https://bz.apache.org/bugzilla/show_bug.cgi?id=63104
Mark Thomas <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |RESOLVED Resolution|--- |WONTFIX --- Comment #3 from Mark Thomas <[email protected]> --- Change in behaviour between major versions is to be expected. To repeat: Tomcat has opted to throw an IAE in an attempt to make it clear that something has gone badly wrong. Trying to step outside the web application root can be an indication of a path traversal attack. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
