This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Talk:CSRF Guard
From OWASP
Revision as of 19:25, 20 April 2007 by Leiolay (talk | contribs) (Having hard time to get it working with Weblogic 8.1)
Should this be in the Countermeasure category and listed on https://www.owasp.org/index.php/Category:Countermeasure?
Absolutely - fixed
Having hard time to get it working with Weblogic 8.1
I tried it out. For some reason, I always get this following statck trace. Could you please help?
java.lang.IllegalStateException: response already committed
at weblogic.servlet.jsp.JspWriterImpl.clear(JspWriterImpl.java:85) at jsp_servlet.__welcome._jspService(__welcome.java:2310) at weblogic.servlet.jsp.JspBase.service(JspBase.java:33) at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run
(ServletStubImpl.java:996)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubIm
pl.java:419)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:28) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
va:27)
at org.owasp.csrf.CSRFGuard.doChain(CSRFGuard.java:96) at org.owasp.csrf.CSRFGuard.doFilter(CSRFGuard.java:71) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
va:27)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationActio
n.run(WebAppServletContext.java:6458)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticate
dSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:
118)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppSe
rvletContext.java:3661)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestIm
pl.java:2630)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219) at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)