Re: Apache cross-site scripting attacks vulnerability solution

[Mark Thomas]

Yulius wrote:
> Hi all,
> 
> Currently we are having a system that is using Apache Tomcat 4.1.3
> Our customer has been asking us to implements some sort of security for 413 
> error page by adding the 'ErrorDocument 413' statement to the Apache 
> configuration file to disable the default 413 error page as an workaround.
> However since we use Tomcat, will this issue applicable to our system?
> If yes, how should i implement the solution onto our system?

If you are using 4.1.3 you have a whole bunch of bigger security issues to
worry about. See http://tomcat.apache.org/security-4.html for details.

Mark



-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Apache cross-site scripting attacks vulnerability solution

[Yulius]

Hi all,

Currently we are having a system that is using Apache Tomcat 4.1.3
Our customer has been asking us to implements some sort of security for 413 
error page by adding the 'ErrorDocument 413' statement to the Apache 
configuration file to disable the default 413 error page as an workaround.
However since we use Tomcat, will this issue applicable to our system?
If yes, how should i implement the solution onto our system?

Thanks in advance
Yulius

   
-
Looking for last minute shopping deals?  Find them fast with Yahoo! Search.