"Thoku Hansen" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Hi, > > Does Tomcat decode a URL-encoded request before evaluating it against > servlet url-patterns? > > I have a form whose submit action URL includes the jsessionid like this: > <form action="Example.action;jsessionid=196273839CE41F0BFBA445F63D3880EB" > method="post"> > > When the form is submitted, the request is going through a kind of proxy > that performs a URL encode before forwarding the request. > When the request is received by Tomcat (v. 6.0.14) it looks like this: > http://foo/Example.action%3Bjsessionid% 3D196273839CE41F0BFBA445F63D3880EB > > I have a servlet url-pattern for "*.action". It works fine for request > URLs like: > http://foo/Example.action > and also > http://foo/Example.action;jsessionid=196273839CE41F0BFBA445F63D3880EB > > But when the re-encoded request URL is encountered (below again), Tomcat > gives a 404 error. > http://foo/Example.action%3Bjsessionid% 3D196273839CE41F0BFBA445F63D3880EB > > I do not have any control over the proxy that is doing this re-encoding. > > I have two questions: > 1. Is the URL encoding that is being done in the above example > appropriate?
No, ';' is a legitimate character in a URL, so by encoding it the proxy is changing the name of the resource being asked for. > 2. Shouldn't Tomcat be URL-decoding this and turning it into its original > form? > No, because with the ';' it is a parameter to the URL, and with %3B it is just a normal character in the URL (e.g. a file name that happens to have a ';' in it's name). > Hope you can shed some light on this. > > Thanks, > > T. > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
