org.apache.tomcat.modules.mappers
Class DecodeInterceptor

java.lang.Object
  |
  +--org.apache.tomcat.core.BaseInterceptor
        |
        +--org.apache.tomcat.modules.mappers.DecodeInterceptor

public class DecodeInterceptor
extends BaseInterceptor

Default actions after receiving the request: get charset, unescape, pre-process. This intercept can optionally normalize the request and check for certain unsafe escapes. Both of these options are on by default.


Fields inherited from class org.apache.tomcat.core.BaseInterceptor
cm, ct, ctx, debug, DECLINED, loghelper, OK
 
Constructor Summary
DecodeInterceptor()
           
 
Method Summary
 int beforeBody(Request req, Response res)
          Hook - before the response is sent, get the response encoding and save it per session ( if we are in a session ).
 void engineInit(ContextManager cm)
          Initialize the module.
 java.lang.Object getInfo(Context ctx, Request req, int info, java.lang.String k)
          Hook for lazy evaluation of request info.
 int postReadRequest(Request req)
          Called immediately after the request has been received, before any mapping.
 void setCharsetAttribute(java.lang.String s)
           
 void setDefaultEncoding(java.lang.String s)
          Set server-wide default encoding.
 int setInfo(Context ctx, Request req, int info, java.lang.String k, java.lang.Object v)
           
 void setNormalize(boolean b)
          Decode interceptor can normalize urls, per RFC 1630
 void setSafe(boolean b)
          Decode interceptor can reject unsafe urls.
 void setSaveOriginal(boolean b)
          Save the original uri before decoding.
 void setUseSessionEncoding(boolean b)
           
 
Methods inherited from class org.apache.tomcat.core.BaseInterceptor
addContainer, addContext, addHandler, addInterceptor, addSecurityConstraint, afterBody, authenticate, authorize, beforeCommit, contextInit, contextMap, contextShutdown, contextState, engineShutdown, engineStart, engineState, engineStop, findSession, getContext, getContextManager, getDebug, getLog, getNote, getNote, handleError, log, log, log, log, postRequest, postService, postServletDestroy, postServletInit, preService, preServletDestroy, preServletInit, registerHooks, reload, removeContainer, removeContext, removeHandler, removeInterceptor, requestMap, sessionState, setContext, setContextManager, setDebug, setNote, setNote
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

DecodeInterceptor

public DecodeInterceptor()
Method Detail

setDefaultEncoding

public void setDefaultEncoding(java.lang.String s)
Set server-wide default encoding. UTF-8 is recommended ( if you want to brake the standard spec, which requires 8859-1 )

setUseSessionEncoding

public void setUseSessionEncoding(boolean b)

setCharsetAttribute

public void setCharsetAttribute(java.lang.String s)

setNormalize

public void setNormalize(boolean b)
Decode interceptor can normalize urls, per RFC 1630

setSaveOriginal

public void setSaveOriginal(boolean b)
Save the original uri before decoding. Default is false, for consistency among servers.

setSafe

public void setSafe(boolean b)
Decode interceptor can reject unsafe urls. These are URL's containing the following escapes: %25 = '%' %2E = '.' %2F = '/' %5C = '\' These are rejected because they interfere with URL's pattern matching with reguard to security issues.

engineInit

public void engineInit(ContextManager cm)
                throws TomcatException
Description copied from class: BaseInterceptor
Initialize the module.
Overrides:
engineInit in class BaseInterceptor
Following copied from class: org.apache.tomcat.core.BaseInterceptor
Throws:
TomcatException - The module will not be added if any exception is thrown by engineInit.

postReadRequest

public int postReadRequest(Request req)
Description copied from class: BaseInterceptor
Called immediately after the request has been received, before any mapping. This allows modules to alter the request before it is mapped, and implement decoding/encoding, detect charsets, etc. The request URI and (some) headers will be available. Similar with Apache's post_read_request
Overrides:
postReadRequest in class BaseInterceptor

beforeBody

public int beforeBody(Request req,
                      Response res)
Hook - before the response is sent, get the response encoding and save it per session ( if we are in a session ). All browsers I know will use the same encoding in the next request. Since this is not part of the spec, it's disabled by default.
Overrides:
beforeBody in class BaseInterceptor

getInfo

public java.lang.Object getInfo(Context ctx,
                                Request req,
                                int info,
                                java.lang.String k)
Description copied from class: BaseInterceptor
Hook for lazy evaluation of request info. This provides and uniform mechanism to allow modules to evaluate certain expensive request attributes/parameters when they are needed ( if ever ), and allows specialized modules and better integration with the web server/server modules. This replaces a number of hard-coded constructs and should clean up the core for un-needed dependencies, as well as provide flexibility in key areas as encoding, etc.
Overrides:
getInfo in class BaseInterceptor

setInfo

public int setInfo(Context ctx,
                   Request req,
                   int info,
                   java.lang.String k,
                   java.lang.Object v)
Overrides:
setInfo in class BaseInterceptor


Copyright © 2001 Apache Software Foundation. All Rights Reserved.