ChristopherSchultz merged PR #681:
URL: https://github.com/apache/tomcat/pull/681
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail:
ChristopherSchultz commented on PR #681:
URL: https://github.com/apache/tomcat/pull/681#issuecomment-1875476100
> > Re 4: I think that if one is wise enough to write a RegExp, they could
use "|" to combine several patterns, and do not really need splitting by comma.
>
> I suppose if
isapir commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1437906912
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -53,6 +58,25 @@ public class CsrfPreventionFilter extends
CsrfPreventionFilterBase {
private
isapir commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1437905241
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -110,45 +285,70 @@ public void doFilter(ServletRequest request,
ServletResponse response, FilterCha
isapir commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1437903976
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -87,11 +104,170 @@ public void setNonceRequestParameterName(String
parameterName) {
ChristopherSchultz commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1437901624
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -87,11 +104,170 @@ public void setNonceRequestParameterName(String
parameterName) {
ChristopherSchultz commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1437900565
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -87,11 +104,170 @@ public void setNonceRequestParameterName(String
parameterName) {
ChristopherSchultz commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1437899157
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -87,11 +104,170 @@ public void setNonceRequestParameterName(String
parameterName) {
ChristopherSchultz commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1437898144
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -87,11 +104,170 @@ public void setNonceRequestParameterName(String
parameterName) {
ChristopherSchultz commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1437898048
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -87,11 +104,170 @@ public void setNonceRequestParameterName(String
parameterName) {
ChristopherSchultz commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1437897171
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -87,11 +104,170 @@ public void setNonceRequestParameterName(String
parameterName) {
ChristopherSchultz commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1437896682
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -110,45 +285,70 @@ public void doFilter(ServletRequest request,
ServletResponse response,
michael-o commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1436107052
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -87,11 +104,170 @@ public void setNonceRequestParameterName(String
parameterName) {
isapir commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1435945699
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -87,11 +104,170 @@ public void setNonceRequestParameterName(String
parameterName) {
isapir commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1435945537
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -110,45 +285,70 @@ public void doFilter(ServletRequest request,
ServletResponse response, FilterCha
isapir commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1435943790
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -87,11 +104,170 @@ public void setNonceRequestParameterName(String
parameterName) {
isapir commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1435943366
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -87,11 +104,170 @@ public void setNonceRequestParameterName(String
parameterName) {
michael-o commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1434524088
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -87,11 +104,170 @@ public void setNonceRequestParameterName(String
parameterName) {
ChristopherSchultz commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1434521612
##
webapps/docs/config/filter.xml:
##
@@ -319,6 +326,34 @@
of java.security.SecureRandom will be used.
+
+A list of URL
michael-o commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1434518590
##
webapps/docs/config/filter.xml:
##
@@ -291,6 +291,13 @@
request. The default value is 403.
+
+A flag to enable or disable
ChristopherSchultz commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1434514917
##
webapps/docs/config/filter.xml:
##
@@ -291,6 +291,13 @@
request. The default value is 403.
+
+A flag to enable or disable
michael-o commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1434513367
##
webapps/docs/config/filter.xml:
##
@@ -319,6 +326,34 @@
of java.security.SecureRandom will be used.
+
+A list of URL patterns that
michael-o commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1434512783
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -198,15 +416,27 @@ protected boolean skipNonceCheck(HttpServletRequest
request) {
ChristopherSchultz commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1434511388
##
webapps/docs/config/filter.xml:
##
@@ -319,6 +326,34 @@
of java.security.SecureRandom will be used.
+
+A list of URL
ChristopherSchultz commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1434510673
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -198,15 +416,27 @@ protected boolean skipNonceCheck(HttpServletRequest
request) {
michael-o commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1433225531
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -198,15 +416,27 @@ protected boolean skipNonceCheck(HttpServletRequest
request) {
ChristopherSchultz commented on PR #681:
URL: https://github.com/apache/tomcat/pull/681#issuecomment-1864951885
> Re 4: I think that if one is wise enough to write a RegExp, they could use
"|" to combine several patterns, and do not really need splitting by comma. Or
do you envision a use
kkolinko commented on PR #681:
URL: https://github.com/apache/tomcat/pull/681#issuecomment-1864889547
Re 8: Whatever is easier.
(Maybe it will be easier to extract some logic into an utility class and
test that utility class. My concern is just that the logic is not trivial, is
kkolinko commented on PR #681:
URL: https://github.com/apache/tomcat/pull/681#issuecomment-1864873921
Re 4: I think that if one is wise enough to write a RegExp, they could use
"|" to combine several patterns, and do not really need splitting by comma. Or
do you envision a use case, where
ChristopherSchultz commented on PR #681:
URL: https://github.com/apache/tomcat/pull/681#issuecomment-1864828084
> 1. There are case-insensitive file systems out there... I wonder whether
those default extensions should be treated case-insensitively. (If one is
serving a web site from an
kkolinko commented on PR #681:
URL: https://github.com/apache/tomcat/pull/681#issuecomment-1864808958
1. There are case-insensitive file systems out there... I wonder whether
those default extensions should be treated case-insensitively. (If one is
serving a web site from an USB stick or a
michael-o commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1432909931
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -53,6 +58,25 @@ public class CsrfPreventionFilter extends
CsrfPreventionFilterBase {
ChristopherSchultz commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1432880460
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -53,6 +58,25 @@ public class CsrfPreventionFilter extends
CsrfPreventionFilterBase {
ChristopherSchultz commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1432856054
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -53,6 +58,25 @@ public class CsrfPreventionFilter extends
CsrfPreventionFilterBase {
ChristopherSchultz commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1432853641
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -53,6 +58,25 @@ public class CsrfPreventionFilter extends
CsrfPreventionFilterBase {
michael-o commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1432402971
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -53,6 +58,25 @@ public class CsrfPreventionFilter extends
CsrfPreventionFilterBase {
markt-asf commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1431736198
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -53,6 +58,25 @@ public class CsrfPreventionFilter extends
CsrfPreventionFilterBase {
ChristopherSchultz commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1431641166
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -53,6 +58,25 @@ public class CsrfPreventionFilter extends
CsrfPreventionFilterBase {
ChristopherSchultz commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1431639832
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -53,6 +58,25 @@ public class CsrfPreventionFilter extends
CsrfPreventionFilterBase {
ChristopherSchultz commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1431618064
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -53,6 +58,25 @@ public class CsrfPreventionFilter extends
CsrfPreventionFilterBase {
ChristopherSchultz commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1431615348
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -53,6 +58,25 @@ public class CsrfPreventionFilter extends
CsrfPreventionFilterBase {
ChristopherSchultz commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1431612056
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -53,6 +58,25 @@ public class CsrfPreventionFilter extends
CsrfPreventionFilterBase {
ChristopherSchultz commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1431610887
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -53,6 +58,25 @@ public class CsrfPreventionFilter extends
CsrfPreventionFilterBase {
michael-o commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1430461949
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -53,6 +58,25 @@ public class CsrfPreventionFilter extends
CsrfPreventionFilterBase {
michael-o commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1430459964
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -53,6 +58,25 @@ public class CsrfPreventionFilter extends
CsrfPreventionFilterBase {
markt-asf commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1430459910
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -53,6 +58,25 @@ public class CsrfPreventionFilter extends
CsrfPreventionFilterBase {
isapir commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1430457497
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -53,6 +58,25 @@ public class CsrfPreventionFilter extends
CsrfPreventionFilterBase {
private
ChristopherSchultz commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1430451465
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -53,6 +58,25 @@ public class CsrfPreventionFilter extends
CsrfPreventionFilterBase {
ChristopherSchultz commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1430450663
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -53,6 +58,25 @@ public class CsrfPreventionFilter extends
CsrfPreventionFilterBase {
michael-o commented on code in PR #681:
URL: https://github.com/apache/tomcat/pull/681#discussion_r1428761992
##
java/org/apache/catalina/filters/CsrfPreventionFilter.java:
##
@@ -53,6 +58,25 @@ public class CsrfPreventionFilter extends
CsrfPreventionFilterBase {
ChristopherSchultz commented on PR #681:
URL: https://github.com/apache/tomcat/pull/681#issuecomment-1858319793
Commit
[e2f78ec](https://github.com/apache/tomcat/pull/681/commits/e2f78eca0c7626303e5e50f1f033770b466f1755)
adds nonce-check skipping to the URLs that won't get nonces added to
ChristopherSchultz commented on PR #681:
URL: https://github.com/apache/tomcat/pull/681#issuecomment-1858296301
My initial testing indicates that caching is working as expected with these
changes.
--
This is an automated message from the Apache Git Service.
To respond to the message,
52 matches
Mail list logo