Gitiles
Code Review Sign In
source.supwisdom.com / UniIdentify / tomcat / 6266f996613ae5631b7288523f895b36e30fe5af^! / . / tomcat-uid / webapps / host-manager / WEB-INF / jsp / 403.jsp
commit6266f996613ae5631b7288523f895b36e30fe5af[log] [tgz]
author刘洪青 <hongqing.liu@supwisdom.com>周一 5月 15 21:21:03 2017 +0800
committer刘洪青 <hongqing.liu@supwisdom.com>周一 5月 15 21:23:56 2017 +0800
treed2506a4c584043b07120793e0b578c0d1c954d53
parent67d615191938bb60e9b73af6701f5339749950ca [diff] [blame]
升级Tomcat版本 apache-tomcat-7.0.77

diff --git a/tomcat-uid/webapps/host-manager/WEB-INF/jsp/403.jsp b/tomcat-uid/webapps/host-manager/WEB-INF/jsp/403.jsp
index 569bd29..c87aeb1 100644
--- a/tomcat-uid/webapps/host-manager/WEB-INF/jsp/403.jsp
+++ b/tomcat-uid/webapps/host-manager/WEB-INF/jsp/403.jsp

@@ -14,6 +14,7 @@
   See the License for the specific language governing permissions and

   limitations under the License.

 --%>

+<%@ page session="false" trimDirectiveWhitespaces="true" %>

 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

 <html>

  <head>

@@ -34,13 +35,13 @@
    </p>

    <p>

     If you have already configured the Host Manager application to allow access

-    and you have used your browser's back button, used a saved book-mark or

+    and you have used your browsers back button, used a saved book-mark or

     similar then you may have triggered the cross-site request forgery (CSRF)

     protection that has been enabled for the HTML interface of the Host Manager

-    application. You will need to reset this protection by returning to the 

+    application. You will need to reset this protection by returning to the

     <a href="<%=request.getContextPath()%>/html">main Host Manager page</a>.

     Once you return to this page, you will be able to continue using the Host

-    Manager appliction's HTML interface normally. If you continue to see this

+    Manager application's HTML interface normally. If you continue to see this

     access denied message, check that you have the necessary permissions to

     access this application.

    </p>

@@ -59,11 +60,10 @@
 &lt;user username="tomcat" password="s3cret" roles="admin-gui"/&gt;

 </pre>

    <p>

-    Note that for Tomcat 6.0.30 onwards, the roles required to use the host

-    manager application were changed from the single <tt>admin</tt> role to the

+    Note that for Tomcat 7 onwards, the roles required to use the host manager

+    application were changed from the single <tt>admin</tt> role to the

     following two roles. You will need to assign the role(s) required for

-    the functionality you wish to access. Note the <tt>admin</tt> role is still

-    valid but by-passes the CSRF protection.

+    the functionality you wish to access.

    </p>

     <ul>

       <li><tt>admin-gui</tt> - allows access to the HTML GUI</li>

@@ -74,8 +74,6 @@
     To maintain the CSRF protection:

    </p>

    <ul>

-    <li>The deprecated <tt>admin</tt> role should not be assigned to any

-        user.</li>

     <li>Users with the <tt>admin-gui</tt> role should not be granted the

        <tt>admin-script</tt> role.</li>

     <li>If the text interface is accessed through a browser (e.g. for testing