Hi Jean,
On 10/14/08 04:06 PM, Jean Silva wrote:
> Hi Jan,
> I tried with glassfish-snapshot-v3-prelude-10_14_2008.zip, but
> the result was the same.
>
glassfish-snapshot-v3-prelude-10_14_2008.zip does not contain the fix
(I just downloaded it and compared the size of org/apache/catalina/valves/ErrorReportValve.class
with the version that has the fix).
Please try with glassfish-snapshot-v3-prelude-10_15_2008.zip when it becomes available.
Thanks,
Jan
>
> --- Em ter, 14/10/08, Jan Luehe <Jan.Luehe_at_Sun.COM> escreveu:
>
>
>> De: Jan Luehe <Jan.Luehe_at_Sun.COM>
>> Assunto: Re: Possible Reflected XSS vulnerability in Glassfish error handler
>> Para: dev_at_glassfish.dev.java.net
>> Data: Terça-feira, 14 de Outubro de 2008, 14:09
>> Hi Jean,
>>
>> thanks for reporting the issue! :)
>>
>> This has been fixed as part of
>>
>>
>> https://glassfish.dev.java.net/issues/show_bug.cgi?id=6527
>>
>> Could you please try again with the next nightly or
>> promoted GlassFish
>> v3 build
>> and let us know?
>>
>> Thanks for your help,
>>
>> Jan
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail:
>> dev-unsubscribe_at_glassfish.dev.java.net
>> For additional commands, e-mail:
>> dev-help_at_glassfish.dev.java.net
>>
>
>
> Novos endereços, o Yahoo! que você conhece. Crie um email novo com a sua cara @ymail.com ou @rocketmail.com.
> http://br.new.mail.yahoo.com/addresses
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: dev-help_at_glassfish.dev.java.net
>
>