[
https://issues.apache.org/jira/browse/CAMEL-9281?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14985571#comment-14985571
]
Edward Welch commented on CAMEL-9281:
-------------------------------------
My initial suggestion will not work, this is what I'm thinking now:
{code}
if (path != null) {
// if both the path and the uri have slashes, remove a slash from
the uri
// we don't remove it from "path" to handle the case where the path
is equal to "/"
if (path.startsWith("/") && uri.endsWith("/")) {
uri = uri.substring(0, uri.length());
}
if (path.length() > 0) {
// make sure that there is exactly one "/" between HTTP_URI and
// HTTP_PATH
if (!uri.endsWith("/") && !path.startsWith("/")) {
uri = uri + "/";
}
uri = uri.concat(path);
}
}
{code}
I haven't tested all the cases yet, just wanted to get some opinions if this
solution looks workable?
Also, if I were going to make a PR, is it ok if I make my PR branch from
2.15.x? I get a lot more build errors from master and would be easier to work
with 2.15.x branch
> Http4 component removes trailing slashes from http requests (producer)
> ----------------------------------------------------------------------
>
> Key: CAMEL-9281
> URL: https://issues.apache.org/jira/browse/CAMEL-9281
> Project: Camel
> Issue Type: Bug
> Components: camel-http, camel-http4
> Affects Versions: 2.15.4
> Reporter: Edward Welch
>
> I have created a scenario which seems to exploit a bug in the HttpHelper
> createURL method.
> My use case:
> Using http4 component in an http proxy with bridgeEndpoint true
> Send a request such as http://somesite/contextpath
> Request is forwarded by my proxy to a tomcat server. Tomcat will reply with
> a 302 and a new Location of http://somesite/contextpath/ as this is a built
> in behavior of tomcat to redirect the caller to the contextpath INCLUDING the
> trailing slash
> I have http client configured with httpClient.redirectsEnabled=false
> Therefore the 302 is sent back through my proxy to the caller.
> The caller then makes the call to http://somesite/contextpath/
> This is where the problem occurs, within the createUrl method:
> {code}
> String path = exchange.getIn().getHeader(Exchange.HTTP_PATH,
> String.class);
> // NOW the HTTP_PATH is just related path, we don't need to trim it
> if (path != null) {
> if (path.startsWith("/")) {
> path = path.substring(1);
> }
> if (path.length() > 0) {
> // make sure that there is exactly one "/" between HTTP_URI
> and
> // HTTP_PATH
> if (!uri.endsWith("/")) {
> uri = uri + "/";
> }
> uri = uri.concat(path);
> }
> }
> {code}
> When the second request is made with the trailing slash, the string "path" is
> / (just a single forward slash)
> This hits the first conditional and results in true, which the following
> substring then removes this slash.
> Now path.length() is not > 0 so the second conditional evaluates false.
> And we end up with a uri returned that no longer has the trailing slash.
> This is sent to Tomcat, Tomcat then promptly returns another 302 and a
> redirect loop is created.
> I think the intent of this block of code is to combine the uri and path and
> make sure there isn't a duplicate forward slash?
> So the simplest fix I can suggest would be something like
> {code}
> String path = exchange.getIn().getHeader(Exchange.HTTP_PATH,
> String.class);
> // NOW the HTTP_PATH is just related path, we don't need to trim it
> if (path != null && ! path.equals("/")) {
> if (path.startsWith("/")) {
> path = path.substring(1);
> }
> if (path.length() > 0) {
> // make sure that there is exactly one "/" between HTTP_URI
> and
> // HTTP_PATH
> if (!uri.endsWith("/")) {
> uri = uri + "/";
> }
> uri = uri.concat(path);
> }
> }
> {code}
> Where we would just check for this case explicitly with:
> if (path != null && ! path.equals("/")) {
> Thoughts?
> I could probably put together a PR and add some test cases
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
