← Back to branch summary

~james-page/ubuntu/oneiric/tomcat6/CVE-2011-3190

« back to all changes in this revision

Viewing changes to webapps/docs/config/engine.xml

  • Committer: Bazaar Package Importer
  • Author(s): tony mancill
  • Date: 2011-04-18 20:38:29 UTC
  • mfrom: (2.2.27 sid)
  • Revision ID: james.westby@ubuntu.com-20110418203829-ogfwstmnzl4o3nby
Tags: 6.0.32-3
http://bugs.debian.org/623242
* Team upload.
* Include upstream patch for ASF Bugzilla - Bug 50700
  (Context parameters are being overridden with parameters from the 
   web application deployment descriptor) (Closes: #623242)

Show diffs side-by-side

added added

removed removed

Lines of Context:
webapps/docs/config/engine.xml
225
225
    <a href="engine.html">Engine</a>, <a href="host.html">Host</a>, or
226
226
    <a href="context.html">Context</a> element.  The remote address or name
227
227
    will be checked against a configured list of "accept" and/or "deny"
228
 
    filters, which are defined using the Regular Expression syntax supported
229
 
    by the <a href="http://jakarta.apache.org/regexp/">Jakarta Regexp</a>
230
 
    regular expression library.  Requests that come from locations that are
 
228
    filters, which are defined using <code>java.util.regex</code> Regular
 
229
    Expression syntax.  Requests that come from locations that are
231
230
    not accepted will be rejected with an HTTP "Forbidden" error.
232
231
    Example filter declarations:</p>
233
232
 
235
234
&lt;Engine name="Standalone" ...&gt;
236
235
  ...
237
236
  &lt;Valve className="org.apache.catalina.valves.RemoteHostValve"
238
 
         allow="*.mycompany.com,www.yourcompany.com"/&gt;
 
237
         allow=".*\.mycompany\.com|www\.yourcompany\.com"/&gt;
239
238
  &lt;Valve className="org.apache.catalina.valves.RemoteAddrValve"
240
 
         deny="192.168.1.*"/&gt;
 
239
         deny="192\.168\.1\.\d+"/&gt;
241
240
  ...
242
241
&lt;/Engine&gt;
243
242
</source>