Thanks Mark.. Got clarified
On Thu, Nov 22, 2018 at 10:50 PM Mark Thomas wrote:
> On November 22, 2018 4:19:40 PM UTC, GNK G wrote:
> >Hello Team,
> >
> >According to the below link, we can check the vulnerability using
> >"status"
> >worker
> >
> >
>
On 22/11/2018 21:29, Johan Compagner wrote:
> Op do 22 nov. 2018 22:05 schreef Mark Thomas
>> On 22/11/2018 16:06, Johan Compagner wrote
>>>
>>> problem is how do we do that in a websocket scenario?
>>
>> Several options:
>> - configure the connector
>> - use a filter before the request reached
Op do 22 nov. 2018 22:05 schreef Mark Thomas On 22/11/2018 16:06, Johan Compagner wrote
> >
> > problem is how do we do that in a websocket scenario?
>
> Several options:
> - configure the connector
> - use a filter before the request reached the WebSocket filter
>
We can't do a Tomcat only
On 22/11/2018 16:06, Johan Compagner wrote:
Hi,
If we send have a value that is utf8 url encoded to the websocket:
H%C3%BCnenberg
then somehow tomcat just encodes that using i think "ISO-8859-1"
Tomcat version?
See URIEncoding for the Connector.
if we are in a filter or servlet we just
On 22/11/2018 18:26, Mark Thomas wrote:
> On November 22, 2018 5:13:36 PM UTC, "Rémy Maucherat" wrote:
>> On Wed, Nov 21, 2018 at 10:58 AM Mark Thomas wrote:
>>
>>> - Simplified Chinese has been added and has already reached 32%
>> coverage
>>>
>>
>> There's actually a problem with the Chinese
On November 22, 2018 5:13:36 PM UTC, "Rémy Maucherat" wrote:
>On Wed, Nov 21, 2018 at 10:58 AM Mark Thomas wrote:
>
>> - Simplified Chinese has been added and has already reached 32%
>coverage
>>
>
>There's actually a problem with the Chinese translation, it's been
>deleted
>for some reason.
>
On November 22, 2018 4:19:40 PM UTC, GNK G wrote:
>Hello Team,
>
>According to the below link, we can check the vulnerability using
>"status"
>worker
>
>https://www.immunit.ch/blog/2018/11/01/cve-2018-11759-apache-mod_jk-access-bypass/
>
>I am able to simulate the issue using the above method.
>
On Wed, Nov 21, 2018 at 10:58 AM Mark Thomas wrote:
> - Simplified Chinese has been added and has already reached 32% coverage
>
There's actually a problem with the Chinese translation, it's been deleted
for some reason.
Rémy
Hello Team,
According to the below link, we can check the vulnerability using "status"
worker
https://www.immunit.ch/blog/2018/11/01/cve-2018-11759-apache-mod_jk-access-bypass/
I am able to simulate the issue using the above method.
But it is specific only to "status" worker.
Does that mean,
Hi,
If we send have a value that is utf8 url encoded to the websocket:
H%C3%BCnenberg
then somehow tomcat just encodes that using i think "ISO-8859-1"
if we are in a filter or servlet we just do:
request.setCharacterEncoding("UTF8");
and then ask for the parameter map then everything is fine
On Mon, 11/19/18, Salil Misra wrote:
Subject: Re: http status 404 - not found
To: users@tomcat.apache.org, karenwo...@yahoo.com
Date: Monday, November 19, 2018, 9:14 PM
Just a quick check , have you
saved your view page as a JSP and not as
This is really awesome!
I am willing to help out with Chinese Translation.
On Wed, Nov 21, 2018 at 5:58 PM Mark Thomas wrote:
>
> Hi all,
>
> I wanted to let you know about the amazing progress that is being made
> on the Tomcat translations at
> https://poeditor.com/join/project/NUTIjDWzrl
>
>
-Nov 21 18:32:37 server2 httpd[24339]: AH00526: Syntax error on line 63 of
-/etc/httpd/conf/httpd.conf:
-Nov 21 18:32:37 server2 httpd[24339]: Invalid command 'JkWorkersFile',
-perhaps misspelled or defined by a module not included in the server
-configuration
Line 63? possibly have not loaded
13 matches
Mail list logo
