svn commit: r1628197 - in /tomcat/trunk: java/org/apache/catalina/ java/org/apache/catalina/loader/ java/org/apache/catalina/webresources/ webapps/docs/

markt Mon, 29 Sep 2014 07:42:58 -0700

Author: markt
Date: Mon Sep 29 14:42:11 2014
New Revision: 1628197

URL: http://svn.apache.org/r1628197
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=57038
Add a WebResource.getCoseBase() method, implement for all WebResource 
implementations and then use it in the web application class loader to set the 
correct code base for  resources loaded from JARs and WARs.


Modified:
    tomcat/trunk/java/org/apache/catalina/WebResource.java
    tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java
    
tomcat/trunk/java/org/apache/catalina/webresources/AbstractArchiveResource.java
    tomcat/trunk/java/org/apache/catalina/webresources/CachedResource.java
    tomcat/trunk/java/org/apache/catalina/webresources/EmptyResource.java
    tomcat/trunk/java/org/apache/catalina/webresources/FileResource.java
    tomcat/trunk/java/org/apache/catalina/webresources/JarResource.java
    tomcat/trunk/java/org/apache/catalina/webresources/JarResourceRoot.java
    tomcat/trunk/java/org/apache/catalina/webresources/JarWarResource.java
    tomcat/trunk/webapps/docs/changelog.xml

Modified: tomcat/trunk/java/org/apache/catalina/WebResource.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/WebResource.java?rev=1628197&r1=1628196&r2=1628197&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/WebResource.java (original)
+++ tomcat/trunk/java/org/apache/catalina/WebResource.java Mon Sep 29 14:42:11 
2014
@@ -137,6 +137,13 @@ public interface WebResource {
     URL getURL();
 
     /**
+     * Get code base for this resource that will be used when looking up the
+     * assigned permissions for the code base in the security policy file when
+     * running under a security manager.
+     */
+    URL getCodeBase();
+
+    /**
      * Obtain a reference to the WebResourceRoot of which this WebResource is a
      * part.
      */

Modified: 
tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java?rev=1628197&r1=1628196&r2=1628197&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java 
(original)
+++ tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java Mon 
Sep 29 14:42:11 2014
@@ -2534,7 +2534,7 @@ public abstract class WebappClassLoaderB
 
         entry = new ResourceEntry();
         entry.source = resource.getURL();
-        entry.codeBase = entry.source;
+        entry.codeBase = resource.getCodeBase();
         entry.lastModified = resource.getLastModified();
 
         if (needConvert && path.endsWith(".properties")) {

Modified: 
tomcat/trunk/java/org/apache/catalina/webresources/AbstractArchiveResource.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/webresources/AbstractArchiveResource.java?rev=1628197&r1=1628196&r2=1628197&view=diff
==============================================================================
--- 
tomcat/trunk/java/org/apache/catalina/webresources/AbstractArchiveResource.java 
(original)
+++ 
tomcat/trunk/java/org/apache/catalina/webresources/AbstractArchiveResource.java 
Mon Sep 29 14:42:11 2014
@@ -33,18 +33,20 @@ public abstract class AbstractArchiveRes
     private final String baseUrl;
     private final JarEntry resource;
     private final Manifest manifest;
+    private final String codeBaseUrl;
     private final String name;
     private boolean readCerts = false;
     private Certificate[] certificates;
 
     protected AbstractArchiveResource(WebResourceRoot root, String webAppPath,
             String base, String baseUrl, JarEntry jarEntry,
-            String internalPath, Manifest manifest) {
+            String internalPath, Manifest manifest, String codeBaseUrl) {
         super(root, webAppPath);
         this.base = base;
         this.baseUrl = baseUrl;
         this.resource = jarEntry;
         this.manifest = manifest;
+        this.codeBaseUrl = codeBaseUrl;
 
         String resourceName = resource.getName();
         if (resourceName.charAt(resourceName.length() - 1) == '/') {
@@ -132,12 +134,24 @@ public abstract class AbstractArchiveRes
 
     @Override
     public URL getURL() {
+        String url = baseUrl + "!/" + resource.getName();
         try {
-            return new URL(baseUrl + "!/" + resource.getName());
+            return new URL(url);
         } catch (MalformedURLException e) {
             if (getLog().isDebugEnabled()) {
-                getLog().debug(sm.getString("fileResource.getUrlFail",
-                        resource.getName(), baseUrl), e);
+                getLog().debug(sm.getString("fileResource.getUrlFail", url), 
e);
+            }
+            return null;
+        }
+    }
+
+    @Override
+    public URL getCodeBase() {
+        try {
+            return new URL(codeBaseUrl);
+        } catch (MalformedURLException e) {
+            if (getLog().isDebugEnabled()) {
+                getLog().debug(sm.getString("fileResource.getUrlFail", 
codeBaseUrl), e);
             }
             return null;
         }

Modified: tomcat/trunk/java/org/apache/catalina/webresources/CachedResource.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/webresources/CachedResource.java?rev=1628197&r1=1628196&r2=1628197&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/webresources/CachedResource.java 
(original)
+++ tomcat/trunk/java/org/apache/catalina/webresources/CachedResource.java Mon 
Sep 29 14:42:11 2014
@@ -296,6 +296,11 @@ public class CachedResource implements W
     }
 
     @Override
+    public URL getCodeBase() {
+        return webResource.getCodeBase();
+    }
+
+    @Override
     public Certificate[] getCertificates() {
         return webResource.getCertificates();
     }

Modified: tomcat/trunk/java/org/apache/catalina/webresources/EmptyResource.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/webresources/EmptyResource.java?rev=1628197&r1=1628196&r2=1628197&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/webresources/EmptyResource.java 
(original)
+++ tomcat/trunk/java/org/apache/catalina/webresources/EmptyResource.java Mon 
Sep 29 14:42:11 2014
@@ -151,6 +151,11 @@ public class EmptyResource implements We
     }
 
     @Override
+    public URL getCodeBase() {
+        return null;
+    }
+
+    @Override
     public Certificate[] getCertificates() {
         return null;
     }

Modified: tomcat/trunk/java/org/apache/catalina/webresources/FileResource.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/webresources/FileResource.java?rev=1628197&r1=1628196&r2=1628197&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/webresources/FileResource.java 
(original)
+++ tomcat/trunk/java/org/apache/catalina/webresources/FileResource.java Mon 
Sep 29 14:42:11 2014
@@ -207,6 +207,11 @@ public class FileResource extends Abstra
     }
 
     @Override
+    public URL getCodeBase() {
+        return getURL();
+    }
+
+    @Override
     public Certificate[] getCertificates() {
         return null;
     }

Modified: tomcat/trunk/java/org/apache/catalina/webresources/JarResource.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/webresources/JarResource.java?rev=1628197&r1=1628196&r2=1628197&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/webresources/JarResource.java 
(original)
+++ tomcat/trunk/java/org/apache/catalina/webresources/JarResource.java Mon Sep 
29 14:42:11 2014
@@ -38,7 +38,7 @@ public class JarResource extends Abstrac
             String baseUrl, JarEntry jarEntry, String internalPath,
             Manifest manifest) {
         super(root, webAppPath, base, "jar:" + baseUrl, jarEntry, internalPath,
-                manifest);
+                manifest, baseUrl);
     }
 
     @Override

Modified: 
tomcat/trunk/java/org/apache/catalina/webresources/JarResourceRoot.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/webresources/JarResourceRoot.java?rev=1628197&r1=1628196&r2=1628197&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/webresources/JarResourceRoot.java 
(original)
+++ tomcat/trunk/java/org/apache/catalina/webresources/JarResourceRoot.java Mon 
Sep 29 14:42:11 2014
@@ -122,18 +122,29 @@ public class JarResourceRoot extends Abs
 
     @Override
     public URL getURL() {
+        String url = baseUrl + "!/";
         try {
-            return new URL(baseUrl + "!/");
+            return new URL(url);
         } catch (MalformedURLException e) {
             if (log.isDebugEnabled()) {
-                log.debug(sm.getString("fileResource.getUrlFail",
-                        "", baseUrl), e);
+                log.debug(sm.getString("fileResource.getUrlFail", url), e);
             }
             return null;
         }
     }
 
     @Override
+    public URL getCodeBase() {
+        try {
+            return new URL(baseUrl);
+        } catch (MalformedURLException e) {
+            if (getLog().isDebugEnabled()) {
+                getLog().debug(sm.getString("fileResource.getUrlFail", 
baseUrl), e);
+            }
+            return null;
+        }
+    }
+    @Override
     protected Log getLog() {
         return log;
     }

Modified: tomcat/trunk/java/org/apache/catalina/webresources/JarWarResource.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/webresources/JarWarResource.java?rev=1628197&r1=1628196&r2=1628197&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/webresources/JarWarResource.java 
(original)
+++ tomcat/trunk/java/org/apache/catalina/webresources/JarWarResource.java Mon 
Sep 29 14:42:11 2014
@@ -41,7 +41,7 @@ public class JarWarResource extends Abst
             String baseUrl, JarEntry jarEntry, String archivePath,
             String internalPath, Manifest manifest) {
         super(root, webAppPath, base, "jar:war:" + baseUrl + "^/" + 
archivePath,
-                jarEntry, internalPath, manifest);
+                jarEntry, internalPath, manifest, "jar" + baseUrl + "!/" + 
archivePath);
         this.archivePath = archivePath;
     }
 

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1628197&r1=1628196&r2=1628197&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Mon Sep 29 14:42:11 2014
@@ -75,6 +75,12 @@
         to allow equals characters in cookie values but is configured to allow
         name only cookies. (markt)
       </fix>
+      <fix>
+        <bug>57038</bug>: Add a <code>WebResource.getCoseBase()</code> method,
+        implement for all <code>WebResource</code> implementations and then use
+        it in the web application class loader to set the correct code base for
+        resources loaded from JARs and WARs. (markt)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Web applications">



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1628197 - in /tomcat/trunk: java/org/apache/catalina/ java/org/apache/catalina/loader/ java/org/apache/catalina/webresources/ webapps/docs/

Reply via email to