/[Apache-SVN]
ViewVC logotype

Revision 1727166


Jump to revision: Previous Next
Author: markt
Date: Wed Jan 27 19:44:01 2016 UTC (9 years, 2 months ago)
Changed paths: 8
Log Message:
Expand the session attribute filtering options
- new option to filter based on implementation class of value
- new option to log a warning message if an attribute is filtered out
- always log a message at at least debug level if an attribute is filtered out
This is part 1 of 2 of the fix for CVE-2016-0714

Changed paths

Path Details
Directorytomcat/tc6.0.x/trunk/ modified , props changed
Directorytomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/session/mbeans-descriptors.xml modified , text changed
Directorytomcat/tc6.0.x/trunk/java/org/apache/catalina/session/LocalStrings.properties modified , text changed
Directorytomcat/tc6.0.x/trunk/java/org/apache/catalina/session/ManagerBase.java modified , text changed
Directorytomcat/tc6.0.x/trunk/java/org/apache/catalina/session/mbeans-descriptors.xml modified , text changed
Directorytomcat/tc6.0.x/trunk/webapps/docs/changelog.xml modified , text changed
Directorytomcat/tc6.0.x/trunk/webapps/docs/config/cluster-manager.xml modified , text changed
Directorytomcat/tc6.0.x/trunk/webapps/docs/config/manager.xml modified , text changed

infrastructure at apache.org
ViewVC Help
Powered by ViewVC 1.1.26