On 31/08/17 17:03, Constantin Erckenbrecht wrote:
> Hi,
>
> A change in 7.0.81/7.0.80 changed the File resolution in VirtualDirContext.
>
> In 7.0.79 and before it was possible to use paths with /../ or any other
> non-canonical path. This was particularly useful when using placeholders
> that are being replaced at compile time like
>
> extraResourcePaths="/=${project.basedir}/../some/other/dir”
>
> The new calls to validate(File file, boolean mustExist, String
> absoluteBase) prevent this, as inside the validate method the file name is
> canocialized and compared against the absoluteBase path, which is not being
> canonicalized.
>
> Hence, when using a non-canonical path as an extraResourcePath the validate
> function incorrectly assumes that the requested file is outside the
> application root.
>
> Any chance that this can be fixed?
Fixed in 7.0.x for 7.0.82 onwards.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
