I recently deployed Subsonic as a web app, and ran into the problem wherein Subsonic cannot run on Tomcat 7 because the CSRF filter blocks many URLs. Searching on the forum here, the only answer given for this problem is to use Tomcat 6.
That may be OK for a while, but I'm hoping that's not the end of the story. Are there any plans to fix whatever is causing Subsonic to run afoul of the CSRF filter? It appears to be something in DWRP, but I don't know if it's strictly a DWRP problem, or something that Subsonic can address.
In my web research I came across an apache ticket for back-porting the CSRF filter into Tomcat 6 and 5. It seemed to be only for the Manager and Host-Manager apps, but I can't say for sure it won't be applied to all web apps, as is the case with Tomcat 7.
CSRF Filter in Tomcat 7
Moderator: moderators
1 post
• Page 1 of 1
1 post
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 24 guests