SEC-1129: FilterChainProxy. Not matching ant url when a parameter contains / #1376

Closed
spring-issuemaster opened this Issue Mar 24, 2009 · 4 comments

1 participant

@spring-issuemaster

Roberto Ruiz (Migrated from SEC-1129) said:

I am using Filter proxy to add several filters to my pages

The * at the end is because some pages have GET parameters. The problem comes when one of those parameters, constains a / character (Text is already escaped with javascript escape function). In that case, the page is not matched. It may be solved, adding a new filter-chain

Notice the / at the end of the second chain

I think it’s a bug, as the / character is in the parameter string and not in the url.

@spring-issuemaster

Luke Taylor said:

The ant pattern matcher isn’t supposed to match parameters as the query string is supposed to be stripped before the match (see SEC-953, for example). Please make sure you are raising issues against the latest release version. If you need complicated matching syntax then you can use regular expressions instead of ant paths.

@spring-issuemaster

Roberto Ruiz said:

No, I don’t want the parameters to be matched. The problem is precisely that, and that’s because I put an * after .html. If I don’t do that, urls with parameters are never matched. I’ll try with latest version anyway

@spring-issuemaster

Roberto Ruiz said:

No, I don’t want the parameters to be matched. The problem is precisely that, and that’s because I put an * after .html. If I don’t do that, urls with parameters are never matched. I’ll try with latest version anyway

@spring-issuemaster

Luke Taylor said:

So this is effectively a duplicate of SEC-953 and was fixed in the 2.0.4 release.

@spring-issuemaster spring-issuemaster added this to the 3.0.0 M1 milestone Feb 5, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment