Return-Path: X-Original-To: apmail-tomcat-users-archive@www.apache.org Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 1D7C61765D for ; Fri, 4 Sep 2015 19:19:45 +0000 (UTC) Received: (qmail 28677 invoked by uid 500); 4 Sep 2015 19:19:42 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 28613 invoked by uid 500); 4 Sep 2015 19:19:42 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 28600 invoked by uid 99); 4 Sep 2015 19:19:42 -0000 Received: from Unknown (HELO spamd4-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 04 Sep 2015 19:19:42 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd4-us-west.apache.org (ASF Mail Server at spamd4-us-west.apache.org) with ESMTP id AB4AFC0BDF for ; Fri, 4 Sep 2015 19:19:41 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd4-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 3.98 X-Spam-Level: *** X-Spam-Status: No, score=3.98 tagged_above=-999 required=6.31 tests=[HTML_MESSAGE=3, KAM_LAZY_DOMAIN_SECURITY=1, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01] autolearn=disabled Received: from mx1-eu-west.apache.org ([10.40.0.8]) by localhost (spamd4-us-west.apache.org [10.40.0.11]) (amavisd-new, port 10024) with ESMTP id NVJYjDM-oQYg for ; Fri, 4 Sep 2015 19:19:41 +0000 (UTC) Received: from mail-ob0-f179.google.com (mail-ob0-f179.google.com [209.85.214.179]) by mx1-eu-west.apache.org (ASF Mail Server at mx1-eu-west.apache.org) with ESMTPS id 4F79D24C0F for ; Fri, 4 Sep 2015 19:19:40 +0000 (UTC) Received: by obbbh8 with SMTP id bh8so24636801obb.0 for ; Fri, 04 Sep 2015 12:19:33 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:date:message-id:subject:from:to :content-type; bh=JvR3tilQaj7WZPIBXm5cSY6n8Ky0W5y7VV8EeM2KhM8=; b=TTkUPtmqVIBbNbgf68WMCr+UiKjGh/PZNnSlPqhbUwn4uwfpngypd8RDwVpnGZqcx7 ttMtoSa29PMNTeQ96xR4y4IxNtBV5XwP1TD05EDoxwq3ttpTC2AczAEN7kSKugYRZkbU EiNbqfuvQK1CRNuUz4azDDG3Q0FnkbUp88SL397RAIJLbsak6mjvh1k8KI8Aa15g25aQ IeDMbZAkeNkKHGLv/p4rS9m5cXe1KClj0VnG+fqZYkGOf3LWj/XsKWtkUgAY8Cgm7mie FwxigxibsX+vopUmshVPvGAWI6R7O8//SF9jEY5kV9d21Dy6DOl98WEqGSEwLAX+5ZZk McDg== X-Gm-Message-State: ALoCoQncjAeMilISgJya0SGZqZ8NyolI4SaLbCisxhoFuC35W5QooeGHHT08t5Lre4Uo+2Ds+Oqf MIME-Version: 1.0 X-Received: by 10.60.80.229 with SMTP id u5mr4885162oex.27.1441394372977; Fri, 04 Sep 2015 12:19:32 -0700 (PDT) Received: by 10.202.170.73 with HTTP; Fri, 4 Sep 2015 12:19:32 -0700 (PDT) Date: Fri, 4 Sep 2015 15:19:32 -0400 Message-ID: Subject: doDelete Servlet From: Kiran Badi To: Tomcat Users List Content-Type: multipart/alternative; boundary=089e013cbcc69535a3051ef0c750 --089e013cbcc69535a3051ef0c750 Content-Type: text/plain; charset=UTF-8 Hi , I have CRUD Multipart request and I have implemented it correctly works fine at my local host. I have upload upload pdf and tiff files, all this implemented via ajax call using onchange handler on file input multiple tag. The challenge I am having is that doDelete just deletes the file with the request on server, but their is no protection. How do I protect doDelete call from getting misused ? Is their something in Tomcat I can use to protect doDelete vals from getting misused ? - Kiran --089e013cbcc69535a3051ef0c750--