https://issues.apache.org/bugzilla/show_bug.cgi?id=43497
--- Comment #3 from Nacho Coloma <[email protected]> 2010-10-20 10:48:11 EDT --- Any chance this bug receives some attention? Any application on Tomcat is susceptible of XSS attacks, and it should be easy to fix. Keeping the current behavior as default is reasonable, but please provide some flag to switch. Right now I have to keep my own separate patch jar, and merge into Tomcat. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
