tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jean-frederic clere <jfrederic.cl...@fujitsu-siemens.com>
Subject Re: single percent sign in a parameter causes an exception report detailing tomcat version
Date Fri, 16 Apr 2004 16:42:17 GMT
David Cassidy wrote:
> its very very easy to replicate.
> Seems there is a buffer in jk_ajp_common.c line 383 ?
> which gives a Error ajp_marshal_into_msgb - Error appending the query string
> in the jk.log file !
> 
> Just do ........testpage.jsp?param=AAAAAAAAAAAAAAAAAAAAAAAA
> 
> and make the value 7600 'A's long !
> 
> I've tried customizing the error page for the single percent sign problem with a status
code 500 but it doesn't seem to work :(
> any ideas ?
> 
> Thanks
> 
> David
> 
> 
> 
>                                                                                     
                                                                                  
>                       "Shapira, Yoav"                                               
                                                                                  
>                       <Yoav.Shapira@mpi        To:       "Tomcat Developers List"
<tomcat-dev@jakarta.apache.org>                                                    
 
>                       .com>                    cc:                               
                                                                                     
>                                                Subject:  RE: single percent sign in a
parameter causes an exception report detailing tomcat version                    
>                       16/04/2004 14:16                                              
                                                                                  
>                       Please respond to                                             
                                                                                  
>                       "Tomcat                                                       
                                                                                  
>                       Developers List"                                              
                                                                                  
>                                                                                     
                                                                                  
>                                                                                     
                                                                                  
> 
> 
> 
> 
> 
> Hi,
> 
> 
>>still makes a nasty mess on your screen :)
> 
> 
> That's subjective: I tend to like all the information I can get, but
> then again I'm a developer.  The error pages at least are easily
> customizable (including in a global way for the tomcat server admin) to
> include or not include whatever you want.
> 
> 
>>They also discovered that if you pass 7,600 bytes as the value for a
> 
> GET
> 
>>parameter
>>that mod_jk1 tells you the server is down.

Strange Apache should tell something like "Request-URI Too Large". (414).

> 
> 
> Now that's a good one!  I don't use mod_jk but that's a cool find.  If
> you haven't already, you should enter the full test details in Bugzilla
> so we can reproduce and fix it.
> 
> Yoav Shapira
> 
> 
> 
> This e-mail, including any attachments, is a confidential business communication, and
may contain information that is confidential, proprietary and/or privileged.  This e-mail
is intended only for the individual(s) to whom it is addressed, and may not be saved, copied,
printed, disclosed or used by anyone else.  If you are not the(an) intended recipient, please
immediately delete this e-mail from your computer system and notify the sender.  Thank you.
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
> 
> 
> 
> 
> 
> 
> --
> 
> This e-mail may contain confidential and/or privileged information. If you are not the
intended recipient (or have received this e-mail in error) please notify the sender immediately
and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material
in this e-mail is strictly forbidden.
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
> 
> 



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message