torquebox_backslash_fix_middleware.rb

require 'uri'

# There's a bug in jboss or torquebox where encoded backslashes in URLs are incorrectly converted into forward slashes.
# This is rack middleware that detects when the original request included a backslash and will correct the env variable
# before forwarding it to the other middleware
# See https://issues.jboss.org/browse/TORQUE-955
class TorqueboxBackslashFixMiddleware

  ENCODED_BACKSLASH = "%5C"

  def initialize(app)
    @app = app
  end

  def call(env)
    original_request = env["servlet_request"].get_request_url.to_s

    if original_request.include?(ENCODED_BACKSLASH)
      puts "Found URL with encoded backslash: #{original_request}"
      uri = URI(original_request)
      decoded_path = URI.decode(uri.path)
      fix_env_value(env, "ORIGINAL_FULLPATH", decoded_path)
      fix_env_value(env, "REQUEST_URI", decoded_path)
      
      if application_context.length > 0 && uri.path.start_with?(application_context)
        fix_env_value(env, "PATH_INFO", URI.decode(uri.path.sub(application_context,"")))
      else
        fix_env_value(env, "PATH_INFO", decoded_path)
      end
      
      if uri.query && uri.query.size > 0
        fix_env_value(env, "QUERY_STRING", URI.decode(uri.query))
      end
    end

    @app.call(env)
  end

  # The context at which the application is deployed. Determine what this is set to is application dependent.
  def application_context
    APP_CONFIG["relative_root_url"]||""
  end

  # Checks if key is set in env. If it is it is updated to the new_value.
  def fix_env_value(env, key, new_value)
    if env.has_key?(key)
      prev_value = env[key]
      env[key] = new_value
      puts "Request env key #{key} corrected from [#{prev_value}] to [#{new_value}]"
    end
  end
end

Add config.middleware.use(TorqueboxBackslashFixMiddleware) to application.rb to use this middleware.