You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2014/03/17 22:43:59 UTC
svn commit: r1578610 - in /tomcat/trunk: conf/ java/org/apache/catalina/
java/org/apache/catalina/core/ java/org/apache/catalina/servlets/
java/org/apache/catalina/startup/ test/org/apache/catalina/core/
webapps/docs/
Author: markt
Date: Mon Mar 17 21:43:58 2014
New Revision: 1578610
URL: http://svn.apache.org/r1578610
Log:
Redefine globalXsltFile as relative to CATALINA_BASE/conf or CATALINA_HOME/conf
Modified:
tomcat/trunk/conf/web.xml
tomcat/trunk/java/org/apache/catalina/Container.java
tomcat/trunk/java/org/apache/catalina/core/ContainerBase.java
tomcat/trunk/java/org/apache/catalina/core/StandardEngine.java
tomcat/trunk/java/org/apache/catalina/servlets/DefaultServlet.java
tomcat/trunk/java/org/apache/catalina/startup/FailedContext.java
tomcat/trunk/test/org/apache/catalina/core/TesterContext.java
tomcat/trunk/webapps/docs/default-servlet.xml
Modified: tomcat/trunk/conf/web.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/conf/web.xml?rev=1578610&r1=1578609&r2=1578610&view=diff
==============================================================================
--- tomcat/trunk/conf/web.xml (original)
+++ tomcat/trunk/conf/web.xml Mon Mar 17 21:43:58 2014
@@ -88,10 +88,10 @@
<!-- globalXsltFile[null] -->
<!-- -->
<!-- globalXsltFile Site wide configuration version of -->
- <!-- localXsltFile This argument is expected -->
- <!-- to be a physical file. [null] -->
- <!-- -->
- <!-- -->
+ <!-- localXsltFile. This argument must be a -->
+ <!-- relative path that points to a location below -->
+ <!-- either $CATALINA_BASE/conf (checked first) -->
+ <!-- or $CATALINA_BASE/conf (checked second).[null] -->
<servlet>
<servlet-name>default</servlet-name>
Modified: tomcat/trunk/java/org/apache/catalina/Container.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/Container.java?rev=1578610&r1=1578609&r2=1578610&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/Container.java (original)
+++ tomcat/trunk/java/org/apache/catalina/Container.java Mon Mar 17 21:43:58 2014
@@ -414,7 +414,13 @@ public interface Container extends Lifec
/**
- *
+ * Obtain the location of CATALINA_BASE.
*/
public File getCatalinaBase();
+
+
+ /**
+ * Obtain the location of CATALINA_HOME.
+ */
+ public File getCatalinaHome();
}
Modified: tomcat/trunk/java/org/apache/catalina/core/ContainerBase.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/ContainerBase.java?rev=1578610&r1=1578609&r2=1578610&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/core/ContainerBase.java (original)
+++ tomcat/trunk/java/org/apache/catalina/core/ContainerBase.java Mon Mar 17 21:43:58 2014
@@ -1155,6 +1155,17 @@ public abstract class ContainerBase exte
}
+ @Override
+ public File getCatalinaHome() {
+
+ if (parent == null) {
+ return null;
+ }
+
+ return parent.getCatalinaHome();
+ }
+
+
// ------------------------------------------------------ Protected Methods
/**
Modified: tomcat/trunk/java/org/apache/catalina/core/StandardEngine.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/StandardEngine.java?rev=1578610&r1=1578609&r2=1578610&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/core/StandardEngine.java (original)
+++ tomcat/trunk/java/org/apache/catalina/core/StandardEngine.java Mon Mar 17 21:43:58 2014
@@ -374,6 +374,22 @@ public class StandardEngine extends Cont
}
+ @Override
+ public File getCatalinaHome() {
+ if (service != null) {
+ Server s = service.getServer();
+ if (s != null) {
+ File base = s.getCatalinaHome();
+ if (base != null) {
+ return base;
+ }
+ }
+ }
+ // Fall-back
+ return super.getCatalinaHome();
+ }
+
+
// -------------------- JMX registration --------------------
@Override
Modified: tomcat/trunk/java/org/apache/catalina/servlets/DefaultServlet.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/servlets/DefaultServlet.java?rev=1578610&r1=1578609&r2=1578610&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/servlets/DefaultServlet.java (original)
+++ tomcat/trunk/java/org/apache/catalina/servlets/DefaultServlet.java Mon Mar 17 21:43:58 2014
@@ -34,6 +34,7 @@ import java.io.StringWriter;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;
+import java.util.Locale;
import java.util.StringTokenizer;
import javax.servlet.RequestDispatcher;
@@ -53,6 +54,7 @@ import javax.xml.transform.TransformerFa
import javax.xml.transform.stream.StreamResult;
import javax.xml.transform.stream.StreamSource;
+import org.apache.catalina.Context;
import org.apache.catalina.Globals;
import org.apache.catalina.WebResource;
import org.apache.catalina.WebResourceRoot;
@@ -1526,20 +1528,14 @@ public class DefaultServlet extends Http
/* Open and read in file in one fell swoop to reduce chance
* chance of leaving handle open.
*/
- if (globalXsltFile!=null) {
- FileInputStream fis = null;
-
- try {
- File f = new File(globalXsltFile);
- if (f.exists()){
- fis =new FileInputStream(f);
+ if (globalXsltFile != null) {
+ File f = validateGlobalXsltFile();
+ if (f != null && f.exists()){
+ try (FileInputStream fis = new FileInputStream(f)){
byte b[] = new byte[(int)f.length()]; /* danger! */
fis.read(b);
return new ByteArrayInputStream(b);
}
- } finally {
- if (fis!=null)
- fis.close();
}
}
@@ -1547,6 +1543,42 @@ public class DefaultServlet extends Http
}
+ private File validateGlobalXsltFile() {
+ Context context = resources.getContext();
+
+ File baseConf = new File(context.getCatalinaBase(), "conf");
+ File result = validateGlobalXsltFile(baseConf);
+ if (result == null) {
+ File homeConf = new File(context.getCatalinaHome(), "conf");
+ result = validateGlobalXsltFile(homeConf);
+ }
+
+ return result;
+ }
+
+
+ private File validateGlobalXsltFile(File base) {
+ File candidate = new File(base, globalXsltFile);
+
+ // First check that the resulting path is under the provided base
+ try {
+ if (!candidate.getCanonicalPath().startsWith(base.getCanonicalPath())) {
+ return null;
+ }
+ } catch (IOException ioe) {
+ return null;
+ }
+
+ // Next check that an .xlt or .xslt file has been specified
+ String nameLower = candidate.getName().toLowerCase(Locale.ENGLISH);
+ if (!nameLower.endsWith(".xslt") && !nameLower.endsWith(".xlt")) {
+ return null;
+ }
+
+ return candidate;
+ }
+
+
// -------------------------------------------------------- protected Methods
Modified: tomcat/trunk/java/org/apache/catalina/startup/FailedContext.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/startup/FailedContext.java?rev=1578610&r1=1578609&r2=1578610&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/startup/FailedContext.java (original)
+++ tomcat/trunk/java/org/apache/catalina/startup/FailedContext.java Mon Mar 17 21:43:58 2014
@@ -690,6 +690,9 @@ public class FailedContext extends Lifec
public File getCatalinaBase() { return null; }
@Override
+ public File getCatalinaHome() { return null; }
+
+ @Override
public void setAddWebinfClassesResources(boolean addWebinfClassesResources) {
// NO-OP
}
Modified: tomcat/trunk/test/org/apache/catalina/core/TesterContext.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/catalina/core/TesterContext.java?rev=1578610&r1=1578609&r2=1578610&view=diff
==============================================================================
--- tomcat/trunk/test/org/apache/catalina/core/TesterContext.java (original)
+++ tomcat/trunk/test/org/apache/catalina/core/TesterContext.java Mon Mar 17 21:43:58 2014
@@ -277,6 +277,11 @@ public class TesterContext implements Co
}
@Override
+ public File getCatalinaHome() {
+ return null;
+ }
+
+ @Override
public void addLifecycleListener(LifecycleListener listener) {
// NO-OP
}
Modified: tomcat/trunk/webapps/docs/default-servlet.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/default-servlet.xml?rev=1578610&r1=1578609&r2=1578610&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/default-servlet.xml (original)
+++ tomcat/trunk/webapps/docs/default-servlet.xml Mon Mar 17 21:43:58 2014
@@ -111,11 +111,12 @@ directory listings are disabled and debu
</property>
<property name="globalXsltFile">
If you wish to customize your directory listing, you
- can use an XSL transformation. This value is an absolute
- file name which be used for all directory listings.
- This can be overridden per context and/or per directory. See
- <strong>contextXsltFile</strong> and <strong>localXsltFile</strong>
- below. The format of the xml is shown below.
+ can use an XSL transformation. This value is a relative file name (to
+ either $CATALINA_BASE/conf/ or $CATALINA_HOME/conf/) which will be used
+ for all directory listings. This can be overridden per context and/or
+ per directory. See <strong>contextXsltFile</strong> and
+ <strong>localXsltFile</strong> below. The format of the xml is shown
+ below.
</property>
<property name="contextXsltFile">
You may also customize your directory listing by context by
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org