Hi,
A simple approach could involve the following steps:
1) Globally limit the number of HTTP parameters by setting maxParameterCount
attribute in the conf/server.xml file within the element
e.g:
2) Create an application-level filter to handle exceptions for the specific
URLs. Something like
Hi,
This sounds more like a security requirement. Such constraints are usually
implemented in the frontend, i.e. the http reverse proxy with mod_security or
an explicit web application firewall.
Any chance to implement it in a similar way in your setup?
Mfg
Thomas
Am 11. September 2024 18:31:
I'd guess the "easiest" way is to use the builtin Tomcat functionality for
max
for the smaller number.
Then for the bigger number ... Use a servlet filter for the "special"
urls that slurps the "input stream" and parses the parameters in
application space. And use RequestWrapper to intercept getP
All,
Does anyone know if there is a way to limit the number of HTTP
parameters in a POST request but explicitly allow more parameters for,
say, a small set of specific URLs?
Asking for a friend.
-chris
-
To unsubscribe, e-m
