I believe that relative includes/forwards that include ../s are broken in Tomcat 4.1.12. The ../s are not getting removed and thus the resource cannot be found. I have currently seen this when the webapp is served from a WAR using integrated JBoss 3.0.3 and Tomcat 4.1.12. This may be related to bug 13538 I believe the problem is that the path is not normalised. I have corrected the problem by adding the *****d line below to the getRequestDispatcher( String path ) method in org.apache.catalina.core.ApplicationContext: // Validate the path argument if (path == null) return (null); if (!path.startsWith("/")) throw new IllegalArgumentException (sm.getString("applicationContext.requestDispatcher.iae", path)); if (normalize(path) == null) return (null); ****** path = normalize(path); // Construct a "fake" request to be mapped by our Context String contextPath = context.getPath(); if (contextPath == null) contextPath = ""; String relativeURI = path; String queryString = null;
Are you trying to use ".." in a path from a servlet ? This is not particularly useful as you have to produce an aboslute URL, but I can see why it's not working looking at the code. I cannot reproduce bug 13538, but this is a different issue.
I'm using this in a JSP page as follows: <jsp:forward page="../fragments/container_content.jsp"/>
Then, I tried with the example attached to bug 13538, and it worked for me. If you'd like to reopen the bug, please attach a complete test case. *** This bug has been marked as a duplicate of 13538 ***
Created attachment 3461 [details] A zip including a war and the source for the war
Sorry I didn't make this clearer! I have now verified that it only happens when the webapp is served from a war (as when deployed on JBoss/Tomcat or on Tomcat with unpackWARS="false"). The attachment above is a WAR that is probably very similar to the test code you have used, I have verified that the bug exists on Tomcat 4.1.12 and Tomcat 4.1.10.
Probably the canonicalization code present in the filesystem context is not present in the WAR context, which causes problems. Moving the path canonicalization code in the request dispatcher seems like the solution.
*** Bug 13538 has been marked as a duplicate of this bug. ***
*** Bug 10629 has been marked as a duplicate of this bug. ***
This should be fixed in Tomcat 4.1.15.
I ran into the same problem and I wanted to mention that I tested this with 4.1.18 and its fixed.