Author: markt Date: Fri Jan 26 20:11:52 2018 New Revision: 1822342 URL: http://svn.apache.org/viewvc?rev=1822342&view=rev Log: Generate the correct allow header for a 405 response to a TRACE request to a JSP page.
Modified: tomcat/trunk/java/org/apache/catalina/core/StandardWrapper.java tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/java/org/apache/catalina/core/StandardWrapper.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/StandardWrapper.java?rev=1822342&r1=1822341&r2=1822342&view=diff ============================================================================== --- tomcat/trunk/java/org/apache/catalina/core/StandardWrapper.java (original) +++ tomcat/trunk/java/org/apache/catalina/core/StandardWrapper.java Fri Jan 26 20:11:52 2018 @@ -562,28 +562,34 @@ public class StandardWrapper extends Con } Set<String> allow = new HashSet<>(); - allow.add("TRACE"); allow.add("OPTIONS"); - Method[] methods = getAllDeclaredMethods(servletClazz); - for (int i=0; methods != null && i<methods.length; i++) { - Method m = methods[i]; - - if (m.getName().equals("doGet")) { - allow.add("GET"); - allow.add("HEAD"); - } else if (m.getName().equals("doPost")) { - allow.add("POST"); - } else if (m.getName().equals("doPut")) { - allow.add("PUT"); - } else if (m.getName().equals("doDelete")) { - allow.add("DELETE"); + if (isJspServlet) { + allow.add("GET"); + allow.add("HEAD"); + allow.add("POST"); + } else { + allow.add("TRACE"); + + Method[] methods = getAllDeclaredMethods(servletClazz); + for (int i=0; methods != null && i<methods.length; i++) { + Method m = methods[i]; + + if (m.getName().equals("doGet")) { + allow.add("GET"); + allow.add("HEAD"); + } else if (m.getName().equals("doPost")) { + allow.add("POST"); + } else if (m.getName().equals("doPut")) { + allow.add("PUT"); + } else if (m.getName().equals("doDelete")) { + allow.add("DELETE"); + } } } String[] methodNames = new String[allow.size()]; return allow.toArray(methodNames); - } Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1822342&r1=1822341&r2=1822342&view=diff ============================================================================== --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Fri Jan 26 20:11:52 2018 @@ -79,6 +79,10 @@ Pass 404 errors triggered by a missing ROOT web application to the container error handling to generate the response body. (markt) </add> + <fix> + Provide a correct <code>Allow</code> header when responding to an HTTP + <code>TRACE</code> request for a JSP with a 405 status code. (markt) + </fix> </changelog> </subsection> <subsection name="Coyote"> --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org