Community
Participate
Working Groups
The original fix https://github.com/eclipse/rt.equinox.bundles/commit/9a0d95dd4a5d08977564f4ca5930b5570bccdc8d to this bug https://bugs.eclipse.org/bugs/show_bug.cgi?id=562843 is not valid. It does invalid logic to decode path parameter and if the path parameter contains / as encoded %2F ex: /view/%2FTABLES%2FTMP%2FZREST_SBOOK/data Would result in, Error 500 java.lang.IllegalArgumentException: URLDecoder: Incomplete trailing escape (%) pattern. This is essentially due to the fact that the logic to substring uses the decoded path parameter rather than original request URI. ex: In the code: ``` if (pos > -1) { String newServletPath = requestURI.substring(0, pos); pathInfo = decode(requestURI.substring(pos)); servletPath = decode(newServletPath); pos = servletPath.lastIndexOf('/'); continue; } ``` If first call say our requestURI is following, /view/%2FTABLES%2FTMP%2FZREST_SBOOK/data Then newServletPath uses requestURI which isn't decoded. And now we get, servletPath = /view//TABLES/TMP/ZREST_SBOOK pathInfo = /data However when we do servletPath.lastIndexOf it now uses decoded string and get / which results into position being wrong and we will now do for newServletPath = /view/%2FTABLES%2 This will result on URLDecoder error. One option to fix this issue could be: ``` String newServletPath = requestURI.substring(0, pos); pathInfo = decode(requestURI.substring(pos)); requestURI = newServletPath; <- Use requestURI for processing and don't decode servlet path. ```
Please provide a Gerrit patch.
I don't know how to do provide the gerrit patch?
New Gerrit change created: https://git.eclipse.org/r/c/equinox/rt.equinox.bundles/+/173265
Thanks i see the changes. That should work.
(In reply to Eclipse Genie from comment #3) > New Gerrit change created: > https://git.eclipse.org/r/c/equinox/rt.equinox.bundles/+/173265 Turns out that any encoded character can cause this, not just slash (%2F). The key is that the path of the request URI has to have multiple parts (non-encoded / separated) along with one or more encoded characters in the parts. This causes the position calculation of the request URI actual slashes '/' to be incorrect. In the unlucky case this can cause the URLDecoder IllegalArgumentException to happen when the position is incorrectly calculated such that it splits the encoded character. Kshitiz, please have a look at the testcases I added above to make sure they are in line with the usecase you have which is reproducing this.
New Gerrit change created: https://git.eclipse.org/r/c/equinox/rt.equinox.bundles/+/173412
Gerrit change https://git.eclipse.org/r/c/equinox/rt.equinox.bundles/+/173412 was merged to [master]. Commit: http://git.eclipse.org/c/equinox/rt.equinox.bundles.git/commit/?id=af9b07dd1f34e3c5384a07029d642e4e60fd5671
Gerrit change https://git.eclipse.org/r/c/equinox/rt.equinox.bundles/+/173265 was merged to [master]. Commit: http://git.eclipse.org/c/equinox/rt.equinox.bundles.git/commit/?id=0ee06c17b43184a8d1c5b9b3e106dbd85722115e
Will be included in the first integration build towards 4.19 release.
New Gerrit change created: https://git.eclipse.org/r/c/equinox/rt.equinox.bundles/+/178223
Gerrit change https://git.eclipse.org/r/c/equinox/rt.equinox.bundles/+/178223 was merged to [R4_15_maintenance]. Commit: http://git.eclipse.org/c/equinox/rt.equinox.bundles.git/commit/?id=b663b1c96194fd1ec253a03bb4a83a4324d9e200