jersey
  1. jersey
  2. JERSEY-975

ApplicationPath annotation does not allow percent encoded values

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Critical Critical
    • Resolution: Complete
    • Affects Version/s: 1.12
    • Fix Version/s: None
    • Component/s: core
    • Labels:
      None

      Description

      Javadoc for ApplicationPath.value says:
      Note that percent encoded values are allowed in the value, an implementation will recognize such values and will not double encode the '%' character.

      Having a servlet defined as:
      <?xml version="1.0" encoding="UTF-8"?>
      <web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
      <servlet>
      <servlet-name>CTSJAXRSAPPPATH</servlet-name>
      <servlet-class>com/sun/jersey/spi/container/servlet/ServletContainer.class</servlet-class>
      <init-param>
      <param-name>javax.ws.rs.Application</param-name>
      <param-value>com.sun.ts.tests.jaxrs.ee.rs.applicationpath.TSAppConfig</param-value>
      </init-param>
      <load-on-startup>1</load-on-startup>
      </servlet>
      <servlet-mapping>
      <servlet-name>CTSJAXRSAPPPATH</servlet-name>
      <url-pattern>/*</url-pattern>
      </servlet-mapping>
      <session-config>
      <session-timeout>30</session-timeout>
      </session-config>
      </web-app>

      and classes
      @ApplicationPath("Application%20Path")
      public class TSAppConfig extends Application {

      public java.util.Set<java.lang.Class<?>> getClasses()

      { Set<Class<?>> resources = new HashSet<Class<?>>(); resources.add(Resource.class); return resources; }


      }

      @Path("/Resource")
      public class Resource {
      @GET
      public Response returnOk()

      { return Response.ok().build(); }

      }

      When asked: GET /jaxrs_ee_applicationpath_web/Application%20Path/Resource/ HTTP/1.1[\r][\n]
      I receive 500:
      <b>description</b>The server encountered an internal error () that prevented it
      from fulfilling this request.</p><p><b>exception</b> <pre>com.sun.jersey.api.co
      ntainer.ContainerException: The servlet context path and/or the servlet path con
      tain characters that are percent encoded</pre></p><p><b>note</b> <u>The full sta
      ck traces of the exception and its root causes are available in the GlassFish Se
      rver Open Source Edition 3.1.2-SNAPSHOT logs.</u></p><hr/><h3>GlassFish Server O

      And log:

      [#|2012-02-10T17:00:33.726+0100|WARNING|glassfish3.1.2|javax.enterprise.system.container.web.com.sun.enterprise.web|_ThreadID=174;_ThreadName=Thread-2;|StandardWrapperValve[com.sun.ts.tests.jaxrs.ee.rs.applicationpath.TSAppConfig]: PWC1406: Servlet.service() for servlet com.sun.ts.tests.jaxrs.ee.rs.applicationpath.TSAppConfig threw exception
      com.sun.jersey.api.container.ContainerException: The servlet context path and/or the servlet path contain characters that are percent encoded
      at com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:692)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:770)
      at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1542)
      at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:281)
      at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
      at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
      at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
      at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
      at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:174)
      at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:849)
      at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:746)
      at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1045)
      at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:228)
      at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
      at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
      at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
      at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
      at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
      at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
      at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
      at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
      at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
      at java.lang.Thread.run(Thread.java:722)

      Note that having @ApplicationPath("Application%21Path") and GET /jaxrs_ee_applicationpath_web/Application%21Path/Resource/ HTTP/1.1
      does the same, whereas @ApplicationPath("Application%21Path") and GET /jaxrs_ee_applicationpath_web/Application!Path/Resource/ HTTP/1.1
      works fine

        Activity

        Hide
        Marek Potociar added a comment - - edited

        I'd first want to make sure that what you're sending on your client is indeed what's received on the server. Can you confirm that your
        GET /web/ApplicationPath%21/Resource
        is not double-encoded to
        GET /web/ApplicationPath%3721/Resource
        before it is transmitted over the wire?

        Show
        Marek Potociar added a comment - - edited I'd first want to make sure that what you're sending on your client is indeed what's received on the server. Can you confirm that your GET /web/ApplicationPath%21/Resource is not double-encoded to GET /web/ApplicationPath%3721/Resource before it is transmitted over the wire?
        Hide
        jan.supol added a comment -

        I checked the absolute path of UriInfo on ContainerRequestFilter. It is not double encoded.

        Show
        jan.supol added a comment - I checked the absolute path of UriInfo on ContainerRequestFilter. It is not double encoded.
        Hide
        Marek Potociar added a comment -

        As we agreed this is a marginal case that should not be covered in TCK for now. I'm going to move the issue to the backlog for later evaluation and potential candidate for fixing in JAX-RS 2.1.

        Show
        Marek Potociar added a comment - As we agreed this is a marginal case that should not be covered in TCK for now. I'm going to move the issue to the backlog for later evaluation and potential candidate for fixing in JAX-RS 2.1.
        Hide
        Marek Potociar added a comment -

        Moving to backlog again.

        Show
        Marek Potociar added a comment - Moving to backlog again.
        Hide
        Marek Potociar added a comment -

        Jersey 1.x branch is not under active development anymore. Only security issues and issues reported by the customers of commercially supported products that ship with Jersey are fixed on this code base right now.
        Please, move your code to Jersey 2.x and if you still see the issue there, feel free to file a bug against Jersey 2.x.

        Show
        Marek Potociar added a comment - Jersey 1.x branch is not under active development anymore. Only security issues and issues reported by the customers of commercially supported products that ship with Jersey are fixed on this code base right now. Please, move your code to Jersey 2.x and if you still see the issue there, feel free to file a bug against Jersey 2.x.

          People

          • Assignee:
            Unassigned
            Reporter:
            jan.supol
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Time Tracking

              Estimated:
              Original Estimate - 3 hours
              3h
              Remaining:
              Remaining Estimate - 3 hours
              3h
              Logged:
              Time Spent - Not Specified
              Not Specified