remm 2002/11/06 05:27:54 Modified: catalina/src/share/org/apache/catalina/core ApplicationContext.java Log: - Should fix bug 13583. - Normalize request dispatcher path. Revision Changes Path 1.5 +24 -23 jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/ApplicationContext.java Index: ApplicationContext.java =================================================================== RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/ApplicationContext.java,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- ApplicationContext.java 23 Oct 2002 19:57:30 -0000 1.4 +++ ApplicationContext.java 6 Nov 2002 13:27:54 -0000 1.5 @@ -542,7 +542,8 @@ if (!path.startsWith("/")) throw new IllegalArgumentException (sm.getString("applicationContext.requestDispatcher.iae", path)); - if (normalize(path) == null) + path = normalize(path); + if (path == null) return (null); // Construct a "fake" request to be mapped by our Context @@ -1019,26 +1020,26 @@ */ private String normalize(String path) { - String normalized = path; + String normalized = path; - // Normalize the slashes and add leading slash if necessary - if (normalized.indexOf('\\') >= 0) - normalized = normalized.replace('\\', '/'); - - // Resolve occurrences of "/../" in the normalized path - while (true) { - int index = normalized.indexOf("/../"); - if (index < 0) - break; - if (index == 0) - return (null); // Trying to go outside our context - int index2 = normalized.lastIndexOf('/', index - 1); - normalized = normalized.substring(0, index2) + - normalized.substring(index + 3); - } + // Normalize the slashes and add leading slash if necessary + if (normalized.indexOf('\\') >= 0) + normalized = normalized.replace('\\', '/'); + + // Resolve occurrences of "/../" in the normalized path + while (true) { + int index = normalized.indexOf("/../"); + if (index < 0) + break; + if (index == 0) + return (null); // Trying to go outside our context + int index2 = normalized.lastIndexOf('/', index - 1); + normalized = normalized.substring(0, index2) + + normalized.substring(index + 3); + } - // Return the normalized path that we have completed - return (normalized); + // Return the normalized path that we have completed + return (normalized); }
-- To unsubscribe, e-mail: <mailto:tomcat-dev-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:tomcat-dev-help@;jakarta.apache.org>