Greetings,
I am attempting to configure Tomcat (5.5.9) to disregard URL requests that
contain "../" and similar high-risk expressions. So far I have been
unsuccesful. I recognize two possibilities here:
A. Use <url-pattern> in the web.xml to identify this URL and disregard it
B. Configure a filter that intercepts requests and dissects the URL.
I am wondering if anybody has had experience using Tomcat in this manner,
and if there may be some examples, working filters/strategies that I could
view to get me going.
I believe that a <url-pattern> strategy will be more trouble than it is
worth beacuse it seems you can't pass a regular expression, but so far I
have not been able to nail down a Filter.
James Crosson
---------------------------
[EMAIL PROTECTED]
Google Talk: James Crosson
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]