Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Merge pull request #3313 from jglick/Tomcat-redux-JENKINS-49543
[JENKINS-49543] Old versions of Tomcat also failed to serialize classes from Jenkins modules
  • Loading branch information
oleg-nenashev committed Feb 28, 2018
2 parents c33f146 + 376c6a0 commit 262a7a1
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions core/src/main/java/jenkins/security/ClassFilterImpl.java
Expand Up @@ -273,6 +273,10 @@ private boolean isLocationWhitelisted(String _loc) {
r = r.substring(0, r.length() - suffix.length());
}
}
if (r.startsWith("jar:file:/") && r.endsWith(".jar!/")) {
// JENKINS-49543: also an old behavior of Tomcat. Legal enough, but unexpected by isLocationWhitelisted.
r = r.substring(4, r.length() - 2);
}
return r;
}

Expand Down

0 comments on commit 262a7a1

Please sign in to comment.