You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by ma...@apache.org on 2022/10/03 12:34:46 UTC

[tomcat] branch 8.5.x updated: Document nonceRequestParameterName. Based on #553 by Mert Ülkgün.

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
     new 2dc2639c74 Document nonceRequestParameterName. Based on #553 by Mert Ülkgün.
2dc2639c74 is described below

commit 2dc2639c74782bf42eabeb53de0d8c4c6700af11
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Mon Oct 3 13:32:55 2022 +0100

    Document nonceRequestParameterName. Based on #553 by Mert Ülkgün.
---
 webapps/docs/changelog.xml     | 9 +++++++++
 webapps/docs/config/filter.xml | 6 ++++++
 2 files changed, 15 insertions(+)

diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 1903a4a5ad..985962df18 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -280,6 +280,15 @@
       </add>
     </changelog>
   </subsection>
+  <subsection name="Web applications">
+    <changelog>
+      <fix>
+        Documentation. Document the <code>nonceRequestParameterName</code>
+        attribute for the <code>CsrfPreventionFilter</code>. Based on
+        <pr>553</pr> by Mert Ülkgün. (markt)
+      </fix>
+    </changelog>
+  </subsection>
   <subsection name="Other">
     <changelog>
       <fix>
diff --git a/webapps/docs/config/filter.xml b/webapps/docs/config/filter.xml
index 4070f77e28..671de40d13 100644
--- a/webapps/docs/config/filter.xml
+++ b/webapps/docs/config/filter.xml
@@ -307,6 +307,12 @@
         value of 5 will be used.</p>
       </attribute>
 
+      <attribute name="nonceRequestParameterName" required="false">
+        <p>The name of the request parameter used for the nonce. If not set, the
+        default value of <code>org.apache.catalina.filters.CSRF_NONCE</code>
+        will be used.</p>
+      </attribute>
+
       <attribute name="randomClass" required="false">
         <p>The name of the class to use to generate nonces. The class must be an
         instance of <code>java.util.Random</code>. If not set, the default value


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org