Summary: | pattern verification broken | ||
---|---|---|---|
Product: | Tomcat 5 | Reporter: | Marius Scurtescu <marius.scurtescu> |
Component: | Catalina | Assignee: | Tomcat Developers Mailing List <dev> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | ngrigoriev |
Priority: | P2 | ||
Version: | 5.5.23 | ||
Target Milestone: | --- | ||
Hardware: | Other | ||
OS: | other | ||
Attachments: |
Patch to SecurityCollection.java to fix the Suspicious warning messages
Modified patch to SecurityCollection w/ better link Patch: fixed possible indexOutOfBounds Exception for url-patterns which are just '*' |
Description
Marius Scurtescu
2007-08-09 15:12:32 UTC
Created attachment 20640 [details]
Patch to SecurityCollection.java to fix the Suspicious warning messages
I tested this on tc5.5x without and there were decent number of errant warnings
for any '/*' patterns. This patch removed them.
Also, if possible, in the log message you may want to point to the servlet 2.4 documentation, since this is what tomcat 5.5 supports. Currently it is pointing to a servlet 2.3 pdf document. Comment on attachment 20640 [details]
Patch to SecurityCollection.java to fix the Suspicious warning messages
old patch
Created attachment 20820 [details]
Modified patch to SecurityCollection w/ better link
Added a slightly better link to the documentation. referenced this bug.
Created attachment 20821 [details]
Patch: fixed possible indexOutOfBounds Exception for url-patterns which are just '*'
Found a bug in the original patch. It didn't check if the length was < 2. This
is a bad url, so we also print the error under these conditions.
Thanks for the patch. This has been fixed in trunk and proposed for 6.0.x and 5.5.x This has been fixed in 6.0.x and will be included in 6.0.17 onwards. This has been fixed in 5.5.x and will be included in 5.5.27 onwards. |