luehe 2003/02/18 15:49:46 Modified: catalina/src/share/org/apache/catalina/core ApplicationDispatcher.java ApplicationHttpRequest.java Log: Followup to fix for Bugtraq 4658324: Only in the case of the forward (not include!) method of the RequestDispatcher must the path elements of the request object (including queryString) exposed to the target servlet reflect the path used to obtain the RequestDispatcher (in the case of the include method, the path elements of the original request are preserved). Revision Changes Path 1.10 +6 -5 jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/ApplicationDispatcher.java Index: ApplicationDispatcher.java =================================================================== RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/ApplicationDispatcher.java,v retrieving revision 1.9 retrieving revision 1.10 diff -u -r1.9 -r1.10 --- ApplicationDispatcher.java 12 Feb 2003 17:39:11 -0000 1.9 +++ ApplicationDispatcher.java 18 Feb 2003 23:49:45 -0000 1.10 @@ -467,6 +467,7 @@ wrequest.setAttribute(Globals.FORWARD_QUERY_STRING_ATTR, queryString); wrequest.setQueryString(queryString); + wrequest.setQueryParams(queryString); } // only set the Dispatcher Type to Forward if it has not been set. It will have @@ -627,7 +628,7 @@ if (queryString != null) { wrequest.setAttribute(Globals.INCLUDE_QUERY_STRING_ATTR, queryString); - wrequest.setQueryString(queryString); + wrequest.setQueryParams(queryString); } wrequest.setAttribute(ApplicationFilterFactory.DISPATCHER_TYPE_ATTR, 1.4 +23 -6 jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/ApplicationHttpRequest.java Index: ApplicationHttpRequest.java =================================================================== RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/ApplicationHttpRequest.java,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- ApplicationHttpRequest.java 12 Feb 2003 17:39:11 -0000 1.3 +++ ApplicationHttpRequest.java 18 Feb 2003 23:49:45 -0000 1.4 @@ -191,6 +191,12 @@ /** + * The query parameters for the current request. + */ + private String queryParamString = null; + + + /** * Have the parameters for this request already been parsed? */ private boolean parsedParams = false; @@ -544,6 +550,17 @@ } + /** + * Save query parameters for this request. + * + * @param queryString The query string containing parameters for this + * request + */ + void setQueryParams(String queryString) { + this.queryParamString = queryString; + } + + // ------------------------------------------------------ Protected Methods @@ -613,7 +630,7 @@ */ private void mergeParameters() { - if ((queryString == null) || (queryString.length() < 1)) + if ((queryParamString == null) || (queryParamString.length() < 1)) return; HashMap queryParameters = new HashMap(); @@ -622,7 +639,7 @@ encoding = "ISO-8859-1"; try { RequestUtil.parseParameters - (queryParameters, queryString, encoding); + (queryParameters, queryParamString, encoding); } catch (Exception e) { ; }
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]