Author: timw
Date: Tue Oct 5 03:03:44 2010
New Revision: 1004515
URL: http://svn.apache.org/viewvc?rev=1004515&view=rev
Log:
Proposing fix for https://issues.apache.org/bugzilla/show_bug.cgi?id=50026 in
6.0.x
Modified:
tomcat/tc6.0.x/trunk/STATUS.txt
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1004515&r1=1004514&r2=1004515&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Tue Oct 5 03:03:44 2010
@@ -221,3 +221,19 @@ PATCHES PROPOSED TO BACKPORT:
http://svn.apache.org/viewvc?rev=1003572&view=rev
+1: markt, kfujino
-1:
+
+* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50026
+ Force DefaultServlet to serve all resources relative to context root
+ regardless of mappings/mount point.
+ Prevents access to WEB-INF and META-INF when the default servlet is
+ mapped to a sub-path. Also fixes WebdavServlet, which is affected for GET
+ requests.
+ This is a breaking change for anyone re-mapping DefaultServlet to a sub-path
+ (current behaviour is to remount the entire web application under the path,
+ which exposes WEB-INF/META-INF).
+ http://svn.apache.org/viewvc?rev=1004393&view=rev
+ http://svn.apache.org/viewvc?rev=1004409&view=rev
+ http://svn.apache.org/viewvc?rev=1004415&view=rev
+ +1: timw
+ -1:
+
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
