jfarcand 2002/10/25 07:00:35
Modified: http11/src/java/org/apache/coyote/http11
Http11Processor.java
Log:
[Securit Audit] Protect the addFilter method since it give direct access to
Class.forName. Did not find any use of that method.
Revision Changes Path
1.42 +1 -1
jakarta-tomcat-connectors/http11/src/java/org/apache/coyote/http11/Http11Processor.java
Index: Http11Processor.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-connectors/http11/src/java/org/apache/coyote/http11/Http11Processor.java,v
retrieving revision 1.41
retrieving revision 1.42
diff -u -r1.41 -r1.42
--- Http11Processor.java 10 Oct 2002 13:14:55 -0000 1.41
+++ Http11Processor.java 25 Oct 2002 14:00:35 -0000 1.42
@@ -253,7 +253,7 @@
*
* @param className class name of the filter
*/
- public void addFilter(String className) {
+ protected void addFilter(String className) {
try {
Class clazz = Class.forName(className);
Object obj = clazz.newInstance();
--
To unsubscribe, e-mail: <mailto:tomcat-dev-unsubscribe@;jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@;jakarta.apache.org>
