tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Craig R. McClanahan" <Craig.McClana...@eng.sun.com>
Subject Re: Why are some header values hidden in HttpProcessor.java ?
Date Wed, 13 Sep 2000 20:14:33 GMT
Bernd Eilers wrote:

>
> Summing everthing up so far:
>
> I think the best would be to have a configurable option as you suggested,
> but the default should be not to suppress this header and not to suppress
> this cookie because the DEFAULT for tomcat should be to be compliant to
> the servlet api specification.
>

I can buy into your reasoning.  The change to make the session ID cookie visible
actually got made a few days ago (for Tomcat 4.0), and I'm about to check in the
change to make the "Authorization" header visible.

>
> Bernd
>

Craig

====================
See you at ApacheCon Europe <http://www.apachecon.com>!
Session VS01 (23-Oct 13h00-17h00):  Sun Technical Briefing
Session T06  (24-Oct 14h00-15h00):  Migrating Apache JServ
                                    Applications to Tomcat



Mime
View raw message