On Jan 17, 2006, at 9:37 AM, Dave Colasurdo wrote:
I've confirmed that the cross-site scripting problem also occurs in
jsp-examples in pure Tomcat 5.5.12 without Geronimo.
-Dave-
The following discussion thread on tomcat-user gives some additional
information regarding Tomcat and Cross-Site scripting --
http://marc.theaimsgroup.com/?t=99529259400001&r=1&w=2
http://marc.theaimsgroup.com/?l=tomcat-user&m=111727317225343&w=2
claims to have fixed cross-site scripting in 5.5.7 onwards. Problems
to be reported to [EMAIL PROTECTED] (wonder if we're tied into this?)
Dave, is this something you'd be willing to dig into further?
--kevan
