tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <ma...@apache.org>
Subject Re: Apache cross-site scripting attacks vulnerability solution
Date Tue, 11 Dec 2007 19:28:39 GMT
Yulius wrote:
> Hi all,
> 
> Currently we are having a system that is using Apache Tomcat 4.1.3
> Our customer has been asking us to implements some sort of security for 413 error page
by adding the 'ErrorDocument 413' statement to the Apache configuration file to disable the
default 413 error page as an workaround.
> However since we use Tomcat, will this issue applicable to our system?
> If yes, how should i implement the solution onto our system?

If you are using 4.1.3 you have a whole bunch of bigger security issues to
worry about. See http://tomcat.apache.org/security-4.html for details.

Mark



---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message