jfarcand 2003/06/23 12:14:41 Modified: catalina/src/share/org/apache/coyote/tomcat5 CoyoteResponse.java catalina/src/share/org/apache/catalina/security SecurityClassLoad.java Log: Add missing doPrivileged block and inner classes that need to be loaded at startup when the SecurityManager is turned on. Revision Changes Path 1.5 +25 -5 jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5/CoyoteResponse.java Index: CoyoteResponse.java =================================================================== RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5/CoyoteResponse.java,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- CoyoteResponse.java 19 May 2003 23:06:46 -0000 1.4 +++ CoyoteResponse.java 23 Jun 2003 19:14:41 -0000 1.5 @@ -69,6 +69,9 @@ import java.io.OutputStream; import java.io.PrintWriter; import java.net.MalformedURLException; +import java.security.AccessController; +import java.security.PrivilegedExceptionAction; +import java.security.PrivilegedActionException; import java.text.SimpleDateFormat; import java.util.ArrayList; import java.util.Date; @@ -1388,7 +1391,23 @@ String relativePath = request.getDecodedRequestURI(); int pos = relativePath.lastIndexOf('/'); relativePath = relativePath.substring(0, pos); - String encodedURI = urlEncoder.encodeURL(relativePath); + + String encodedURI = null; + final String frelativePath = relativePath; + if (System.getSecurityManager() != null ){ + try{ + encodedURI = (String)AccessController.doPrivileged( + new PrivilegedExceptionAction(){ + public Object run() throws IOException{ + return urlEncoder.encodeURL(frelativePath); + } + }); + } catch (PrivilegedActionException pae){ + throw new IllegalArgumentException(location); + } + } else { + encodedURI = urlEncoder.encodeURL(relativePath); + } redirectURLCC.append(encodedURI, 0, encodedURI.length()); redirectURLCC.append('/'); } @@ -1446,3 +1465,4 @@ } + 1.8 +13 -4 jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security/SecurityClassLoad.java Index: SecurityClassLoad.java =================================================================== RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security/SecurityClassLoad.java,v retrieving revision 1.7 retrieving revision 1.8 diff -u -r1.7 -r1.8 --- SecurityClassLoad.java 16 Jun 2003 21:42:40 -0000 1.7 +++ SecurityClassLoad.java 23 Jun 2003 19:14:41 -0000 1.8 @@ -116,6 +116,9 @@ loader.loadClass (basePackage + "loader.WebappClassLoader$PrivilegedFindResource"); + loader.loadClass + (basePackage + + "session.StandardManager$PrivilegedDoUnload"); } @@ -211,6 +214,12 @@ loader.loadClass (basePackage + "CoyoteInputStream$5"); + loader.loadClass + (basePackage + + "InputBuffer$1"); + loader.loadClass + (basePackage + + "CoyoteResponse$1"); } }
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]