You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by kk...@apache.org on 2013/12/25 21:55:43 UTC
svn commit: r1553415 - in /tomcat/site/trunk: docs/security-4.html
docs/security-5.html docs/security-6.html xdocs/security-4.xml
xdocs/security-5.xml xdocs/security-6.xml
Author: kkolinko
Date: Wed Dec 25 20:55:43 2013
New Revision: 1553415
URL: http://svn.apache.org/r1553415
Log:
Correct one more typo noted when reviewing r1520260
Modified:
tomcat/site/trunk/docs/security-4.html
tomcat/site/trunk/docs/security-5.html
tomcat/site/trunk/docs/security-6.html
tomcat/site/trunk/xdocs/security-4.xml
tomcat/site/trunk/xdocs/security-5.xml
tomcat/site/trunk/xdocs/security-6.xml
Modified: tomcat/site/trunk/docs/security-4.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-4.html?rev=1553415&r1=1553414&r2=1553415&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-4.html (original)
+++ tomcat/site/trunk/docs/security-4.html Wed Dec 25 20:55:43 2013
@@ -623,7 +623,7 @@
process a sequence of requests where one or more requests contain
multiple content-length headers and several components do not
reject the request and make different decisions as to which
- content-length leader to use an attacker can poison a web-cache, perform
+ content-length header to use an attacker can poison a web-cache, perform
an XSS attack and obtain senstive information from requests other then
their own. Tomcat now returns 400 for requests with multiple
content-length headers.
Modified: tomcat/site/trunk/docs/security-5.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-5.html?rev=1553415&r1=1553414&r2=1553415&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-5.html (original)
+++ tomcat/site/trunk/docs/security-5.html Wed Dec 25 20:55:43 2013
@@ -1240,7 +1240,7 @@
process a sequence of requests where one or more requests contain
multiple content-length headers and several components do not
reject the request and make different decisions as to which
- content-length leader to use an attacker can poison a web-cache, perform
+ content-length header to use an attacker can poison a web-cache, perform
an XSS attack and obtain senstive information from requests other then
their own. Tomcat now returns 400 for requests with multiple
content-length headers.
Modified: tomcat/site/trunk/docs/security-6.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-6.html?rev=1553415&r1=1553414&r2=1553415&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-6.html (original)
+++ tomcat/site/trunk/docs/security-6.html Wed Dec 25 20:55:43 2013
@@ -1507,7 +1507,7 @@
process a sequence of requests where one or more requests contain
multiple content-length headers and several components do not
reject the request and make different decisions as to which
- content-length leader to use an attacker can poison a web-cache, perform
+ content-length header to use an attacker can poison a web-cache, perform
an XSS attack and obtain senstive information from requests other then
their own. Tomcat now returns 400 for requests with multiple
content-length headers.
Modified: tomcat/site/trunk/xdocs/security-4.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-4.xml?rev=1553415&r1=1553414&r2=1553415&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-4.xml (original)
+++ tomcat/site/trunk/xdocs/security-4.xml Wed Dec 25 20:55:43 2013
@@ -272,7 +272,7 @@
process a sequence of requests where one or more requests contain
multiple content-length headers and several components do not
reject the request and make different decisions as to which
- content-length leader to use an attacker can poison a web-cache, perform
+ content-length header to use an attacker can poison a web-cache, perform
an XSS attack and obtain senstive information from requests other then
their own. Tomcat now returns 400 for requests with multiple
content-length headers.
Modified: tomcat/site/trunk/xdocs/security-5.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-5.xml?rev=1553415&r1=1553414&r2=1553415&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-5.xml (original)
+++ tomcat/site/trunk/xdocs/security-5.xml Wed Dec 25 20:55:43 2013
@@ -699,7 +699,7 @@
process a sequence of requests where one or more requests contain
multiple content-length headers and several components do not
reject the request and make different decisions as to which
- content-length leader to use an attacker can poison a web-cache, perform
+ content-length header to use an attacker can poison a web-cache, perform
an XSS attack and obtain senstive information from requests other then
their own. Tomcat now returns 400 for requests with multiple
content-length headers.
Modified: tomcat/site/trunk/xdocs/security-6.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-6.xml?rev=1553415&r1=1553414&r2=1553415&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-6.xml (original)
+++ tomcat/site/trunk/xdocs/security-6.xml Wed Dec 25 20:55:43 2013
@@ -883,7 +883,7 @@
process a sequence of requests where one or more requests contain
multiple content-length headers and several components do not
reject the request and make different decisions as to which
- content-length leader to use an attacker can poison a web-cache, perform
+ content-length header to use an attacker can poison a web-cache, perform
an XSS attack and obtain senstive information from requests other then
their own. Tomcat now returns 400 for requests with multiple
content-length headers.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org