it is not on by default due to spec issues. for tomcat to be strictly compliant, by default it should not strip the extra carriage returns.
If you search the mailing list back to 2001-2002, you see there was lots of discussion about it. the funny thing is, it also makes it easy to tell when a website uses jsp tags.
that's an easy way to figure out if a website is using a servlet container and jsp tags.
That seems like a security issue to me. You can fingerprint a remote site and determine what technology they are using, even if they have taken steps to hide the JSP ending from their files.
Brad
peter
On Wed, 08 Sep 2004 10:45:00 -0700, Brad Neuberg <[EMAIL PROTECTED]> wrote: > Yoav, thanks; this works. One question; why isn't this true by default? > > Brad > > At 09:56 AM 9/8/2004, you wrote: > > >Hi, > >trimSpaces at > >http://jakarta.apache.org/tomcat/tomcat-5.5-doc/jasper-howto.html. > > > >Yoav Shapira > >Millennium Research Informatics > >
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
