You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Tree:
a6a837bc3b
3.0.x
3.1.x
3.2.x
4.0.x
4.1.x
4.2.x
4.3.x
5.0.x
5.1.x
5.2.x
5.3.x
6.0.x
6.1.x
6.2.x
docs-build
gh-pages
main
v3.0.0.M1
v3.0.0.M2
v3.0.0.M3
v3.0.0.M4
v3.0.0.RC1
v3.0.0.RC2
v3.0.0.RC3
v3.0.0.RELEASE
v3.0.1.RELEASE
v3.0.1.RELEASE-A
v3.0.1.RELEASE.A
v3.0.2.RELEASE
v3.0.3.RELEASE
v3.0.4.RELEASE
v3.0.5.RELEASE
v3.0.6.RELEASE
v3.0.7.RELEASE
v3.1.0.M1
v3.1.0.M2
v3.1.0.RC1
v3.1.0.RC2
v3.1.0.RELEASE
v3.1.1.RELEASE
v3.1.2.RELEASE
v3.1.3.RELEASE
v3.1.4.RELEASE
v3.2.0.M1
v3.2.0.M2
v3.2.0.RC1
v3.2.0.RC2
v3.2.0.RC2-A
v3.2.0.RELEASE
v3.2.1.RELEASE
v3.2.10.RELEASE
v3.2.11.RELEASE
v3.2.12.RELEASE
v3.2.13.RELEASE
v3.2.14.RELEASE
v3.2.15.RELEASE
v3.2.16.RELEASE
v3.2.17.RELEASE
v3.2.18.RELEASE
v3.2.2.RELEASE
v3.2.3.RELEASE
v3.2.4.RELEASE
v3.2.5.RELEASE
v3.2.6.RELEASE
v3.2.7.RELEASE
v3.2.8.RELEASE
v3.2.9.RELEASE
v4.0.0.M1
v4.0.0.M2
v4.0.0.M3
v4.0.0.RC1
v4.0.0.RC2
v4.0.0.RELEASE
v4.0.1.RELEASE
v4.0.2.RELEASE
v4.0.3.RELEASE
v4.0.4.RELEASE
v4.0.5.RELEASE
v4.0.6.RELEASE
v4.0.7.RELEASE
v4.0.8.RELEASE
v4.0.9.RELEASE
v4.1.0.RC1
v4.1.0.RC2
v4.1.0.RELEASE
v4.1.1.RELEASE
v4.1.2.RELEASE
v4.1.3.RELEASE
v4.1.4.RELEASE
v4.1.5.RELEASE
v4.1.6.RELEASE
v4.1.7.RELEASE
v4.1.8.RELEASE
v4.1.9.RELEASE
v4.2.0.RC1
v4.2.0.RC2
v4.2.0.RC3
v4.2.0.RELEASE
v4.2.1.RELEASE
v4.2.2.RELEASE
v4.2.3.RELEASE
v4.2.4.RELEASE
v4.2.5.RELEASE
v4.2.6.RELEASE
v4.2.7.RELEASE
v4.2.8.RELEASE
v4.2.9.RELEASE
v4.3.0.RC1
v4.3.0.RC2
v4.3.0.RELEASE
v4.3.1.RELEASE
v4.3.10.RELEASE
v4.3.11.RELEASE
v4.3.12.RELEASE
v4.3.13.RELEASE
v4.3.14.RELEASE
v4.3.15.RELEASE
v4.3.16.RELEASE
v4.3.17.RELEASE
v4.3.18.RELEASE
v4.3.19.RELEASE
v4.3.2.RELEASE
v4.3.20.RELEASE
v4.3.21.RELEASE
v4.3.22.RELEASE
v4.3.23.RELEASE
v4.3.24.RELEASE
v4.3.25.RELEASE
v4.3.26.RELEASE
v4.3.27.RELEASE
v4.3.28.RELEASE
v4.3.29.RELEASE
v4.3.3.RELEASE
v4.3.30.RELEASE
v4.3.4.RELEASE
v4.3.5.RELEASE
v4.3.6.RELEASE
v4.3.7.RELEASE
v4.3.8.RELEASE
v4.3.9.RELEASE
v5.0.0.M1
v5.0.0.M2
v5.0.0.M3
v5.0.0.M4
v5.0.0.M5
v5.0.0.RC1
v5.0.0.RC2
v5.0.0.RC3
v5.0.0.RC4
v5.0.0.RELEASE
v5.0.1.RELEASE
v5.0.10.RELEASE
v5.0.11.RELEASE
v5.0.12.RELEASE
v5.0.13.RELEASE
v5.0.14.RELEASE
v5.0.15.RELEASE
v5.0.16.RELEASE
v5.0.17.RELEASE
v5.0.18.RELEASE
v5.0.19.RELEASE
v5.0.2.RELEASE
v5.0.20.RELEASE
v5.0.3.RELEASE
v5.0.4.RELEASE
v5.0.5.RELEASE
v5.0.6.RELEASE
v5.0.7.RELEASE
v5.0.8.RELEASE
v5.0.9.RELEASE
v5.1.0.RC1
v5.1.0.RC2
v5.1.0.RC3
v5.1.0.RELEASE
v5.1.1.RELEASE
v5.1.10.RELEASE
v5.1.11.RELEASE
v5.1.12.RELEASE
v5.1.13.RELEASE
v5.1.14.RELEASE
v5.1.15.RELEASE
v5.1.16.RELEASE
v5.1.17.RELEASE
v5.1.18.RELEASE
v5.1.19.RELEASE
v5.1.2.RELEASE
v5.1.20.RELEASE
v5.1.3.RELEASE
v5.1.4.RELEASE
v5.1.5.RELEASE
v5.1.6.RELEASE
v5.1.7.RELEASE
v5.1.8.RELEASE
v5.1.9.RELEASE
v5.2.0.M1
v5.2.0.M2
v5.2.0.M3
v5.2.0.RC1
v5.2.0.RC2
v5.2.0.RELEASE
v5.2.1.RELEASE
v5.2.10.RELEASE
v5.2.11.RELEASE
v5.2.12.RELEASE
v5.2.13.RELEASE
v5.2.14.RELEASE
v5.2.15.RELEASE
v5.2.16.RELEASE
v5.2.17.RELEASE
v5.2.18.RELEASE
v5.2.19.RELEASE
v5.2.2.RELEASE
v5.2.20.RELEASE
v5.2.21.RELEASE
v5.2.22.RELEASE
v5.2.23.RELEASE
v5.2.24.RELEASE
v5.2.25.RELEASE
v5.2.3.RELEASE
v5.2.4.RELEASE
v5.2.5.RELEASE
v5.2.6.RELEASE
v5.2.7.RELEASE
v5.2.8.RELEASE
v5.2.9.RELEASE
v5.3.0
v5.3.0-M1
v5.3.0-M2
v5.3.0-RC1
v5.3.0-RC2
v5.3.1
v5.3.10
v5.3.11
v5.3.12
v5.3.13
v5.3.14
v5.3.15
v5.3.16
v5.3.17
v5.3.18
v5.3.19
v5.3.2
v5.3.20
v5.3.21
v5.3.22
v5.3.23
v5.3.24
v5.3.25
v5.3.26
v5.3.27
v5.3.28
v5.3.29
v5.3.3
v5.3.30
v5.3.31
v5.3.32
v5.3.33
v5.3.34
v5.3.35
v5.3.36
v5.3.37
v5.3.38
v5.3.39
v5.3.4
v5.3.5
v5.3.6
v5.3.7
v5.3.8
v5.3.9
v6.0.0
v6.0.0-M1
v6.0.0-M2
v6.0.0-M3
v6.0.0-M4
v6.0.0-M5
v6.0.0-M6
v6.0.0-RC1
v6.0.0-RC2
v6.0.0-RC3
v6.0.0-RC4
v6.0.1
v6.0.10
v6.0.11
v6.0.12
v6.0.13
v6.0.14
v6.0.15
v6.0.16
v6.0.17
v6.0.18
v6.0.19
v6.0.2
v6.0.20
v6.0.21
v6.0.22
v6.0.23
v6.0.3
v6.0.4
v6.0.5
v6.0.6
v6.0.7
v6.0.8
v6.0.9
v6.1.0
v6.1.0-M1
v6.1.0-M2
v6.1.0-M3
v6.1.0-M4
v6.1.0-M5
v6.1.0-RC1
v6.1.0-RC2
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.18
v6.1.19
v6.1.2
v6.1.20
v6.1.21
v6.1.3
v6.1.4
v6.1.5
v6.1.6
v6.1.7
v6.1.8
v6.1.9
v6.2.0
v6.2.0-M1
v6.2.0-M2
v6.2.0-M3
v6.2.0-M4
v6.2.0-M5
v6.2.0-M6
v6.2.0-M7
v6.2.0-RC1
v6.2.0-RC2
v6.2.0-RC3
v6.2.1
v6.2.10
v6.2.11
v6.2.12
v6.2.13
v6.2.14
v6.2.15
v6.2.2
v6.2.3
v6.2.4
v6.2.5
v6.2.6
v6.2.7
v6.2.8
v6.2.9
v7.0.0
v7.0.0-M1
v7.0.0-M2
v7.0.0-M3
v7.0.0-M4
v7.0.0-M5
v7.0.0-M6
v7.0.0-M7
v7.0.0-M8
v7.0.0-M9
v7.0.0-RC1
v7.0.0-RC2
v7.0.0-RC3
v7.0.1
v7.0.2
v7.0.3
${ noResults }
Brian Clozel
379d2e6da0
SPR-12354 applied new checks to make sure that served static resources
are under authorized locations.
Prior to this change, serving static resources from Servlet 3 locations
such as "/webjars/" would not work since those locations can be within
one of the JARs on path. In that case, the checkLocation method would
return false and disallow serving that static resource.
This change fixes this issue by making sure to call the
`ServletContextResource.getPath()` method for servlet context resources.
Note that there's a known workaround for this issue, which is using a
classpath scheme as location, such as:
"classpath:/META-INF/resources/webjars/" instead of "/webjars".
Issue: SPR-12432
(cherry picked from commit
|
11 years ago | |
|---|---|---|
| .. | ||
| main | Fix location checks for servlet 3 resources | 11 years ago |
| test | Fix location checks for servlet 3 resources | 11 years ago |