-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ruediger,
On 3/19/12 10:39 AM, Gubler, Ruediger wrote: > we are using a third party software which accesses files local on > the server. We must send in our request the "local path" to this > files (e.g. D:\myserver\webapps\data\thefiles\). My idea was to > write a servelt which delivers me "D:\myserver\webapps" and the > client application can add the rest of the path because this is a > fixed part. Beware. $ wget http://yourapp/get_file?path=../../Windows/System32/Config/Security.SAM If you have direct access to the filesystem, why do you need to request the file from another piece of 3rd-party software? - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk9nWV8ACgkQ9CaO5/Lv0PDl/gCbB3NeAu4SgCmglOmPbZpvGjg9 aXIAn2oS+u87bYdg4W3uJ08J+ecou171 =WQSZ -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
