cvs commit: jakarta-tomcat/src/share/org/apache/tomcat/core ContextManager.java

Tue, 20 Mar 2001 14:03:45 -0800 

larryi      01/03/20 11:01:51

  Modified:    src/share/org/apache/tomcat/core Tag: tomcat_32
                        ContextManager.java
  Log:
  Fix an additional location for the security vulnerability reported by Hiromitsu
  Takagi.  See changes for DefaultCMSetter.java version 1.45.2.10.
  
  Submitted by: Kazuhiro Kazama
  
  Revision  Changes    Path
  No                   revision
  
  
  No                   revision
  
  
  1.100.2.22 +2 -2      
jakarta-tomcat/src/share/org/apache/tomcat/core/ContextManager.java
  
  Index: ContextManager.java
  ===================================================================
  RCS file: 
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/core/ContextManager.java,v
  retrieving revision 1.100.2.21
  retrieving revision 1.100.2.22
  diff -u -r1.100.2.21 -r1.100.2.22
  --- ContextManager.java       2001/01/12 04:39:03     1.100.2.21
  +++ ContextManager.java       2001/03/20 19:01:43     1.100.2.22
  @@ -1221,7 +1221,7 @@
                          .append("</h1>\r\n<b>");
                 buf.append(sm.getString("defaulterrorpage.originalrequest"))
                          .append("</b> ")
  -                       .append( requestURI );
  +                       .append(RequestUtil.filter(requestURI));
   
                 if (getShowDebugInfo()) {
                          if (res.isIncluded()) {
  @@ -1232,7 +1232,7 @@
                         buf.append("<br><br>\r\n<b>")
                                  
.append(sm.getString("defaulterrorpage.notfoundrequest"))
                                  .append("</b> ")
  -                               .append( requestURI );
  +                               .append(RequestUtil.filter(requestURI));
                          }
                 }

Reply via email to