summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorArtur Signell <artur@vaadin.com>2015-05-28 09:01:20 +0300
committerVaadin Code Review <review@vaadin.com>2015-06-05 13:03:56 +0000
commit7c48ad2b38cbbdc2877ae106a7c2dfbcae512f3b (patch)
tree85049f6bf430d2ec2edab3440f16474dee22f4ff
parent7adec3cd86956fde2fe3670ed4b0eef97bbb0904 (diff)
downloadvaadin-framework-7c48ad2b38cbbdc2877ae106a7c2dfbcae512f3b.tar.gz
vaadin-framework-7c48ad2b38cbbdc2877ae106a7c2dfbcae512f3b.zip
Better error reporting when server has invalid URL encoding (#17948)
Change-Id: I7a85a9d93e51de353e74bc08dd81a1779f94ba14
-rw-r--r--server/src/com/vaadin/server/ConnectorResourceHandler.java36
1 files changed, 31 insertions, 5 deletions
diff --git a/server/src/com/vaadin/server/ConnectorResourceHandler.java b/server/src/com/vaadin/server/ConnectorResourceHandler.java
index 6c486a2d65..8715134773 100644
--- a/server/src/com/vaadin/server/ConnectorResourceHandler.java
+++ b/server/src/com/vaadin/server/ConnectorResourceHandler.java
@@ -30,10 +30,11 @@ import com.vaadin.util.CurrentInstance;
public class ConnectorResourceHandler implements RequestHandler {
// APP/connector/[uiid]/[cid]/[filename.xyz]
+ private static final String CONNECTOR_RESOURCE_PREFIX = "/"
+ + ApplicationConstants.APP_PATH + "/"
+ + ConnectorResource.CONNECTOR_PATH + "/";
private static final Pattern CONNECTOR_RESOURCE_PATTERN = Pattern
- .compile("^/?" + ApplicationConstants.APP_PATH + '/'
- + ConnectorResource.CONNECTOR_PATH + '/'
- + "(\\d+)/(\\d+)/(.*)");
+ .compile("^" + CONNECTOR_RESOURCE_PREFIX + "(\\d+)/(\\d+)/(.*)");
private static Logger getLogger() {
return Logger.getLogger(ConnectorResourceHandler.class.getName());
@@ -44,12 +45,18 @@ public class ConnectorResourceHandler implements RequestHandler {
public boolean handleRequest(VaadinSession session, VaadinRequest request,
VaadinResponse response) throws IOException {
String requestPath = request.getPathInfo();
- if (requestPath == null) {
+ if (requestPath == null
+ || !requestPath.startsWith(CONNECTOR_RESOURCE_PREFIX)) {
return false;
}
Matcher matcher = CONNECTOR_RESOURCE_PATTERN.matcher(requestPath);
if (!matcher.matches()) {
- return false;
+ // This is a connector resource request based on the prefix but the
+ // pattern did not match
+ warnAboutInvalidURLEncoding(requestPath);
+ response.sendError(HttpServletResponse.SC_NOT_FOUND,
+ "Connector resource not found");
+ return true;
}
String uiId = matcher.group(1);
String cid = matcher.group(2);
@@ -102,6 +109,25 @@ public class ConnectorResourceHandler implements RequestHandler {
return true;
}
+ private boolean loggedDecodingWarning = false;
+
+ private void warnAboutInvalidURLEncoding(String requestPath) {
+ if (requestPath.contains("\n") || requestPath.indexOf(0x85) != -1) {
+ // What, path info should not contain a new line or UTF-8 Next Line
+ // (NEL) character, but it does in
+ // Tomcat 7 with default configuration in some cases (URL is encoded
+ // by the browser as UTF-8 and decoded as ISO-8859-1 by Tomcat)
+
+ if (!loggedDecodingWarning) {
+ loggedDecodingWarning = true;
+ getLogger()
+ .warning(
+ "Request path contains a new line character. This typically means that the server is incorrectly configured to use something else than UTF-8 for URL decoding (requestPath: "
+ + requestPath + ")");
+ }
+ }
+ }
+
private static boolean error(VaadinRequest request,
VaadinResponse response, String logMessage) throws IOException {
getLogger().log(Level.WARNING, logMessage);