Bug 63275 - HttpServletRequest.getContextPath does not return an URL encoded value when forwarding a request to a multibyte context
Summary: HttpServletRequest.getContextPath does not return an URL encoded value when f...
Status: RESOLVED FIXED
Alias: None
Product: Tomcat 9
Classification: Unclassified
Component: Catalina (show other bugs)
Version: 9.0.x
Hardware: PC All
: P2 major (vote)
Target Milestone: -----
Assignee: Tomcat Developers Mailing List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-03-21 09:06 UTC by Cees Bos
Modified: 2019-03-21 19:49 UTC (History)
2 users (show)



Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Cees Bos 2019-03-21 09:06:47 UTC
I have prepared a setup which can be used to reproduce the scenario:

https://github.com/cbos/TomcatApplicationDispatcherBug

If you visit /tomcat-diagnostics東京/diagnostics it returns:

requestURI=/tomcat-diagnostics%E6%9D%B1%E4%BA%AC/diagnostics
requestURL=http://localhost:8080/tomcat-diagnostics%E6%9D%B1%E4%BA%AC/diagnostics
contextpath=/tomcat-diagnostics%E6%9D%B1%E4%BA%AC
servletpath=/diagnostics

When you visit /tomcat-diagnostics東京/crosscontext/diagnostics it returns:
requestURI=/tomcat-diagnostics%E6%9D%B1%E4%BA%AC/diagnostics
requestURL=http://localhost:8080/tomcat-diagnostics%E6%9D%B1%E4%BA%AC/diagnostics
contextpath=/tomcat-diagnostics??
servletpath=/diagnostics

Contextpath is decoded, instead of encoded.
According to the servletapi, getContextPath details:
https://tomcat.apache.org/tomcat-9.0-doc/servletapi/javax/servlet/http/HttpServletRequest.html#getContextPath--
"The container does not decode this string."


The bug for this is 
org.apache.catalina.core.ApplicationDispatcher#doForward

Line 374:  wrequest.setContextPath(context.getPath());
Should be:
 wrequest.setContextPath(context.getEncodedPath());
Comment 1 Mark Thomas 2019-03-21 17:33:22 UTC
Thanks for the report. I was able to reproduce this by modifying one of our existing test cases.

Fixed in:
- master for 9.0.18 onwards
- 8.5.x for 8.5.40 onwards
- 7.0.x for 7.0.94 onwards
Comment 2 Cees Bos 2019-03-21 19:49:57 UTC
@Mark, thanks for the quick fix!