TakHoe,
Really? Gosh, this is serious.....
That doesn't happen in TOMCAT.v 1.1.1.1 1999/10/09.
And it's running on NT.
kim.
----- Original Message -----
From: "Cheong Takhoe" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, October 17, 2000 4:01 PM
Subject: Tomcat security issue
> Hi,
>
> I discovered that Tomcat has a security problem with regards to the way it
> works with the handlers.
>
> if you have a file x.jsp
> when you access it through the web browser, http://<hostname>/x.jsp\
> with the \ there,
>
> it opens up the source code....
> HMMMMMmmmm...
>
> I don't know whether this is similar on a non-NT platform.
> any ideas about this? solutions?
>
> regards,
> Cheong Takhoe
>
>
===========================================================================
> To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff
JSP-INTEREST".
> Some relevant FAQs on JSP/Servlets can be found at:
>
> http://java.sun.com/products/jsp/faq.html
> http://www.esperanto.org.nz/jsp/jspfaq.html
> http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
> http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
>
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
