svn commit: r1641371 - in /tomcat/tc8.0.x/trunk: ./ webapps/docs/changelog.xml webapps/docs/security-howto.xml

Mon, 24 Nov 2014 03:33:41 -0800 

Author: markt
Date: Mon Nov 24 11:32:25 2014
New Revision: 1641371

URL: http://svn.apache.org/r1641371
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=57245
Update reference to allowLinking since it has moved from Context to the nested 
Resources element.

Modified:
    tomcat/tc8.0.x/trunk/   (props changed)
    tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml
    tomcat/tc8.0.x/trunk/webapps/docs/security-howto.xml

Propchange: tomcat/tc8.0.x/trunk/
------------------------------------------------------------------------------
  Merged /tomcat/trunk:r1641369

Modified: tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml?rev=1641371&r1=1641370&r2=1641371&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Mon Nov 24 11:32:25 2014
@@ -120,6 +120,11 @@
         Improve HTML version of build instructions and align with
         BUILDING.txt. (kkolinko)
       </update>
+      <fix>
+        <bug>57245</bug>: Correct the reference to <code>allowLinking</code> in
+        the security configuration guide since that attribute has moved from 
the
+        Context element to the nested Resources element. (markt)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Other">

Modified: tomcat/tc8.0.x/trunk/webapps/docs/security-howto.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/webapps/docs/security-howto.xml?rev=1641371&r1=1641370&r2=1641371&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/webapps/docs/security-howto.xml (original)
+++ tomcat/tc8.0.x/trunk/webapps/docs/security-howto.xml Mon Nov 24 11:32:25 
2014
@@ -326,10 +326,11 @@
       <code>false</code> by default and should only be changed for trusted web
       applications.</p>
 
-      <p>The <strong>allowLinking</strong> attribute controls if a context is
-      allowed to use linked files. If enabled and the context is undeployed, 
the
-      links will be followed when deleting the context resources. Changing this
-      setting from the default of <code>false</code> on case insensitive
+      <p>The <strong>allowLinking</strong> attribute of a nested
+      <a href="config/resources.html">Resources</a> element controls if a 
context
+      is allowed to use linked files. If enabled and the context is undeployed,
+      the links will be followed when deleting the context resources. Changing
+      this setting from the default of <code>false</code> on case insensitive
       operating systems (this includes Windows) will disable a number of
       security measures and allow, among other things, direct access to the
       WEB-INF directory.</p>



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to