tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lar...@apache.org
Subject cvs commit: jakarta-tomcat/src/share/org/apache/tomcat/core ContextManager.java
Date Tue, 20 Mar 2001 19:01:53 GMT
larryi      01/03/20 11:01:51

  Modified:    src/share/org/apache/tomcat/core Tag: tomcat_32
                        ContextManager.java
  Log:
  Fix an additional location for the security vulnerability reported by Hiromitsu
  Takagi.  See changes for DefaultCMSetter.java version 1.45.2.10.
  
  Submitted by: Kazuhiro Kazama
  
  Revision  Changes    Path
  No                   revision
  
  
  No                   revision
  
  
  1.100.2.22 +2 -2      jakarta-tomcat/src/share/org/apache/tomcat/core/ContextManager.java
  
  Index: ContextManager.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/core/ContextManager.java,v
  retrieving revision 1.100.2.21
  retrieving revision 1.100.2.22
  diff -u -r1.100.2.21 -r1.100.2.22
  --- ContextManager.java	2001/01/12 04:39:03	1.100.2.21
  +++ ContextManager.java	2001/03/20 19:01:43	1.100.2.22
  @@ -1221,7 +1221,7 @@
   			  .append("</h1>\r\n<b>");
   		 buf.append(sm.getString("defaulterrorpage.originalrequest"))
   			  .append("</b> ")
  -			  .append( requestURI );
  +			  .append(RequestUtil.filter(requestURI));
   
   		 if (getShowDebugInfo()) {
   			  if (res.isIncluded()) {
  @@ -1232,7 +1232,7 @@
   			 buf.append("<br><br>\r\n<b>")
   				  .append(sm.getString("defaulterrorpage.notfoundrequest"))
   				  .append("</b> ")
  -				  .append( requestURI );
  +				  .append(RequestUtil.filter(requestURI));
   			  }
   		 }
   
  
  
  

Mime
View raw message