[jboss-jira] [JBoss JIRA] Commented: (JBWEB-181) Allow rewriting URLs for other contexts

Mike Millson (JIRA) jira-events at lists.jboss.org
Wed Sep 29 10:00:40 EDT 2010 

    [ https://jira.jboss.org/browse/JBWEB-181?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12554000#action_12554000 ] 

Mike Millson commented on JBWEB-181:
------------------------------------

Test case:
1) Deploy the attached JSessionId.war.

2) Request the default home page as follows:
curl http://localhost:8080/JSessionId/

3) Output should show that the /Home context does not have the jsessionid rewritten into it:
/Home: /Home <br />
<p />
Home: Home;jsessionid=84938A7D12FF6CC04E6ED9FB5E085F48 <br />
<p />
-: -;jsessionid=84938A7D12FF6CC04E6ED9FB5E085F48 <br />
<p />
test: http://localhost:8080/JSessionId/Home;jsessionid=84938A7D12FF6CC04E6ED9FB5E085F48 <br />
<p />
test2: http://localhost:8080/Home <br /> 

4) Restart JBoss setting the following environment variable:
-Dorg.apache.catalina.connector.Response.REWRITE_CONTEXT_CHECK=false

5) Request the default home page as follows:
curl http://localhost:8080/JSessionId/

6) Output should show that the /Home context does have the jsessionid rewritten into it:
/Home: /Home;jsessionid=81613F61B22173E7A571ED11ECF2C0A3 <br />
<p />
Home: Home;jsessionid=81613F61B22173E7A571ED11ECF2C0A3 <br />
<p />
-: -;jsessionid=81613F61B22173E7A571ED11ECF2C0A3 <br />
<p />
test: http://localhost:8080/JSessionId/Home;jsessionid=81613F61B22173E7A571ED11ECF2C0A3 <br />
<p />
test2: http://localhost:8080/Home;jsessionid=81613F61B22173E7A571ED11ECF2C0A3 <br / 


> Allow rewriting URLs for other contexts
> ---------------------------------------
>
>                 Key: JBWEB-181
>                 URL: https://jira.jboss.org/browse/JBWEB-181
>             Project: JBoss Web
>          Issue Type: Bug
>      Security Level: Public(Everyone can see) 
>          Components: Core
>    Affects Versions: JBossWeb-3.0.0.Beta7
>            Reporter: Mike Millson
>            Assignee: Remy Maucherat
>             Fix For: JBossWeb-3.0.0.Beta8
>
>         Attachments: JBWEB-181.patch, JSessionId.war.tar.gz
>
>
> Line 1537 of o.a.c.c.Response.doIsEncodeable()[1] checks that the URL context matches the webapp context:
> if ((file == null) || !file.startsWith(contextPath))
>     return (false);
> There are use cases where a URL would need to be rewritten but not be the same context as the webapp. In addition, Weblogic apparently does not make this check, so it is an issue migrating from Weblogic.
> Can we remove this check, or add a flag where it can be configured to be removed?
> [1]http://viewvc.jboss.org/cgi-bin/viewvc.cgi/jbossweb/branches/2.1.x/java/org/apache/catalina/connector/Response.java?view=annotate

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list