From 3b47cc3f79fd80bc5af658f82f001da5e55a4878 Mon Sep 17 00:00:00 2001
From: Vincent Massol <vincent@massol.net>
Date: Tue, 21 Nov 2017 09:43:09 +0100
Subject: [PATCH] XDOCKER-38: Configure Tomcat to allow encoded slash '%2F' and
 backslash '%5C' in URLs * Added explanations

---
 8/mysql-tomcat/tomcat/setenv.sh    | 2 ++
 8/postgres-tomcat/tomcat/setenv.sh | 2 ++
 9/mysql-tomcat/tomcat/setenv.sh    | 2 ++
 9/postgres-tomcat/tomcat/setenv.sh | 2 ++
 4 files changed, 8 insertions(+)

diff --git a/8/mysql-tomcat/tomcat/setenv.sh b/8/mysql-tomcat/tomcat/setenv.sh
index 12f1781..abcb1be 100755
--- a/8/mysql-tomcat/tomcat/setenv.sh
+++ b/8/mysql-tomcat/tomcat/setenv.sh
@@ -1 +1,3 @@
+# By default, Tomcat does not allow the usage of encoded slash '%2F' and backslash '%5C' in URLs, as noted in http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.10.
+# This is why we're passing 2 system properties to allow for them as it's useful to be able to have '/' and '' in wiki pahe names.
 export CATALINA_OPTS="-Xmx1024m -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true"
diff --git a/8/postgres-tomcat/tomcat/setenv.sh b/8/postgres-tomcat/tomcat/setenv.sh
index 12f1781..abcb1be 100755
--- a/8/postgres-tomcat/tomcat/setenv.sh
+++ b/8/postgres-tomcat/tomcat/setenv.sh
@@ -1 +1,3 @@
+# By default, Tomcat does not allow the usage of encoded slash '%2F' and backslash '%5C' in URLs, as noted in http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.10.
+# This is why we're passing 2 system properties to allow for them as it's useful to be able to have '/' and '' in wiki pahe names.
 export CATALINA_OPTS="-Xmx1024m -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true"
diff --git a/9/mysql-tomcat/tomcat/setenv.sh b/9/mysql-tomcat/tomcat/setenv.sh
index 12f1781..abcb1be 100755
--- a/9/mysql-tomcat/tomcat/setenv.sh
+++ b/9/mysql-tomcat/tomcat/setenv.sh
@@ -1 +1,3 @@
+# By default, Tomcat does not allow the usage of encoded slash '%2F' and backslash '%5C' in URLs, as noted in http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.10.
+# This is why we're passing 2 system properties to allow for them as it's useful to be able to have '/' and '' in wiki pahe names.
 export CATALINA_OPTS="-Xmx1024m -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true"
diff --git a/9/postgres-tomcat/tomcat/setenv.sh b/9/postgres-tomcat/tomcat/setenv.sh
index 12f1781..abcb1be 100755
--- a/9/postgres-tomcat/tomcat/setenv.sh
+++ b/9/postgres-tomcat/tomcat/setenv.sh
@@ -1 +1,3 @@
+# By default, Tomcat does not allow the usage of encoded slash '%2F' and backslash '%5C' in URLs, as noted in http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.10.
+# This is why we're passing 2 system properties to allow for them as it's useful to be able to have '/' and '' in wiki pahe names.
 export CATALINA_OPTS="-Xmx1024m -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true"
-- 
GitLab