DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=28778>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=28778 Malformed HEAD method can bypass (basic) authentication. [EMAIL PROTECTED] changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID ------- Additional Comments From [EMAIL PROTECTED] 2004-05-05 13:58 ------- I think it's fairly obvious: - hfjdfhdHEAD is not a malformed HEAD request, it is a hfjdfhdHEAD request - your constraint seems on the method name - many servlets have a service method which will treat any method as a GET If you still think there's a problem, please provide a *specific* example (test WAR + request which will cause the problem). --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]