[MAGNOLIA-5382] Handling of URIs and paths with path parameters such as JSESSIONID Created: 14/Oct/13 Updated: 24/Apr/14 Resolved: 26/Nov/13 |
|
| Status: | Closed |
| Project: | Magnolia |
| Component/s: | None |
| Affects Version/s: | 5.1 |
| Fix Version/s: | 4.5.14, 5.2 |
| Type: | Bug | Priority: | Neutral |
| Reporter: | Tobias Mattsson | Assignee: | Tobias Mattsson |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||||||||||||||||||||||||||||||||||
| Template: |
|
||||||||||||||||||||||||||||||||||||||||||||||||
| Acceptance criteria: |
Empty
|
||||||||||||||||||||||||||||||||||||||||||||||||
| Task DoD: |
[ ]*
Doc/release notes changes? Comment present?
[ ]*
Downstream builds green?
[ ]*
Solution information and context easily available?
[ ]*
Tests
[ ]*
FixVersion filled and not yet released
[ ] 
Architecture Decision Record (ADR)
|
||||||||||||||||||||||||||||||||||||||||||||||||
| Bug DoR: |
[ ]*
Steps to reproduce, expected, and actual results filled
[ ]*
Affected version filled
|
||||||||||||||||||||||||||||||||||||||||||||||||
| Sprint: | 5.2-rc1 | ||||||||||||||||||||||||||||||||||||||||||||||||
| Description |
|
In Magnolia we currently have issues handling path parameters such as JSESSIONID. Path parameters are part of the URL and are preceded by a semicolon. The semicolon is a reserved character in URLs. After Jetty has always included the JSESSIONID path parameter in the return from HttpServletRequest.getRequestURI(), as of version 6.0.33 Tomcat does too. See https://issues.apache.org/bugzilla/show_bug.cgi?id=51833 Arguably this is the correct behaviour. It is up to the web application to parse the returned uri and strip path parameters from it. In Magnolia we need to make sure the JSESSIONID is stripped whenever we access the request object directly and ensure that it's stripped when populating the AggregationState / RenderingContext. Mime types are not set correctly This was reported in ServletDispatchingFilter fails to map requests It uses the uri in AggregationState if a WebContext is present, otherwise it takes it from getRequestURI(). See Mapping.findMatcher(). This is the cause of Page rendering fails with 404 Note that this only happens when not using an extension, this is because URI2RepositoryMapping#getHandle strips of the extension and with it the path parameters. http://demopublic.magnolia-cms.com/demo-project;jsessionid=EE3DB6042B1B57AD55C2633428F44496 Install filter does start Magnolia See http://localhost:8080/.magnolia/installer/start;JSESSIONID=123 ContextFilter puts JSESSIONID into MDC BasePatternVoter and subclasses fail to match RequestAttributeStrategy returns uri with JSESSIONID RedirectClientCallback fails to check if at target RangeSupportFilter includes JSESSIONID in ETag |
| Comments |
| Comment by Tobias Mattsson [ 01/Nov/13 ] |
|
Not yet merged to 4.5.14, needs to happen once 4.5.13 is released. |
| Comment by Tobias Mattsson [ 11/Nov/13 ] |
|
Merged to 4.5.14. |