I suspect a call to /something.JSP will not go thru the jsp engine. I can also guess that calls the security constraints applied on /servlet will not apply on /SERVLET
David Kerber a écrit : > I've seen that notice, but could you explain to me how that works? I > don't see how this could cause any security issues, except for > slightly reducing the number of attempts you would need in a > brute-force hacking attempt. > > Dave > > > David Delbecq wrote: > >> Be careful, there are security issues with this (jsp code disclosure!)!! >> David Kerber a écrit : >> >> >> >>> <Context caseSensitive="false"> >>> >>> >>> Buddy wu wrote: >>> >>> >>> >>>> 2006/3/7, Long <[EMAIL PROTECTED]>: >>>> >>>> >>>> >>>> >>>>> Buddy wu wrote: >>>>> I wan't to know there is any way to set tomcat NOT CASE >>>>> SENSITIVE in URL >>>>> I mean: when I write in browser's 'http://localhost/test.html' >>>>> equals to 'http://localhost/TEST.htm'. Can I do it ? or just in >>>>> WINDOWS can but Linux/unix can't? >>>>> >>>>> Right, url is case-insensitive under Windows because the file system >>>>> >>>>> >>>> >>>> But, the FACT is that under Windows the URL is CASW-SENSITIVE, not >>>> case-insecsitive , why? >>>> >>>> I've tried, under Windows, test.html and TEST.html is diffrent in >>>> tomcat server. Is there a parameter to set?? >>>> >>>> >>>> >>>> >>>> >>>>> can't tell a difference between test.html and TEST.html. The >>>>> difference >>>>> is there under Linux/UNIX. >>>>> >>>>> Long >>>>> >>>>> >>>>> --------------------------------------------------------------------- >>>>> To unsubscribe, e-mail: [EMAIL PROTECTED] >>>>> For additional commands, e-mail: [EMAIL PROTECTED] >>>>> >>>>> >>>>> >>>>> >>>> >>>> --------------------------------------------------------------------- >>>> To unsubscribe, e-mail: [EMAIL PROTECTED] >>>> For additional commands, e-mail: [EMAIL PROTECTED] >>>> >>>> >>>> >>>> >>>> >>>> >>> >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: [EMAIL PROTECTED] >>> For additional commands, e-mail: [EMAIL PROTECTED] >>> >>> >> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> >> >> >> > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
