[jira] Assigned: (WICKET-1627) AbstractRequestTargetUrlCodingStrategy improper user of URLEncoder.encode

Mon, 19 May 2008 14:14:32 -0700 

     [ 
https://issues.apache.org/jira/browse/WICKET-1627?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Johan Compagner reassigned WICKET-1627:
---------------------------------------

    Assignee: Johan Compagner

> AbstractRequestTargetUrlCodingStrategy improper user of URLEncoder.encode
> -------------------------------------------------------------------------
>
>                 Key: WICKET-1627
>                 URL: https://issues.apache.org/jira/browse/WICKET-1627
>             Project: Wicket
>          Issue Type: Bug
>          Components: wicket
>    Affects Versions: 1.3.1, 1.3.2, 1.3.3, 1.4-M1
>         Environment: Tomcat or Jetty (probably others)
>            Reporter: Doug Donohoe
>            Assignee: Johan Compagner
>             Fix For: 1.4-M3
>
>         Attachments: 1627and1624.v4.patch
>
>
> The use of URLEncoder.encode is incorrect in this scenario.  The URLEncoder 
> is meant for encoding query string values - not values that appear in the 
> path portion of a URI.
> Because the AbstractRequestTargetUrlCodingStrategy is used by other classes 
> to encode values that appear in the path, problems can occur when that path 
> has spaces.   For example, the parameter "message with spaces 
> and+some+pluses" is encoded as follows in a URL:
> http://localhost:8080/bugs/home/message/message+with+spaces+and%2Bsome%2Bpluses/
> However, the resulting request.getServletPath() call returns this:
> /home/message/message+with+spaces+and+some+plusses=bug/ 
> Note that the + in the path are not turned back into spaces.  This is the 
> correct behavior and is seen in both Tomcat and Jetty.
> See the RFC (http://www.ietf.org/rfc/rfc2396.txt) for a full description of 
> what should or should not be encoded.
>       /**
>        * Url encodes a string
>        * 
>        * @param string
>        *            string to be encoded
>        * @return encoded string
>        */
>       protected String urlEncode(String string)
>       {
>               try
>               {
>                       return URLEncoder.encode(string, 
> Application.get().getRequestCycleSettings()
>                                       .getResponseRequestEncoding());
>               }
>               catch (UnsupportedEncodingException e)
>               {
>                       log.error(e.getMessage(), e);
>                       return string;
>               }
>       }

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to