Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 7.4.9.CR1, 7.4.9.GA
Affects Version/s: 7.4.8.GA
Component/s: Undertow
Labels:
- test_included

Blocked:
False
Blocked Reason:
None
Ready:
False
CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
QE Test Coverage:
+
Target Release:

7.4.z.GA
Git Pull Request:
https://github.com/undertow-io/undertow/pull/1391

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Top level WEB-INF and META-INF directories should not be exposed. But other application sub directories may be named this and should in theory be allowed. These were allowed prior to ~~UNDERTOW-1981~~.

clones

UNDERTOW-2186 Application sub directories named WEB-INF or META-INF are no longer served

Closed

is caused by

UNDERTOW-1981 Unify DefaultServlet & ServletInitialHandler in handling forbidden subpaths

Resolved

is incorporated by

JBEAP-24100 [GSS](7.4.z) Upgrade Undertow from 2.2.20.SP1-redhat-00001 to 2.2.22.SP3-redhat-00001

Closed

Assignee:: Flavia Rainone

Reporter:: Aaron Ogburn

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2022/10/18 9:55 PM

Updated:: 2024/08/19 2:15 PM

Resolved:: 2022/11/18 8:57 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates