https://issues.apache.org/bugzilla/show_bug.cgi?id=55373
Bug ID: 55373
Summary: Make Manager's write actions Post/Redirect/Get safe
Product: Tomcat 8
Version: 8.0.0-RC1
Hardware: All
OS: All
Status: NEW
Severity: major
Priority: P2
Component: Manager
Assignee: dev@tomcat.apache.org
Reporter: 1983-01...@gmx.net
The current implemenation of the Manager (at least the GUI) has a design flaw.
Actions like undeployment and stop/reload/etc. are performed with a GET
request. HTTP standard mandates that unsafe operations should not use a GET.
What can happen in such a case (at least for me once in a while)? Undeploy a
webapp through Manager GUI, re-deploy through a shell, close browser. Reopen
browser, hit that reopened tab, BANG your app gets undeployed again.
Such operations must be implemented with the Post/Redirect/Get idiom. Since
this is a breaking change, it can be introduced in Tomcat 8.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
