2011/4/19 Christopher Schultz <ch...@christopherschultz.net>:
>
> Looks like I must override sendRedirect because otherwise the setHeader
> call implemented in Response.sendRedirect isn't intercepted by the
> wrapper class.
>
> For those interested, see below for the implementation I came up with.
>
> if(containsCRorLF(value))
> throw new IllegalArgumentException("Header value must
> not contain CR or LF characters");
It would be better to check that all characters are correct ones rather
than check for two specific incorrect characters.
Checking for \r \n only might be not enough. Though that depends on
where the value comes from.
Best regards,
Konstantin Kolinko
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
