Return-Path: X-Original-To: apmail-tomcat-dev-archive@www.apache.org Delivered-To: apmail-tomcat-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id E4A1FD0C1 for ; Tue, 18 Sep 2012 15:49:09 +0000 (UTC) Received: (qmail 55595 invoked by uid 500); 18 Sep 2012 15:49:09 -0000 Delivered-To: apmail-tomcat-dev-archive@tomcat.apache.org Received: (qmail 55524 invoked by uid 500); 18 Sep 2012 15:49:09 -0000 Mailing-List: contact dev-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Developers List" Delivered-To: mailing list dev@tomcat.apache.org Received: (qmail 55510 invoked by uid 99); 18 Sep 2012 15:49:09 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 18 Sep 2012 15:49:09 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.115] (HELO eir.zones.apache.org) (140.211.11.115) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 18 Sep 2012 15:49:07 +0000 Received: by eir.zones.apache.org (Postfix, from userid 80) id C58E4A801; Tue, 18 Sep 2012 15:48:47 +0000 (UTC) From: bugzilla@apache.org To: dev@tomcat.apache.org Subject: [Bug 53891] New: Problem in Tomcat 6.x and 7.x Windows version permit access to WEB-INF Date: Tue, 18 Sep 2012 15:48:47 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Tomcat 6 X-Bugzilla-Component: Native:Integration X-Bugzilla-Keywords: X-Bugzilla-Severity: major X-Bugzilla-Who: marcos.rivera@intelygenz.com X-Bugzilla-Status: NEW X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: dev@tomcat.apache.org X-Bugzilla-Target-Milestone: default X-Bugzilla-Changed-Fields: priority bug_id assigned_to short_desc bug_severity classification op_sys reporter rep_platform bug_status version component product Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: https://issues.apache.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-Virus-Checked: Checked by ClamAV on apache.org https://issues.apache.org/bugzilla/show_bug.cgi?id=53891 Priority: P2 Bug ID: 53891 Assignee: dev@tomcat.apache.org Summary: Problem in Tomcat 6.x and 7.x Windows version permit access to WEB-INF Severity: major Classification: Unclassified OS: Windows XP Reporter: marcos.rivera@intelygenz.com Hardware: PC Status: NEW Version: unspecified Component: Native:Integration Product: Tomcat 6 Hi, There is a problem with Tomcat 6.x / 7.x for Windows that allows access to the WEB-INF folder when a "." is added at the end of WEB-INF in a URL Example: http://www.somedomain.com/WEB-INF./web.xml -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org For additional commands, e-mail: dev-help@tomcat.apache.org