resources messages.properties

markt Sat, 03 Jan 2004 06:58:47 -0800

markt       2004/01/03 05:56:39

  Modified:    jasper2/src/share/org/apache/jasper/compiler
                        TagLibraryInfoImpl.java
               jasper2/src/share/org/apache/jasper/resources
                        messages.properties
  Log:
  - Fix bug 11069. Check that the location of the TLD file is spec compliant.
  
  Revision  Changes    Path
  1.50      +11 -4     
jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/compiler/TagLibraryInfoImpl.java
  
  Index: TagLibraryInfoImpl.java
  ===================================================================
  RCS file: 
/home/cvs/jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/compiler/TagLibraryInfoImpl.java,v
  retrieving revision 1.49
  retrieving revision 1.50
  diff -u -r1.49 -r1.50
  --- TagLibraryInfoImpl.java   3 Jan 2004 12:17:18 -0000       1.49
  +++ TagLibraryInfoImpl.java   3 Jan 2004 13:56:38 -0000       1.50
  @@ -5,7 +5,7 @@
    *
    * The Apache Software License, Version 1.1
    *
  - * Copyright (c) 1999 The Apache Software Foundation.  All rights 
  + * Copyright (c) 1999,2004 The Apache Software Foundation.  All rights 
    * reserved.
    *
    * Redistribution and use in source and binary forms, with or without
  @@ -200,6 +200,13 @@
                       }
                   } catch (FileNotFoundException ex) {
                       err.jspError("jsp.error.file.not.found", location[0]);
  +                }
  +
  +                // Check TLD file location conforms to JSP.7.3.1
  +                if (!location[0].startsWith("/WEB-INF/")
  +                        || location[0].startsWith("/WEB-INF/classes/")
  +                        || location[0].startsWith("/WEB-INF/lib/")) {
  +                    err.jspError("jsp.error.tld.invalid.location", location[0]);
                   }
   
                   parseTLD(ctxt, location[0], in, null);
  
  
  
  1.138     +2 -1      
jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/resources/messages.properties
  
  Index: messages.properties
  ===================================================================
  RCS file: 
/home/cvs/jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/resources/messages.properties,v
  retrieving revision 1.137
  retrieving revision 1.138
  diff -u -r1.137 -r1.138
  --- messages.properties       11 Dec 2003 18:24:21 -0000      1.137
  +++ messages.properties       3 Jan 2004 13:56:39 -0000       1.138
  @@ -187,6 +187,7 @@
   jsp.error.tld.unable_to_read=Unable to read TLD \"{1}\" from JAR file \"{0}\": {2}
   jsp.error.tld.unable_to_get_jar=Unable to get JAR resource \"{0}\" containing TLD: 
{1}
   jsp.error.tld.missing_jar=Missing JAR resource \"{0}\" containing TLD
  +jsp.error.tld.invalid.location=\"{0}\" is not a valid location for a TLD as per JSP 
specification JSP.7.3.1
   jsp.error.webxml_not_found=Could not locate web.xml
   jsp.cmd_line.usage=Usage: jsptoservlet [-dd <path/to/outputDirectory>] 
[-keepgenerated] \
   <.jsp files>


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

cvs commit: jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/resources messages.properties

Reply via email to