IBM Support

JR48060: Query parameters from SEO-mapped commands are not properly encoded

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • When trying to retrieve request parameters from a new controller
    command mapped to an SEO URL keyword, the parameter values may
    appear corrupt as a result of the wrong encoding type being
    used.
    
    Example
    requestProperties.getString(?keyword?)
    

Local fix

  • Set the following custom JVM parameter to force the encoding
    (Note: This is a global, server-wide setting)
    -Dclient.encoding.override=UTF-8
    
    WAS Administration Console > Servers > Application servers >
    Java and Process Management > Process Definition > Java Virtual
    Machine > Generic JVM Arguments
    

Problem summary

  • USERS AFFECTED:
    WebSphere Commerce users on v7.0 Feature Pack 3 or higher
    obtaining query parameters from SEO-mapped commands
    
    PROBLEM ABSTRACT:
    Query parameters from SEO-mapped commands are not properly
    encoded
    
    BUSINESS IMPACT:
    Low-moderate: A workaround exists
    
    RECOMMENDATION:
    

Problem conclusion

  • Cause:
    The HTTPServletRequest.getParameter() method was called before
    setting the correct character encoding on the HTTPServletRequest
    object. The setCharacterEncoding() was then called after calls
    to getParameter(). According to the HTTPServlet specification,
    the setCharacterEncoding() method will not have any effect if it
    is called after invoking request.getParameter(). As a result,
    the parameter values were decoded using the default character
    encoding which may have led to corrupted values for special
    characters.
    
    Fix:
    The code was updated to ensure setCharacterEncoding() is called
    first and the correct encoding is set even before the first call
    to the request.getParameter(...) method. This will ensure
    parameter values are decoded using the correct character
    encoding set on the request object.
    
    
    
    -------------------------------------------------------------
    The latest available maintenance information can be obtained
    from the Recommended Fixes for WebSphere Commerce technote:
    http://www.ibm.com/support/docview.wss?rs=3046&uid=swg21261296
    

Temporary fix

Comments

APAR Information

  • APAR number

    JR48060

  • Reported component name

    WC BUS EDITION

  • Reported component ID

    5724I3800

  • Reported release

    700

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2013-10-11

  • Closed date

    2013-11-28

  • Last modified date

    2013-11-28

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    WC BUS EDITION

  • Fixed component ID

    5724I3800

Applicable component levels

  • R700 PSY

       UP

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSYSYL","label":"WebSphere Commerce Enterprise"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"7.0","Edition":"","Line of Business":{"code":"","label":""}}]

Document Information

Modified date:
28 November 2013