A flaw was reported in the Undertow module of WildFly that leaks the
source code of a JSP page when a trailing slash (/) is added to the
end of its URL.
This issue did not affect any versions of Red Hat JBoss Enterprise
Application Platform because this flaw only affects the Undertow web
module; JBoss EAP uses JBoss Web.
Confirmed this is not a problem for EAP 6.4.x.
Marking this as closed. It has been fixed in WildFly 9.0.0.CR2, 10.0.0.Alpha1.