-
From: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com]
Sent: Sunday, September 11, 2011 5:26 PM
To: Tomcat Users List
Subject: RE: JSP Exception object arriving null at error handler
From: Nadav Katz [mailto:nadav.k...@oracle.com]
Subject: RE: JSP Exception object arriving null
Hi,
I seem to be having a problem with the exception object attribute arriving null
at the error handeling jsp.
Since I encountered this error in production, I recreated on a small project.
This is the web.xml error page entry:
error-page
: Nadav Katz nadav.k...@oracle.com
To: Tomcat Users List users@tomcat.apache.org
Sent: Sunday, September 11, 2011 2:11 AM
Subject: JSP Exception object arriving null at error handler
Hi,
I seem to be having a problem with the exception object attribute arriving null
at the error handeling jsp
, September 04, 2011 12:58 PM
To: Tomcat Users List
Subject: Re: CRLF Stripped in Tomcat Response Header
On 04/09/2011 05:54, Nadav Katz wrote:
Hi All!
First, let me assure everyone that I am not a hacker, exactly the
opposite, but I have a related problem. I am in the process of
implementing code
Response Header
On 04/09/2011 05:54, Nadav Katz wrote:
Hi All!
First, let me assure everyone that I am not a hacker, exactly the
opposite, but I have a related problem. I am in the process of
implementing code that protects against header manipulation. I
created a filter that strips line feed
04, 2011 3:10 PM
To: Tomcat Users List
Subject: Re: CRLF Stripped in Tomcat Response Header
On 04/09/2011 12:16, Nadav Katz wrote:
Sorry Mark, I just noticed your input regarding the filter. I am
really only worried about attackers tampering with request headers.
The reason is that we may have
Hi All!
First, let me assure everyone that I am not a hacker, exactly the opposite, but
I have a related problem. I am in the process of implementing code that
protects against header manipulation. I created a filter that strips line feed
and carriage return characters from requests to avoid
To: Tomcat Users List
Subject: Re: Tomcat not conforming to Servlet spec 2.4+ in regards to
jsp:include
2011/8/8 Nadav Katz nadav.k...@oracle.com:
\
I have a filter in place for validating CSRF tokens. I only wish to validate
requests coming from the client, so no validation for dynamic includes
to
jsp:include
2011/8/8 Nadav Katz nadav.k...@oracle.com:
Thank you for your answer, it hadn't occurred to me to try removing the jsp
mapping. Unfortunately it doesn't work...I removed it, and behavior stays the
same. I tried setting the STRICT_SERVLET_COMPLIANCE=true (hoping the strict
request
Hello,
I have a filter in place for validating CSRF tokens. I only wish to validate
requests coming from the client, so no validation for dynamic includes or
forwards. My web.xml for the filter looks like this:
filter-mapping
filter-nameCSRFFilter/filter-name
10 matches
Mail list logo
