Olivier Jaquemet wrote:
So my questions are :
- What could be done in Tomcat to fix this ?
This has been discussed extensively on the dev list and there is a patch
proposed. See the archives for details.
- Is the security problem real if it is why do other
application server vendors do not have this behavior ?
Yes the problem is real. It won't affect every installation or every
application but it does affect some. As for the other app servers: don't
know - haven't tested them.
- As it break older application and it is not compatible
with IE 7 in some circumstances. Do you really think this
modification should be kept that way ?
No. Again, see the discussion in the archives.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
