https://issues.apache.org/bugzilla/show_bug.cgi?id=44818
Mark Thomas <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |WONTFIX --- Comment #6 from Mark Thomas <[email protected]> --- The only way to handle this would be to explicitly deny GET requests with a content length header and close the connection with a 400 response. If an application wants to do this, they can do so with a Filter. There is no greater DoS risk with this than there is with a POST request that fails to provide the complete request body. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
