tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From r...@apache.org
Subject cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/servlets DefaultServlet.java LocalStrings.properties
Date Tue, 08 Oct 2002 07:56:04 GMT
remm        2002/10/08 00:56:04

  Modified:    catalina/src/share/org/apache/catalina/servlets Tag:
                        tomcat_40_branch DefaultServlet.java
                        LocalStrings.properties
  Log:
  - Add additional safeguards for 4.0.x.
  
  Revision  Changes    Path
  No                   revision
  
  
  No                   revision
  
  
  1.39.2.7  +22 -4     jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/servlets/DefaultServlet.java
  
  Index: DefaultServlet.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/servlets/DefaultServlet.java,v
  retrieving revision 1.39.2.6
  retrieving revision 1.39.2.7
  diff -u -r1.39.2.6 -r1.39.2.7
  --- DefaultServlet.java	18 Apr 2002 03:08:04 -0000	1.39.2.6
  +++ DefaultServlet.java	8 Oct 2002 07:56:04 -0000	1.39.2.7
  @@ -97,6 +97,7 @@
   import javax.servlet.ServletException;
   import javax.servlet.ServletContext;
   import javax.servlet.ServletOutputStream;
  +import javax.servlet.UnavailableException;
   import javax.servlet.http.HttpServlet;
   import javax.servlet.http.HttpServletRequest;
   import javax.servlet.http.HttpServletResponse;
  @@ -515,6 +516,11 @@
           if (debug > 999)
               showRequestInfo(request);
   
  +        // Verify that we were not accessed using the invoker servlet
  +        if (request.getAttribute(Globals.INVOKED_ATTR) != null)
  +            throw new UnavailableException
  +                (sm.getString("defaultServlet.cannotInvoke"));
  +
           // Serve the requested resource, including the data content
           serveResource(request, response, true);
   
  @@ -534,6 +540,11 @@
                             HttpServletResponse response)
           throws IOException, ServletException {
   
  +        // Verify that we were not accessed using the invoker servlet
  +        if (request.getAttribute(Globals.INVOKED_ATTR) != null)
  +            throw new UnavailableException
  +                (sm.getString("defaultServlet.cannotInvoke"));
  +
           // Serve the requested resource, without the data content
           serveResource(request, response, false);
   
  @@ -552,7 +563,14 @@
       protected void doPost(HttpServletRequest request,
                             HttpServletResponse response)
           throws IOException, ServletException {
  +
  +        // Verify that we were not accessed using the invoker servlet
  +        if (request.getAttribute(Globals.INVOKED_ATTR) != null)
  +            throw new UnavailableException
  +                (sm.getString("defaultServlet.cannotInvoke"));
  +
           doGet(request, response);
  +
       }
   
   
  
  
  
  1.9.2.1   +1 -0      jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/servlets/LocalStrings.properties
  
  Index: LocalStrings.properties
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/servlets/LocalStrings.properties,v
  retrieving revision 1.9
  retrieving revision 1.9.2.1
  diff -u -r1.9 -r1.9.2.1
  --- LocalStrings.properties	15 Sep 2001 23:31:30 -0000	1.9
  +++ LocalStrings.properties	8 Oct 2002 07:56:04 -0000	1.9.2.1
  @@ -1,3 +1,4 @@
  +defaultServlet.cannotInvoke=Cannot invoke default servlet through invoker
   defaultservlet.directorylistingfor=Directory Listing for:
   defaultservlet.upto=Up to:
   defaultservlet.subdirectories=Subdirectories:
  
  
  

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message