Author: markt Date: Thu Sep 5 09:39:32 2013 New Revision: 1520260 URL: http://svn.apache.org/r1520260 Log: Fix typo
Modified: tomcat/site/trunk/docs/security-4.html tomcat/site/trunk/docs/security-5.html tomcat/site/trunk/docs/security-6.html tomcat/site/trunk/xdocs/security-4.xml tomcat/site/trunk/xdocs/security-5.xml tomcat/site/trunk/xdocs/security-6.xml Modified: tomcat/site/trunk/docs/security-4.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-4.html?rev=1520260&r1=1520259&r2=1520260&view=diff ============================================================================== --- tomcat/site/trunk/docs/security-4.html (original) +++ tomcat/site/trunk/docs/security-4.html Thu Sep 5 09:39:32 2013 @@ -717,7 +717,7 @@ process a sequence of requests where one or more requests contain multiple content-length headers and several components do not reject the request and make different decisions as to which - content-length leader to use an attacker can poision a web-cache, perform + content-length leader to use an attacker can poison a web-cache, perform an XSS attack and obtain senstive information from requests other then their own. Tomcat now returns 400 for requests with multiple content-length headers. Modified: tomcat/site/trunk/docs/security-5.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-5.html?rev=1520260&r1=1520259&r2=1520260&view=diff ============================================================================== --- tomcat/site/trunk/docs/security-5.html (original) +++ tomcat/site/trunk/docs/security-5.html Thu Sep 5 09:39:32 2013 @@ -1425,7 +1425,7 @@ process a sequence of requests where one or more requests contain multiple content-length headers and several components do not reject the request and make different decisions as to which - content-length leader to use an attacker can poision a web-cache, perform + content-length leader to use an attacker can poison a web-cache, perform an XSS attack and obtain senstive information from requests other then their own. Tomcat now returns 400 for requests with multiple content-length headers. Modified: tomcat/site/trunk/docs/security-6.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-6.html?rev=1520260&r1=1520259&r2=1520260&view=diff ============================================================================== --- tomcat/site/trunk/docs/security-6.html (original) +++ tomcat/site/trunk/docs/security-6.html Thu Sep 5 09:39:32 2013 @@ -1706,7 +1706,7 @@ process a sequence of requests where one or more requests contain multiple content-length headers and several components do not reject the request and make different decisions as to which - content-length leader to use an attacker can poision a web-cache, perform + content-length leader to use an attacker can poison a web-cache, perform an XSS attack and obtain senstive information from requests other then their own. Tomcat now returns 400 for requests with multiple content-length headers. Modified: tomcat/site/trunk/xdocs/security-4.xml URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-4.xml?rev=1520260&r1=1520259&r2=1520260&view=diff ============================================================================== --- tomcat/site/trunk/xdocs/security-4.xml (original) +++ tomcat/site/trunk/xdocs/security-4.xml Thu Sep 5 09:39:32 2013 @@ -272,7 +272,7 @@ process a sequence of requests where one or more requests contain multiple content-length headers and several components do not reject the request and make different decisions as to which - content-length leader to use an attacker can poision a web-cache, perform + content-length leader to use an attacker can poison a web-cache, perform an XSS attack and obtain senstive information from requests other then their own. Tomcat now returns 400 for requests with multiple content-length headers. Modified: tomcat/site/trunk/xdocs/security-5.xml URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-5.xml?rev=1520260&r1=1520259&r2=1520260&view=diff ============================================================================== --- tomcat/site/trunk/xdocs/security-5.xml (original) +++ tomcat/site/trunk/xdocs/security-5.xml Thu Sep 5 09:39:32 2013 @@ -696,7 +696,7 @@ process a sequence of requests where one or more requests contain multiple content-length headers and several components do not reject the request and make different decisions as to which - content-length leader to use an attacker can poision a web-cache, perform + content-length leader to use an attacker can poison a web-cache, perform an XSS attack and obtain senstive information from requests other then their own. Tomcat now returns 400 for requests with multiple content-length headers. Modified: tomcat/site/trunk/xdocs/security-6.xml URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-6.xml?rev=1520260&r1=1520259&r2=1520260&view=diff ============================================================================== --- tomcat/site/trunk/xdocs/security-6.xml (original) +++ tomcat/site/trunk/xdocs/security-6.xml Thu Sep 5 09:39:32 2013 @@ -879,7 +879,7 @@ process a sequence of requests where one or more requests contain multiple content-length headers and several components do not reject the request and make different decisions as to which - content-length leader to use an attacker can poision a web-cache, perform + content-length leader to use an attacker can poison a web-cache, perform an XSS attack and obtain senstive information from requests other then their own. Tomcat now returns 400 for requests with multiple content-length headers. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org