tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ken Johanson <>
Subject Bug?: tomcat does not log reqs without c-length or transfer-encoding
Date Fri, 13 Feb 2009 05:28:43 GMT

I noticed that requests (POST in the case) that are missing both the 
Content-Length and also Transfer-encoding, are not logged (as invalid) 
in Tomcat/6.0.18. Seems potential for stealth mis-use (DoS etc).

I'm not sure of this is core or 
org.apache.catalina.valves.AccessLogValve (would appear to be a 
org/apache/coyote/http11/ Processor?)



To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message