View | Details | Raw Unified | Return to bug 43079
Collapse All | Expand All

(-)catalina/src/share/org/apache/catalina/deploy/SecurityCollection.java (-2 / +3 lines)
Lines 190-199 Link Here
190
190
191
        // Bugzilla 34805: add friendly warning.
191
        // Bugzilla 34805: add friendly warning.
192
        if(pattern.endsWith("*")) {
192
        if(pattern.endsWith("*")) {
193
          if (pattern.charAt(pattern.length()-1) != '/') {
193
          // Bugzilla 43079: pattern verification broken
194
          if (pattern.length() < 2 || pattern.charAt(pattern.length()-2) != '/') {
194
            if (log.isDebugEnabled()) {
195
            if (log.isDebugEnabled()) {
195
              log.warn("Suspicious url pattern: \"" + pattern + "\"" +
196
              log.warn("Suspicious url pattern: \"" + pattern + "\"" +
196
                       " - see http://java.sun.com/aboutJava/communityprocess/first/jsr053/servlet23_PFD.pdf" +
197
                       " - see http://jcp.org/aboutJava/communityprocess/final/jsr154/index.html" +
197
                       "  section 11.2" );
198
                       "  section 11.2" );
198
            }
199
            }
199
          }
200
          }

Return to bug 43079