From a69a0766e6dae173bb57e2c80bd51736a931f7d2 Mon Sep 17 00:00:00 2001 From: markt Date: Fri, 26 Dec 2008 23:50:26 +0000 Subject: [PATCH] Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=46261 %2F in context paths should be treated literally, not as / - that is what '#' is for. git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@729571 13f79535-47bb-0310-9956-ffa450edef68 --- java/org/apache/catalina/core/StandardContext.java | 2 +- .../catalina/manager/HTMLManagerServlet.java | 52 +++++++++++++--------- 2 files changed, 31 insertions(+), 23 deletions(-) diff --git a/java/org/apache/catalina/core/StandardContext.java b/java/org/apache/catalina/core/StandardContext.java index 1b1651cb4..b6c989bd9 100644 --- a/java/org/apache/catalina/core/StandardContext.java +++ b/java/org/apache/catalina/core/StandardContext.java @@ -1491,7 +1491,7 @@ public class StandardContext */ public void setPath(String path) { // XXX Use host in name - setName(RequestUtil.URLDecode(path)); + setName(path); } diff --git a/java/org/apache/catalina/manager/HTMLManagerServlet.java b/java/org/apache/catalina/manager/HTMLManagerServlet.java index 7051eaac0..f991406b8 100644 --- a/java/org/apache/catalina/manager/HTMLManagerServlet.java +++ b/java/org/apache/catalina/manager/HTMLManagerServlet.java @@ -45,6 +45,7 @@ import org.apache.catalina.manager.util.ReverseComparator; import org.apache.catalina.manager.util.SessionUtils; import org.apache.catalina.util.RequestUtil; import org.apache.catalina.util.ServerInfo; +import org.apache.catalina.util.URLEncoder; import org.apache.tomcat.util.http.fileupload.DiskFileUpload; import org.apache.tomcat.util.http.fileupload.FileItem; @@ -73,11 +74,17 @@ import org.apache.tomcat.util.http.fileupload.FileItem; public final class HTMLManagerServlet extends ManagerServlet { + protected static final URLEncoder URL_ENCODER; protected static final String APPLICATION_MESSAGE = "message"; protected static final String APPLICATION_ERROR = "error"; protected String sessionsListJspPath = "/sessionsList.jsp"; protected String sessionDetailJspPath = "/sessionDetail.jsp"; + static { + URL_ENCODER = new URLEncoder(); + // '/' should not be encoded in context paths + URL_ENCODER.addSafeCharacter('/'); + } // --------------------------------------------------------- Public Methods /** @@ -359,7 +366,7 @@ public final class HTMLManagerServlet extends ManagerServlet { String displayPath = contextPaths[i]; sortedContextPathsMap.put(displayPath, contextPaths[i]); } - + String appsStart = sm.getString("htmlManagerServlet.appsStart"); String appsStop = sm.getString("htmlManagerServlet.appsStop"); String appsReload = sm.getString("htmlManagerServlet.appsReload"); @@ -396,24 +403,25 @@ public final class HTMLManagerServlet extends ManagerServlet { isDeployed = false; } - args = new Object[6]; - args[0] = displayPath; - args[1] = context.getDisplayName(); - if (args[1] == null) { - args[1] = " "; + args = new Object[7]; + args[0] = URL_ENCODER.encode(displayPath); + args[1] = displayPath; + args[2] = context.getDisplayName(); + if (args[2] == null) { + args[2] = " "; } - args[2] = new Boolean(context.getAvailable()); - args[3] = response.encodeURL + args[3] = new Boolean(context.getAvailable()); + args[4] = response.encodeURL (request.getContextPath() + - "/html/sessions?path=" + displayPath); + "/html/sessions?path=" + URL_ENCODER.encode(displayPath)); if (context.getManager() != null) { - args[4] = new Integer + args[5] = new Integer (context.getManager().getActiveSessions()); } else { - args[4] = new Integer(0); + args[5] = new Integer(0); } - args[5] = highlightColor; + args[6] = highlightColor; writer.print (MessageFormat.format(APPS_ROW_DETAILS_SECTION, args)); @@ -421,24 +429,24 @@ public final class HTMLManagerServlet extends ManagerServlet { args = new Object[14]; args[0] = response.encodeURL (request.getContextPath() + - "/html/start?path=" + displayPath); + "/html/start?path=" + URL_ENCODER.encode(displayPath)); args[1] = appsStart; args[2] = response.encodeURL (request.getContextPath() + - "/html/stop?path=" + displayPath); + "/html/stop?path=" + URL_ENCODER.encode(displayPath)); args[3] = appsStop; args[4] = response.encodeURL (request.getContextPath() + - "/html/reload?path=" + displayPath); + "/html/reload?path=" + URL_ENCODER.encode(displayPath)); args[5] = appsReload; args[6] = response.encodeURL (request.getContextPath() + - "/html/undeploy?path=" + displayPath); + "/html/undeploy?path=" + URL_ENCODER.encode(displayPath)); args[7] = appsUndeploy; args[8] = response.encodeURL (request.getContextPath() + - "/html/expire?path=" + displayPath); + "/html/expire?path=" + URL_ENCODER.encode(displayPath)); args[9] = appsExpire; args[10] = sm.getString("htmlManagerServlet.expire.explain"); Manager manager = context.getManager(); @@ -968,12 +976,12 @@ public final class HTMLManagerServlet extends ManagerServlet { private static final String APPS_ROW_DETAILS_SECTION = "\n" + - " {0}" + + " {1}" + "\n" + - " {1}\n" + - " {2}\n" + - " " + - "{4}\n"; + " {2}\n" + + " {3}\n" + + " " + + "{5}\n"; private static final String MANAGER_APP_ROW_BUTTON_SECTION = " \n" + -- 2.11.0