This is an automated email from the ASF dual-hosted git repository.
markt-asf pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new eda2030b41 An explicit absolute appBase is allowed to be outside of
CATALINA_BASE
eda2030b41 is described below
commit eda2030b4128a07fe0a95085d133d7ca38e6cb70
Author: Mark Thomas <[email protected]>
AuthorDate: Thu Jun 25 10:41:05 2026 +0100
An explicit absolute appBase is allowed to be outside of CATALINA_BASE
---
java/org/apache/catalina/manager/host/HostManagerServlet.java | 7 +++++--
webapps/docs/config/host.xml | 3 ++-
2 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/java/org/apache/catalina/manager/host/HostManagerServlet.java
b/java/org/apache/catalina/manager/host/HostManagerServlet.java
index 60b683c7e5..b7a9376042 100644
--- a/java/org/apache/catalina/manager/host/HostManagerServlet.java
+++ b/java/org/apache/catalina/manager/host/HostManagerServlet.java
@@ -351,7 +351,10 @@ public class HostManagerServlet extends HttpServlet
implements ContainerServlet
applicationBase = name;
}
file = new File(applicationBase);
- if (!file.isAbsolute()) {
+ boolean appBaseIsAbsolute = false;
+ if (file.isAbsolute()) {
+ appBaseIsAbsolute = true;
+ } else {
file = new File(engine.getCatalinaBase(), file.getPath());
}
try {
@@ -359,7 +362,7 @@ public class HostManagerServlet extends HttpServlet
implements ContainerServlet
} catch (IOException ioe) {
appBaseFile = file;
}
- if (!pathCheck(appBaseFile, engine.getCatalinaBase(), writer,
smClient)) {
+ if (!appBaseIsAbsolute && !pathCheck(appBaseFile,
engine.getCatalinaBase(), writer, smClient)) {
// Any error reported in pathCheck()
return;
}
diff --git a/webapps/docs/config/host.xml b/webapps/docs/config/host.xml
index e2a2384a56..42938364ae 100644
--- a/webapps/docs/config/host.xml
+++ b/webapps/docs/config/host.xml
@@ -87,7 +87,8 @@
This is the pathname of a directory that may contain web applications
to be deployed on this virtual host. You may specify an
absolute pathname, or a pathname that is relative to the
- <code>$CATALINA_BASE</code> directory. See
+ <code>$CATALINA_BASE</code> directory. Relative path names must be
under
+ the <code>$CATALINA_BASE</code> directory. See
<a href="#Automatic_Application_Deployment">Automatic Application
Deployment</a> for more information on automatic recognition and
deployment of web applications. If not specified, the default of
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
