What was unexpected for me, was that even if the the symbol is URL
encoded, it was still stripped out by tomcat. I understand now
allowing a backslash in a URL, however if it is URL encoded as
%5C then why not allow it? Maybe I'm missing something
On Fri, Oct 13, 2017 at 7:17 AM, i...@flyingfische
On 13/10/17 18:42, André Warnier (tomcat) wrote:
> On 13.10.2017 19:29, Mark Thomas wrote:
>> On 13/10/2017 18:15, André Warnier (tomcat) wrote:
>>> On 13.10.2017 18:17, Mark Thomas wrote:
On 13/10/2017 17:09, James H. H. Lampert wrote:
> Thanks to all of you who responded.
>
> I f
On 10/13/17, 10:50 AM, Igal @ Lucee.org wrote:
On 10/13/2017 10:42 AM, André Warnier (tomcat) wrote:
Mmm. You are being a bit casuistic here. (Granted, not that I wasn't.)
In the real world, I would expect that 99% of what is ever POSTed,
/is/ form data.
Not you ?
10 years ago I would have agr
On 10/13/2017 10:42 AM, André Warnier (tomcat) wrote:
Mmm. You are being a bit casuistic here. (Granted, not that I wasn't.)
In the real world, I would expect that 99% of what is ever POSTed,
/is/ form data.
Not you ?
10 years ago I would have agreed, but with REST services there are many
AP
On 13.10.2017 19:29, Mark Thomas wrote:
On 13/10/2017 18:15, André Warnier (tomcat) wrote:
On 13.10.2017 18:17, Mark Thomas wrote:
On 13/10/2017 17:09, James H. H. Lampert wrote:
Thanks to all of you who responded.
I found a web page that explains it in ways that I can wrap my
55-year-old bra
On 13/10/2017 18:15, André Warnier (tomcat) wrote:
> On 13.10.2017 18:17, Mark Thomas wrote:
>> On 13/10/2017 17:09, James H. H. Lampert wrote:
>>> Thanks to all of you who responded.
>>>
>>> I found a web page that explains it in ways that I can wrap my
>>> 55-year-old brain around, and has an eas
On 13.10.2017 18:17, Mark Thomas wrote:
On 13/10/2017 17:09, James H. H. Lampert wrote:
Thanks to all of you who responded.
I found a web page that explains it in ways that I can wrap my
55-year-old brain around, and has an easy-to-read reference chart.
https://perishablepress.com/stop-using-u
On 13/10/2017 17:09, James H. H. Lampert wrote:
> Thanks to all of you who responded.
>
> I found a web page that explains it in ways that I can wrap my
> 55-year-old brain around, and has an easy-to-read reference chart.
>
> https://perishablepress.com/stop-using-unsafe-characters-in-urls/
>
>
Thanks to all of you who responded.
I found a web page that explains it in ways that I can wrap my
55-year-old brain around, and has an easy-to-read reference chart.
https://perishablepress.com/stop-using-unsafe-characters-in-urls/
Question: the problem first showed up on a web service that t
Am 13.10.2017 um 12:48 schrieb Alex O'Ree:
> Well that explains a lot. Similar issue for me. With url encoding, tomcat
> is dropping back slash and the plus symbol.
While I think it is perfectly eligible to strive for a most perfect
alignement with standards and specs, I think Tomcat should allow
Well that explains a lot. Similar issue for me. With url encoding, tomcat
is dropping back slash and the plus symbol.
On Oct 13, 2017 3:01 AM, "Mark Thomas" wrote:
> On 13/10/2017 07:38, Peter Kreuser wrote:
> > Chris,
> >
> >
> >
> >
> > Peter Kreuser
> >> Am 13.10.2017 um 04:29 schrieb Christ
Am 13.10.2017 um 09:01 schrieb Mark Thomas:
> From memory, # isn't one of the allowed exceptions.
>
> The full list of invalid characters in the request line that Tomcat
> started to check for is:
> ' ', '\"', '#', '<', '>', '\\', '^', '`', '{', '|', '}'
>
> The allowed exceptions are (currently) '
On 13/10/2017 07:38, Peter Kreuser wrote:
> Chris,
>
>
>
>
> Peter Kreuser
>> Am 13.10.2017 um 04:29 schrieb Christopher Schultz
>> :
>>
> James,
>
On 10/12/17 8:44 PM, James H. H. Lampert wrote:
Question:
The application we're developing has a suite of web services
(
Chris,
Peter Kreuser
> Am 13.10.2017 um 04:29 schrieb Christopher Schultz
> :
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> James,
>
>> On 10/12/17 8:44 PM, James H. H. Lampert wrote:
>> Question:
>>
>> The application we're developing has a suite of web services
>> (RESTful, S
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
James,
On 10/12/17 8:44 PM, James H. H. Lampert wrote:
> Question:
>
> The application we're developing has a suite of web services
> (RESTful, Swagger-based), and at least one of them can accept a
> pound sign ("#") as a URL parameter.
>
> Severa
Question:
The application we're developing has a suite of web services (RESTful,
Swagger-based), and at least one of them can accept a pound sign ("#")
as a URL parameter.
Several months ago, with the application and all of its services running
on Tomcat 7, it was accepting a plain, naked #
16 matches
Mail list logo
