This is an automated email from the ASF dual-hosted git repository.
git-site-role pushed a commit to branch asf-site
in repository https://gitbox.apache.org/repos/asf/tomee-site-pub.git
The following commit(s) were added to refs/heads/asf-site by this push:
new e2c933e [site-publish] source tomee-site-generator
https://github.com/apache/tomee-site-generator
https://ci-builds.apache.org/job/Tomee/job/site-publish
e2c933e is described below
commit e2c933e916012e53d93180f42450f5e0d041e4ad
Author: jenkins <[email protected]>
AuthorDate: Tue Oct 19 12:46:42 2021 +0000
[site-publish] source tomee-site-generator
https://github.com/apache/tomee-site-generator
https://ci-builds.apache.org/job/Tomee/job/site-publish
---
.../jakarta/servlet/http/HttpServletRequest.html | 36 +++++++++++++++++-----
.../servlet/http/HttpServletRequestWrapper.html | 17 ++++++----
2 files changed, 39 insertions(+), 14 deletions(-)
diff --git a/jakartaee-9.0/javadoc/jakarta/servlet/http/HttpServletRequest.html
b/jakartaee-9.0/javadoc/jakarta/servlet/http/HttpServletRequest.html
index edc442e..a018af6 100644
--- a/jakartaee-9.0/javadoc/jakarta/servlet/http/HttpServletRequest.html
+++ b/jakartaee-9.0/javadoc/jakarta/servlet/http/HttpServletRequest.html
@@ -714,9 +714,15 @@ extends <a
href="../../../jakarta/servlet/ServletRequest.html" title="interface
This method returns <code>null</code> if there was no extra path
information.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
-<dd>a <code>String</code>, decoded by the web container, specifying extra path
information that comes after the
- servlet path but before the query string in the request URL; or
<code>null</code> if the URL does not have any extra
- path information</dd>
+<dd>a <code>String</code> specifying extra path information that comes after
the servlet path but before the
+ query string in the request URL; or <code>null</code> if the URL does not
have any extra path information. The path
+ will be canonicalized as per section 3.5 of the specification. This method
will not return any encoded characters
+ unless the container is configured specifically to allow them.</dd>
+<dt><span class="throwsLabel">Throws:</span></dt>
+<dd><code>java.lang.IllegalArgumentException</code> - In standard
configuration, this method will never throw. However, a container may be
+ configured to not reject some suspicious sequences identified by 3.5.2,
furthermore the container may be configured
+ to allow such paths to only be accessed via safer methods like <a
href="../../../jakarta/servlet/http/HttpServletRequest.html#getRequestURI--"><code>getRequestURI()</code></a>
and to throw
+ IllegalArgumentException if this method is called for such suspicious
paths.</dd>
</dl>
</li>
</ul>
@@ -781,7 +787,14 @@ extends <a
href="../../../jakarta/servlet/ServletRequest.html" title="interface
of the application.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
-<dd>a <code>String</code> specifying the portion of the request URI that
indicates the context of the request</dd>
+<dd>a <code>String</code> specifying the portion of the request URI that
indicates the context of the request.
+ The path will be canonicalized as per section 3.5 of the specification. This
method will not return any encoded
+ characters unless the container is configured specifically to allow them.</dd>
+<dt><span class="throwsLabel">Throws:</span></dt>
+<dd><code>java.lang.IllegalArgumentException</code> - In standard
configuration, this method will never throw. However, a container may be
+ configured to not reject some suspicious sequences identified by 3.5.2,
furthermore the container may be configured
+ to allow such paths to only be accessed via safer methods like <a
href="../../../jakarta/servlet/http/HttpServletRequest.html#getRequestURI--"><code>getRequestURI()</code></a>
and to throw
+ IllegalArgumentException if this method is called for such suspicious
paths.</dd>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a
href="../../../jakarta/servlet/ServletContext.html#getContextPath--"><code>ServletContext.getContextPath()</code></a></dd>
</dl>
@@ -948,16 +961,23 @@ extends <a
href="../../../jakarta/servlet/ServletRequest.html" title="interface
<li class="blockList">
<h4>getServletPath</h4>
<pre>java.lang.String getServletPath()</pre>
-<div class="block">Returns the part of this request's URL that calls the
servlet. This path starts with a "/" character and includes
- either the servlet name or a path to the servlet, but does not include any
extra path information or a query string.
+<div class="block">Returns the part of this request's URL that calls the
servlet. This path starts with a "/" character and includes the
+ path to the servlet, but does not include any extra path information or a
query string.
<p>
This method will return an empty string ("") if the servlet used to process
this request was matched using the "/*"
pattern.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
-<dd>a <code>String</code> containing the name or path of the servlet being
called, as specified in the request
- URL, decoded, or an empty string if the servlet used to process the request
is matched using the "/*" pattern.</dd>
+<dd>a <code>String</code> containing the path of the servlet being called, as
specified in the request URL, or an
+ empty string if the servlet used to process the request is matched using the
"/*" pattern. The path will be
+ canonicalized as per section 3.5 of the specification. This method will not
return any encoded characters unless the
+ container is configured specifically to allow them.</dd>
+<dt><span class="throwsLabel">Throws:</span></dt>
+<dd><code>java.lang.IllegalArgumentException</code> - In standard
configuration, this method will never throw. However, a container may be
+ configured to not reject some suspicious sequences identified by 3.5.2,
furthermore the container may be configured
+ to allow such paths to only be accessed via safer methods like <a
href="../../../jakarta/servlet/http/HttpServletRequest.html#getRequestURI--"><code>getRequestURI()</code></a>
and to throw
+ IllegalArgumentException if this method is called for such suspicious
paths.</dd>
</dl>
</li>
</ul>
diff --git
a/jakartaee-9.0/javadoc/jakarta/servlet/http/HttpServletRequestWrapper.html
b/jakartaee-9.0/javadoc/jakarta/servlet/http/HttpServletRequestWrapper.html
index 201c35f..747d38b 100644
--- a/jakartaee-9.0/javadoc/jakarta/servlet/http/HttpServletRequestWrapper.html
+++ b/jakartaee-9.0/javadoc/jakarta/servlet/http/HttpServletRequestWrapper.html
@@ -631,9 +631,10 @@ implements <a
href="../../../jakarta/servlet/http/HttpServletRequest.html" title
<dt><span class="overrideSpecifyLabel">Specified by:</span></dt>
<dd><code><a
href="../../../jakarta/servlet/http/HttpServletRequest.html#getPathInfo--">getPathInfo</a></code> in
interface <code><a
href="../../../jakarta/servlet/http/HttpServletRequest.html" title="interface
in jakarta.servlet.http">HttpServletRequest</a></code></dd>
<dt><span class="returnLabel">Returns:</span></dt>
-<dd>a <code>String</code>, decoded by the web container, specifying extra path
information that comes after the
- servlet path but before the query string in the request URL; or
<code>null</code> if the URL does not have any extra
- path information</dd>
+<dd>a <code>String</code> specifying extra path information that comes after
the servlet path but before the
+ query string in the request URL; or <code>null</code> if the URL does not
have any extra path information. The path
+ will be canonicalized as per section 3.5 of the specification. This method
will not return any encoded characters
+ unless the container is configured specifically to allow them.</dd>
</dl>
</li>
</ul>
@@ -666,7 +667,9 @@ implements <a
href="../../../jakarta/servlet/http/HttpServletRequest.html" title
<dt><span class="overrideSpecifyLabel">Specified by:</span></dt>
<dd><code><a
href="../../../jakarta/servlet/http/HttpServletRequest.html#getContextPath--">getContextPath</a></code> in
interface <code><a
href="../../../jakarta/servlet/http/HttpServletRequest.html" title="interface
in jakarta.servlet.http">HttpServletRequest</a></code></dd>
<dt><span class="returnLabel">Returns:</span></dt>
-<dd>a <code>String</code> specifying the portion of the request URI that
indicates the context of the request</dd>
+<dd>a <code>String</code> specifying the portion of the request URI that
indicates the context of the request.
+ The path will be canonicalized as per section 3.5 of the specification. This
method will not return any encoded
+ characters unless the container is configured specifically to allow them.</dd>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a
href="../../../jakarta/servlet/ServletContext.html#getContextPath--"><code>ServletContext.getContextPath()</code></a></dd>
</dl>
@@ -805,8 +808,10 @@ implements <a
href="../../../jakarta/servlet/http/HttpServletRequest.html" title
<dt><span class="overrideSpecifyLabel">Specified by:</span></dt>
<dd><code><a
href="../../../jakarta/servlet/http/HttpServletRequest.html#getServletPath--">getServletPath</a></code> in
interface <code><a
href="../../../jakarta/servlet/http/HttpServletRequest.html" title="interface
in jakarta.servlet.http">HttpServletRequest</a></code></dd>
<dt><span class="returnLabel">Returns:</span></dt>
-<dd>a <code>String</code> containing the name or path of the servlet being
called, as specified in the request
- URL, decoded, or an empty string if the servlet used to process the request
is matched using the "/*" pattern.</dd>
+<dd>a <code>String</code> containing the path of the servlet being called, as
specified in the request URL, or an
+ empty string if the servlet used to process the request is matched using the
"/*" pattern. The path will be
+ canonicalized as per section 3.5 of the specification. This method will not
return any encoded characters unless the
+ container is configured specifically to allow them.</dd>
</dl>
</li>
</ul>
