-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 All,
One of the unit tests is failing in the securityfilter project which uses Tomcat (5.5) and httpunit for the tests themselves. Basically, a test written a loooong time ago seems to be failing after the fix for a bug which involves decoding of %2F in a URL into a '/'. Either through mod_jk or directly to Tomcat's HTTP connector, now, any request that has a / replaced with a %2F will not work. I'm pretty sure this was a security fix. I was wondering if anyone could explain what the initial problem was, why this was "fixed" and if it makes any sense for me to try to fix this test in any meaningful way, or if it should be simply removed. (And yes, I have read this: http://tomcat.apache.org/security-5.html#Fixed in Apache Tomcat 5.5.22, 5.0.SVN. I still don't get it... shouldn't it work properly when using the HTTP connector?) Thanks, - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHK2zQ9CaO5/Lv0PARAum6AJ9J6r4TiKN3ZchTShHYfgTCUeq3UwCfX6Rz tDz5wVwTx6tPdsV7e0YDL54= =gPM3 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
