geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kevan Miller <kevan.mil...@gmail.com>
Subject Re: Session creation triggered by XSS/XSRF filter
Date Tue, 30 Jun 2009 15:09:42 GMT

On Jun 30, 2009, at 10:26 AM, Joe Bohn wrote:

> I tried some random URIs and always received a 404 back in my tests.
>
> This could be a problem with the filter on the welcome application.   
> It currently has a context-root of "/" and the filter is registered  
> with a URL pattern of "/*".

OK, that would explain it... So, is there any reason to run XSS  
filtering on the welcome app?

--kevan

Mime
View raw message