https://issues.apache.org/bugzilla/show_bug.cgi?id=52184
--- Comment #2 from Filip Hanik <fha...@apache.org> 2011-11-18 17:16:46 UTC --- I'd keep this open. As asking user to change their log level to avoid filling up their disks for invalid HTTP cookies is pretty much asking every admin to by default change the log level for a logger they've never heard of to avoid a DoS attack. It's pretty much common sense. It's not an error in Tomcat, it's an invalid cookie. The logging of it, who does it benefit, the one admin that is looking for it, or the thousand admins getting invalid cookies? -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
