diff --git a/jetty-core/jetty-server/src/main/java/org/eclipse/jetty/server/SymlinkAllowedResourceAliasChecker.java b/jetty-core/jetty-server/src/main/java/org/eclipse/jetty/server/SymlinkAllowedResourceAliasChecker.java
index a1d40d757e3..46304eb0aed 100644
--- a/jetty-core/jetty-server/src/main/java/org/eclipse/jetty/server/SymlinkAllowedResourceAliasChecker.java
+++ b/jetty-core/jetty-server/src/main/java/org/eclipse/jetty/server/SymlinkAllowedResourceAliasChecker.java
@@ -43,7 +43,7 @@ public class SymlinkAllowedResourceAliasChecker extends AllowedResourceAliasChec
         if (_base == null)
             return false;
 
-        // do not allow any file separation characters in the URI, as we need to know exactly what are the segments
+        // do not allow any non-URI file separation characters in the URI (such as Windows), as we need to know exactly what are the segments
         if (File.separatorChar != '/' && pathInContext.indexOf(File.separatorChar) >= 0)
             return false;
 
diff --git a/jetty-core/jetty-server/src/main/java/org/eclipse/jetty/server/handler/AllowSymLinkAliasChecker.java b/jetty-core/jetty-server/src/main/java/org/eclipse/jetty/server/handler/AllowSymLinkAliasChecker.java
index 6d9ba779d71..15b816d6211 100644
--- a/jetty-core/jetty-server/src/main/java/org/eclipse/jetty/server/handler/AllowSymLinkAliasChecker.java
+++ b/jetty-core/jetty-server/src/main/java/org/eclipse/jetty/server/handler/AllowSymLinkAliasChecker.java
@@ -44,11 +44,9 @@ public class AllowSymLinkAliasChecker implements AliasCheck
     public boolean check(String pathInContext, Resource resource)
     {
         // Only support PathResource alias checking
-        if (!(resource instanceof PathResource))
+        if (!(resource instanceof PathResource pathResource))
             return false;
 
-        PathResource pathResource = (PathResource)resource;
-
         try
         {
             Path path = pathResource.getPath();
diff --git a/jetty-ee10/jetty-ee10-servlet/src/main/java/org/eclipse/jetty/ee10/servlet/DefaultServlet.java b/jetty-ee10/jetty-ee10-servlet/src/main/java/org/eclipse/jetty/ee10/servlet/DefaultServlet.java
index 17076253fb8..792f27e1ab0 100644
--- a/jetty-ee10/jetty-ee10-servlet/src/main/java/org/eclipse/jetty/ee10/servlet/DefaultServlet.java
+++ b/jetty-ee10/jetty-ee10-servlet/src/main/java/org/eclipse/jetty/ee10/servlet/DefaultServlet.java
@@ -32,7 +32,6 @@ import java.util.function.Function;
 import java.util.function.Predicate;
 import java.util.stream.Collectors;
 
-import jakarta.servlet.DispatcherType;
 import jakarta.servlet.RequestDispatcher;
 import jakarta.servlet.ServletContext;
 import jakarta.servlet.ServletException;
@@ -340,6 +339,8 @@ public class DefaultServlet extends HttpServlet
             }
             else
             {
+
+
                 // serve content
                 try (Blocker.Callback callback = Blocker.callback())
                 {
@@ -810,6 +811,17 @@ public class DefaultServlet extends HttpServlet
             _servletContextHandler = servletContextHandler;
         }
 
+        @Override
+        public HttpContent getContent(String path, int outputBufferSize) throws IOException
+        {
+            HttpContent httpContent = super.getContent(path, outputBufferSize);
+
+            if (!_servletContextHandler.checkAlias(path, httpContent.getResource()))
+                return null;
+
+            return httpContent;
+        }
+
         @Override
         public String getWelcomeTarget(Request coreRequest) throws IOException
         {
@@ -820,7 +832,9 @@ public class DefaultServlet extends HttpServlet
 
             HttpServletRequest request = getServletRequest(coreRequest);
 
-            if (request.getDispatcherType() == DispatcherType.INCLUDE)
+            boolean included = request.getAttribute(RequestDispatcher.INCLUDE_REQUEST_URI) != null;
+
+            if (included)
             {
                 // Servlet 9.3 - don't process welcome target from INCLUDE dispatch
                 return null;
diff --git a/jetty-ee10/jetty-ee10-servlet/src/test/java/org/eclipse/jetty/ee10/servlet/DefaultServletTest.java b/jetty-ee10/jetty-ee10-servlet/src/test/java/org/eclipse/jetty/ee10/servlet/DefaultServletTest.java
index 972e5fde223..6e7966ab3b6 100644
--- a/jetty-ee10/jetty-ee10-servlet/src/test/java/org/eclipse/jetty/ee10/servlet/DefaultServletTest.java
+++ b/jetty-ee10/jetty-ee10-servlet/src/test/java/org/eclipse/jetty/ee10/servlet/DefaultServletTest.java
@@ -1100,7 +1100,6 @@ public class DefaultServletTest
         defholder.setInitParameter("redirectWelcome", "true");
         defholder.setInitParameter("welcomeServlets", "false");
         defholder.setInitParameter("gzip", "false");
-
         defholder.setInitParameter("maxCacheSize", "1024000");
         defholder.setInitParameter("maxCachedFileSize", "512000");
         defholder.setInitParameter("maxCachedFiles", "100");
@@ -1288,7 +1287,6 @@ public class DefaultServletTest
      * Ensure that oddball directory names are served with proper escaping
      */
     @Test
-    @Disabled
     public void testWelcomeRedirectDirWithSemicolon() throws Exception
     {
         FS.ensureDirExists(docRoot);
@@ -1405,7 +1403,6 @@ public class DefaultServletTest
     }
 
     @Test
-    @Disabled
     public void testSymLinks() throws Exception
     {
         FS.ensureDirExists(docRoot);
@@ -1417,8 +1414,8 @@ public class DefaultServletTest
         Path link = dir.resolve("link.txt");
         Path rLink = dir.resolve("rlink.txt");
         Files.writeString(foobar, "Foo Bar", UTF_8);
-        ServletHolder defholder = context.addServlet(DefaultServlet.class, "/");
 
+        ServletHolder defholder = context.addServlet(DefaultServlet.class, "/");
         defholder.setInitParameter("gzip", "false");
 
         String rawResponse;