Since I'm using a framework that maps its own servlet to /*, I have to remap the default servlet. In Tomcat 7.0.0 this mapping was working: <servlet-mapping> <servlet-name>default</servlet-name> <url-pattern>/static/</url-pattern> </servlet-mapping> But it doesn't in Tomcat 7.0.4 I also tried /static/* - same result. (The way it doesn't work is by serving 404)
(In reply to comment #0) > Since I'm using a framework that maps its own servlet to /*, I have to remap > the default servlet. In Tomcat 7.0.0 this mapping was working: > > <servlet-mapping> > <servlet-name>default</servlet-name> > <url-pattern>/static/</url-pattern> > </servlet-mapping> > > But it doesn't in Tomcat 7.0.4 Unfortunately, you have been taking advantage (?) of a security hole in the default servlet that allowed an ill-specified <url-pattern> to serve static content from arbitrary locations. As noted in the 7.0 changelog, the related bug report can be found here: http://issues.apache.org/bugzilla/show_bug.cgi?id=50026 The normal way to correctly implement this is to place the static content under a known, real location, and configure that in <url-pattern>. Alternatively, a filter can be used to detect static references and forward them to the DefaultServlet. One could also use the appropriate suffix notation in the <url-pattern> to direct requests to the DefaultServlet. - Chuck
*** This bug has been marked as a duplicate of bug 50026 ***