import org.apache.tomcat.util.buf.CharChunk;
import org.apache.tomcat.util.buf.MessageBytes;
import org.apache.tomcat.util.http.mapper.MappingData;
+import org.apache.catalina.Globals;
/**
public URL getResource(String path)
throws MalformedURLException {
- if (path == null || !path.startsWith("/")) {
+ if (path == null)
throw new MalformedURLException(sm.getString("applicationContext.requestDispatcher.iae", path));
- }
+
+ if (!path.startsWith("/") && Globals.STRICT_SERVLET_COMPLIANCE)
+ throw new MalformedURLException(sm.getString("applicationContext.requestDispatcher.iae", path));
+
path = normalize(path);
if (path == null)
public InputStream getResourceAsStream(String path) {
path = normalize(path);
- if (path == null || !path.startsWith("/"))
+ if (path == null)
return (null);
+ if (!path.startsWith("/") && Globals.STRICT_SERVLET_COMPLIANCE)
+ return null;
+
DirContext resources = context.getResources();
if (resources != null) {
try {
private int maxAge = -1;
private int version = 0;
+ protected static boolean switchToV1Cookies = !Boolean.valueOf(System.getProperty("org.apache.catalina.STRICT_SERVLET_COMPLIANCE", "false")).booleanValue();
+
// Note: Servlet Spec =< 2.5 only refers to Netscape and RFC2109,
// not RFC2965
buf.append("=");
// Servlet implementation does not check anything else
- maybeQuote2(version, buf, value);
+ version = maybeQuote2(version, buf, value);
// Add version 1 specific information
if (version == 1) {
* @param buf
* @param value
*/
- public static void maybeQuote2 (int version, StringBuffer buf, String value) {
+ public static int maybeQuote2 (int version, StringBuffer buf, String value) {
if (value==null || value.length()==0) {
buf.append("\"\"");
}else if (containsCTL(value,version))
buf.append('"');
buf.append(escapeDoubleQuotes(value,1,value.length()-1));
buf.append('"');
+ } else if (switchToV1Cookies && version==0 && !isToken2(value)) {
+ buf.append('"');
+ buf.append(escapeDoubleQuotes(value,0,value.length()));
+ buf.append('"');
+ version = 1;
} else if (version==0 && !isToken(value)) {
buf.append('"');
buf.append(escapeDoubleQuotes(value,0,value.length()));
}else {
buf.append(value);
}
+ return version;
}
</section>
+
<section name="Clustering">
<properties>
session's last accessed time to be updated regardless of whether or not
the request explicity accesses the session. (SRV.7.6)
</li>
+ <li>
+ cookies will be parsed strictly, by default v0 cookies will not work with any invalid characters.
+ <br/>If set to false, any v0 cookie with invalid character will be switched to a v1 cookie and
+ the value will be quoted.
+ </li>
+ <li>
+ <code>ServletContext.getResource/getResourceAsStream</code> must start with "/"<br/>
+ if set to false, code like <code>getResource("myfolder/myresource.txt")</code> will work
+ </li>
</ul>
</p>
</property>
projects / tomcat7.0 / commitdiff