Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Template URI Variables with newline %0A or %0D are not matched #23252

Closed
tmoschou opened this issue Jul 9, 2019 · 2 comments
Closed

Template URI Variables with newline %0A or %0D are not matched #23252

tmoschou opened this issue Jul 9, 2019 · 2 comments
Assignees
@rstoyanchev
Labels
in: core Issues in core modules (aop, beans, core, context, expression) in: web Issues in web modules (web, webmvc, webflux, websocket) type: enhancement A general enhancement
Milestone
5.3.2

Comments

@tmoschou
Copy link

tmoschou commented Jul 9, 2019
edited by sbrannen

Affects: 5.1.8.RELEASE

The AntPathMatcher does not match strings containing newlines \n or \r when encoded as %0A or %0D for template URI variables. This is due to AntPathMatcher using defaulting matching regex of (.*), which matches all characters except newline characters.

For instance the controller (using spring boot):

@RestController
public class Controller {

    @RequestMapping("/foo/x\ny")
    public String fooNewline() {
        return "From fooNewline()";
    }

    @RequestMapping("/foo/x\ry")
    public String fooCarriageReturn() {
        return "From fooCarriageReturn()";
    }

    @RequestMapping("/bar/{param1}")
    public String bar(@PathVariable("param1") String param1) {
        return "From bar(). Passed in " + param1;
    }

}

Would match

GET /foo/x%0Ay
GET /foo/x%0Dy

but

GET /bar/x%0Ay
GET /bar/x%0Dy

would return HTTP 404 Not Found with no context on the error with no opportunity to give a more helpful error message. Specifically from the default ErrorController:

{
  "timestamp": "2019-07-09T03:05:04.285+0000",
  "status": 404,
  "error": "Not Found",
  "message": "No message available",
  "path": "/bar/x%0Ay"
}

This can be worked around by manually specify a DOTALL modifier flag in every path param.

E.g.

@RequestMapping("/bar/{param1:(?s:.*)}")

But I think it would make sense if the AntPathMatcher did this by default, and I consider it a bug as normal path matching behavior, outside of template variables, would happily match newline or carriage returns.
@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged or decided on label Jul 9, 2019
@sbrannen sbrannen added in: core Issues in core modules (aop, beans, core, context, expression) in: web Issues in web modules (web, webmvc, webflux, websocket) labels Jul 9, 2019
@peter-ponzel
Copy link

Hello,
I just ran into the same issue - has there been any update on this ?
Regards

@rstoyanchev rstoyanchev self-assigned this Nov 12, 2020
@rstoyanchev rstoyanchev added type: enhancement A general enhancement and removed status: waiting-for-triage An issue we've not yet triaged or decided on labels Nov 12, 2020
@rstoyanchev rstoyanchev added this to the 5.3.2 milestone Nov 12, 2020
@rstoyanchev
Copy link
Contributor

It sounds like we just need to update the DEFAULT_VARIABLE_PATTERN expression in AntPathMatcher to use the embedded (?s) flag as documented on Pattern.DOTALL. As this pattern is only used for URI template variables, it shouldn't impact anything outside of web request mappings.

@sync-by-unito sync-by-unito bot mentioned this issue Dec 10, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rstoyanchev rstoyanchev

Labels
in: core Issues in core modules (aop, beans, core, context, expression) in: web Issues in web modules (web, webmvc, webflux, websocket) type: enhancement A general enhancement
Projects
None yet
Milestone
5.3.2
Development

No branches or pull requests
5 participants
@sbrannen @rstoyanchev @tmoschou @spring-projects-issues @peter-ponzel