Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
[JENKINS-49543] Old versions of Tomcat also failed to serialize class…
…es from Jenkins modules.

(cherry picked from commit 376c6a0)
  • Loading branch information
jglick authored and olivergondza committed Feb 28, 2018
1 parent 2ce5036 commit dd3ddf3
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions core/src/main/java/jenkins/security/ClassFilterImpl.java
Expand Up @@ -273,6 +273,10 @@ private boolean isLocationWhitelisted(String _loc) {
r = r.substring(0, r.length() - suffix.length());
}
}
if (r.startsWith("jar:file:/") && r.endsWith(".jar!/")) {
// JENKINS-49543: also an old behavior of Tomcat. Legal enough, but unexpected by isLocationWhitelisted.
r = r.substring(4, r.length() - 2);
}
return r;
}

Expand Down

0 comments on commit dd3ddf3

Please sign in to comment.