svn commit: r1809248 - /tomcat/trunk/java/org/apache/catalina/webresources/AbstractFileResourceSet.java

Thu, 21 Sep 2017 17:30:14 -0700 

Author: kkolinko
Date: Fri Sep 22 00:29:54 2017
New Revision: 1809248

URL: http://svn.apache.org/viewvc?rev=1809248&view=rev
Log:
Remove condition that is always false, thanks to 
"canPath.startsWith(canonicalBase)" check a few lines earlier.

Modified:
    
tomcat/trunk/java/org/apache/catalina/webresources/AbstractFileResourceSet.java

Modified: 
tomcat/trunk/java/org/apache/catalina/webresources/AbstractFileResourceSet.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/webresources/AbstractFileResourceSet.java?rev=1809248&r1=1809247&r2=1809248&view=diff
==============================================================================
--- 
tomcat/trunk/java/org/apache/catalina/webresources/AbstractFileResourceSet.java 
(original)
+++ 
tomcat/trunk/java/org/apache/catalina/webresources/AbstractFileResourceSet.java 
Fri Sep 22 00:29:54 2017
@@ -93,11 +93,10 @@ public abstract class AbstractFileResour
         // the request processing) but might be possible for some access via 
the
         // Servlet API (RequestDispatcher, HTTP/2 push etc.) therefore these
         // checks are retained as an additional safety measure
-        // absoluteBase has been normalized so absPath needs to normalized as
+        // absoluteBase has been normalized so absPath needs to be normalized 
as
         // well.
         String absPath = normalize(file.getAbsolutePath());
-        if (absoluteBase.length() > absPath.length() ||
-                canonicalBase.length() > canPath.length()) {
+        if (absoluteBase.length() > absPath.length()) {
             return null;
         }
 



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to