filter.xml

kpreisser Sat, 09 Nov 2013 06:11:25 -0800

Author: kpreisser
Date: Sat Nov  9 14:10:17 2013
New Revision: 1540306

URL: http://svn.apache.org/r1540306
Log:
Internet Explorer (9 - 11) has an option to enable charset guessing if not 
charset is specified, but it is not enabled by default.


Modified:
    tomcat/trunk/webapps/docs/config/filter.xml

Modified: tomcat/trunk/webapps/docs/config/filter.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/filter.xml?rev=1540306&r1=1540305&r2=1540306&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/config/filter.xml (original)
+++ tomcat/trunk/webapps/docs/config/filter.xml Sat Nov  9 14:10:17 2013
@@ -57,8 +57,8 @@
     media sub-types of the "text" media type, the ISO-8859-1 character set must
     be used. However, browsers may attempt to auto-detect the character set.
     This may be exploited by an attacker to perform an XSS attack. Internet
-    Explorer has this behaviour by default. Other browsers have an option to
-    enable it.</p>
+    Explorer and other browsers have an option to
+    enable this behavior.</p>
 
     <p>This filter prevents the attack by explicitly setting a character set.
     Unless the provided character set is explicitly overridden by the user the



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1540306 - /tomcat/trunk/webapps/docs/config/filter.xml

Reply via email to