Bug 13583 - Relative includes/forwards with ../s broken
Summary: Relative includes/forwards with ../s broken
Status: RESOLVED FIXED
Alias: None
Product: Tomcat 4
Classification: Unclassified
Component: Catalina (show other bugs)
Version: 4.1.12
Hardware: All All
: P3 normal (vote)
Target Milestone: ---
Assignee: Tomcat Developers Mailing List
URL:
Keywords:
: 10629 13538 (view as bug list)
Depends on:
Blocks:
 
Reported: 2002-10-13 21:04 UTC by Karl von Randow
Modified: 2004-11-16 19:05 UTC (History)
2 users (show)


Attachments
A zip including a war and the source for the war (1.51 KB, application/octet-stream)
2002-10-14 20:01 UTC, Karl von Randow 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Karl von Randow 2002-10-13 21:04:44 UTC 
I believe that relative includes/forwards that include ../s are broken in 
Tomcat 4.1.12. The ../s are not getting removed and thus the resource cannot 
be found.

I have currently seen this when the webapp is served from a WAR using 
integrated JBoss 3.0.3 and Tomcat 4.1.12. This may be related to bug 13538

I believe the problem is that the path is not normalised. I have corrected the 
problem by adding the *****d line below to the getRequestDispatcher( String 
path ) method in org.apache.catalina.core.ApplicationContext:


        // Validate the path argument
        if (path == null)
            return (null);
        if (!path.startsWith("/"))
            throw new IllegalArgumentException
              (sm.getString("applicationContext.requestDispatcher.iae", path));
        if (normalize(path) == null)
            return (null);
******  path = normalize(path);

        // Construct a "fake" request to be mapped by our Context
        String contextPath = context.getPath();
        if (contextPath == null)
            contextPath = "";
        String relativeURI = path;
        String queryString = null;
Comment 1 Remy Maucherat 2002-10-14 08:11:04 UTC 
Are you trying to use ".." in a path from a servlet ? This is not particularly
useful as you have to produce an aboslute URL, but I can see why it's not
working looking at the code. I cannot reproduce bug 13538, but this is a
different issue.
Comment 2 Karl von Randow 2002-10-14 09:44:55 UTC 
I'm using this in a JSP page as follows:

<jsp:forward page="../fragments/container_content.jsp"/>
Comment 3 Remy Maucherat 2002-10-14 09:50:45 UTC 
Then, I tried with the example attached to bug 13538, and it worked for me. If
you'd like to reopen the bug, please attach a complete test case.

*** This bug has been marked as a duplicate of 13538 ***
Comment 4 Karl von Randow 2002-10-14 20:01:13 UTC 
Created attachment 3461 [details]
A zip including a war and the source for the war
Comment 5 Karl von Randow 2002-10-14 20:03:24 UTC 
Sorry I didn't make this clearer! I have now verified that it only happens 
when the webapp is served from a war (as when deployed on JBoss/Tomcat or on 
Tomcat with unpackWARS="false"). The attachment above is a WAR that is 
probably very similar to the test code you have used, I have verified that the 
bug exists on Tomcat 4.1.12 and Tomcat 4.1.10.
Comment 6 Remy Maucherat 2002-10-15 06:54:22 UTC 
Probably the canonicalization code present in the filesystem context is not
present in the WAR context, which causes problems. Moving the path
canonicalization code in the request dispatcher seems like the solution.
Comment 7 Remy Maucherat 2002-11-06 13:19:53 UTC 
*** Bug 13538 has been marked as a duplicate of this bug. ***
Comment 8 Remy Maucherat 2002-11-06 13:36:27 UTC 
*** Bug 10629 has been marked as a duplicate of this bug. ***
Comment 9 Remy Maucherat 2002-11-06 13:41:05 UTC 
This should be fixed in Tomcat 4.1.15.
Comment 10 Jean-Marie White 2003-01-08 03:26:28 UTC 
I ran into the same problem and I wanted to mention that I tested this with
4.1.18 and its fixed.