struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex Rodriguez Lopez <alo...@flordeutopia.pt>
Subject Re: Cookie Manipulation attack
Date Thu, 27 May 2010 12:12:31 GMT
Em 27-05-2010 11:27, Vishnu Vyasan Nelliparmbil escreveu:
> Hi Guys,
>
> I am handling a application in which we have application in two
> languages. There is a Locale action for setting locale to English or
> Arabic based on the parameter being passed from the respective index
> pages. I.e. index_en.jsp and index_ar.jsp the parameter is passed as the
> POST variable.
>
> Now we conducted a security testing in which it was shown that the
> parameter has been changed in to some meta tag for cookie manipulation.
>
> If I try changing the parameter the dispatch action will throw an error
>
> java.lang.NoSuchMethodException:
>
> Now how could I redirect to error page if an exception is thrown in
> dispatch action?
>

Global exception mappings in struts.xml , maybe?

> Best Regards,
>
>
> Vishnu NV
>
> * *
>
> * *
>


---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message