Details
-
Improvement
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
-
None
Description
Tomcat since 6.0.10 by default forbids any URL containing a %2F (for some dubious security reasons to be robust against broken proxies).
To allow them you have to start your Tomcat with:
-Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true
See http://tomcat.apache.org/security-6.html#Fixed%20in%20Apache%20Tomcat%206.0.10 for more.
But it's it's too problematic to ask people running Chemistry server code to use -Dsomething at Tomcat startup, so let's change Chemistry to use .../object?path=
{path}for path-based addressing.
It's less elegant but then again there's no way to advertise clean path building like http://host/cmis/path/folder1/folder2/foo, they just can't be constructed using CMIS 1.0 URI templates, which MUST be encoded (which doesn't prevent us from accepting them however).