Wicket
  1. Wicket
  2. WICKET-2836

Incorrect work of WicketFilter with UTF-8 urls through proxy_ajp_module and ajp connector

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 1.4.7
    • Fix Version/s: 1.5.0
    • Component/s: wicket
    • Labels:
      None
    • Environment:
      Apache 2.2 http server with configured proxy_ajp_module, Tomcat 5.5, wicket 1.4.7

      Description

      Preconditions:

      Working application on tomacat 5.5 with non SSL HTTP/1.1 connector , that has utf-8 encoded URLs
      Connector configuration :
      <Connector port="8080" maxHttpHeaderSize="8192" URIEncoding="UTF-8" maxThreads="400" maxKeepAliveRequests="100" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" redirectPort="8443"
      acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true" compression="on"/>

      Configured virtual host on apache http server:

      Listen 81
      NameVirtualHost *:81
      <VirtualHost *:81>
      ServerName jewelry.npa.com
      <Proxy *>
      AddDefaultCharset utf-8
      Order deny,allow
      Allow from all
      </Proxy>
      ProxyPass / ajp://jewelry.npa.com:8009/
      ProxyPassReverse / ajp://jewelry.npa.com:8009/
      AddDefaultCharset utf-8
      </VirtualHost>

      Configured ajp connector on tomcat 5.5
      <Connector port="8009" useBodyEncodingForURI="false" maxHttpHeaderSize="8192" URIEncoding="UTF-8" maxThreads="400"
      maxKeepAliveRequests="100" minSpareThreads="25" maxSpareThreads="75" enableLookups="false"
      redirectPort="8443" acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true"
      compression="on" protocol="AJP/1.3" />

      Problem:

      All requests, that has utf-8 url and NOT served by wicket filter works ok.

      All requests, that has utf-8 url and served by wicket filter works incorrect, because of encoding issue with ajp connector and incorect work of WicketFilter#getRelativePath(HttpServletRequest request) lines 590 - 594.

      Explanation:

      ajp module change the percent encoding (http://en.wikipedia.org/wiki/Percent-encoding)

      Proposed fix:

      Need to use request.getServletPath() instead of request.getRequestURI() to get the relativePath, because of
      HttpServletRequest sepecification http://java.sun.com/products/servlet/2.3/javadoc/javax/servlet/http/HttpServletRequest.html
      Please look at difference getServletPath returns DECODED value, but getRequestURI and getRequestURL - not.

        Activity

        Hide
        Igor Vaynberg added a comment -

        request.getservletpath() wont work because it doesnt return enough information, also, there doesnt seem to be any other method we can use. perhaps you can consider your proxy not to mangle urls.

        Show
        Igor Vaynberg added a comment - request.getservletpath() wont work because it doesnt return enough information, also, there doesnt seem to be any other method we can use. perhaps you can consider your proxy not to mangle urls.
        Hide
        Igor Azarny added a comment -

        I am pretty sure, that both methods (request.getServletPath() and request.getRequestURI() ) can be used to collect necessary information, so this bug can be fixed.

        Show
        Igor Azarny added a comment - I am pretty sure, that both methods (request.getServletPath() and request.getRequestURI() ) can be used to collect necessary information, so this bug can be fixed.
        Hide
        Igor Vaynberg added a comment -

        you are more then welcome to provide a patch.

        Show
        Igor Vaynberg added a comment - you are more then welcome to provide a patch.
        Hide
        Igor Azarny added a comment -

        Patch attached, was tested on tests and reall applications.
        3 tests failed, but failures related to MockHttpServletRequest and some assumtions in test rather than changes in provided patch. Hope somebody more experienced in wicket that me can change it. During fixing this bug the WICKET-3032 was raised.

        Show
        Igor Azarny added a comment - Patch attached, was tested on tests and reall applications. 3 tests failed, but failures related to MockHttpServletRequest and some assumtions in test rather than changes in provided patch. Hope somebody more experienced in wicket that me can change it. During fixing this bug the WICKET-3032 was raised.
        Hide
        Juergen Donnerstag added a comment -

        re-opened because patch has been provided.

        Show
        Juergen Donnerstag added a comment - re-opened because patch has been provided.
        Hide
        Martin Grigorov added a comment -

        @Igor Azarny: I see you use Wicket 1.5 now (WICKET-3906). Do you experience the problem described here in 1.5 ?

        Show
        Martin Grigorov added a comment - @Igor Azarny: I see you use Wicket 1.5 now ( WICKET-3906 ). Do you experience the problem described here in 1.5 ?
        Hide
        Igor Azarny added a comment -

        I found workaround to solve this mod_jk, that has ForwardURICompatUnparsed option - guess this info may be useful for others.
        In any case i`ll let you know if this problem present in 1.5 when migration to 1.5 will be finished

        Show
        Igor Azarny added a comment - I found workaround to solve this mod_jk, that has ForwardURICompatUnparsed option - guess this info may be useful for others. In any case i`ll let you know if this problem present in 1.5 when migration to 1.5 will be finished
        Hide
        Martin Grigorov added a comment -

        WicketFilter is improved in 1.5.0 in respect to the problem described here.

        Show
        Martin Grigorov added a comment - WicketFilter is improved in 1.5.0 in respect to the problem described here.

          People

          • Assignee:
            Martin Grigorov
            Reporter:
            Igor Azarny
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Time Tracking

              Estimated:
              Original Estimate - 24h
              24h
              Remaining:
              Remaining Estimate - 24h
              24h
              Logged:
              Time Spent - Not Specified
              Not Specified

                Development