On 14/10/2021 10:34, ma...@apache.org wrote:
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new c4f881f Invalid byte sequences result in a 400 response.
c4f881f is described below
commit c4f881f5b68809139a3ebfeb3121c50bf9be8ea8
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Wed Oct 13 18:32:19 2021 +0100
Invalid byte sequences result in a 400 response.
This is part of the clarification in Servet 6.0 of the expected
canonicalization Servlet containers are expected to apply to request
URIs.
Another one for the back-port discussion.
The old behaviour was to replace the invalid sequences with a single
replacement character which was expected to trigger either a 404 or an
application error (depending on where in the URI the issue was).
The new behaviour rejects with a 400.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org