You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by ti...@apache.org on 2010/10/05 05:03:44 UTC

svn commit: r1004515 - /tomcat/tc6.0.x/trunk/STATUS.txt

Author: timw
Date: Tue Oct  5 03:03:44 2010
New Revision: 1004515

URL: http://svn.apache.org/viewvc?rev=1004515&view=rev
Log:
Proposing fix for https://issues.apache.org/bugzilla/show_bug.cgi?id=50026 in 6.0.x

Modified:
    tomcat/tc6.0.x/trunk/STATUS.txt

Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1004515&r1=1004514&r2=1004515&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Tue Oct  5 03:03:44 2010
@@ -221,3 +221,19 @@ PATCHES PROPOSED TO BACKPORT:
   http://svn.apache.org/viewvc?rev=1003572&view=rev
   +1: markt, kfujino
   -1:
+
+* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50026
+  Force DefaultServlet to serve all resources relative to context root
+  regardless of mappings/mount point.
+  Prevents access to WEB-INF and META-INF when the default servlet is
+  mapped to a sub-path. Also fixes WebdavServlet, which is affected for GET
+  requests.
+  This is a breaking change for anyone re-mapping DefaultServlet to a sub-path
+  (current behaviour is to remount the entire web application under the path,
+  which exposes WEB-INF/META-INF).
+  http://svn.apache.org/viewvc?rev=1004393&view=rev
+  http://svn.apache.org/viewvc?rev=1004409&view=rev
+  http://svn.apache.org/viewvc?rev=1004415&view=rev
+  +1: timw
+  -1:
+



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org