Re: cvs commit: jakarta-tomcat-connectors/coyote/src/java/org/apache/coyote Response.java

Tue, 27 Jul 2004 18:04:51 -0700 

----- Original Message -----
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, July 27, 2004 5:43 PM
Subject: cvs commit:
jakarta-tomcat-connectors/coyote/src/java/org/apache/coyote Response.java


> luehe       2004/07/27 17:43:17
>
>   Modified:    coyote/src/java/org/apache/coyote Response.java
>   Log:
>   Fixed Bugtraq 6152759 ("Default charset not included in Content-Type
>   response header if no char encoding was specified").
>
>   According to the Servlet 2.4 spec, calling:
>
>     ServletResponse.setContentType("text/html");
>
>   must yield these results:
>
>     ServletResponse.getContentType() -> "text/html"
>
>     Content-Type response header -> "text/html;charset=ISO-8859-1"
>
>   Notice the absence of a charset in the result of getContentType(), but
>   its presence (set to the default ISO-8859-1) in the Content-Type
>   response header.
>
>   Tomcat is currently not including the default charset in the
>   Content-Type response header if no char encoding was specified.
>

-1.  This gets us right back to the same old problem where we are sending
back "image/gif; charset=iso-8859-1", and nobody can read the response.

If we're not going to assume that the UA believes that the default encoding
is iso-8859-1 (which is what we are doing now), then I'd suggest simply
doing:
   setCharacterEncoding(getCharacterEncoding());
in Response.getWriter (since the spec only requires that we identify the
charset when using a Writer, and we don't really know what it is when using
OutputStream).



This message is intended only for the use of the person(s) listed above as the 
intended recipient(s), and may contain information that is PRIVILEGED and 
CONFIDENTIAL.  If you are not an intended recipient, you may not read, copy, or 
distribute this message or any attachment. If you received this communication in 
error, please notify us immediately by e-mail and then delete all copies of this 
message and any attachments.

In addition you should be aware that ordinary (unencrypted) e-mail sent through the 
Internet is not secure. Do not send confidential or sensitive information, such as 
social security numbers, account numbers, personal identification numbers and 
passwords, to us via ordinary (unencrypted) e-mail.


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to