+1 (Just noticed I didn’t actually vote ;-) )

I agree with Tom … next release will have it fixed anyway.

Chris



Am 30.03.17, 13:45 schrieb "Tom Chiverton" <t...@extravision.com>:

    +1 - the headers is not a serious enough issue to hold up the release.
    
    Tom
    
    
    On 27/03/17 22:13, Christofer Dutz wrote:
    > Hi,
    >
    > This is Apache Flex BlazeDS 4.7.3 release candidate 1.
    >
    > RELEASE NOTES:
    >
    > Apache Flex BlazeDS 4.7.3 is an update to 4.7.2 which adds a new
    > blazeds-spring-boot-starter module for easily setting up a BlazeDS server 
with
    > Spring Boot. It also provides Maven archetypes for easily creating new 
spring-boot
    > project that make use of BlazeDS. We also did quite a lot of fine-tuning 
of the
    > security default settings to make BlazeDS more secure.
    >
    > Starting with 4.7.3 BlazeDS Deserialization of XML is disabled completely 
per default
    > but can easily be enabled in your services-config.xml:
    >
    >      <channels>
    >          <channel-definition id="amf" 
class="mx.messaging.channels.AMFChannel">
    >              <endpoint 
url="http://{server.name}:{server.port}/{context.root}/messagebroker/amf";
    >                        class="flex.messaging.endpoints.AMFEndpoint"/>
    >              <properties>
    >                  <serialization>
    >                      <allow-xml>true</allow-xml>
    >                  </serialization>
    >              </properties>
    >          </channel-definition>
    >      </channels>
    >
    > Also we now enable the ClassDeserializationValidator per default to only 
allow
    > deserialization of whitelisted classes. BlazeDS internally comes with the 
following
    > whitelist:
    >
    >      flex.messaging.io.amf.ASObject
    >      flex.messaging.io.amf.SerializedObject
    >      flex.messaging.io.ArrayCollection
    >      flex.messaging.io.ArrayList
    >      flex.messaging.messages.AcknowledgeMessage
    >      flex.messaging.messages.AcknowledgeMessageExt
    >      flex.messaging.messages.AsyncMessage
    >      flex.messaging.messages.AsyncMessageExt
    >      flex.messaging.messages.CommandMessage
    >      flex.messaging.messages.CommandMessageExt
    >      flex.messaging.messages.ErrorMessage
    >      flex.messaging.messages.HTTPMessage
    >      flex.messaging.messages.RemotingMessage
    >      flex.messaging.messages.SOAPMessage
    >      java.lang.Boolean
    >      java.lang.Byte
    >      java.lang.Character
    >      java.lang.Double
    >      java.lang.Float
    >      java.lang.Integer
    >      java.lang.Long
    >      java.lang.Object
    >      java.lang.Short
    >      java.lang.String
    >      java.util.ArrayList
    >      java.util.Date
    >      java.util.HashMap
    >      org.w3c.dom.Document
    >
    > If you need to deserialize any other classes, be sure to register them in 
your
    > services-config.xml:
    >
    >      <validators>
    >          <validator 
class="flex.messaging.validators.ClassDeserializationValidator">
    >              <properties>
    >                  <allow-classes>
    >                      <class name="org.mycoolproject.*"/>
    >                      <class name="flex.messaging.messages.*"/>
    >                      <class name="flex.messaging.io.amf.ASObject"/>
    >                  </allow-classes>
    >              </properties>
    >          </validator>
    >      </validators>
    >
    > (Beware, by manually providing a whitelist the default whitelist is 
disabled)
    >
    > Known Issues
    > _____________
    > FLEX-34648 Memory Leak occurred in AsyncMessage when sending a lot of 
messages
    >
    > 
-----------------------------------------------------------------------------------
    >
    > The release candidate can be found here:
    > 
https://repository.apache.org/content/repositories/orgapacheflex-1019/org/apache/flex/blazeds/blazeds/4.7.3/blazeds-4.7.3-source-release.zip<https://repository.apache.org/content/repositories/orgapacheflex-1019/org/apache/flex/blazeds/blazeds/4.7.3/>
    >
    > Before voting please review the section,"What are the ASF requirements on
    > approving a release?", at: 
http://www.apache.org/dev/release.html#approving-a-release
    >
    > At a minimum you would be expected to check that:
    > - MD5 and signed packages are correct
    > - README, RELEASE_NOTES, NOTICE and LICENSE files are all fine
    > - That you can compile from source package
    > - That the SDK can be used in your IDE of choice
    > - That the SDK can be used to make a mobile, desktop and browser
    > application
    >
    > Please vote to approve this release:
    > +1 Approve the release
    > -1 Don’t approve the release (please provide specific comments to why)
    >
    > This vote will be open for 72 hours or until a result can be called.
    >
    > The vote passes if there is:
    > - At least 3 +1 votes from the PMC
    > - More positive votes than negative votes
    >
    > If you find an issue with the release that's a "show stopper" please don't
    > hold off voting -1. If someone votes -1 please continue testing we want to
    > try and catch as many issues as we can and cut down on the number of
    > release candidates. Remember existing voters can change their vote during
    > the voting process.
    >
    > People who are not in PMC are also encouraged to test out the release and
    > vote, although their votes will not be binding, they can influence how the
    > PMC votes.
    >
    > When voting please indicate what OS, IDE, Java- and Maven Version, you
    > tested BlazeDS with.
    >
    > Please put all discussion about this release in the DISCUSSION thread not
    > this VOTE thread.
    >
    > Thanks,
    >        Chris
    >
    >
    >
    > ______________________________________________________________________
    > This email has been scanned by the Symantec Email Security.cloud service.
    > For more information please visit http://www.symanteccloud.com
    > ______________________________________________________________________
    
    

Reply via email to