[Owasp-stinger] Issues with HTTP content type

kumaran A.E kumaranae at gmail.com
Wed Oct 14 10:03:12 EDT 2009 

Hi All,

I am new to stinger and trying to include stinger in our project.

I have done all the changes respectively as mentioned in wiki. Attached the
stinger xml file for your reference.

While launching a jsp it throws message in the tomcat log,

[Stinger-Filter] caught a POST request with an incorrect content type header
(application/octet-stream) . Redirected to error page at stinger/error.html
[Stinger-Filter] caught a POST request with an incorrect content type header
(java-internal/) . Redirected to error page at stinger/error.html

Actually we need to bypass this one for our application. Not sure how to
exclude this content type.

also we are getting the below exception whenever we are launching the jsp
file,

Checking uri: /CSCOnm/servlet/login/login.jsp
java.lang.NumberFormatException: null
    at java.lang.Integer.parseInt(Integer.java:415)
    at java.lang.Integer.parseInt(Integer.java:497)
    at org.owasp.stinger.actions.Log.getHandler(Unknown Source)
    at org.owasp.stinger.actions.Log.doAction(Unknown Source)
    at org.owasp.stinger.Stinger.handleViolationActions(Unknown Source)
    at org.owasp.stinger.Stinger.handleViolations(Unknown Source)
    at org.owasp.stinger.Stinger.validate(Unknown Source)
    at org.owasp.stinger.StingerFilter.doFilter(Unknown Source)
    at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
    at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
    at
com.cisco.nm.cmf.util.AccessLogFilter.doFilter(AccessLogFilter.java:128)
    at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
    at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
    at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
    at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
    at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
    at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
    at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
    at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
    at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:199)
    at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:282)
    at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:754)
    at
org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:684)
    at
org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:876)
    at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
    at java.lang.Thread.run(Thread.java:595)
Oct 14, 2009 7:22:18 PM org.owasp.stinger.actions.Log doAction
INFO: parameter NULL with value
https://kuannama-wxp/CSCOnm/servlet/login/login.jsp from 10.77.203.52 has
been encoded

Please help me in resolving this issues.

Regards,
Kumaran.A.E
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-stinger/attachments/20091014/a4339fb2/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: stinger.xml
Type: text/xml
Size: 8005 bytes
Desc: not available
Url : https://lists.owasp.org/pipermail/owasp-stinger/attachments/20091014/a4339fb2/attachment.xml

More information about the Owasp-stinger mailing list