https://issues.apache.org/bugzilla/show_bug.cgi?id=50026
--- Comment #6 from balusc <bal...@gmail.com> 2010-10-03 11:59:03 EDT --- @Tim: that was one of my answers over there :) This issue is by the way triggered by another Stackoverflow question (so it was not my intent to (ab)use the default servlet like that) http://stackoverflow.com/questions/3822524/tomcat-serving-static-content (I have also answered over there). I personally can live with the WONTFIX, but this leaves a huge security hole for companies/ones who are using the DefaultServlet this way. This should probably better be documented in DefaultServlet's javadoc/manual. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
