You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2002/10/13 23:04:45 UTC
DO NOT REPLY [Bug 13583] New: -
Relative includes/forwards with ../s broken
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13583>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13583
Relative includes/forwards with ../s broken
Summary: Relative includes/forwards with ../s broken
Product: Tomcat 4
Version: 4.1.12
Platform: All
OS/Version: All
Status: NEW
Severity: Major
Priority: Other
Component: Catalina
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: karl@xk72.com
I believe that relative includes/forwards that include ../s are broken in
Tomcat 4.1.12. The ../s are not getting removed and thus the resource cannot
be found.
I have currently seen this when the webapp is served from a WAR using
integrated JBoss 3.0.3 and Tomcat 4.1.12. This may be related to bug 13538
I believe the problem is that the path is not normalised. I have corrected the
problem by adding the *****d line below to the getRequestDispatcher( String
path ) method in org.apache.catalina.core.ApplicationContext:
// Validate the path argument
if (path == null)
return (null);
if (!path.startsWith("/"))
throw new IllegalArgumentException
(sm.getString("applicationContext.requestDispatcher.iae", path));
if (normalize(path) == null)
return (null);
****** path = normalize(path);
// Construct a "fake" request to be mapped by our Context
String contextPath = context.getPath();
if (contextPath == null)
contextPath = "";
String relativeURI = path;
String queryString = null;
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>