You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@tomee.apache.org by tv...@apache.org on 2013/09/27 19:21:55 UTC

svn commit: r1526986 - in /tomee/tomee/trunk/tomee/tomee-webapp/src/main: java/org/apache/tomee/webapp/installer/InstallerServlet.java webapp/WEB-INF/web.xml

Author: tveronezi
Date: Fri Sep 27 17:21:55 2013
New Revision: 1526986

URL: http://svn.apache.org/r1526986
Log:
https://issues.apache.org/jira/browse/TOMEE-1036
* escape valid json string
* static libraries should not be protected

Modified:
    tomee/tomee/trunk/tomee/tomee-webapp/src/main/java/org/apache/tomee/webapp/installer/InstallerServlet.java
    tomee/tomee/trunk/tomee/tomee-webapp/src/main/webapp/WEB-INF/web.xml

Modified: tomee/tomee/trunk/tomee/tomee-webapp/src/main/java/org/apache/tomee/webapp/installer/InstallerServlet.java
URL: http://svn.apache.org/viewvc/tomee/tomee/trunk/tomee/tomee-webapp/src/main/java/org/apache/tomee/webapp/installer/InstallerServlet.java?rev=1526986&r1=1526985&r2=1526986&view=diff
==============================================================================
--- tomee/tomee/trunk/tomee/tomee-webapp/src/main/java/org/apache/tomee/webapp/installer/InstallerServlet.java (original)
+++ tomee/tomee/trunk/tomee/tomee-webapp/src/main/java/org/apache/tomee/webapp/installer/InstallerServlet.java Fri Sep 27 17:21:55 2013
@@ -30,7 +30,7 @@ import java.util.Map;
 public class InstallerServlet extends HttpServlet {
 
     private String escape(String str) {
-        return str.replaceAll("\"", "\\\"").replaceAll("\\\\", "\\\\");
+        return str.replaceAll("\"", "\\\\\"").replaceAll("\\\\", "\\\\\\\\");
     }
 
     private String getJsonList(List<Map<String, String>> list) {

Modified: tomee/tomee/trunk/tomee/tomee-webapp/src/main/webapp/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/tomee/tomee/trunk/tomee/tomee-webapp/src/main/webapp/WEB-INF/web.xml?rev=1526986&r1=1526985&r2=1526986&view=diff
==============================================================================
--- tomee/tomee/trunk/tomee/tomee-webapp/src/main/webapp/WEB-INF/web.xml (original)
+++ tomee/tomee/trunk/tomee/tomee-webapp/src/main/webapp/WEB-INF/web.xml Fri Sep 27 17:21:55 2013
@@ -59,6 +59,12 @@
   </security-constraint>
   <security-constraint>
     <web-resource-collection>
+      <web-resource-name>Static Content</web-resource-name>
+      <url-pattern>/app/lib/*</url-pattern>
+    </web-resource-collection>
+  </security-constraint>
+  <security-constraint>
+    <web-resource-collection>
       <web-resource-name>Application</web-resource-name>
       <url-pattern>/*</url-pattern>
     </web-resource-collection>