-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Bill,
On 10/2/15 5:02 PM, Bill Ross wrote: > On 10/2/2015 1:55 PM, André Warnier (tomcat) wrote: >> On 02.10.2015 21:18, Bill Ross wrote: >>> Installed FF, HttpFox wasn't installed, installed it but it >>> doesn't show up under developer tools, but I found something >>> and here are my headers: >>> >>> HTTP/1.1 200 OK Etag: W/"resized_2_33068.jpg-1443146350159" >>> Last-Modified: Fri, 25 Sep 2015 01:59:10 GMT [random >>> time in past 22.32455 days] Expires: Sun, 01 Nov 2015 19:12:45 >>> GMT Content-Type: image/jpeg >> >>> Content-Disposition: inline;filename="resized_2_33068.jpg"; >>> filename*=UTF-8''resized_2_33068.jpg >> >> isn't that a giveaway still ? > > It gives some random information for someone to chew on, until they > find this email: > > "resized_" + rand.nextInt(7) + "_" + rand.nextInt(100000) + ".jpg" Why bother sending-back a filename *at all*? There's no need to specify the filename in the response: just dump the bytes and call it a day. - -chris -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJWD+GlAAoJEBzwKT+lPKRYAG0QAKtDNPqLWSPYcm2m8o9YMDr7 dEBQWe5kY+TStT7zz8cpRPXKI/d4+TIbRPoKQubv5kMRkXFvoHGJVA3HhDAxWOi5 NUHGiQsiI5R2+D6yRmmP+SeYCWO6X5y61pMPbmE+8uavi78NSWXMbkuIqnaG90FJ 60S4z6+2AJUPfunfZKxLH5ayuHGM5W8JKsmP0PwvxoOmpoKF2YxzWNedvWfP4RTL GgMZSpzs0S515JNbL0aSJMJBUTirpCu/0xE+GXJMF/1+DpMduvBibTcgXZWImESy d/BkmAmkQ49Ffc6IEJGekrLgA7cL56OvKKG1M+HbLnOs8zdpxYB/7CO4ckXCNTjV 3+Ceoo8KHAZCF8PD30Pb1C1y+0Xq5r2Cd48kfUluO2/2kCw0rmrvpuFEJgydGgZG XTnxP3NcB3Q18rytEvAOBCH6ODbDZHkq5xXPPO9racmF9GB+rFMo4gGw2fkJE9hQ YdCPx3RAf12NnVI/QhyeurMFwasvekm5N3qThp9K2F2Zs0ou16QKBTnkpMnEXhcf eHdmcCg77faEW/fUO7ugeHUvH/CRSHDYOTs/tkZZU0kxgA0P82/qcaVPTQBmYyc5 Lhnme4FpHeoEyxJVtRby3DUDXqCdzdK+aFM32GTvA1zPJoL16wKBhF4APJe10PqL nFZVY2jw9AthSl/pDlKV =9j5Y -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org