Author: markt Date: Fri Jun 14 20:14:05 2013 New Revision: 1493231 URL: http://svn.apache.org/r1493231 Log: Fix typos
Modified: tomcat/trunk/test/org/apache/catalina/authenticator/TestFormAuthenticator.java Modified: tomcat/trunk/test/org/apache/catalina/authenticator/TestFormAuthenticator.java URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/catalina/authenticator/TestFormAuthenticator.java?rev=1493231&r1=1493230&r2=1493231&view=diff ============================================================================== --- tomcat/trunk/test/org/apache/catalina/authenticator/TestFormAuthenticator.java (original) +++ tomcat/trunk/test/org/apache/catalina/authenticator/TestFormAuthenticator.java Fri Jun 14 20:14:05 2013 @@ -47,13 +47,13 @@ import org.apache.tomcat.websocket.serve * achievable with servlets, jsps, jstl (all of which which can ask for an * encoded url to be inserted into the dynamic web page). It cannot work * with static html. - * note: this test class uses the tomcat somaple jsps, which conform. + * note: this test class uses the Tomcat sample jsps, which conform. * * 3. Therefore, any webapp that MIGHT need to authenticate a client that * does not accept cookies MUST generate EVERY protected resource url * dynamically (so that it will include the current session ID). * - * 4. Any webapp that cannot satify case 3 MUST turn off + * 4. Any webapp that cannot satisfy case 3 MUST turn off * changeSessionIdOnAuthentication for its Context and thus degrade the * session fixation protection for ALL of its clients. * note from MarkT: Not sure I agree with this. If the URLs aren't --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org