| Log Message: |
Partial fix for CVE-2017-12617
This moves a check from the Default servlet where it applied to GET, POST, HEAD and OPTIONS to the resources implementation where it applies to any method that expects the resource to exist (e.g.DELETE)
Still need to address the case where the resource does not exist (e.g. PUT)
|
tomcat/tc7.0.x/trunk/java/org/apache/catalina/servlets/DefaultServlet.java