> Essentially, what I've put provides reasonably good protection without any
> significant performance penalty.
>
> Carlos
That is great, but since JServ is in a bug fix/minor feature additions
only mode, I'm very reluctant to add something that is fairly major to
it...especially something that claims to add security to it since that
just opens us up to more hackers pounding on the code. Today, we simply
claim that JServ has no security. It is much easier that way. :-)
What I would personally rather see is you add this stuff to Tomcat instead
and get the tomcat-dev@ list to accept your patch.
So, while you still have CVS write access, you cannot commit this until
you get the active developers to give you a +1 on it. I am willing to look
at your code and cosider it, but not until I get to it on my TODO list.
Ok?
thanks,
-jon
--
Scarab -
Java Servlet Based - Open Source
Bug/Issue Tracking System
<http://scarab.tigris.org/>
--
----------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Archives and Other: <http://java.apache.org/main/mail.html>
Problems?: [EMAIL PROTECTED]
