2015-12-16 14:11 GMT+01:00 Christopher Schultz :
> Roel,
>
> On 12/16/15 4:56 AM, Roel Storms wrote:
> > It should, if you implement parseParameter and all these other methods
> > before getStream is called, in the wrapper itself. But since you ha
e
the HttpServletRequest.getStream since it has no knowledge of this wrapper.
The wrapped object never uses the wrapped implementation of methods since
it has no knowledge of the wrapping.
2015-12-16 4:06 GMT+01:00 Christopher Schultz
:
> Roel,
>
> On 12/15/15 5:13 PM, Roel Storms wrote:
> > I don
of concept, I am not worried about maintaining this code, which would
indeed be almost impossible.
Thanks for the advice on the size of requests. I'm still pondering on that
issue.
Roel
2015-12-15 2:10 GMT+01:00 Christopher Schultz
:
> Roel,
>
> On 12/12/15 11:17 AM, Roel S
ector class).
Roel
2015-12-09 18:06 GMT+01:00 Christopher Schultz :
> Roel,
>
> On 12/9/15 8:03 AM, Roel Storms wrote:
> > The real requirement is being able to process the body of a request in a
> > Valve without restricting the servlet to call request.getInputStream,
> &g
tream(). The servlet wouldn't be able to call getReader or
getParam anymore. I would like my Valve to be transparent in that sense.
2015-12-09 13:07 GMT+01:00 Konstantin Kolinko :
> 2015-12-09 14:13 GMT+03:00 Roel Storms :
> > Hello,
> >
> > In Tomcat 4.1 it used to
y the
Connector.createRequest() method. Is this no longer possible via
configuration?
Kind regards,
Roel Storms
t;
> On 11/24/15 10:43 AM, Roel Storms wrote:
> > 2015-11-24 16:11 GMT+01:00 Christopher Schultz <
> ch...@christopherschultz.net
> >> :
> >
> >> Roel,
> >>
> >> On 11/24/15 9:44 AM, Roel Storms wrote:
> >>> I am trying to prot
2015-11-24 16:11 GMT+01:00 Christopher Schultz :
> Roel,
>
> On 11/24/15 9:44 AM, Roel Storms wrote:
> > I am trying to protect the client from:
> >
> > Session fixation
>
> Tomcat already provides session-fixation protection when using URL-based
> or
are at either client or server-side
2015-11-24 15:19 GMT+01:00 Christopher Schultz :
> Roel,
>
> On 11/24/15 5:12 AM, Roel Storms wrote:
> > It's to implement a new session mechanism that guarantees integrity of
> the
> > requests sent in the session and also protect
session identifier in Tomcat as your session
mechanism. Again, I am still doing some research and maybe what I am doing
is not worth it.
2015-11-24 11:36 GMT+01:00 Mark Thomas :
> On 24/11/2015 10:12, Roel Storms wrote:
> > It's to implement a new session mechanism that guarantees i
n see I
still have a lot to do. If I need any more information I will not hesitate
to ask. Thanks for all the info!
2015-11-23 23:01 GMT+01:00 André Warnier (tomcat) :
> On 23.11.2015 21:14, Roel Storms wrote:
>
>> Ok, thank you for the clear response. I see the problem with file type
Ok, thank you for the clear response. I see the problem with file type
elements.
2015-11-23 17:18 GMT+01:00 André Warnier (tomcat) :
> On 23.11.2015 16:31, Mark Thomas wrote:
>
>> On 23/11/2015 14:30, Roel Storms wrote:
>>
>>> Hello,
>>>
>>> I a
2015-11-23 16:31 GMT+01:00 Mark Thomas :
> On 23/11/2015 14:30, Roel Storms wrote:
> > Hello,
> >
> > I am working on a Valve that does some integrity checking on HTTP
> requests
> > (the details aren't important) where I need this valve to have access to
> &
integrity check without getInputStream or getReader but with
getParameters, will not work if the data submitted is not in the expected
format.
Kind regards,
Roel Storms
14 matches
Mail list logo
