https://issues.apache.org/bugzilla/show_bug.cgi?id=57324
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|REOPENED |RESOLVED
Resolution|--- |INVALID
--- Comment #8 from Mark Thomas <ma...@apache.org> ---
Ah yes. I confused two different error condition handling mechanisms.
Ultimately Tomcat has to deal with the problem that after a non 2xx response,
Tomcat can't tell if the next bytes received are the request body from the
previous request or a brand new request. While this problematic for directly
connected clients, it is a security risk when behind a proxy.
Tomcat should send the connection close header to signal that the connection is
being closed. If there are cases where it isn't there that is something we
could look at.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
