2011/4/19 Christopher Schultz <ch...@christopherschultz.net>: > > Looks like I must override sendRedirect because otherwise the setHeader > call implemented in Response.sendRedirect isn't intercepted by the > wrapper class. > > For those interested, see below for the implementation I came up with. >
> if(containsCRorLF(value)) > throw new IllegalArgumentException("Header value must > not contain CR or LF characters"); It would be better to check that all characters are correct ones rather than check for two specific incorrect characters. Checking for \r \n only might be not enough. Though that depends on where the value comes from. Best regards, Konstantin Kolinko --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org