Hi Christopher! I did a bit radical step and upgraded to 11.0.9. Now waiting to see what happens.
Thanks a lot for your time! On Thu, Jul 10, 2025 at 1:54 PM Christopher Schultz < ch...@christopherschultz.net> wrote: > Hrvoje, > > On 7/10/25 6:52 AM, Hrvoje Lončar wrote: > > Currently it's 10.1.39 as I wanted to avoid 10.1.42 but I get the same > > unpredictable behaviour from both. > > Oh, that's interesting. Of course, upon your first report I had assumed > it was the "maxPartCount" but then you posted your configuration which > included an explicit maxPartCount set to 1000 (which seems high). > > But the reduced limit on "parts" was not added until 10.1.42 so things > should have been working just fine before that. Note that adding > maxPartCount before 10.1.42 won't actually do anything other than issue > a warning. > > > I had 10.1.39 for some time before upgrading to 10.1.42 but no one > reported > > that form is not working which is not a proof that it was working > correctly. > > So are you able to reproduce the missing _csrf parameters before 10.1.42? > > Does this only happen with POST? Does it only happen with this page? > > Have you configured the FailedRequestFilter[1] to catch and throw errors > when the request has errors (e.g. too many parameters)? > > -chris > > [1] > > https://tomcat.apache.org/tomcat-10.0-doc/config/filter.html#Failed_Request_Filter > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > -- *TheVegCat.com <https://thevegcat.com/>* *VegCook.net <https://vegcook.net/>* *horvoje.net <https://horvoje.net/>*
