Hi Devs, The following code in FilePolicyManager.java leads to an infinite loop when an url contains other characters than [\w-._~].
//The live area should be restrictive and will use the policy belonging
to self-or-ancestor
if (url.startsWith("/live")) {
while (url.indexOf("/") >= 0) {
policy = buildSubtreePolicy(controller, url+"/");
policies.add(policy);
if(!policy.isEmpty()) {
url="";
} else {
url=url.replaceFirst("/[\\w\\-\\.\\_\\~]*$","");
}
}
}
The URL should probably be normalized before components like the PolicyManager
get theiry hands on it.
Cheers,
Gregor
--
Gregor R. Imboden
Wyona - Open Source Content Management - Apache Lenya
http://www.wyona.com http://lenya.apache.org
[EMAIL PROTECTED] [EMAIL PROTECTED]
Public-Key http://wyona.org/keys/[EMAIL PROTECTED]
Fingerprint 71EC 091B DE2F 56CD 71F5 D4DD EEF0 470F 0D5C 3E01
pgpEP2BhLSDDx.pgp
Description: PGP signature
