Jetty

SessionHandler fails to identify extract the session-id from URI when it contains multiple parameters separated by semicolon

Details

  • Type: Bug Bug
  • Status: Resolved Resolved
  • Priority: Major Major
  • Resolution: Fixed
  • Affects Version/s: 7.0.0, 7.0.1, 6.1.21, 6.1.22
  • Fix Version/s: 6.1.23, 7.0.2
  • Component/s: Servlet
  • Testcase included:
    yes
  • Patch Submitted:
    Yes
  • Description:
    Hide

    When the application is configured to send session-id using requested URI instead of cookies, SessionHandler is unable to get the sessionId unless it is the last parameter in the URI.

    For instance, in the case of these two URL's, SessionHandler only gets the sessionid in the first one:
    1.- http://www.foo.com/myservlet.do;jsessionid=xxxx?param1=1&param2=2
    2.- http://www.foo.com/myservlet.do;jsessionid=xxxx;moreinfo=yyy?p1=1&p2=2

    This error seems to happen in all jetty versions. I've checked versions 6.1.21 and 7.0.x.
    I attach a patch for the versions 7.0.0 and 7.0.1 (with tests) which fixes the problem.

    I have checked this issue in Tomcat and it handles both cases without problems

    Regards
    Manolo Carrasco Moņino

    Show
    When the application is configured to send session-id using requested URI instead of cookies, SessionHandler is unable to get the sessionId unless it is the last parameter in the URI. For instance, in the case of these two URL's, SessionHandler only gets the sessionid in the first one: 1.- http://www.foo.com/myservlet.do;jsessionid=xxxx?param1=1&param2=2 2.- http://www.foo.com/myservlet.do;jsessionid=xxxx;moreinfo=yyy?p1=1&p2=2 This error seems to happen in all jetty versions. I've checked versions 6.1.21 and 7.0.x. I attach a patch for the versions 7.0.0 and 7.0.1 (with tests) which fixes the problem. I have checked this issue in Tomcat and it handles both cases without problems Regards Manolo Carrasco Moņino

Activity

Ascending order - Click to sort in descending order
Hide
Permalink
Greg Wilkins added a comment - 02/Mar/10 2:35 AM

see also https://bugs.eclipse.org/bugs/show_bug.cgi?id=304307

Show
Greg Wilkins added a comment - 02/Mar/10 2:35 AM see also https://bugs.eclipse.org/bugs/show_bug.cgi?id=304307
Hide
Permalink
Greg Wilkins added a comment - 02/Mar/10 3:34 AM

Doh! just saw there was a patch attached.... sorry didn't use it, but thanks anyway.

Show
Greg Wilkins added a comment - 02/Mar/10 3:34 AM Doh! just saw there was a patch attached.... sorry didn't use it, but thanks anyway.
Hide
Permalink
Greg Wilkins added a comment - 02/Mar/10 3:36 AM

ah I see you have a test harness... I coopted another test harness, but will add yours as well.

cheers

Show
Greg Wilkins added a comment - 02/Mar/10 3:36 AM ah I see you have a test harness... I coopted another test harness, but will add yours as well. cheers

People

Dates

  • Created:
    19/Oct/09 6:37 AM
    Updated:
    02/Mar/10 3:36 AM
    Resolved:
    02/Mar/10 3:34 AM
Atlassian JIRA (v4.1.2#531) | Report a problem | Request a feature | Contact administrators
Powered by a free Atlassian JIRA open source license for Codehaus. Try JIRA - bug tracking software for your team.