search

pombreda / google-guice

Automatically exported from code.google.com/p/google-guice
Apache License 2.0
0 stars 1 forks source link

guice servlet: HttpServletRequest.getPathInfo not decoded #745

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
getPathInfo in the anonymous HttpServletRequestWrapper in 
ServletDefinition.doService does not perform URL decoding, but it is required 
to do so by the servlet spec.

The inputs, getRequestURI and getContextPath, are provided by the container and 
are (correctly) provided without decoding.

The HttpServletRequest docs for getPathInfo say "a String, decoded by the web 
container".  Tomcat decodes it, and provides container-level configuration to 
control the character encoding used.  See

http://wiki.apache.org/tomcat/FAQ/CharacterEncoding "How do I change how GET 
parameters are interpreted?"

I switched an existing application to use Guice to create my servlets and tests 
for character encoding failed as the raw string was returned from getPathInfo.

Original issue reported on code.google.com by m...@hillsdon.net on 11 Apr 2013 at 10:52

GoogleCodeExporter commented 9 years ago 
Looks like a problem at this place, as it wraps original Request but calculates 
the pathInfo (should be decoded) using requestUrl (is not decoded):

https://code.google.com/p/google-guice/source/browse/extensions/servlet/src/com/
google/inject/servlet/ServletDefinition.java?r=389cb718a70cd11fdf9c336209246ebcf
e944755#205

Original comment by t.cserve...@gmail.com on 13 Feb 2014 at 8:53

GoogleCodeExporter commented 9 years ago 
Proposed patch

https://github.com/sonatype/sisu-guice/pull/8

Original comment by t.cserve...@gmail.com on 14 Feb 2014 at 11:40

GoogleCodeExporter commented 9 years ago 
I have same issue with it.
Gitiles gerrit plugin is not working well because of this issue.

Please refer following discussion.
https://groups.google.com/forum/#!topic/repo-discuss/px6X8_HOMPQ

Original comment by ukjung....@gmail.com on 20 Feb 2014 at 4:01

GoogleCodeExporter commented 9 years ago 
BTW in the HttpServletRequest instances provided by Guice, getPathInfo() 
consists of an URI-encoded path *and the query string*. The spec requires that 
getPathInfo() only returns a de-coded path.

@Guice project: Is it normal that there no reaction from the project committers 
to such a major bug? And is it normal that people fork the project (e.g. 
sisu-guice) just to get bugs fixed?

Original comment by tobias.o...@sap.com on 9 Oct 2014 at 11:54

GoogleCodeExporter commented 9 years ago 
The code.google.com guice project has migrated to GitHub.  This issue site is 
no longer being used.  Please use https://github.com/google/guice/issues/745 
instead.

Original comment by sberlin on 9 Oct 2014 at 1:21