Details
Major Description
The use of URLEncoder.encode is incorrect in this scenario. The URLEncoder is meant for encoding query string values - not values that appear in the path portion of a URI.
Because the AbstractRequestTargetUrlCodingStrategy is used by other classes to encode values that appear in the path, problems can occur when that path has spaces. For example, the parameter "message with spaces and+some+pluses" is encoded as follows in a URL:
http://localhost:8080/bugs/home/message/message+with+spaces+and%2Bsome%2Bpluses/
However, the resulting request.getServletPath() call returns this:
/home/message/message+with+spaces+and+some+plusses=bug/
Note that the + in the path are not turned back into spaces. This is the correct behavior and is seen in both Tomcat and Jetty.
See the RFC (http://www.ietf.org/rfc/rfc2396.txt) for a full description of what should or should not be encoded.
/**
- Url encodes a string
- @param string
- string to be encoded
- @return encoded string
*/
protected String urlEncode(String string)
{
try { return URLEncoder.encode(string, Application.get().getRequestCycleSettings() .getResponseRequestEncoding()); }catch (UnsupportedEncodingException e)
{ log.error(e.getMessage(), e); return string; }
}