https://issues.apache.org/bugzilla/show_bug.cgi?id=43497
--- Comment #3 from Nacho Coloma <icol...@gmail.com> 2010-10-20 10:48:11 EDT --- Any chance this bug receives some attention? Any application on Tomcat is susceptible of XSS attacks, and it should be easy to fix. Keeping the current behavior as default is reasonable, but please provide some flag to switch. Right now I have to keep my own separate patch jar, and merge into Tomcat. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
