[Bug 44818] tomcat hangs with GET when content-length is defined

bugzilla Wed, 18 Sep 2013 05:57:46 -0700

https://issues.apache.org/bugzilla/show_bug.cgi?id=44818


Mark Thomas <ma...@apache.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |WONTFIX

--- Comment #6 from Mark Thomas <ma...@apache.org> ---
The only way to handle this would be to explicitly deny GET requests with a
content length header and close the connection with a 400 response.

If an application wants to do this, they can do so with a Filter.

There is no greater DoS risk with this than there is with a POST request that
fails to provide the complete request body.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 44818] tomcat hangs with GET when content-length is defined

Reply via email to