salgattas opened a new pull request #149: Adding ReDoS warning/documentation to RewriteValve URL: https://github.com/apache/tomcat/pull/149 After reporting a potential DoS in "Rewrite Rules" to the Tomcat security team, it was decided that there was no bug in Tomcat itself, but rather in how a user sets up their Tomcat server. Thus, I was instructed by the security team to create a PR for updated documentation to better educate users on appropriate usage of Rewrite Rules. This commit added javadoc comments for the RewriteValve class, as instructed. Furthermore, I'd like to update the documentation on this page as well, however I cannot find a mechanism to do so: https://tomcat.apache.org/tomcat-9.0-doc/rewrite.html
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
