[ https://issues.apache.org/jira/browse/WICKET-1627?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Johan Compagner reassigned WICKET-1627: --------------------------------------- Assignee: Johan Compagner > AbstractRequestTargetUrlCodingStrategy improper user of URLEncoder.encode > ------------------------------------------------------------------------- > > Key: WICKET-1627 > URL: https://issues.apache.org/jira/browse/WICKET-1627 > Project: Wicket > Issue Type: Bug > Components: wicket > Affects Versions: 1.3.1, 1.3.2, 1.3.3, 1.4-M1 > Environment: Tomcat or Jetty (probably others) > Reporter: Doug Donohoe > Assignee: Johan Compagner > Fix For: 1.4-M3 > > Attachments: 1627and1624.v4.patch > > > The use of URLEncoder.encode is incorrect in this scenario. The URLEncoder > is meant for encoding query string values - not values that appear in the > path portion of a URI. > Because the AbstractRequestTargetUrlCodingStrategy is used by other classes > to encode values that appear in the path, problems can occur when that path > has spaces. For example, the parameter "message with spaces > and+some+pluses" is encoded as follows in a URL: > http://localhost:8080/bugs/home/message/message+with+spaces+and%2Bsome%2Bpluses/ > However, the resulting request.getServletPath() call returns this: > /home/message/message+with+spaces+and+some+plusses=bug/ > Note that the + in the path are not turned back into spaces. This is the > correct behavior and is seen in both Tomcat and Jetty. > See the RFC (http://www.ietf.org/rfc/rfc2396.txt) for a full description of > what should or should not be encoded. > /** > * Url encodes a string > * > * @param string > * string to be encoded > * @return encoded string > */ > protected String urlEncode(String string) > { > try > { > return URLEncoder.encode(string, > Application.get().getRequestCycleSettings() > .getResponseRequestEncoding()); > } > catch (UnsupportedEncodingException e) > { > log.error(e.getMessage(), e); > return string; > } > } -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.