Larry, > > Thanks. The restored mod_jk behavior is the same as > Tomcat 3.3.x with <DecodeInterceptor ... safe="true"/>, > the default. Unsafe escapes give 403's. We can > add a similar option to mod_jk to turn off the checking. > Though, I can't image a situation where it would make > sense to accept the risks to gain access to these escapes.
The problem is that i_r2.dll is spitting 403 on any URL that contains %2F, remeber fuilter do see ALL the request that pass for the IIS server, we are rejecting URL NOT for tomcat, like in /test%2Ftest.asp, this is the wrong behaviour the user seeing, and i think it's a little agressive, dont you? so this needs to be solved.. Saludos, Ignacio J. Ortega
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
