Add option to allow {} and [] characters in path and queries (#691)

kartoza · Oct 6, 2024 · 5a09874 · 5a09874
1 parent 31cebac
commit 5a09874
Show file tree

Hide file tree

Showing 4 changed files with 26 additions and 2 deletions.
diff --git a/build_data/letsencrypt-tomcat.xsl b/build_data/letsencrypt-tomcat.xsl
@@ -11,6 +11,8 @@
     <xsl:param name="http.compression"/>
     <xsl:param name="http.scheme"/>
     <xsl:param name="http.maxHttpHeaderSize"/>
+    <xsl:param name="http.relaxedPathChars"/>
+    <xsl:param name="http.relaxedQueryChars"/>
     <xsl:param name="https.scheme"/>
     <xsl:param name="https.port"/>
     <xsl:param name="https.maxThreads"/>
@@ -76,6 +78,16 @@
                     <xsl:value-of select="$http.maxHttpHeaderSize"/>
                 </xsl:attribute>
             </xsl:if>
+            <xsl:if test="$http.relaxedPathChars">
+                <xsl:attribute name="relaxedPathChars">
+                    <xsl:value-of select="$http.relaxedPathChars"/>
+                </xsl:attribute>
+            </xsl:if>
+            <xsl:if test="$http.relaxedQueryChars">
+                <xsl:attribute name="relaxedQueryChars">
+                    <xsl:value-of select="$http.relaxedQueryChars"/>
+                </xsl:attribute>
+            </xsl:if>
 
             <xsl:apply-templates select="node()"/>
         </xsl:copy>

diff --git a/docs/Environment-Variables/index.html b/docs/Environment-Variables/index.html
@@ -825,6 +825,8 @@ <h3 id="running-under-ssl">Running under SSL</h3>
 <li>HTTP_COMPRESSION</li>
 <li>HTTP_SCHEME</li>
 <li>HTTP_MAX_HEADER_SIZE</li>
+<li>HTTP_RELAX_CHARS</li>
+<li>HTTP_RELAX_QUERY</li>
 <li>HTTPS_SCHEME</li>
 <li>HTTPS_PORT</li>
 <li>HTTPS_MAX_THREADS</li>

diff --git a/docs/search/search_index.json b/docs/search/search_index.json
diff --git a/scripts/start.sh b/scripts/start.sh
@@ -467,7 +467,7 @@ if [[ ${SSL} =~ [Tt][Rr][Uu][Ee] ]]; then
 
 else
     cp "${CATALINA_HOME}"/conf/ssl-tomcat.xsl "${CATALINA_HOME}"/conf/ssl-tomcat_no_https.xsl
-    sed -i -e '83,126d' "${CATALINA_HOME}"/conf/ssl-tomcat_no_https.xsl
+    sed -i -e '95,138d' "${CATALINA_HOME}"/conf/ssl-tomcat_no_https.xsl
     SSL_CONF=${CATALINA_HOME}/conf/ssl-tomcat_no_https.xsl
 
 fi # End SSL settings
@@ -507,6 +507,14 @@ if [ -n "$HTTP_MAX_HEADER_SIZE" ]; then
   HTTP_MAX_HEADER_SIZE_PARAM="--stringparam http.maxHttpHeaderSize $HTTP_MAX_HEADER_SIZE "
 fi
 
+if [[ "$HTTP_RELAX_CHARS" =~ [Tt][Rr][Uu][Ee] ]] ; then
+  HTTP_RELAX_CHARS_PARAM="--stringparam http.relaxedPathChars {}[]\| "
+fi
+
+if [[ "$HTTP_RELAX_QUERY" =~ [Tt][Rr][Uu][Ee] ]] ; then
+  HTTP_RELAX_QUERY_PARAM="--stringparam http.relaxedQueryChars {}[]\| "
+fi
+
 if [ -n "$HTTPS_SCHEME" ] ; then
     HTTPS_SCHEME_PARAM="--stringparam https.scheme $HTTPS_SCHEME "
 fi
@@ -563,6 +571,8 @@ transform="xsltproc \
   $HTTP_CONNECTION_TIMEOUT_PARAM \
   $HTTP_COMPRESSION_PARAM \
   $HTTP_SCHEME_PARAM \
+  $HTTP_RELAX_CHARS_PARAM \
+  $HTTP_RELAX_QUERY_PARAM \
   $HTTP_MAX_HEADER_SIZE_PARAM \
   $HTTPS_SCHEME_PARAM \
   $HTTPS_PORT_PARAM \