DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=21395>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=21395 [PATCH] don't normalize away /foo/.. for files as foo may be a symlink ------- Additional Comments From [EMAIL PROTECTED] 2003-07-11 10:48 ------- OK, can we either (1) close this one or (2) get to consensus. If the proposed patch has already been applied, then close it. If not I suggest this: If this can be made configurable via URIAbsolutizer (as Bruno says), go for that solution. -1 withdrawn. (My greatest fear is that non-normalized paths means that someone will map the uri "somestuff/**" to "/usr/local/somedir/somestuff/{1}" (for example, via a Cocoon Reader), and then realize that {1} may expand to "../../../../../../etc/passwd". However, if the normalize/non-normalize behaviour is configurable, then that someone only have themselves to blame.) --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
