https://bz.apache.org/bugzilla/show_bug.cgi?id=66512
--- Comment #10 from Alexander Schüßler <alexander.schuess...@plunet.com> --- Hi Mark, I am not a developer at my company but I found a suspicious piece of code in our codebase that would underline your assumption: https://pastebin.com/m74V3qHx I suppose what you want us to do is to replace this (please confirm): #---------------------------------------------------------- response.setHeader ( "Content-Disposition", forceDownload+"; filename=\"" + originalFileName + "\"; filename*=UTF-8''" + SysFacade.encodeFilename_for_HttpUrlAccess ( originalFileName ) ); #---------------------------------------------------------- with this: #---------------------------------------------------------- String encodedFilename = SysFacade.encodeFilename_for_HttpUrlAccess(originalFileName); response.setHeader ( "Content-Disposition", forceDownload+"; filename=\"" + encodedFilename + "\"; filename*=UTF-8''" + encodedFilename); #---------------------------------------------------------- I have access to our codebase and could build a test build with this change, that is not an issue but I must say that a code change would not be the best solution for us because it will mean that we will have to deploy updates for all affected customers. Do you think this is the only option we have? Let me know your thoughts! Cheers! Alex -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
