tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mladen Turk <mt...@apache.org>
Subject Re: mod_jk 1.2.27 and an empty POST
Date Wed, 26 Nov 2008 15:45:18 GMT
Henk Fictorie wrote:
> Hi,
> 
> I think that I've been bitten by a resolved bug in mod_jk 1.2.27. The
> changelog is describing this as:
> 
> AJP13: Always send initial POST packet even if the client disconnected after
> sending request but before providing POST data. In that case or in case the
> client broke the connection in a middle of read send an zero size packet
> informing container about broken client connection. (mturk) 
> 
>

Your SSO will have to remember the POST data
or use the GET for that. In all other cases this
is security risk of hi-jacking the sessions.


Regards
-- 
^(TM)

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message