special characters in url [SPR-6]

[spring-projects-issues]

Bram Smeets opened SPR-6 and commented

I'm using special characters in my path. An error occurs while getting the handler for this path as soon as the uri contains special charaters. After a lot of tracing it seemed to result from the WebUtils.getLookupPathForRequest.

The method HttpServletRequest.getServletPath returns a decoded path, while all other returned paths are NOT decoded (according to J2EE spec). After I've added the decoding of the context path and request uri, it worked. This seems to be a bug in the framework. No tests broke because of the change.

The FIX: In org.springframework.web.utils.WebUtils: replace line 176 with:

try { uri = URLDecoder.decode(request.getRequestURI(), "UTF-8"); } catch(UnsupportedEncodingException e) { log.error("unable to decode the request uri", e); }

and line 191 with:

try { contextPath = URLDecoder.decode(request.getContextPath(), "UTF-8"); } catch(UnsupportedEncodingException e) { log.error("unable to decode the context path", e); }

It might be neccessary to make even more changes, but this seems to work at least for me. I would suggest adding some tests to the org.springframework.web.servlet.handler.PathMatchingUrlHandlerMappingTestSuite to include some paths like:

/test%26test/pathmatching.html /test%26test/path%26matching.html /test%26t%20est/path%20%26matching.html

---

Affects: 1.0 M4

[spring-projects-issues]

Bram Smeets commented

Hi, back again... The proposed sollution appears to be incorrect..

The decoding using UTF-8 encoding is incorrect. It does not support international characters (like é, etc.). Therefore I've tested with US-ASCII, and it works better!

Using the UTF-8 encoding I get an unexpected error while using special characters (stacktrace below).

Hope you can incorporate this asap.

2003-12-11 22:51:08,156 DEBUG [org.springframework.web.context.support.XmlWebApplicationContext] Publishing event in context [XmlWebApplicationContext for namespace 'main-servlet']: RequestHandledEvent: url=[/11-12-03/Eén test!/gallery.view] time=0ms client=127.0.0.1 method='GET' servlet='main'OK status=RequestHandledEvent: url=[/11-12-03/Eén test!/gallery.view] time=0ms client=127.0.0.1 method='GET' servlet='main'OK 2003-12-11 22:51:08,515 DEBUG [org.springframework.web.servlet.DispatcherServlet] Testing handler map [org.springframework.web.servlet.handler.SimpleUrlHandlerMapping@11adeef] in DispatcherServlet with name 'main' 2003-12-11 22:51:08,515 DEBUG [org.springframework.web.servlet.DispatcherServlet] Exception thrown in getLastModified java.lang.StringIndexOutOfBoundsException: String index out of range: -1 at java.lang.String.substring(String.java:1480) at java.lang.String.substring(String.java:1447) at org.springframework.web.util.WebUtils.getPathWithinServletMapping(WebUtils.java:225) at org.springframework.web.util.WebUtils.getLookupPathForRequest(WebUtils.java:245) at org.springframework.web.servlet.handler.AbstractUrlHandlerMapping.getHandlerInternal(AbstractUrlHandlerMapping.java:50) at org.springframework.web.servlet.handler.AbstractHandlerMapping.getHandler(AbstractHandlerMapping.java:77) at org.springframework.web.servlet.DispatcherServlet.getHandler(DispatcherServlet.java:465) at org.springframework.web.servlet.DispatcherServlet.getLastModified(DispatcherServlet.java:436) at javax.servlet.http.HttpServlet.service(HttpServlet.java:736) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:360) at org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:294) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:558) at org.mortbay.http.HttpContext.handle(HttpContext.java:1714) at org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:507) at org.mortbay.http.HttpContext.handle(HttpContext.java:1664) at org.mortbay.http.HttpServer.service(HttpServer.java:863) at org.jboss.jetty.Jetty.service(Jetty.java:460) at org.mortbay.http.HttpConnection.service(HttpConnection.java:775) at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:939) at org.mortbay.http.HttpConnection.handle(HttpConnection.java:792) at org.mortbay.http.SocketListener.handleConnection(SocketListener.java:201) at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:289) at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:455) 2003-12-11 22:51:08,515 DEBUG [org.springframework.web.servlet.DispatcherServlet] DispatcherServlet with name 'main' received request for [/11-12-03/Eén test!/gallery.view]

[spring-projects-issues]

Dmitriy Kopylenko commented

Juergen, can you please take a look ;-)

[spring-projects-issues]

Juergen Hoeller commented

I have already started looking on this, but have decided to release M4 before. This is not trivial to solve: I have not been able to find any handling of such encoding issues in Struts either. Nevertheless,a RC1 issue.

Juergen

[spring-projects-issues]

Dmitriy Kopylenko commented

Added "Fix Version" - 1.0RC1

[spring-projects-issues]

Juergen Hoeller commented

now decoding request URI and context path, taking the encoding from request.getCharacterEncoding, falling back to ISO-8859-1 in case of null (in accordance to the Servlet spec)