On 10/3/2014 11:14 AM, Mark Thomas wrote: > The general position of the Tomcat developers is that we do *not* > patch Tomcat to work around bugs in third party code. There have been > exceptions in the past but - since this JVM bug as a workaround > available - I very much doubt that Tomcat will be patched to avoid > this (even if such a patch was possible which looks unlikely). fair enough, but first we need to ensure that this is not a Tomcat issue, right? I agree that if it only happens with a certain browser then it's unlikely that Tomcat is the issue, but TBH I'm concerned if some hacker can drop my servers by issuing some planned https request.
> A reproducible test case is definitely a good thing but it needs to go > to Oracle, not to the Tomcat devs. Note we do have some contacts with > Oracle we can use to ensure a bug report gets in front of the right > people. Mark that would be sufficient because as long as this problem, if it does exist, is resolved, then it doesn't matter to me (and I believe to other users) who fixed it. thanks, Igal -- Igal Sapir Railo Core Developer http://getRailo.org/ --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
