Auto add AliasChecker for custom Base Resource in DefaultServlet

[joakime]

trafficstars

Jetty version(s) Jetty 12.0.7

Enhancement Description If a user adds a DefaultServlet with a custom Base Resource, like this ...

ServletHolder holder = new ServletHolder("ui", new DefaultServlet());
servletContextHandler.addServlet(holder, "/ui/*");
URL url = getStaticContentURL("/ui/");
holder.setInitParameter("baseResource", url.toExternalForm());

Then this base resource cannot serve content as the AliasCheck that come from the existing ServletContextHandler are not aware of this new Base Resource.

Now a user will have to add an additional AliasCheck for this new Base Resource.

Resource base = servletContextHandler.newResource(url);
servletContextHandler.addAliasCheck(new AllowedResourceAliasChecker(servletContextHandler, base));

This is particularly difficult to do when using dynamic servlet registration techniques, or with the servlet descriptor (WEB-INF/web.xml)

ServletRegistration sr = servletContext.addServlet("ui", defaultServlet);
sr.addMapping("/ui/*");
URL url = getStaticContentURL("/ui/");
sr.setInitParameter("baseResource", url.toExternalForm());

I propose that the DefaultServlet itself auto-add the AllowedResourceAliasChecker for any custom Base Resource that it is told to use.