|
Mantis - Resin
|
|||||
| Viewing Issue Advanced Details | |||||
|
|
|||||
| ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
| 6217 | minor | always | 03-09-19 15:17 | 03-21-19 16:32 | |
|
|
|||||
| Reporter: | stbu | Platform: | |||
| Assigned To: | ferg | OS: | |||
| Priority: | normal | OS Version: | |||
| Status: | closed | Product Version: | 4.0.61 | ||
| Product Build: | Resolution: | fixed | |||
| Projection: | none | ||||
| ETA: | none | Fixed in Version: | 4.0.62 | ||
|
|
|||||
| Summary: | 0006217: 500 Servlet Exception when .; appears in URL *not* directly after a / | ||||
| Description: |
When ".;" appears somewhere within the Context-Path of a web-app or a URL in general, but not directly after a "/" then a Servlet Exception is raised rather than a proper Response such as 400 Bad Request / The request contains an illegal URL. If these ".;" are not allowed to appear within the URL then Resin should rather respond with a 400 than a 500. 500 Servlet Exception [show] java.lang.IllegalArgumentException: /mywebapp/subfolder/index.;html is an invalid URL. java.lang.IllegalArgumentException: /mywebapp/subfolder/index.;html is an invalid URL. at com.caucho.server.dispatch.ServletInvocation.stripPathParameters(ServletInvocation.java:355) at com.caucho.server.dispatch.ServletInvocation.setContextURI(ServletInvocation.java:104) at com.caucho.server.dispatch.Invocation.setURI(Invocation.java:175) at com.caucho.server.dispatch.InvocationDecoder.splitQueryAndUnescape(InvocationDecoder.java:255) at com.caucho.server.http.AbstractHttpRequest.buildInvocation(AbstractHttpRequest.java:1594) at com.caucho.server.http.AbstractHttpRequest.getInvocation(AbstractHttpRequest.java:1583) at com.caucho.server.http.HttpRequest.handleRequest(HttpRequest.java:825) at com.caucho.network.listen.TcpSocketLink.dispatchRequest(TcpSocketLink.java:1393) at com.caucho.network.listen.TcpSocketLink.handleRequest(TcpSocketLink.java:1349) at com.caucho.network.listen.TcpSocketLink.handleRequestsImpl(TcpSocketLink.java:1333) at com.caucho.network.listen.TcpSocketLink.handleRequests(TcpSocketLink.java:1241) at com.caucho.network.listen.TcpSocketLink.handleAcceptTaskImpl(TcpSocketLink.java:1037) at com.caucho.network.listen.ConnectionTask.runThread(ConnectionTask.java:117) at com.caucho.network.listen.ConnectionTask.run(ConnectionTask.java:93) at com.caucho.network.listen.SocketLinkThreadLauncher.handleTasks(SocketLinkThreadLauncher.java:175) at com.caucho.network.listen.TcpSocketAcceptThread.run(TcpSocketAcceptThread.java:61) at com.caucho.env.thread2.ResinThread2.runTasks(ResinThread2.java:173) at com.caucho.env.thread2.ResinThread2.run(ResinThread2.java:118) Resin/4.0.61 Server: 'app-0' |
||||
| Steps To Reproduce: | |||||
| Additional Information: |
Steps to reproduce: Download fresh Resin-4.0.61 cd webapps mkdir -p mywebapp/subfolder touch mywebapp/subfolder/index.html Example problematic Requests causing 500 Servlet Exception http://localhost:8080/mywebapp/subfolder/index.;html [^] http://localhost:8080/mywebapp/sub.;folder/index.html [^] http://localhost:8080/mywebapp.;/subfolder/index.html [^] Note: If the ".;" appears directly after a / the result is fine with a 400 Bad Request response such as: http://localhost:8080/mywebapp/.;subfolder/index.html [^] http://localhost:8080/mywebapp/subfolder/.;index.html [^] |
||||
| Relationships | |||||
| Attached Files: | |||||
| Notes | |||||
|
|
|||||
|
|
||||