Re: [PR] webdav testcase for special path [tomcat]

2025-05-05 Thread via GitHub 


rmaucher merged PR #808:
URL: https://github.com/apache/tomcat/pull/808


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

(tomcat) branch main updated (3480b07b61 -> e47d8933e3)

2025-05-05 Thread remm 
This is an automated email from the ASF dual-hosted git repository.

remm pushed a change to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


from 3480b07b61 Use WebResource API to differentiate files and directories
 add a4766238ac webdav testcase for special path
 new e47d8933e3 Merge pull request #808 from Chenjp/webdav_specialpath_tc

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 .../catalina/servlets/TestWebdavServlet.java   | 87 --
 1 file changed, 64 insertions(+), 23 deletions(-)


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

(tomcat) 01/01: Merge pull request #808 from Chenjp/webdav_specialpath_tc

2025-05-05 Thread remm 
This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit e47d8933e3245d4c59dd88e796c8e90258b78bc8
Merge: 3480b07b61 a4766238ac
Author: Rémy Maucherat 
AuthorDate: Mon May 5 09:38:14 2025 +0200

Merge pull request #808 from Chenjp/webdav_specialpath_tc

webdav testcase for special path

 .../catalina/servlets/TestWebdavServlet.java   | 87 --
 1 file changed, 64 insertions(+), 23 deletions(-)



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

(tomcat) branch 9.0.x updated: webdav testcase for special path

2025-05-05 Thread remm 
This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 2a2ecc3ae2 webdav testcase for special path
2a2ecc3ae2 is described below

commit 2a2ecc3ae27522eb269899804f1b379323549037
Author: Chenjp 
AuthorDate: Thu Jan 16 08:46:38 2025 +0800

webdav testcase for special path

cases for allowSpecialPaths=true
---
 .../catalina/servlets/TestWebdavServlet.java   | 87 --
 1 file changed, 64 insertions(+), 23 deletions(-)

diff --git a/test/org/apache/catalina/servlets/TestWebdavServlet.java 
b/test/org/apache/catalina/servlets/TestWebdavServlet.java
index 1c1bd53e3c..ad4ddf0602 100644
--- a/test/org/apache/catalina/servlets/TestWebdavServlet.java
+++ b/test/org/apache/catalina/servlets/TestWebdavServlet.java
@@ -18,11 +18,13 @@ package org.apache.catalina.servlets;
 
 import java.io.File;
 import java.io.FileOutputStream;
+import java.io.FileWriter;
 import java.io.IOException;
 import java.io.StringReader;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
+import java.util.UUID;
 
 import javax.servlet.http.HttpServletResponse;
 import javax.xml.parsers.SAXParserFactory;
@@ -45,46 +47,85 @@ import org.xml.sax.InputSource;
 
 public class TestWebdavServlet extends TomcatBaseTest {
 
-/*
- * Test attempting to access special paths (WEB-INF/META-INF) using 
WebdavServlet
- */
 @Test
-public void testGetSpecials() throws Exception {
+public void testGetSpecial_allowSpecialPaths_rootdavcontext() throws 
Exception {
+testGetSpecials(true, false);
+}
+
+@Test
+public void testGetSpecial_allowSpecialPaths_nonrootdavcontext() throws 
Exception {
+testGetSpecials(true, true);
+}
+
+@Test
+public void testGetSpecial_disallowSpecialPaths_rootdavcontext() throws 
Exception {
+testGetSpecials(false, false);
+}
+
+@Test
+public void testGetSpecial_disallowSpecialPaths_nonrootdavcontext() throws 
Exception {
+testGetSpecials(false, true);
+}
+
+/* Test attempting to access special paths (WEB-INF/META-INF) using 
WebdavServlet */
+private void testGetSpecials(boolean allowSpecialPaths, boolean 
useSubpathWebdav) throws Exception {
 Tomcat tomcat = getTomcatInstance();
 
-String contextPath = "/examples";
+// Create a temp webapp that can be safely written to
+File tempWebapp = new File(getTemporaryDirectory(), 
"webdav-specialpath"+UUID.randomUUID());
+Assert.assertTrue("Failed to mkdirs on 
"+tempWebapp.getCanonicalPath(),tempWebapp.mkdirs());
+Assert.assertTrue(new File(tempWebapp,"WEB-INF").mkdir());
+Assert.assertTrue(new File(tempWebapp,"META-INF").mkdir());
+try (FileWriter fw = new FileWriter(new File(tempWebapp, 
"WEB-INF-desc.xml"))) {
+fw.write("This is not a special 
file");
+}
+try (FileWriter fw = new FileWriter(new File(tempWebapp, 
"WEB-INF/web.xml"))) {
+fw.write("...");
+}
+try (FileWriter fw = new FileWriter(new File(tempWebapp, 
"META-INF/context.xml"))) {
+fw.write("...");
+}
 
-File appDir = new File(getBuildDirectory(), "webapps" + contextPath);
-// app dir is relative to server home
-Context ctx = tomcat.addWebapp(null, "/examples", 
appDir.getAbsolutePath());
+Context ctx = tomcat.addContext("", tempWebapp.getAbsolutePath());
+Wrapper webdavServlet = Tomcat.addServlet(ctx, "webdav", new 
WebdavServlet());
 
-Tomcat.addServlet(ctx, "webdav", new WebdavServlet());
-ctx.addServletMappingDecoded("/*", "webdav");
+webdavServlet.addInitParameter("listings", "true");
+webdavServlet.addInitParameter("allowSpecialPaths", allowSpecialPaths 
? "true" : "false");
+
+String contextPath="";
+if (useSubpathWebdav) {
+ctx.addServletMappingDecoded("/webdav/*", "webdav");
+contextPath = "/webdav";
+} else {
+ctx.addServletMappingDecoded("/*", "webdav");
+}
 
 tomcat.start();
 
 final ByteChunk res = new ByteChunk();
 
-int rc =getUrl("http://localhost:"; + getPort() + contextPath +
-"/WEB-INF/web.xml", res, null);
-Assert.assertEquals(HttpServletResponse.SC_NOT_FOUND, rc);
+int rc = 0;
 
-rc =getUrl("http://localhost:"; + getPort() + contextPath +
-"/WEB-INF/doesntexistanywhere", res, null);
-Assert.assertEquals(HttpServletResponse.SC_NOT_FOUND, rc);
+// Notice: Special paths /WEB-INF and /META-INF are protected by 
StandardContextValve.
+// allowSpecialPaths works only when webdav re-mount to a non-root 
path.
+rc = getUrl("http://localhost:"; + getPort() + contextPath + 
"/WEB-INF/web.xm

(tomcat) branch 10.1.x updated: webdav testcase for special path

2025-05-05 Thread remm 
This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.1.x by this push:
 new 793f0ca272 webdav testcase for special path
793f0ca272 is described below

commit 793f0ca272ae89dee22cf69c26fa735c61c6740a
Author: Chenjp 
AuthorDate: Thu Jan 16 08:46:38 2025 +0800

webdav testcase for special path

cases for allowSpecialPaths=true
---
 .../catalina/servlets/TestWebdavServlet.java   | 87 --
 1 file changed, 64 insertions(+), 23 deletions(-)

diff --git a/test/org/apache/catalina/servlets/TestWebdavServlet.java 
b/test/org/apache/catalina/servlets/TestWebdavServlet.java
index ef11d28ae1..6867c38cf2 100644
--- a/test/org/apache/catalina/servlets/TestWebdavServlet.java
+++ b/test/org/apache/catalina/servlets/TestWebdavServlet.java
@@ -18,11 +18,13 @@ package org.apache.catalina.servlets;
 
 import java.io.File;
 import java.io.FileOutputStream;
+import java.io.FileWriter;
 import java.io.IOException;
 import java.io.StringReader;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
+import java.util.UUID;
 
 import javax.xml.parsers.SAXParserFactory;
 
@@ -46,46 +48,85 @@ import org.xml.sax.InputSource;
 
 public class TestWebdavServlet extends TomcatBaseTest {
 
-/*
- * Test attempting to access special paths (WEB-INF/META-INF) using 
WebdavServlet
- */
 @Test
-public void testGetSpecials() throws Exception {
+public void testGetSpecial_allowSpecialPaths_rootdavcontext() throws 
Exception {
+testGetSpecials(true, false);
+}
+
+@Test
+public void testGetSpecial_allowSpecialPaths_nonrootdavcontext() throws 
Exception {
+testGetSpecials(true, true);
+}
+
+@Test
+public void testGetSpecial_disallowSpecialPaths_rootdavcontext() throws 
Exception {
+testGetSpecials(false, false);
+}
+
+@Test
+public void testGetSpecial_disallowSpecialPaths_nonrootdavcontext() throws 
Exception {
+testGetSpecials(false, true);
+}
+
+/* Test attempting to access special paths (WEB-INF/META-INF) using 
WebdavServlet */
+private void testGetSpecials(boolean allowSpecialPaths, boolean 
useSubpathWebdav) throws Exception {
 Tomcat tomcat = getTomcatInstance();
 
-String contextPath = "/examples";
+// Create a temp webapp that can be safely written to
+File tempWebapp = new File(getTemporaryDirectory(), 
"webdav-specialpath"+UUID.randomUUID());
+Assert.assertTrue("Failed to mkdirs on 
"+tempWebapp.getCanonicalPath(),tempWebapp.mkdirs());
+Assert.assertTrue(new File(tempWebapp,"WEB-INF").mkdir());
+Assert.assertTrue(new File(tempWebapp,"META-INF").mkdir());
+try (FileWriter fw = new FileWriter(new File(tempWebapp, 
"WEB-INF-desc.xml"))) {
+fw.write("This is not a special 
file");
+}
+try (FileWriter fw = new FileWriter(new File(tempWebapp, 
"WEB-INF/web.xml"))) {
+fw.write("...");
+}
+try (FileWriter fw = new FileWriter(new File(tempWebapp, 
"META-INF/context.xml"))) {
+fw.write("...");
+}
 
-File appDir = new File(getBuildDirectory(), "webapps" + contextPath);
-// app dir is relative to server home
-Context ctx = tomcat.addWebapp(null, "/examples", 
appDir.getAbsolutePath());
+Context ctx = tomcat.addContext("", tempWebapp.getAbsolutePath());
+Wrapper webdavServlet = Tomcat.addServlet(ctx, "webdav", new 
WebdavServlet());
 
-Tomcat.addServlet(ctx, "webdav", new WebdavServlet());
-ctx.addServletMappingDecoded("/*", "webdav");
+webdavServlet.addInitParameter("listings", "true");
+webdavServlet.addInitParameter("allowSpecialPaths", allowSpecialPaths 
? "true" : "false");
+
+String contextPath="";
+if (useSubpathWebdav) {
+ctx.addServletMappingDecoded("/webdav/*", "webdav");
+contextPath = "/webdav";
+} else {
+ctx.addServletMappingDecoded("/*", "webdav");
+}
 
 tomcat.start();
 
 final ByteChunk res = new ByteChunk();
 
-int rc =getUrl("http://localhost:"; + getPort() + contextPath +
-"/WEB-INF/web.xml", res, null);
-Assert.assertEquals(HttpServletResponse.SC_NOT_FOUND, rc);
+int rc = 0;
 
-rc =getUrl("http://localhost:"; + getPort() + contextPath +
-"/WEB-INF/doesntexistanywhere", res, null);
-Assert.assertEquals(HttpServletResponse.SC_NOT_FOUND, rc);
+// Notice: Special paths /WEB-INF and /META-INF are protected by 
StandardContextValve.
+// allowSpecialPaths works only when webdav re-mount to a non-root 
path.
+rc = getUrl("http://localhost:"; + getPort() + contextPath + 
"/WEB-INF/web.xml", res, null);
+Assert.assertEquals

(tomcat) branch 11.0.x updated: webdav testcase for special path

2025-05-05 Thread remm 
This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 11.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/11.0.x by this push:
 new e7361c9195 webdav testcase for special path
e7361c9195 is described below

commit e7361c9195186445da09be55b7a23891d61498c8
Author: Chenjp 
AuthorDate: Thu Jan 16 08:46:38 2025 +0800

webdav testcase for special path

cases for allowSpecialPaths=true
---
 .../catalina/servlets/TestWebdavServlet.java   | 87 --
 1 file changed, 64 insertions(+), 23 deletions(-)

diff --git a/test/org/apache/catalina/servlets/TestWebdavServlet.java 
b/test/org/apache/catalina/servlets/TestWebdavServlet.java
index ef11d28ae1..6867c38cf2 100644
--- a/test/org/apache/catalina/servlets/TestWebdavServlet.java
+++ b/test/org/apache/catalina/servlets/TestWebdavServlet.java
@@ -18,11 +18,13 @@ package org.apache.catalina.servlets;
 
 import java.io.File;
 import java.io.FileOutputStream;
+import java.io.FileWriter;
 import java.io.IOException;
 import java.io.StringReader;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
+import java.util.UUID;
 
 import javax.xml.parsers.SAXParserFactory;
 
@@ -46,46 +48,85 @@ import org.xml.sax.InputSource;
 
 public class TestWebdavServlet extends TomcatBaseTest {
 
-/*
- * Test attempting to access special paths (WEB-INF/META-INF) using 
WebdavServlet
- */
 @Test
-public void testGetSpecials() throws Exception {
+public void testGetSpecial_allowSpecialPaths_rootdavcontext() throws 
Exception {
+testGetSpecials(true, false);
+}
+
+@Test
+public void testGetSpecial_allowSpecialPaths_nonrootdavcontext() throws 
Exception {
+testGetSpecials(true, true);
+}
+
+@Test
+public void testGetSpecial_disallowSpecialPaths_rootdavcontext() throws 
Exception {
+testGetSpecials(false, false);
+}
+
+@Test
+public void testGetSpecial_disallowSpecialPaths_nonrootdavcontext() throws 
Exception {
+testGetSpecials(false, true);
+}
+
+/* Test attempting to access special paths (WEB-INF/META-INF) using 
WebdavServlet */
+private void testGetSpecials(boolean allowSpecialPaths, boolean 
useSubpathWebdav) throws Exception {
 Tomcat tomcat = getTomcatInstance();
 
-String contextPath = "/examples";
+// Create a temp webapp that can be safely written to
+File tempWebapp = new File(getTemporaryDirectory(), 
"webdav-specialpath"+UUID.randomUUID());
+Assert.assertTrue("Failed to mkdirs on 
"+tempWebapp.getCanonicalPath(),tempWebapp.mkdirs());
+Assert.assertTrue(new File(tempWebapp,"WEB-INF").mkdir());
+Assert.assertTrue(new File(tempWebapp,"META-INF").mkdir());
+try (FileWriter fw = new FileWriter(new File(tempWebapp, 
"WEB-INF-desc.xml"))) {
+fw.write("This is not a special 
file");
+}
+try (FileWriter fw = new FileWriter(new File(tempWebapp, 
"WEB-INF/web.xml"))) {
+fw.write("...");
+}
+try (FileWriter fw = new FileWriter(new File(tempWebapp, 
"META-INF/context.xml"))) {
+fw.write("...");
+}
 
-File appDir = new File(getBuildDirectory(), "webapps" + contextPath);
-// app dir is relative to server home
-Context ctx = tomcat.addWebapp(null, "/examples", 
appDir.getAbsolutePath());
+Context ctx = tomcat.addContext("", tempWebapp.getAbsolutePath());
+Wrapper webdavServlet = Tomcat.addServlet(ctx, "webdav", new 
WebdavServlet());
 
-Tomcat.addServlet(ctx, "webdav", new WebdavServlet());
-ctx.addServletMappingDecoded("/*", "webdav");
+webdavServlet.addInitParameter("listings", "true");
+webdavServlet.addInitParameter("allowSpecialPaths", allowSpecialPaths 
? "true" : "false");
+
+String contextPath="";
+if (useSubpathWebdav) {
+ctx.addServletMappingDecoded("/webdav/*", "webdav");
+contextPath = "/webdav";
+} else {
+ctx.addServletMappingDecoded("/*", "webdav");
+}
 
 tomcat.start();
 
 final ByteChunk res = new ByteChunk();
 
-int rc =getUrl("http://localhost:"; + getPort() + contextPath +
-"/WEB-INF/web.xml", res, null);
-Assert.assertEquals(HttpServletResponse.SC_NOT_FOUND, rc);
+int rc = 0;
 
-rc =getUrl("http://localhost:"; + getPort() + contextPath +
-"/WEB-INF/doesntexistanywhere", res, null);
-Assert.assertEquals(HttpServletResponse.SC_NOT_FOUND, rc);
+// Notice: Special paths /WEB-INF and /META-INF are protected by 
StandardContextValve.
+// allowSpecialPaths works only when webdav re-mount to a non-root 
path.
+rc = getUrl("http://localhost:"; + getPort() + contextPath + 
"/WEB-INF/web.xml", res, null);
+Assert.assertEquals

[Bug 69530] Major different between 10.1.31 and 10.1.34 (class file doLock Method)

2025-05-05 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=69530

Remy Maucherat  changed:

   What|Removed |Added

 Status|NEEDINFO|RESOLVED
 Resolution|--- |WORKSFORME

--- Comment #8 from Remy Maucherat  ---
Closing in the absence of the requested information. Processing of the request
body had be tightened for a few edge cases.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 69670] New: 360 Land Surveying Ltd.

2025-05-05 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=69670

Bug ID: 69670
   Summary: 360 Land Surveying Ltd.
   Product: Tomcat 9
   Version: 9.0.x
  Hardware: PC
Status: NEW
  Severity: normal
  Priority: P2
 Component: Servlet
  Assignee: dev@tomcat.apache.org
  Reporter: 360landsurveyinglt...@gmail.com
  Target Milestone: -

Created attachment 40033
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=40033&action=edit
https://360surveys.ca/

At 360 Land Surveying Ltd., we’re more than just surveyors; we’re your partners
in making smart, informed decisions about your property. 

We believe every piece of land has its own story, and it’s our job to tell it
accurately. Whether you’re planning to build, buy, or just want to know your
land better, we’re here to provide clear, straightforward advice.

We are a local, full-service, certified and licenced land surveying company
serving communities in Metro Vancouver since 2013. With more than a decade of
professional experience, we have earned a solid reputation of fast, reliable
and precise service with attention to every detail that matters to a specific
project.

Our investment in the latest technology and equipment, along with continuous
training, allows us to deliver the quality we guarantee for an affordable and
competitive price. The quality of our work is monitored and supervised by the
Association of BC Land Surveyors.

>From a simple site survey to highly detailed 3D models, our team can tailor the
final product to your specific needs.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 69670] 360 Land Surveying Ltd.

2025-05-05 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=69670

360 Land Surveying Ltd. <360landsurveyinglt...@gmail.com> changed:

   What|Removed |Added

 OS||All
URL||https://360surveys.ca/

--- Comment #1 from 360 Land Surveying Ltd. <360landsurveyinglt...@gmail.com> 
---
https://360surveys.ca/

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 69670] SPAM SPAM SPAM SPAM

2025-05-05 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=69670

Chuck Caldarale  changed:

   What|Removed |Added

Summary|360 Land Surveying Ltd. |SPAM SPAM SPAM SPAM
 Status|NEW |RESOLVED
 Resolution|--- |INVALID
URL|https://360surveys.ca/  |

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org