From 39425c81d62872edec9080d550be0d67ae29d6f5 Mon Sep 17 00:00:00 2001
From: Dave Syer <dsyer@gopivotal.com>
Date: Wed, 31 Jul 2013 10:27:17 +0100
Subject: [PATCH] Servlet context document root not found when running as
 exploded WAR

* Added additional search in
AbstractEmbeddedServletContainerFactory.getValidDocumentRoot() to
detect a /WEB-INF/ directory in the code archive
* If the code archive is in /WEB-INF/** then we assume it is
safe to serve content from / (exposes the loader classes
but nothing sensitive from the app)

[Fixes #54345578]
---
 .../src/main/foo.html                         | 10 ----------
 ...stractEmbeddedServletContainerFactory.java | 19 ++++++++++++++++++-
 2 files changed, 18 insertions(+), 11 deletions(-)
 delete mode 100644 spring-boot-samples/spring-boot-sample-jetty/src/main/foo.html

diff --git a/spring-boot-samples/spring-boot-sample-jetty/src/main/foo.html b/spring-boot-samples/spring-boot-sample-jetty/src/main/foo.html
deleted file mode 100644
index b499243e0e7..00000000000
--- a/spring-boot-samples/spring-boot-sample-jetty/src/main/foo.html
+++ /dev/null
@@ -1,10 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<html>
-<head>
-<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-<title>Insert title here</title>
-</head>
-<body>
-
-</body>
-</html>
\ No newline at end of file
diff --git a/spring-boot/src/main/java/org/springframework/boot/context/embedded/AbstractEmbeddedServletContainerFactory.java b/spring-boot/src/main/java/org/springframework/boot/context/embedded/AbstractEmbeddedServletContainerFactory.java
index 2e7ca17ebf0..99612cb8a91 100644
--- a/spring-boot/src/main/java/org/springframework/boot/context/embedded/AbstractEmbeddedServletContainerFactory.java
+++ b/spring-boot/src/main/java/org/springframework/boot/context/embedded/AbstractEmbeddedServletContainerFactory.java
@@ -303,7 +303,11 @@ public abstract class AbstractEmbeddedServletContainerFactory implements
 	 */
 	protected final File getValidDocumentRoot() {
 		File file = getDocumentRoot();
+		// If document root not explicitly set see if we are running from a war archive
 		file = file != null ? file : getWarFileDocumentRoot();
+		// If not a war archive maybe it is an exploded war
+		file = file != null ? file : getExplodedWarFileDocumentRoot();
+		// Or maybe there is a document root in a well-known location
 		file = file != null ? file : getCommonDocumentRoot();
 		if (file == null && this.logger.isWarnEnabled()) {
 			this.logger.debug("None of the document roots "
@@ -316,12 +320,25 @@ public abstract class AbstractEmbeddedServletContainerFactory implements
 		return file;
 	}
 
+	private File getExplodedWarFileDocumentRoot() {
+		File file = getCodeSourceArchive();
+		if (this.logger.isDebugEnabled()) {
+			this.logger.debug("Code archive: " + file);
+		}
+		if (file != null && file.exists() && file.getAbsolutePath().contains("/WEB-INF/")) {
+			String path = file.getAbsolutePath();
+			path = path.substring(0, path.indexOf("/WEB-INF/"));
+			return new File(path);
+		}
+		return null;
+	}
+
 	private File getArchiveFileDocumentRoot(String extension) {
 		File file = getCodeSourceArchive();
 		if (this.logger.isDebugEnabled()) {
 			this.logger.debug("Code archive: " + file);
 		}
-		if (file.exists() && !file.isDirectory()
+		if (file != null && file.exists() && !file.isDirectory()
 				&& file.getName().toLowerCase().endsWith(extension)) {
 			return file.getAbsoluteFile();
 		}