You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The length of session ids created by this Manager, measured in bytes, excluding subsequent conversion to a hexadecimal string and excluding any JVM route information used for load balancing. The default is 16.
The validator regex in Validator.HTTPJSESSIONID should be changed from
From Alex.x86@gmail.com on September 03, 2012 15:13:59
From http://tomcat.apache.org/tomcat-6.0-doc/config/manager.html :
The length of session ids created by this Manager, measured in bytes, excluding subsequent conversion to a hexadecimal string and excluding any JVM route information used for load balancing. The default is 16.
The validator regex in Validator.HTTPJSESSIONID should be changed from
^[A-Z0-9]{10,30}$
to
^[A-Z0-9]{10,32}$
Original issue: http://code.google.com/p/owasp-esapi-java/issues/detail?id=286
The text was updated successfully, but these errors were encountered: