I have developed a restful web service, which uses HTTP response codes 200 OK,
201 Created, 204 No Content and 404 Not Found.
It does not use 400 Bad Request or 500 Internal Server Error normally.
400 Bad Request is more common than 500 Internal Server Error, which should
basically never happen.
Hi Chris,
Thank you very much. I removed for example.com as well as adding an
in server.xml
I copied context.xml file
/git/app/apache-tomcat-10.1.11/webapps/towl/META-INF/context.xml
Removed < in rewrite.config files.
But still I dont redirect the URL.
For your information
*nslookup
Harri,
On 4/19/24 08:10, Harri Pesonen wrote:
I have developed a restful web service, which uses HTTP response codes 200 OK,
201 Created, 204 No Content and 404 Not Found.
It does not use 400 Bad Request or 500 Internal Server Error normally.
400 Bad Request is more common than 500 Internal
Ammu,
On 4/19/24 08:32, lavanya tech wrote:
Thank you very much. I removed for example.com as well as adding an
in server.xml
I copied context.xml file
/git/app/apache-tomcat-10.1.11/webapps/towl/META-INF/context.xml
Removed < in rewrite.config files.
But still I dont redirect the URL.
If
Mark,
On 4/18/24 11:38, Mark Thomas wrote:
On 18/04/2024 15:16, Adwait Kumar Singh wrote:
I think we should *always* close connections in cases where it can
lead to
request smuggling vulnerabilities like when there is an error during
header
or request line parsing, but allowing the user to
Ammu,
On 4/18/24 09:34, lavanya tech wrote:
I am attaching server.xml and context.xml and rewrite.config files.
The paths are
/git/app/apache-tomcat-10.1.11/webapps/towl/context.xml
This file ^^^ is in the wrong place. It should be in
All,
On 4/18/24 10:16, Adwait Kumar Singh wrote:
I think we should *always* close connections in cases where it can lead to
request smuggling vulnerabilities like when there is an error during header
or request line parsing, but allowing the user to control connection close
when the status is
Pawel,
On 4/18/24 20:32, Pawel Veselov wrote:
On Thu, Apr 18, 2024 at 9:40 AM Adwait Kumar Singh wrote:
I'm not (yet) convinced distinguishing between those scenarios is always
going to be possible.
I have a Tomcat patch which we use at work to do this, i.e always close the
connection if
Pawel,
On 4/18/24 20:21, Pawel Veselov wrote:
On 18/04/2024 15:18, Stefan Ansing wrote:
Hi Rémy, Mark,
I just want to make sure that we’re understanding each other. I can see
that the connection needs to be closed in certain conditions to prevent
request smuggling attacks. I certainly don’t
