lost.
---
Marc Saegesser
-Original Message-
From: Jason Hunter [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 20, 2001 5:13 PM
To: [EMAIL PROTECTED]
Subject: Re: URI handling in tomcat 3.2.3
You only use http:// in the GET request if you're talking
?
Marc Saegesser
-Original Message-
From: Marc Saegesser [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 13, 2001 12:49 PM
To: [EMAIL PROTECTED]
Subject: RE: URI handling in tomcat 3.2.3
Lars,
I agree with you. These encoded characters should be allowed in URIs and
disallowing
]
Subject: RE: URI handling in tomcat 3.2.3
Lars,
I agree with you. These encoded characters should be allowed in URIs and
disallowing them is a hack. Like I said, I think the approach sucks. We
were faced with a very serious security problem that had to be addressed
very quickly
: Thursday, September 13, 2001 8:48 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: URI handling in tomcat 3.2.3
I agree that this URI handling sucks. I'm the one that committed
the change
that made it happen and I still think it sucks. However, allowing these
encoded
Hi everyone,
we were in progress of moving our project to tomcat 3.2.3 when we came
accross the new handling of URIs (release-notes sec. 7.2).
Since we are using the URI to transport other hierarchical information
then filesystem paths, we have the feeling, that this kind of
functionality
PROTECTED]
Subject: URI handling in tomcat 3.2.3
Hi everyone,
we were in progress of moving our project to tomcat 3.2.3 when we came
accross the new handling of URIs (release-notes sec. 7.2).
Since we are using the URI to transport other hierarchical information
then filesystem paths, we have
PROTECTED]]
Sent: Thursday, September 13, 2001 8:48 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: URI handling in tomcat 3.2.3
I agree that this URI handling sucks. I'm the one that committed
the change
that made it happen and I still think it sucks. However, allowing
]
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Thursday, September 13, 2001 3:00 AM
Subject: URI handling in tomcat 3.2.3
Hi everyone,
we were in progress of moving our project to tomcat 3.2.3 when we came
accross the new handling of URIs (release-notes sec. 7.2).
Since we are using the URI
To: [EMAIL PROTECTED]
Subject: Re: URI handling in tomcat 3.2.3
Hi Marc,
Thanks for you reply...
Marc Saegesser wrote:
I agree that this URI handling sucks. I'm the one that
committed the change that made it happen and I still
think it sucks. However, allowing these encoded characters
Message-
From: Bill Barker [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 13, 2001 12:36 PM
To: [EMAIL PROTECTED]
Subject: Re: URI handling in tomcat 3.2.3
While 3.3 has this behavior as the default, it can be
disabled in the config
by:
DecodeInterceptor safe=false /
Since
10 matches
Mail list logo