Author: markt Date: Tue Nov 3 10:52:32 2015 New Revision: 1712250 URL: http://svn.apache.org/viewvc?rev=1712250&view=rev Log: Extend the fix for https://bz.apache.org/bugzilla/show_bug.cgi?id=58228 to include getRealPath(String)
Modified: tomcat/trunk/java/org/apache/catalina/core/ApplicationContext.java Modified: tomcat/trunk/java/org/apache/catalina/core/ApplicationContext.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/ApplicationContext.java?rev=1712250&r1=1712249&r2=1712250&view=diff ============================================================================== --- tomcat/trunk/java/org/apache/catalina/core/ApplicationContext.java (original) +++ tomcat/trunk/java/org/apache/catalina/core/ApplicationContext.java Tue Nov 3 10:52:32 2015 @@ -382,7 +382,8 @@ public class ApplicationContext @Override public String getRealPath(String path) { - return context.getRealPath(path); + String validatedPath = validateResourcePath(path, true); + return context.getRealPath(validatedPath); } @@ -473,7 +474,7 @@ public class ApplicationContext @Override public URL getResource(String path) throws MalformedURLException { - String validatedPath = validateResourcePath(path); + String validatedPath = validateResourcePath(path, false); if (validatedPath == null) { throw new MalformedURLException( @@ -492,7 +493,7 @@ public class ApplicationContext @Override public InputStream getResourceAsStream(String path) { - String validatedPath = validateResourcePath(path); + String validatedPath = validateResourcePath(path, false); if (validatedPath == null) { return null; @@ -511,11 +512,15 @@ public class ApplicationContext * Returns null if the input path is not valid or a path that will be * acceptable to resoucres.getResource(). */ - private String validateResourcePath(String path) { + private String validateResourcePath(String path, boolean allowEmptyPath) { if (path == null) { return null; } + if (path.length() == 0 && allowEmptyPath) { + return path; + } + if (!path.startsWith("/")) { if (GET_RESOURCE_REQUIRE_SLASH) { return null; --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org