[SERVLET_SPEC-23] Help prevent infinite loops Created: 07/Oct/11 Updated: 04/Jan/12 Resolved: 04/Jan/12
|Reporter:||markt_asf||Assignee:||Shing Wai Chan|
|Remaining Estimate:||Not Specified|
|Time Spent:||Not Specified|
|Original Estimate:||Not Specified|
It is possible to create an infinite loop within an application if a wrapper is passed to its own ServletRequestWrapper.setRequest() method. The same problem can occur with ServletResponseWrapper and the HTTP variants.
It would be helpful if the spec required that this was not permitted. The check should probably go further and check for loops (A wraps B wraps C wraps A).
|Comment by Shing Wai Chan [ 04/Jan/12 ]|
The issue has been discussed in Servlet 3.1 expert group.