This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new f86cb234c2 Use getPathPrefix() consistently
f86cb234c2 is described below
commit f86cb234c27b5985117aa08350cd250429340299
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Thu Oct 3 14:36:47 2024 +0100
Use getPathPrefix() consistently
If WebDAV editing is enabled at a sepcific sub-path, getPathPrefix()
needs to be used to ensure paths are processed correctly.
---
java/org/apache/catalina/servlets/WebdavServlet.java | 8 ++++----
webapps/docs/changelog.xml | 5 +++++
2 files changed, 9 insertions(+), 4 deletions(-)
diff --git a/java/org/apache/catalina/servlets/WebdavServlet.java
b/java/org/apache/catalina/servlets/WebdavServlet.java
index 13cfe8240f..c434b82277 100644
--- a/java/org/apache/catalina/servlets/WebdavServlet.java
+++ b/java/org/apache/catalina/servlets/WebdavServlet.java
@@ -1466,14 +1466,14 @@ public class WebdavServlet extends DefaultServlet
implements PeriodicEventListen
}
// Cross-context operations aren't supported
- String reqContextPath = req.getContextPath();
+ String reqContextPath = getPathPrefix(req);
if (!destinationPath.startsWith(reqContextPath + "/")) {
resp.sendError(WebdavStatus.SC_FORBIDDEN);
return false;
}
// Remove context path & servlet path
- destinationPath = destinationPath.substring(reqContextPath.length() +
req.getServletPath().length());
+ destinationPath = destinationPath.substring(reqContextPath.length());
if (debug > 0) {
log("Dest path: " + destinationPath);
@@ -1824,7 +1824,7 @@ public class WebdavServlet extends DefaultServlet
implements PeriodicEventListen
generatedXML.writeElement("D", "response", XMLWriter.OPENING);
generatedXML.writeElement("D", "href", XMLWriter.OPENING);
- generatedXML.writeText(req.getContextPath() + errorPath);
+ generatedXML.writeText(getPathPrefix(req) + errorPath);
generatedXML.writeElement("D", "href", XMLWriter.CLOSING);
generatedXML.writeElement("D", "status", XMLWriter.OPENING);
@@ -1866,7 +1866,7 @@ public class WebdavServlet extends DefaultServlet
implements PeriodicEventListen
return;
}
- String href = req.getContextPath() + req.getServletPath();
+ String href = getPathPrefix(req);
if ((href.endsWith("/")) && (path.startsWith("/"))) {
href += path.substring(1);
} else {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index a2a5e2dd80..16e8fc3fe5 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -160,6 +160,11 @@
collection via WebDAV fails. Empty directories that cannot be deleted
will now be included in the response. (markt)
</fix>
+ <fix>
+ <bug>69363</bug>: Use <code>getPathPrefix()</code> consistently in the
+ WebDAV servlet to ensure that the correct path is used when the WebDAV
+ servlet is mounted at a sub-path within the web application. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Coyote">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
