Hi Christopher! Just to inform you about Tomcat 11 behaviour regarding my issues with POST parameters - so far it didn't happen, starting from 2025-07-11 until now. That is not guarantee it won't happen ever but at least I was free of exceptions for 6 days.
BR, Hrvoje On Mon, Jul 14, 2025 at 2:48 PM Christopher Schultz < ch...@christopherschultz.net> wrote: > Hrvoje, > > On 7/11/25 7:51 PM, Hrvoje Lončar wrote: > > I did a bit radical step and upgraded to 11.0.9. > > Now waiting to see what happens. > > I'm interested to see what happens. My expectation is that is will > behave exactly the same. > > The major differences between Tomcat 9, 10.1, and 11 are their support > for the various specification versions. Where their (Tomcats') features > overlap, they should be implemented identically. > > -chris > > > On Thu, Jul 10, 2025 at 1:54 PM Christopher Schultz < > > ch...@christopherschultz.net> wrote: > > > >> Hrvoje, > >> > >> On 7/10/25 6:52 AM, Hrvoje Lončar wrote: > >>> Currently it's 10.1.39 as I wanted to avoid 10.1.42 but I get the same > >>> unpredictable behaviour from both. > >> > >> Oh, that's interesting. Of course, upon your first report I had assumed > >> it was the "maxPartCount" but then you posted your configuration which > >> included an explicit maxPartCount set to 1000 (which seems high). > >> > >> But the reduced limit on "parts" was not added until 10.1.42 so things > >> should have been working just fine before that. Note that adding > >> maxPartCount before 10.1.42 won't actually do anything other than issue > >> a warning. > >> > >>> I had 10.1.39 for some time before upgrading to 10.1.42 but no one > >> reported > >>> that form is not working which is not a proof that it was working > >> correctly. > >> > >> So are you able to reproduce the missing _csrf parameters before > 10.1.42? > >> > >> Does this only happen with POST? Does it only happen with this page? > >> > >> Have you configured the FailedRequestFilter[1] to catch and throw errors > >> when the request has errors (e.g. too many parameters)? > >> > >> -chris > >> > >> [1] > >> > >> > https://tomcat.apache.org/tomcat-10.0-doc/config/filter.html#Failed_Request_Filter > >> > >> --------------------------------------------------------------------- > >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > >> For additional commands, e-mail: users-h...@tomcat.apache.org > >> > >> > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > -- *TheVegCat.com <https://thevegcat.com/>* *VegCook.net <https://vegcook.net/>* *horvoje.net <https://horvoje.net/>*