This is an automated email from the ASF dual-hosted git repository.
markt-asf pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 1c8e467eb9 An explicit absolute appBase is allowed to be outside of
CATALINA_BASE
1c8e467eb9 is described below
commit 1c8e467eb92e8c4534690b818c3fb23328d1a155
Author: Mark Thomas <[email protected]>
AuthorDate: Thu Jun 25 10:41:05 2026 +0100
An explicit absolute appBase is allowed to be outside of CATALINA_BASE
---
java/org/apache/catalina/manager/host/HostManagerServlet.java | 7 +++++--
webapps/docs/config/host.xml | 3 ++-
2 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/java/org/apache/catalina/manager/host/HostManagerServlet.java
b/java/org/apache/catalina/manager/host/HostManagerServlet.java
index 6b2a48cb78..caeafcc025 100644
--- a/java/org/apache/catalina/manager/host/HostManagerServlet.java
+++ b/java/org/apache/catalina/manager/host/HostManagerServlet.java
@@ -350,7 +350,10 @@ public class HostManagerServlet extends HttpServlet
implements ContainerServlet
applicationBase = name;
}
file = new File(applicationBase);
- if (!file.isAbsolute()) {
+ boolean appBaseIsAbsolute = false;
+ if (file.isAbsolute()) {
+ appBaseIsAbsolute = true;
+ } else {
file = new File(engine.getCatalinaBase(), file.getPath());
}
try {
@@ -358,7 +361,7 @@ public class HostManagerServlet extends HttpServlet
implements ContainerServlet
} catch (IOException ioe) {
appBaseFile = file;
}
- if (!pathCheck(appBaseFile, engine.getCatalinaBase(), writer,
smClient)) {
+ if (!appBaseIsAbsolute && !pathCheck(appBaseFile,
engine.getCatalinaBase(), writer, smClient)) {
// Any error reported in pathCheck()
return;
}
diff --git a/webapps/docs/config/host.xml b/webapps/docs/config/host.xml
index a32436f846..b97b9eecf4 100644
--- a/webapps/docs/config/host.xml
+++ b/webapps/docs/config/host.xml
@@ -87,7 +87,8 @@
This is the pathname of a directory that may contain web applications
to be deployed on this virtual host. You may specify an
absolute pathname, or a pathname that is relative to the
- <code>$CATALINA_BASE</code> directory. See
+ <code>$CATALINA_BASE</code> directory. Relative path names must be
under
+ the <code>$CATALINA_BASE</code> directory. See
<a href="#Automatic_Application_Deployment">Automatic Application
Deployment</a> for more information on automatic recognition and
deployment of web applications. If not specified, the default of
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
