NPE in case of un-exploded WAR deployments

[lav023]

In case of unexplore deployment , no file system is been created , thus when we try to read properties or csrfguard.js from using getRealPath() we are getting null. So instead of reading file using getRealPath() , we could read file from the context from path.

Steps to reproduce the behavior:

1. In TomCat 9 (Tomcat9 -> conf-> server.xml).
2. In server.xml search of unpackWARs and set unpackWARs to false.
3. We can use any Example project , just add csrfguard.properties and csrfguard.js file inside web.xml file.
4. create the war and try to deploy this war using above configuration in tomcat.
5. Deployment will fail in this case , since it will not be able to read the file.

Expected behavior
We should be able to deploy the war and we should be able to get csrfguard.js file .

Desktop (please complete the following information):

• OS: windows
• Browser chrome
• Version 101.0.4951.64

Pull request of this is #99 . And we had a discussion about this issue few weeks back #91 .
This issue is reproducible in older release also. Here is an example project with old jar(csrfguard-3.1.0.jar ).
Example.zip

[forgedhallpass]

@lav023

Thank you for reporting the issue in such detail and congrats on your first contribution!

I've created a new 4.1.4 release, which contains your changes. It will soon appear on the Central Maven Repository as well.