https://issues.apache.org/bugzilla/show_bug.cgi?id=54278
Bug ID: 54278
Summary: Nested quotes inside a quoted log element aren't
escaped
Product: Tomcat 7
Version: 7.0.33
Hardware: PC
OS: Mac OS X 10.4
Status: NEW
Severity: normal
Priority: P2
Component: Catalina
Assignee: [email protected]
Reporter: [email protected]
Classification: Unclassified
We had to created an extended class to handle this, to urlencode the quotes
public void addElement(StringBuffer buf, Date date, Request request,
Response response, long time) {
// CHANGED HERE
String headerStr = request.getHeader(header);
if(headerStr != null){
headerStr = headerStr.replace("\"", "%22");
}
buf.append(headerStr);
}
protected class RequestElement implements AccessLogElement {
public void addElement(StringBuffer buf, Date date, Request request,
Response response, long time) {
if (request != null) {
buf.append(request.getMethod());
buf.append(' ');
//CHANGED HERE
buf.append(request.getRequestURI().replace("\"", "%22"));
if (request.getQueryString() != null) {
buf.append('?');
//CHANGED HERE
buf.append(request.getQueryString().replace("\"", "%22"));
}
buf.append(' ');
buf.append(request.getProtocol());
} else {
buf.append("- - ");
}
}
}
protected class ResponseHeaderElement implements AccessLogElement {
private String header;
public ResponseHeaderElement(String header) {
this.header = header;
}
public void addElement(StringBuffer buf, Date date, Request request,
Response response, long time) {
if (null != response) {
String[] values = response.getHeaderValues(header);
if(values.length > 0) {
for (int i = 0; i < values.length; i++) {
String string = values[i];
//CHANGED HERE
buf.append(string.replace("\"","%22"));
if(i+1<values.length)
buf.append(",");
}
return ;
}
}
buf.append("-");
}
}
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
