Hi all, I am currently trying to add a general XSS Filter in my application and I am facing some really weird behavior.
Basically the Filter operate 1 time out of 5... Here is my approach : In AppModule.java public static void bind(ServiceBinder binder) { binder.bind(HttpServletRequestFilter.class, XSSFilterImpl.class).withId("XssFilter"); } /* * XSS Filtering */ @Contribute(HttpServletRequestHandler.class) public static void httpServletRequestHandler(OrderedConfiguration configuration, @InjectService("XssFilter") HttpServletRequestFilter xssFilter) { configuration.add("XssFilter", xssFilter, "after:IgnoredPaths", "before:GZIP"); } In XSSFilterImpl.java public class XSSFilterImpl implements HttpServletRequestFilter { private static final Logger logger = LoggerFactory.getLogger(XSSFilterImpl.class); @Override public boolean service(HttpServletRequest request, HttpServletResponse response, HttpServletRequestHandler handler) throws IOException { if(logger.isDebugEnabled()){ logger.debug("Wrapping Request in XSSRequestWrapper"); } return handler.service(new XSSRequestWrapper(request), response); } } I see the Debug Message on each request, but sometimes I have to restart Tomcat several time for the XSSRequestWrapper to operate properly ( I am testing on a Form submission )... I am wondering : - Why do I get different behavior for each restart of Tomcat - Is there something I miss in my approach ? Thanks for the help :-) Martin -- View this message in context: http://tapestry.1045711.n5.nabble.com/XSS-Filter-and-Erratic-Behaviour-of-Tapestry-5-3-4-tp5715492.html Sent from the Tapestry - User mailing list archive at Nabble.com.