This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Talk:CSRF Guard"
From OWASP
(Having hard time to get it working with Weblogic 8.1) |
|||
Line 2: | Line 2: | ||
Absolutely - fixed | Absolutely - fixed | ||
+ | |||
+ | == Having hard time to get it working with Weblogic 8.1 == | ||
+ | |||
+ | I tried it out. For some reason, I always get this following statck trace. Could you please help? | ||
+ | |||
+ | java.lang.IllegalStateException: response already committed | ||
+ | at weblogic.servlet.jsp.JspWriterImpl.clear(JspWriterImpl.java:85) | ||
+ | at jsp_servlet.__welcome._jspService(__welcome.java:2310) | ||
+ | at weblogic.servlet.jsp.JspBase.service(JspBase.java:33) | ||
+ | at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run | ||
+ | (ServletStubImpl.java:996) | ||
+ | at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubIm | ||
+ | pl.java:419) | ||
+ | at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:28) | ||
+ | at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja | ||
+ | va:27) | ||
+ | at org.owasp.csrf.CSRFGuard.doChain(CSRFGuard.java:96) | ||
+ | at org.owasp.csrf.CSRFGuard.doFilter(CSRFGuard.java:71) | ||
+ | at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja | ||
+ | va:27) | ||
+ | at weblogic.servlet.internal.WebAppServletContext$ServletInvocationActio | ||
+ | n.run(WebAppServletContext.java:6458) | ||
+ | at weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticate | ||
+ | dSubject.java:321) | ||
+ | at weblogic.security.service.SecurityManager.runAs(SecurityManager.java: | ||
+ | 118) | ||
+ | at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppSe | ||
+ | rvletContext.java:3661) | ||
+ | at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestIm | ||
+ | pl.java:2630) | ||
+ | at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219) | ||
+ | at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178) |
Revision as of 19:25, 20 April 2007
Should this be in the Countermeasure category and listed on https://www.owasp.org/index.php/Category:Countermeasure?
Absolutely - fixed
Having hard time to get it working with Weblogic 8.1
I tried it out. For some reason, I always get this following statck trace. Could you please help?
java.lang.IllegalStateException: response already committed
at weblogic.servlet.jsp.JspWriterImpl.clear(JspWriterImpl.java:85) at jsp_servlet.__welcome._jspService(__welcome.java:2310) at weblogic.servlet.jsp.JspBase.service(JspBase.java:33) at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run
(ServletStubImpl.java:996)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubIm
pl.java:419)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:28) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
va:27)
at org.owasp.csrf.CSRFGuard.doChain(CSRFGuard.java:96) at org.owasp.csrf.CSRFGuard.doFilter(CSRFGuard.java:71) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
va:27)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationActio
n.run(WebAppServletContext.java:6458)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticate
dSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:
118)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppSe
rvletContext.java:3661)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestIm
pl.java:2630)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219) at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)