877)
ferg
03-21-19 16:11

server/003y
 

- Issue History
Date Modified Username Field Change
03-09-19 15:17 stbu New Issue
03-09-19 15:17 stbu Issue Monitored: stbu
03-21-19 16:11 ferg Note Added: 0006877
03-21-19 16:11 ferg Assigned To  => ferg
03-21-19 16:11 ferg Status new => assigned
03-21-19 16:11 ferg Resolution open => fixed
03-21-19 16:11 ferg Fixed in Version  => 4.0.62
03-21-19 16:32 ferg Status assigned => closed


Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
30 total queries executed.
26 unique queries executed.
Powered by Mantis Bugtracker