Re: svn commit: r1494915 - in /tomcat/trunk: java/org/apache/catalina/ java/org/apache/catalina/core/ java/org/apache/catalina/deploy/ java/org/apache/catalina/startup/ test/org/apache/catalina/core/

Violeta Georgieva Thu, 20 Jun 2013 20:58:22 -0700

2013/6/20 <ma...@apache.org>
>
> Author: markt
> Date: Thu Jun 20 10:38:49 2013
> New Revision: 1494915
>
> URL: http://svn.apache.org/r1494915
> Log:
> Servlet 3.1 Implement the new deny-uncovered-http-methods element in
server.xml
>


That's for the xml but what about annotations?
We are processing them when loading the servlet.
Shouldn't we add check for uncovered methods to the
o.a.catalina.core.StandardContext.addServletSecurity(...):

Index: C:/tc8.0.x/java/org/apache/catalina/core/StandardContext.java
===================================================================
--- C:/tc8.0.x/java/org/apache/catalina/core/StandardContext.java (revision
1495273)
+++ C:/tc8.0.x/java/org/apache/catalina/core/StandardContext.java (working
copy)
@@ -5828,6 +5828,7 @@
                         newSecurityConstraints) {
                     addConstraint(securityConstraint);
                 }
+                checkConstraintsForUncoveredMethods();
             }
         }

Re: svn commit: r1494915 - in /tomcat/trunk: java/org/apache/catalina/ java/org/apache/catalina/core/ java/org/apache/catalina/deploy/ java/org/apache/catalina/startup/ test/org/apache/catalina/core/

Reply via email to