tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Remy Maucherat" <r...@apache.org>
Subject Re: cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/http HttpProcessor.java
Date Tue, 17 Jul 2001 03:35:07 GMT
> >   +        // Prevent encoding '%', '/', '.' and '\', which are
> > special reserved
> >   +        // characters
> >   +        if ((normalized.indexOf("%25") > 0) ||
> > (normalized.indexOf("%2F") > 0)
> >   +            || (normalized.indexOf("%2E") > 0)
> >   +            || (normalized.indexOf("%5C") > 0)) {
> >   +            return null;
> >   +        }
>
> I think these comparisons should be >= instead of >.

If any of you can still commit, can you please fix it (I can't do anything
CVS related at the moment).

Remy


Mime
View raw message