security hole on windows/ Tomcat with JRE 1.4.2 (b28)

The syndrome is that when typing: http://myurl:8080/myfile.jsp%20 http://myurl:8080/myfile.jsp%20 The JSP code is delivered to the client. I have checked this on the followed platforms: Win2k server (SP3) JRE 1.4.2 (b28) IIS 5/Tomcat HTTP 1.1 connector It works but it is not consistent

Re: security hole on windows/ Tomcat with JRE 1.4.2 (b28)

Search the archives - I think this a JDK 1.4.2 related bug. -Tim Asaf Barkan wrote: The syndrome is that when typing: http://myurl:8080/myfile.jsp%20 http://myurl:8080/myfile.jsp%20 The JSP code is delivered to the client. I have checked this on the followed platforms: Win2k server (SP3) JRE