[jboss-jira] [JBoss JIRA] (WFLY-3279) HttpServletResponse.sendRedirect() not working for relative URL
Mehboob Alam (JIRA)
issues at jboss.org
Tue Apr 22 17:24:33 EDT 2014
[ https://issues.jboss.org/browse/WFLY-3279?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Mehboob Alam updated WFLY-3279:
-------------------------------
Description:
I cannot get HttpServletResponse.sendRedirect() to work correctly. This only happens to me with Wildfly. It works on previous versions of JBoss EAP/AS and several other app servers where I tested the scenario.
The sample app has two servlet. I navigate from one to the other using sendRedirect. The key seems to be relative path in the form "../whatever/whatever" is not working.
To test this, I enter my app's URL like this-
http://localhost:8080/helloworld/hello
Then, inside the first servlet, I do a redirect -
String url = "../goodbye/bye";
response.sendRedirect(response.encodeRedirectURL(url));
wildfly 8 gives me a HTTP Status 404. wildfly 8.1 CR1 gives me a HTTP Status 403. All other app server works. It takes me to this url:
http://localhost:8080/goodbye/bye
JBoss eap-6-1-0
Status Host Path
302 localhost:8080 /helloworld/hello
200 localhost:8080 /goodbye/bye/
WildFly 8.0 Final
Status Host Path
302 localhost:8080 /helloworld/hello
404 localhost:8080 /helloworld/
WildFly 8.1.0 CR1 Final
Status Host Path
302 localhost:8080 /helloworld/hello
403 localhost:8080 /helloworld/
This behavior also appears to be different than that of java.net.URL,
public URL(URL context, String spec)
throws MalformedURLException
which states this: If the spec's path component begins with a slash character "/" then the path is treated as absolute and the spec path replaces the context path.
Otherwise, the path is treated as a relative path and is appended to the context path, as described in RFC2396. Also, in this case, the path is canonicalized through the removal of directory changes made by occurences of ".." and ".".
was:
I cannot get HttpServletResponse.sendRedirect() to work correctly. This only happens to me with Wildfly. It works on previous versions of JBoss EAP/AS and several other app servers where I tested the scenario.
The sample app has two servlet. I navigate from one to the other using sendRedirect. The key seems to be relative path in the form "../whatever/whatever" is not working.
To test this, I enter my app's URL like this-
http://localhost:8080/helloworld/hello
Then, inside the first servlet, I do a redirect -
String url = "../goodbye/bye";
response.sendRedirect(response.encodeRedirectURL(url));
wildfly 8 gives me a HTTP Status 404. wildfly 8.1 CR1 gives me a HTTP Status 403. All other app server works. It takes me to this url:
http://localhost:8080/goodbye/bye
JBoss eap-6-1-0
Status Host Path
302 localhost:8080 /helloworld/hello
200 localhost:8080 /goodbye/bye/
WildFly 8.0 Final
Status Host Path
302 localhost:8080 /helloworld/hello
404 localhost:8080 /helloworld/
WildFly 8.1.0 CR1 Final
Status Host Path
302 localhost:8080 /helloworld/hello
403 localhost:8080 /helloworld/
> HttpServletResponse.sendRedirect() not working for relative URL
> ---------------------------------------------------------------
>
> Key: WFLY-3279
> URL: https://issues.jboss.org/browse/WFLY-3279
> Project: WildFly
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Components: Web (Undertow)
> Affects Versions: 8.0.0.Final, 8.1.0.CR1
> Environment: Windows
> Reporter: Mehboob Alam
> Assignee: Stuart Douglas
> Attachments: Recreate_SendRedirect_Problem.ear
>
>
> I cannot get HttpServletResponse.sendRedirect() to work correctly. This only happens to me with Wildfly. It works on previous versions of JBoss EAP/AS and several other app servers where I tested the scenario.
>
> The sample app has two servlet. I navigate from one to the other using sendRedirect. The key seems to be relative path in the form "../whatever/whatever" is not working.
> To test this, I enter my app's URL like this-
> http://localhost:8080/helloworld/hello
> Then, inside the first servlet, I do a redirect -
> String url = "../goodbye/bye";
> response.sendRedirect(response.encodeRedirectURL(url));
> wildfly 8 gives me a HTTP Status 404. wildfly 8.1 CR1 gives me a HTTP Status 403. All other app server works. It takes me to this url:
> http://localhost:8080/goodbye/bye
> JBoss eap-6-1-0
> Status Host Path
> 302 localhost:8080 /helloworld/hello
> 200 localhost:8080 /goodbye/bye/
> WildFly 8.0 Final
> Status Host Path
> 302 localhost:8080 /helloworld/hello
> 404 localhost:8080 /helloworld/
> WildFly 8.1.0 CR1 Final
> Status Host Path
> 302 localhost:8080 /helloworld/hello
> 403 localhost:8080 /helloworld/
> This behavior also appears to be different than that of java.net.URL,
> public URL(URL context, String spec)
> throws MalformedURLException
> which states this: If the spec's path component begins with a slash character "/" then the path is treated as absolute and the spec path replaces the context path.
> Otherwise, the path is treated as a relative path and is appended to the context path, as described in RFC2396. Also, in this case, the path is canonicalized through the removal of directory changes made by occurences of ".." and ".".
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list