Hrvoje,
On 7/6/25 7:33 AM, Hrvoje Lončar wrote:
> After recent Tomcat security changes, my POST request are failing
> but not all the time. The problem is that the same request sometimes
> ends up with an error and sometimes not.
>
> Tomcat is 10.0.42 protected by nginx which handles SSL certificate and
> forwards dynamic requests to Tomcat.>
> [snip]
>
> <Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000"
> redirectPort="8443" maxParameterCount="1000" maxPartCount="1000"/>
Are you anywhere near approaching your parameter limit of 1000?
Is the nginx access log showing the _csrf parameters in the URL? How
about the Tomcat log?
-chris
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
