struts-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mitth'raw'nuruodo (JIRA)" <j...@apache.org>
Subject [jira] [Created] (WW-4448) Parameters are not encoded by ServletRedirectAction before checking for valid URI
Date Tue, 13 Jan 2015 23:56:35 GMT
Mitth'raw'nuruodo created WW-4448:
-------------------------------------

             Summary: Parameters are not encoded by ServletRedirectAction before checking
for valid URI
                 Key: WW-4448
                 URL: https://issues.apache.org/jira/browse/WW-4448
             Project: Struts 2
          Issue Type: Bug
          Components: Core Actions
    Affects Versions: 2.3.20
            Reporter: Mitth'raw'nuruodo


https://issues.apache.org/jira/browse/WW-4187 changed ServletRedirectResult to use java.net.URI
to check whether a redirect URL is actually a path. However, it does not encode parameters
first, which will often result in a URL being deemed invalid (eg if one of the parameters
contains spaces) and thus being treated as a path.

We actually don't want parameters to be appended to our absolute redirects at all, but I can't
see a way to disable this...DefaultResultFactory doesn't seem to be configurable.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message