consideration?
Thanks,
Nadav
-Original Message-
From: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com]
Sent: Sunday, September 11, 2011 5:26 PM
To: Tomcat Users List
Subject: RE: JSP Exception object arriving null at error handler
> From: Nadav Katz [mailto:nadav.k...@oracle.
From: Nadav Katz
To: Tomcat Users List
Sent: Sunday, September 11, 2011 2:11 AM
Subject: JSP Exception object arriving null at error handler
Hi,
I seem to be having a problem with the exception object attribute arriving null
at the error handeling jsp.
Since I encountered this error in produ
Hi,
I seem to be having a problem with the exception object attribute arriving null
at the error handeling jsp.
Since I encountered this error in production, I recreated on a small project.
This is the web.xml error page entry:
404
September 04, 2011 3:10 PM
To: Tomcat Users List
Subject: Re: CRLF Stripped in Tomcat Response Header
On 04/09/2011 12:16, Nadav Katz wrote:
> Sorry Mark, I just noticed your input regarding the filter. I am
> really only worried about attackers tampering with request headers.
> The re
Response Header
On 04/09/2011 05:54, Nadav Katz wrote:
> Hi All!
>
> First, let me assure everyone that I am not a hacker, exactly the
> opposite, but I have a related problem. I am in the process of
> implementing code that protects against header manipulation. I
> created a
, September 04, 2011 12:58 PM
To: Tomcat Users List
Subject: Re: CRLF Stripped in Tomcat Response Header
On 04/09/2011 05:54, Nadav Katz wrote:
> Hi All!
>
> First, let me assure everyone that I am not a hacker, exactly the
> opposite, but I have a related problem. I am in the process of
&g
Hi All!
First, let me assure everyone that I am not a hacker, exactly the opposite, but
I have a related problem. I am in the process of implementing code that
protects against header manipulation. I created a filter that strips line feed
and carriage return characters from requests to avoid he
+ in regards to
jsp:include
2011/8/8 Nadav Katz :
> Thank you for your answer, it hadn't occurred to me to try removing the jsp
> mapping. Unfortunately it doesn't work...I removed it, and behavior stays the
> same. I tried setting the STRICT_SERVLET_COMPLIANCE=true (hoping the stri
2011 8:59 AM
To: Tomcat Users List
Subject: Re: Tomcat not conforming to Servlet spec 2.4+ in regards to
jsp:include
2011/8/8 Nadav Katz :
\>
> I have a filter in place for validating CSRF tokens. I only wish to validate
> requests coming from the client, so no validation for dynamic inc
Hello,
I have a filter in place for validating CSRF tokens. I only wish to validate
requests coming from the client, so no validation for dynamic includes or
forwards. My web.xml for the filter looks like this:
CSRFFilter
*.jsp
SomeServlet
Servlet spec 2.4+ states u
10 matches
Mail list logo
