keith 2003/09/18 15:20:51
Modified: catalina/src/share/org/apache/coyote/tomcat5
CoyoteAdapter.java
Log:
Respond 400 to requests which contain '%' with no or invalid trailing hex digits
Revision Changes Path
1.13 +11 -5
jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5/CoyoteAdapter.java
Index: CoyoteAdapter.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5/CoyoteAdapter.java,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- CoyoteAdapter.java 7 Sep 2003 07:38:42 -0000 1.12
+++ CoyoteAdapter.java 18 Sep 2003 22:20:51 -0000 1.13
@@ -265,7 +265,13 @@
// URI decoding
MessageBytes decodedURI = req.decodedURI();
decodedURI.duplicate(req.requestURI());
- req.getURLDecoder().convert(decodedURI, false);
+ try {
+ req.getURLDecoder().convert(decodedURI, false);
+ } catch (IOException ioe) {
+ res.setStatus(400);
+ res.setMessage("Invalid URI");
+ throw ioe;
+ }
// Normalize decoded URI
if (!normalize(req.decodedURI())) {
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
