2011/4/1 Christopher Schultz <ch...@christopherschultz.net>: > I think I'm doing to standardize on simply scanning for troublesome > characters like \r and \n and throwing a MalformedURLException or > something like that.
You'd better scan for allowed characters. The \r and \n are not the only ones where the things may go wrong. > If anyone else has any good ideas or Warnings about what might be a > naive sanitization check, I'd be glad to hear them. > Best regards, Konstantin Kolinko --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org