You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@wicket.apache.org by Andrea Del Bene <ad...@ciseonweb.it> on 2011/10/19 16:50:37 UTC

Commit 1185985 has broken test?

Hi,

it seems that the commit in object has broken test 
SecurePackageResourceGuardTest.fileOnly, assertion 
'guard.acceptAbsolutePath("../test.gif")'
With this commit in ResourceSettings the default value for 
parentFolderPlaceholder has been setted to '::' but this makes always 
pass the if condition:


// Only if a placeholder, e.g. $up$ is defined, access to parent 
directories is allowed
         if 
(Strings.isEmpty(Application.get().getResourceSettings().getParentFolderPlaceholder()))
         {
             if (path.contains(".."))
             {
                 log.warn("Access to parent directories via '..' is by 
default disabled for shared resources: " +
                     path);
                 return false;
             }
         }


inside PackageResourceGuard.