Re: [OT] loading images through a Servlet

Sat, 03 Oct 2015 07:11:05 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Bill,

On 10/2/15 5:02 PM, Bill Ross wrote:
> On 10/2/2015 1:55 PM, André Warnier (tomcat) wrote:
>> On 02.10.2015 21:18, Bill Ross wrote:
>>> Installed FF, HttpFox wasn't installed, installed it but it
>>> doesn't show up under developer tools, but I found something
>>> and here are my headers:
>>> 
>>> HTTP/1.1 200 OK Etag: W/"resized_2_33068.jpg-1443146350159" 
>>> Last-Modified: Fri, 25 Sep 2015 01:59:10 GMT         [random
>>> time in past 22.32455 days] Expires: Sun, 01 Nov 2015 19:12:45
>>> GMT Content-Type: image/jpeg
>> 
>>> Content-Disposition: inline;filename="resized_2_33068.jpg"; 
>>> filename*=UTF-8''resized_2_33068.jpg
>> 
>> isn't that a giveaway still ?
> 
> It gives some random information for someone to chew on, until they
> find this email:
> 
> "resized_" + rand.nextInt(7) + "_" + rand.nextInt(100000) + ".jpg"

Why bother sending-back a filename *at all*? There's no need to
specify the filename in the response: just dump the bytes and call it
a day.

- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org

iQIcBAEBCAAGBQJWD+GlAAoJEBzwKT+lPKRYAG0QAKtDNPqLWSPYcm2m8o9YMDr7
dEBQWe5kY+TStT7zz8cpRPXKI/d4+TIbRPoKQubv5kMRkXFvoHGJVA3HhDAxWOi5
NUHGiQsiI5R2+D6yRmmP+SeYCWO6X5y61pMPbmE+8uavi78NSWXMbkuIqnaG90FJ
60S4z6+2AJUPfunfZKxLH5ayuHGM5W8JKsmP0PwvxoOmpoKF2YxzWNedvWfP4RTL
GgMZSpzs0S515JNbL0aSJMJBUTirpCu/0xE+GXJMF/1+DpMduvBibTcgXZWImESy
d/BkmAmkQ49Ffc6IEJGekrLgA7cL56OvKKG1M+HbLnOs8zdpxYB/7CO4ckXCNTjV
3+Ceoo8KHAZCF8PD30Pb1C1y+0Xq5r2Cd48kfUluO2/2kCw0rmrvpuFEJgydGgZG
XTnxP3NcB3Q18rytEvAOBCH6ODbDZHkq5xXPPO9racmF9GB+rFMo4gGw2fkJE9hQ
YdCPx3RAf12NnVI/QhyeurMFwasvekm5N3qThp9K2F2Zs0ou16QKBTnkpMnEXhcf
eHdmcCg77faEW/fUO7ugeHUvH/CRSHDYOTs/tkZZU0kxgA0P82/qcaVPTQBmYyc5
Lhnme4FpHeoEyxJVtRby3DUDXqCdzdK+aFM32GTvA1zPJoL16wKBhF4APJe10PqL
nFZVY2jw9AthSl/pDlKV
=9j5Y
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to