You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ti...@apache.org on 2010/10/05 05:03:44 UTC
svn commit: r1004515 - /tomcat/tc6.0.x/trunk/STATUS.txt
Author: timw
Date: Tue Oct 5 03:03:44 2010
New Revision: 1004515
URL: http://svn.apache.org/viewvc?rev=1004515&view=rev
Log:
Proposing fix for https://issues.apache.org/bugzilla/show_bug.cgi?id=50026 in 6.0.x
Modified:
tomcat/tc6.0.x/trunk/STATUS.txt
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1004515&r1=1004514&r2=1004515&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Tue Oct 5 03:03:44 2010
@@ -221,3 +221,19 @@ PATCHES PROPOSED TO BACKPORT:
http://svn.apache.org/viewvc?rev=1003572&view=rev
+1: markt, kfujino
-1:
+
+* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50026
+ Force DefaultServlet to serve all resources relative to context root
+ regardless of mappings/mount point.
+ Prevents access to WEB-INF and META-INF when the default servlet is
+ mapped to a sub-path. Also fixes WebdavServlet, which is affected for GET
+ requests.
+ This is a breaking change for anyone re-mapping DefaultServlet to a sub-path
+ (current behaviour is to remount the entire web application under the path,
+ which exposes WEB-INF/META-INF).
+ http://svn.apache.org/viewvc?rev=1004393&view=rev
+ http://svn.apache.org/viewvc?rev=1004409&view=rev
+ http://svn.apache.org/viewvc?rev=1004415&view=rev
+ +1: timw
+ -1:
+
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org