I am working on a java web application and which is deployed on Tomcat. I am using servlets to handle some functionality, In the Servlet I am redirecting from one servlt to other servlet by using SendRedirect method and it was succesfully redirecting to other servlet.
Problem: Earlier we wereusing Tomcat version - 7.0.65 but recently it has been upgraded to 7.0.67. After upgrading tomcat to newer version(7.0.67), send redirect calls are not working.
Example:
Public class MainServlet extends HttpServlet {
protected void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// do some operations..
String emptyStr = " ";
String urlPath = "http:localhost:8085/DemoProject/demoServlet? username=dummy&eid=emptyStr";
response.sendRedirect(urlPath);
return;
}
}
I have seen the Tomcat specification also and they are talkiing about redirections which is below whic i can not understand.
Apache Tomcat 7.0.67 Release Date: 2015-12-10 Full release notes can be found here. 56917: As per RFC7231 (HTTP/1.1), allow HTTP/1.1 and later redirects to use relative URIs. This is controlled by a new attribute useRelativeRedirects on the Context and defaults to true. (markt) 58660: Correct a regression in 7.0.66 caused by the change that moved the redirection for context roots from the Mapper to the Default Servlet. (markt) Fixed potential NPE in HostConfig while deploying an application. Issue reported by coverity scan. (violetagg) 58655: Fix an IllegalStateException when calling HttpServletResponse.sendRedirect() with the RemoteIpFilter. This was caused by trying to correctly generate the absolute URI for the redirect With the fix for 56917, redirects may now be relative making the sendRedirect() implementation for the RemoteIpFilter much simpler. This also addresses issues where the redirect may not have behaved as expected when redirecting from http to https to from https to http. (markt)
Please look into the problem and let me know if you have any suggestion.
Any suggestions would be appreciated.
I was actually running into the same thing with an app I inherited that was running swell in Tomcat 7.0.62. The upgrade path I had to perform was to use Tomcat 8.x and Java 8. Upon testing the app, it also broke.
Narrowed it down to the fact that there were spaces in the URL generated for the redirect (that were not encoded and were not using +. This worked no problem through all versions up to 7.0.65. Once 7.0.67 was hit, Tomcat was no longer handling the spaces in the redirect URL (which btw, was an absolute https://.... path, not relative)
The behavior for sendRedirect seems to have been directly affected with the changes in 7.0.67+. The solution is to properly URL Encode your redirect URL so that spaces, specials chars, etc are encoded before calling the sendRedirect function with the location to go to
Just my 2 cents on the topic since I have recently hit this as well.