From c8601f802df5f0a190b6a70a7c36727e06eb9fbd Mon Sep 17 00:00:00 2001 From: Mark Thomas Date: Mon, 4 Jan 2016 08:51:47 +0000 Subject: [PATCH] Add the StatusManagerServlet to the list of Servlets that can only be loaded by privileged applications. git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@1722799 13f79535-47bb-0310-9956-ffa450edef68 --- java/org/apache/catalina/core/RestrictedServlets.properties | 1 + webapps/docs/changelog.xml | 4 ++++ 2 files changed, 5 insertions(+) diff --git a/java/org/apache/catalina/core/RestrictedServlets.properties b/java/org/apache/catalina/core/RestrictedServlets.properties index d336968d1424..cefa24965204 100644 --- a/java/org/apache/catalina/core/RestrictedServlets.properties +++ b/java/org/apache/catalina/core/RestrictedServlets.properties @@ -16,3 +16,4 @@ org.apache.catalina.ssi.SSIServlet=restricted org.apache.catalina.servlets.CGIServlet=restricted org.apache.catalina.manager.JMXProxyServlet=restricted +org.apache.catalina.manager.StatusManagerServlet=restricted diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 94fbe0846da4..6fe228b0de2b 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -155,6 +155,10 @@ header to the HttpHeaderSecurityFilter. Patch provided by Jacopo Cappellato. (markt) + + Add the StatusManagerServlet to the list of Servlets that + can only be loaded by privileged applications. (markt) +