Ori Fine wrote:
> In Tomcat 5.5.23 and above the following under security issue was
> included (CVE-2005-2090):
>
> It turns out that we have mobile clients that due to technical issue
> send requests with multiple content-length headers. Is there a way that
> we can turn off this feature in the t
Hi,
In Tomcat 5.5.23 and above the following under security issue was
included (CVE-2005-2090):
Requests with multiple content-length headers should be rejected as
invalid. When multiple components (firewalls, caches, proxies and
Tomcat) process a sequence of requests where one or more requ
