[OS-webwork] JIRA Issue WW-62: Bug in ww:include on Orion [PATCH]

[Erik Beeson]

http://jira.opensymphony.com/secure/ViewIssue.jspa?key=WW-62

I traced this down to
pageContext.getRequest().getRequestDispatcher(resourcePath)
in webwork.view.taglib.IncludeTag. getRD() returns null on orion when the
path is "/foo/../bar.jsp" or "\foo\..\bar.jsp" but work when path is
"/foo/..\bar.jsp". I was discussing this with one of the Orion guys, and
he tried it and said it looked like a quirk on their end. He said he'd
look into it for 1.6.1.

In the mean time, I've got a patch that fixes the problem by flattening
'..' out of the path. This might be a good plan regardless since I'm not
sure what the spec has to say about supporting '..'

Diff is attached.

--Erik

Index: webwork/src/main/webwork/view/taglib/IncludeTag.java
===================================================================
RCS file: /cvsroot/opensymphony/webwork/src/main/webwork/view/taglib/IncludeTag.java,v
retrieving revision 1.12
diff -r1.12 IncludeTag.java
106a107
>         String returnValue;
108,116c109,140
<             return (relativePath);
<         if (!(request instanceof HttpServletRequest))
<             return (relativePath);
<         HttpServletRequest hrequest = (HttpServletRequest) request;
<         String uri = (String)
<                 request.getAttribute("javax.servlet.include.servlet_path");
<         if (uri == null)
<             uri = hrequest.getServletPath();
<         return (uri.substring(0, uri.lastIndexOf('/')) + '/' + relativePath);
---
>             returnValue = relativePath;
>         else if (!(request instanceof HttpServletRequest))
>             returnValue = relativePath;
>         else {
>             HttpServletRequest hrequest = (HttpServletRequest) request;
>             String uri = (String)
>                     request.getAttribute("javax.servlet.include.servlet_path");
>             if (uri == null)
>                 uri = hrequest.getServletPath();
>             returnValue = uri.substring(0, uri.lastIndexOf('/')) + '/' + 
>relativePath;
>         }
>
>         if (returnValue.indexOf("..") != -1) { // Fix Orion bug that can't handle .. 
>in path
>             Stack stack = new Stack();
>             StringTokenizer pathParts = new 
>StringTokenizer(returnValue.replace('\\', '/'), "/");
>             while (pathParts.hasMoreTokens()) {
>                 String part = pathParts.nextToken();
>                 if (part.equals(".."))
>                     stack.pop();
>                 else
>                     stack.push(part);
>             }
>
>             StringBuffer flatPathBuffer = new StringBuffer();
>
>             for (int i = 0; i < stack.size(); i++)
>                 flatPathBuffer.append("/" + stack.elementAt(i));
>
>             returnValue = flatPathBuffer.toString();
>         }
>
>         return returnValue;