[Bug 59115] Part#getSubmittedFileName doesn't work corretly with double quotes in filenames.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59115 --- Comment #9 from Marco--- This option is in all Internet Explorer Version (8,9,10,11) for local and trusted networks present. The entry name is " Include local directory path when uploading files to a server". This entry is default enabled for trusted networks. I don't need this information. But when the "\" character is removed i has no chance to extract the correct filename. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Buffer overflow in jk_connect.c::nb_connect
Am 19.07.2016 um 00:20 schrieb Christopher Schultz: On 7/18/16 5:48 PM, Rainer Jung wrote: Am 18.07.2016 um 17:02 schrieb Christopher Schultz: All, Michael Deiner found a buffer overflow in the call to FD_SET macro on line 291 of jk_connect.c: 280> do { 281>rc = connect(sd, (const struct sockaddr *)>sa.sin, addr->salen); 282>} while (rc == -1 && errno == EINTR); 283> 284>if ((rc == -1) && (errno == EINPROGRESS || errno == EALREADY) 285> && (timeout > 0)) { 286>fd_set wfdset; 287>struct timeval tv; 288>socklen_t rclen = (socklen_t)sizeof(rc); 289> 290>FD_ZERO(); *291>FD_SET(sd, );* 292>tv.tv_sec = timeout / 1000; 293>tv.tv_usec = (timeout % 1000) * 1000; 294>rc = select(sd + 1, NULL, , NULL, ); I'd like to fix this so it won't bring-down the server :) But it quickly gets complicated. The method itself takes "sd" (a jk_sock_t) as an argument to the function, and we can check immediately whether it will cause FD_SET to overflow -- easy: just check to see if the value is too large -- but what should we do in that case? This function should be connecting to a back-end Tomcat server, but if we have too many outbound connections, we'll fail. I'm not sure it makes any sense to let things get this far. The proposed solution[1] is to use poll() instead of select(), but that won't work on every platform, plus I'd like to be able to fix the buffer overflow right away while we work-out a solution for poll() that will work in most environments. I think if the connection_pool_size exceeds FD_SETSIZE we should refuse to start. Any other behavior will eventually cause errors. +1 in principal. Unfortunately on Windows it seems the default for FD_SETSIZE is only 64. That's probably too small but it seems it is allowed on Windows to increase this limit during compilation: The variable FD_SETSIZE determines the maximum number of descriptors in a set. (The default value of FD_SETSIZE is 64, which can be modified by defining FD_SETSIZE to another value before including Winsock2.h.) Internally, socket handles in an fd_set structure are not represented as bit flags as in Berkeley Unix. Their data representation is opaque. That's ... weird. Okay. So we should IMHO aim for a) check connection pool size against FD_SETSIZE and fail during startup if too big - or we decrease it to the max value and log a warning? On *NIX, that value cannot reasonably be changed. I think we need to make all our decisions at compile-time and fail-fast at runtime. Yes, with "decrease it" I meant decreasing the configured pool size, just as you assumed below. Lowering to a reasonable maximum value is probably okay. I'm not sure which would be worse: requiring the administrator to fix a configuration problem before the server can even start (imagine a server that's been working for years without this config, now it requires some change) or auto-reconfiguring based upon a value the admin hasn't set. Actually... in cases where this would have affected users, the result would have been that everything is fine until there is a buffer overflow. Hopefully, the buffer overflow is fatal, but it might not be. So, lowering to a smaller value if connection_pool_size is too big sounds good to me. Log with severity=WARN is a good option for notification. b) define 1024 as the compile time FD_SETSIZE on Windows (same value as the default e.g. on Linux and on 32 Bit Solaris). We already use 250 as the default connection pool size. +1 c) allow to increase FD_SETSIZE when building on Windows because it is supported there. +1 We probably want something like JK_FD_SETSIZE defaults to 1024 and then FD_SETSIZE = JK_FD_SETSIZE in the build. I have absolutely no idea how on earth to do that for our Windows builds. d) use the existing macro HAVE_POLL to offer a poll based code path if poll was detected. I don't think HAVE_POLL is any kind of standard. I poked-around my Debian Linux environment and HAVE_POLL was defined in a number of header files, but it was unconditionally-defined to be "1" in files such as postgresql/pg_config.h, so I think the package-maintainers must have just said "this system has poll.h, let's just set HAVE_POLL=1 and call it a day". It is a define that our mod_jk build system sets when configure is used and detects during the configure run, that poll() is available. This define is already used in common/jk_connect.c at some places and could be used in nb_connect() as well. It only makes sense for platforms where configure is being run, ie. not on Windows and Netware, but nb_connect() already has different implementation lines for the three platform types (Windows, Netware, *Nix). Using poll() if HAVE_POLL is defined (ie. poll() is available), gives us a clean solution on most platforms except Windows, and if we allow to increase the FD_SETSIZE on Windows (and choose a sane default ourselves) people
[Bug 59115] Part#getSubmittedFileName doesn't work corretly with double quotes in filenames.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59115 --- Comment #8 from Konstantin Kolinko--- Sending full file path is a rather odd and insecure behaviour. Is this IE 11 not up-to-date, or does this behaviour depend on its security settings (e.g. server being in trusted network)? Some links https://tools.ietf.org/html/rfc6266 https://tools.ietf.org/html/rfc1867 https://www.w3.org/TR/2014/REC-html5-20141028/forms.html#file-upload-state-(type=file) http://commons.apache.org/proper/commons-fileupload/ -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [Tomcat Wiki] Update of "FrontPage" by KonstantinKolinko
2016-07-19 15:08 GMT+03:00 Mark Thomas: > On 19/07/2016 13:57, Apache Wiki wrote: >> Dear Wiki user, >> >> You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for >> change notification. >> >> The "FrontPage" page has been changed by KonstantinKolinko: >> https://wiki.apache.org/tomcat/FrontPage?action=diff=38=39 >> >> Comment: >> Use HTTPS url for the image, so that Firefox (47.0.1) does not complain >> about an insecure page when accessing wiki with https:// >> >> ##language:en >> = Welcome to the Apache Tomcat Wiki = >> - {{http://tomcat.apache.org/images/tomcat.gif}} >> + {{https://tomcat.apache.org/images/tomcat.gif}} > > Protocol relative //tomcat.apache.org/... > > Might a better option. > Thank you. I tried, but MoinMoin does not recognize such syntax in {{ }} as an image. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Tomcat Wiki] Update of "Specifications" by KonstantinKolinko
Dear Wiki user, You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change notification. The "Specifications" page has been changed by KonstantinKolinko: https://wiki.apache.org/tomcat/Specifications?action=diff=41=42 Comment: Add link to RFC 6266 === Related Specifications === - || [[http://tools.ietf.org/html/rfc2617|RFC 2617]] || "HTTP Authentication: Basic and Digest Access Authentication"<>It covers BASIC and DIGEST authentication methods<>It was updated by [[http://tools.ietf.org/html/rfc7235|RFC 7235]]. || + || [[http://tools.ietf.org/html/rfc2617|RFC 2617]] || "HTTP Authentication: Basic and Digest Access Authentication"<>It covers BASIC and DIGEST authentication methods<><>It was updated by [[http://tools.ietf.org/html/rfc7235|RFC 7235]]. || || [[https://tools.ietf.org/html/rfc6265|RFC 6265]] || "HTTP State Management Mechanism"<>The specification about cookies. Implemented by [[http://tomcat.apache.org/tomcat-8.0-doc/config/cookie-processor.html | org.apache.tomcat.util.http.Rfc6265CookieProcessor]] that is available since Tomcat 8.0.15 and is default with Tomcat 8.5.0 onwards. See also "Cookies" page in [[Development|"Development Issues"]].<><>Obsolete specifications: [[https://tools.ietf.org/html/rfc2109|RFC2109]], [[https://tools.ietf.org/html/rfc2965|RFC 2965]]. || + || [[https://tools.ietf.org/html/rfc6266|RFC 6266]] || "Use of the Content-Disposition Header Field in the Hypertext Transfer Protocol (HTTP)"<>Content-Disposition header is used by file uploads. See also [[https://bz.apache.org/bugzilla/show_bug.cgi?id=59115#c5|Bug 59115]] || == AJP == - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Tomcat Wiki] Update of "Specifications" by KonstantinKolinko
Dear Wiki user, You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change notification. The "Specifications" page has been changed by KonstantinKolinko: https://wiki.apache.org/tomcat/Specifications?action=diff=40=41 Comment: Add link to Cookies RFC. === Related Specifications === || [[http://tools.ietf.org/html/rfc2617|RFC 2617]] || "HTTP Authentication: Basic and Digest Access Authentication"<>It covers BASIC and DIGEST authentication methods<>It was updated by [[http://tools.ietf.org/html/rfc7235|RFC 7235]]. || + || [[https://tools.ietf.org/html/rfc6265|RFC 6265]] || "HTTP State Management Mechanism"<>The specification about cookies. Implemented by [[http://tomcat.apache.org/tomcat-8.0-doc/config/cookie-processor.html | org.apache.tomcat.util.http.Rfc6265CookieProcessor]] that is available since Tomcat 8.0.15 and is default with Tomcat 8.5.0 onwards. See also "Cookies" page in [[Development|"Development Issues"]].<><>Obsolete specifications: [[https://tools.ietf.org/html/rfc2109|RFC2109]], [[https://tools.ietf.org/html/rfc2965|RFC 2965]]. || == AJP == - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [Tomcat Wiki] Update of "FrontPage" by KonstantinKolinko
On 19/07/2016 13:57, Apache Wiki wrote: > Dear Wiki user, > > You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for > change notification. > > The "FrontPage" page has been changed by KonstantinKolinko: > https://wiki.apache.org/tomcat/FrontPage?action=diff=38=39 > > Comment: > Use HTTPS url for the image, so that Firefox (47.0.1) does not complain about > an insecure page when accessing wiki with https:// > > ##language:en > = Welcome to the Apache Tomcat Wiki = > - {{http://tomcat.apache.org/images/tomcat.gif}} > + {{https://tomcat.apache.org/images/tomcat.gif}} Protocol relative //tomcat.apache.org/... Might a better option. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Tomcat Wiki] Update of "FrontPage" by KonstantinKolinko
Dear Wiki user, You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change notification. The "FrontPage" page has been changed by KonstantinKolinko: https://wiki.apache.org/tomcat/FrontPage?action=diff=38=39 Comment: Use HTTPS url for the image, so that Firefox (47.0.1) does not complain about an insecure page when accessing wiki with https:// ##language:en = Welcome to the Apache Tomcat Wiki = - {{http://tomcat.apache.org/images/tomcat.gif}} + {{https://tomcat.apache.org/images/tomcat.gif}} This is the Wiki for Apache Tomcat, a Servlet and Java Server Pages container developed under the Apache License. The main documentation for this product is at [[http://tomcat.apache.org|tomcat.apache.org]]. Below is a list of some useful pages: we encourage everyone to contribute to these pages or start new ones as desired. But before you do, please check out the main documentation site as well as the [[FAQ]] and the [[http://tomcat.apache.org/lists.html|mailing lists]] (whose archives are searchable). - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1753366 - in /tomcat/tc8.0.x/trunk: ./ java/org/apache/catalina/valves/rewrite/ResolverImpl.java webapps/docs/changelog.xml
Author: remm Date: Tue Jul 19 11:28:17 2016 New Revision: 1753366 URL: http://svn.apache.org/viewvc?rev=1753366=rev Log: Compatibility with rewrite from httpd for non existing headers Modified: tomcat/tc8.0.x/trunk/ (props changed) tomcat/tc8.0.x/trunk/java/org/apache/catalina/valves/rewrite/ResolverImpl.java tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc8.0.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Tue Jul 19 11:28:17 2016 @@ -1,2 +1,2 @@ /tomcat/tc8.5.x/trunk:1735042,1737966,1743139-1743140,1744151,1747537,1747925,1748002 -/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1637890,1637892,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886 ,1644890,1644892,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1649973,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-1654852,1654978,1655122-1655124,1655126-1655127,1655129-1655130,1655132-1655133,1655312,1655351,1655438,1655441,1655454,168,1656087,1656299,1656319,1656331,1656345,1656350,1656590,1656648-1656650,1656657,1657041,1657054,1657374,1657492,1657510,1657565,1657580,1657584,1657586,1657589,1657 592,1657607,1657609,1657682,1657907,1658207,1658734,1658781,1658790,1658799,1658802,1658804,1658833,1658840,1658966,1659043,1659053,1659059,1659174,1659184,1659188-1659189,1659216,1659263,1659293,1659304,1659306-1659307,1659382,1659384,1659428,1659471,1659486,1659505,1659516,1659521,1659524,1659559,1659562,1659803,1659806,1659814,1659833,1659862,1659905,1659919,1659948,1659967,1659983-1659984,1660060,1660074,1660077,1660133,1660168,1660331-1660332,1660353,1660358,1660924,1661386,1661770,1661867,1661972,1661990,1662200,1662308-1662309,1662548,1662614,1662696,1662736,1662985,1662988-1662989,1663264,1663277,1663298,1663534,1663562,1663676,1663715,1663754,1663768,1663772,1663781,1663893,1663995,1664143,1664163,1664174,1664301,1664317,1664347,1664657,1664659,1664710,1664863-1664864,1664866,1665085,1665292,1665559,1665653,1665661,1665672,1665694,1665697,1665736,1665779,1665976-1665977,1665980-1665981,1665985-1665986,1665989,1665998,1666004,1666008,1666013,1666017,1666024,1666116,1666386-1 666387,1666494,1666496,1666552,1666569,1666579,137,149,1666757,1666966,1666972,1666985,1666995,1666997,1667292,1667402,1667406,1667546,1667615,1667630,1667636,1667688,1667764,1667871,1668026,1668135,1668193,1668593,1668596,1668630,1668639,1668843,1669353,1669370,1669451,1669800,1669838,1669876,1669882,1670394,1670433,1670591,1670598-1670600,1670610,1670631,1670719,1670724,1670726,1670730,1670940,1671112,1672272,1672284,1673754,1674294,1675461,1675486,1675594,1675830,1676231,1676250-1676251,1676364,1676381,1676393,1676479,1676525,1676552,1676615,1676630,1676634,1676721,1676926,1676943,1677140,1677802,1678011,1678162,1678174,1678339,1678426-1678427,1678694,1678701,1679534,1679708,1679710,1679716,1680034,1680246,1681056,1681123,1681138,1681280,1681283,1681286,1681450,1681697,1681699,1681701,1681729,1681770,1681779,1681793,1681807,1681837-1681838,1681854,1681862,1681958,1682028,1682033,1682311,1682315,1682317,1682320,1682324,1682330,1682842,1684172,1684366,1684383,1684526-168452
svn commit: r1753365 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/catalina/valves/rewrite/ResolverImpl.java webapps/docs/changelog.xml
Author: remm Date: Tue Jul 19 11:25:19 2016 New Revision: 1753365 URL: http://svn.apache.org/viewvc?rev=1753365=rev Log: Compatibility with rewrite from httpd for non existing headers Modified: tomcat/tc8.5.x/trunk/ (props changed) tomcat/tc8.5.x/trunk/java/org/apache/catalina/valves/rewrite/ResolverImpl.java tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc8.5.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Tue Jul 19 11:25:19 2016 @@ -1 +1 @@ -/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501 ,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747536,1747 924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750899,1750975,1750995,1751061,1751097,1751438,1751447,1751463,1751702,1752212,1752737,1752745 +/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501 ,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747536,1747
svn commit: r1753363 - in /tomcat/trunk: java/org/apache/catalina/valves/rewrite/ResolverImpl.java webapps/docs/changelog.xml
Author: remm Date: Tue Jul 19 11:20:34 2016 New Revision: 1753363 URL: http://svn.apache.org/viewvc?rev=1753363=rev Log: Cleanup. Modified: tomcat/trunk/java/org/apache/catalina/valves/rewrite/ResolverImpl.java tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/java/org/apache/catalina/valves/rewrite/ResolverImpl.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/valves/rewrite/ResolverImpl.java?rev=1753363=1753362=1753363=diff == --- tomcat/trunk/java/org/apache/catalina/valves/rewrite/ResolverImpl.java (original) +++ tomcat/trunk/java/org/apache/catalina/valves/rewrite/ResolverImpl.java Tue Jul 19 11:20:34 2016 @@ -143,10 +143,11 @@ public class ResolverImpl extends Resolv @Override public String resolveHttp(String key) { String header = request.getHeader(key); -if (header == null) -return ""; -else +if (header == null) { +return ""; +} else { return header; +} } @Override Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1753363=1753362=1753363=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Tue Jul 19 11:20:34 2016 @@ -58,6 +58,10 @@ unexpected initialisation thread and if initilisation is not thread-safe the initialisation can then fail. (markt) + +Compatibility with rewrite from httpd for non existing headers. +(jfclere) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59115] Part#getSubmittedFileName doesn't work corretly with double quotes in filenames.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59115 Mark Thomaschanged: What|Removed |Added Status|REOPENED|RESOLVED Resolution|--- |FIXED --- Comment #7 from Mark Thomas --- IE 11 is not specification compliant. As per comment #5, you'll need to raise a bug with Microsoft in the first instance. In the meantime, you can manually parse the header yourself with custom rules for IE11 if you need that information. If Microsoft refuse to fix the bug then you should open a new enhancement request for Tomcat to apply special handling in this case. There is no guarantee that such an enhancement request will be implemented. The Tomcat team generally does not implement work-arounds for bugs in third-party code. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1753358 - /tomcat/trunk/java/org/apache/catalina/valves/rewrite/ResolverImpl.java
Author: jfclere Date: Tue Jul 19 09:39:07 2016 New Revision: 1753358 URL: http://svn.apache.org/viewvc?rev=1753358=rev Log: It is possible to test for null but for "". So: RewriteCond %{HTTP:proxy} .+ RewriteRule .* - [F] Now works lik in mod_rewrite. Modified: tomcat/trunk/java/org/apache/catalina/valves/rewrite/ResolverImpl.java Modified: tomcat/trunk/java/org/apache/catalina/valves/rewrite/ResolverImpl.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/valves/rewrite/ResolverImpl.java?rev=1753358=1753357=1753358=diff == --- tomcat/trunk/java/org/apache/catalina/valves/rewrite/ResolverImpl.java (original) +++ tomcat/trunk/java/org/apache/catalina/valves/rewrite/ResolverImpl.java Tue Jul 19 09:39:07 2016 @@ -142,7 +142,11 @@ public class ResolverImpl extends Resolv @Override public String resolveHttp(String key) { -return request.getHeader(key); +String header = request.getHeader(key); +if (header == null) +return ""; +else +return header; } @Override - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59868] HTMLManager's output of host name and IP address is misleading
https://bz.apache.org/bugzilla/show_bug.cgi?id=59868 --- Comment #9 from Remy Maucherat--- I wasn't fine with changing the output to something like request.getLocalName(). I am fine with a clarification but it did seem intuitive enough at this point. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org