Issue #11448 - improved stacktrace message for ambiguous URI

jetty · Feb 27, 2024 · cd4d464 · cd4d464
1 parent 11b1d37
commit cd4d464
Show file tree

Hide file tree

Showing 2 changed files with 27 additions and 7 deletions.
diff --git a/...10/jetty-ee10-servlet/src/main/java/org/eclipse/jetty/ee10/servlet/ServletApiRequest.java b/...10/jetty-ee10-servlet/src/main/java/org/eclipse/jetty/ee10/servlet/ServletApiRequest.java
@@ -1307,21 +1307,24 @@ public Map<String, String> getTrailerFields()
 
     static class AmbiguousURI extends ServletApiRequest
     {
-        protected AmbiguousURI(ServletContextRequest servletContextRequest)
+        private final String msg;
+
+        protected AmbiguousURI(ServletContextRequest servletContextRequest, String msg)
         {
             super(servletContextRequest);
+            this.msg = msg;
         }
 
         @Override
         public String getPathInfo()
         {
-            throw new HttpException.IllegalArgumentException(HttpStatus.BAD_REQUEST_400, "Ambiguous URI encoding");
+            throw new HttpException.IllegalArgumentException(HttpStatus.BAD_REQUEST_400, msg);
         }
 
         @Override
         public String getServletPath()
         {
-            throw new HttpException.IllegalArgumentException(HttpStatus.BAD_REQUEST_400, "Ambiguous URI encoding");
+            throw new HttpException.IllegalArgumentException(HttpStatus.BAD_REQUEST_400, msg);
         }
     }
 

diff --git a/...etty-ee10-servlet/src/main/java/org/eclipse/jetty/ee10/servlet/ServletContextRequest.java b/...etty-ee10-servlet/src/main/java/org/eclipse/jetty/ee10/servlet/ServletContextRequest.java
@@ -197,11 +197,28 @@ protected ServletApiRequest newServletApiRequest()
         if (getHttpURI().hasViolations() && !getServletChannel().getServletContextHandler().getServletHandler().isDecodeAmbiguousURIs())
         {
             // TODO we should check if current compliance mode allows all the violations?
-
-            for (UriCompliance.Violation violation : getHttpURI().getViolations())
+            if (getHttpURI().hasViolations())
             {
-                if (UriCompliance.AMBIGUOUS_VIOLATIONS.contains(violation))
-                    return new ServletApiRequest.AmbiguousURI(this);
+                StringBuilder msg = null;
+                for (UriCompliance.Violation violation : getHttpURI().getViolations())
+                {
+                    if (UriCompliance.AMBIGUOUS_VIOLATIONS.contains(violation))
+                    {
+                        if (msg == null)
+                        {
+                            msg = new StringBuilder();
+                            msg.append("Ambiguous URI encoding: ");
+                        }
+                        else
+                        {
+                            msg.append(", ");
+                        }
+
+                        msg.append(violation.name());
+                    }
+                }
+                if (msg != null)
+                    return new ServletApiRequest.AmbiguousURI(this, msg.toString());
             }
         }