40089 – plus (+) is decoded in path components of URLs which seems to be incorrect.

Bug 40089 - plus (+) is decoded in path components of URLs which seems to be incorrect.

Summary: plus (+) is decoded in path components of URLs which seems to be incorrect.

Status:	NEW

Alias:	None

Product:	Slide
Classification:	Unclassified
Component:	WebDAV client (show other bugs)
Version:	2.1
Hardware:	Other other

Importance:	P2 normal (vote)
Target Milestone:	---
Assignee:	Slide Developer List

URL:
Keywords:

Depends on:
Blocks:

Reported:	2006-07-21 18:54 UTC by Jeremy Norris
Modified:	2006-07-21 11:54 UTC (History)
CC List:	0 users

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jeremy Norris 2006-07-21 18:54:07 UTC

The bug concerns the following code location:

file: clientlib/src/java/org/apache/webdav/lib/WebdavResource.java
function: "protected void setWebdavProperties(..)"
Around line 1025, there is following call:

String escapedHref = URIUtil.decode(href);

The problem is that this call does not recognize that a plus (+) is in a path
component therefore does not represent a space.  This bug manifests itself in
calls like webdavResource.listWebdavResources(): If a resource has a real '+' in
the name, it gets decoded to a space.

(Tested with server: Apache mod_dav 2.2.2: PROPFIND returns a literal "+" for a
literal "+" in a path component.  Other WebDAV servers (ie: apache tomcat) seem
to return plus as %2B to workaround problems in some of the client libraries
like this).

Reference: http://www.faqs.org/rfcs/rfc2396.html, section 3.3 which seems to
indicate that '+' is not reserved within path components.