2013/2/7 Christopher Schultz :
> Konstantin,
>
> On 2/7/13 5:19 AM, Konstantin Kolinko wrote:
>> Any other web application that wants to use this feature has to
>> configure this filter explicitly and must pass all important URLs
>> through HttpServletResponse.encodeURL().
>
> Web applications shou
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Konstantin,
On 2/7/13 5:19 AM, Konstantin Kolinko wrote:
> Any other web application that wants to use this feature has to
> configure this filter explicitly and must pass all important URLs
> through HttpServletResponse.encodeURL().
Web applicat
2013/2/7 N.s.Karthik :
> Hi
>
> Spec
> jsk1.6
> SuseLinux Enterprise10
> Tomcat 6.0.30
> Apache http2.2
>
> I have read thru the URL
> http://tomcat.apache.org/tomcat-7.0-doc/config/filter.html
> for 'CSRF' and nonce
>
> But have been confused
>
> Is this 'CSRF prevented from within Tomcat 7 by de
le by using the 'nonce' or something
Please explain
with regards
Karthik
--
View this message in context:
http://tomcat.10.n6.nabble.com/CSRF-and-nonce-Config-tp4993918.html
Sent from the Tomcat - User mailing list archive at Nabble.com.
---
