RE: URI handling in tomcat 3.2.3

2001-09-21 Thread Marc Saegesser
lost. --- Marc Saegesser -Original Message- From: Jason Hunter [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 5:13 PM To: [EMAIL PROTECTED] Subject: Re: URI handling in tomcat 3.2.3 You only use http:// in the GET request if you're talking

RE: URI handling in tomcat 3.2.3

2001-09-20 Thread Marc Saegesser
? Marc Saegesser -Original Message- From: Marc Saegesser [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 13, 2001 12:49 PM To: [EMAIL PROTECTED] Subject: RE: URI handling in tomcat 3.2.3 Lars, I agree with you. These encoded characters should be allowed in URIs and disallowing

Re: URI handling in tomcat 3.2.3

2001-09-20 Thread Jason Hunter
] Subject: RE: URI handling in tomcat 3.2.3 Lars, I agree with you. These encoded characters should be allowed in URIs and disallowing them is a hack. Like I said, I think the approach sucks. We were faced with a very serious security problem that had to be addressed very quickly

Re: URI handling in tomcat 3.2.3

2001-09-20 Thread Jason Hunter
: Thursday, September 13, 2001 8:48 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: URI handling in tomcat 3.2.3 I agree that this URI handling sucks. I'm the one that committed the change that made it happen and I still think it sucks. However, allowing these encoded

URI handling in tomcat 3.2.3

2001-09-13 Thread Lars Oppermann
Hi everyone, we were in progress of moving our project to tomcat 3.2.3 when we came accross the new handling of URIs (release-notes sec. 7.2). Since we are using the URI to transport other hierarchical information then filesystem paths, we have the feeling, that this kind of functionality

RE: URI handling in tomcat 3.2.3

2001-09-13 Thread Marc Saegesser
PROTECTED] Subject: URI handling in tomcat 3.2.3 Hi everyone, we were in progress of moving our project to tomcat 3.2.3 when we came accross the new handling of URIs (release-notes sec. 7.2). Since we are using the URI to transport other hierarchical information then filesystem paths, we have

RE: URI handling in tomcat 3.2.3

2001-09-13 Thread Marc Saegesser
PROTECTED]] Sent: Thursday, September 13, 2001 8:48 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: URI handling in tomcat 3.2.3 I agree that this URI handling sucks. I'm the one that committed the change that made it happen and I still think it sucks. However, allowing

Re: URI handling in tomcat 3.2.3

2001-09-13 Thread Bill Barker
] To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Thursday, September 13, 2001 3:00 AM Subject: URI handling in tomcat 3.2.3 Hi everyone, we were in progress of moving our project to tomcat 3.2.3 when we came accross the new handling of URIs (release-notes sec. 7.2). Since we are using the URI

RE: URI handling in tomcat 3.2.3

2001-09-13 Thread Marc Saegesser
To: [EMAIL PROTECTED] Subject: Re: URI handling in tomcat 3.2.3 Hi Marc, Thanks for you reply... Marc Saegesser wrote: I agree that this URI handling sucks. I'm the one that committed the change that made it happen and I still think it sucks. However, allowing these encoded characters

RE: URI handling in tomcat 3.2.3

2001-09-13 Thread Larry Isaacs
Message- From: Bill Barker [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 13, 2001 12:36 PM To: [EMAIL PROTECTED] Subject: Re: URI handling in tomcat 3.2.3 While 3.3 has this behavior as the default, it can be disabled in the config by: DecodeInterceptor safe=false / Since