Re: [VOTE] Release Apache Tomcat Native 1.2.25
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 8/21/20 14:22, Mark Thomas wrote: > Version 1.2.25 includes the following changes compared to 1.2.24 > > - Improvements to LibreSSL support > > - Improvements to HP_UX support > > Various other fixes and improvements. See the changelog for > details. > > The proposed release artefacts can be found at [1], and the build > was done using tag [2]. > > The Apache Tomcat Native 1.2.25 release is [ ] Stable, go ahead and > release [ ] Broken because of ... Thanks for rm'ing. All signatures match. Compiles without issue (gcc 6.3.0, OpenSSL 1.1.0l (+Debian), APR 1.5.2). I wasn't able to perform any actual testing; this is a +0 vote for compile-test success only. Looks like no unit-tests. "make check" fails immediately; looks like it wasn't really expected to work :shrug: - -chris -BEGIN PGP SIGNATURE- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl9QSeoACgkQHPApP6U8 pFhenw//R3zSula9q4uPUw+AXm/untLbXme7nVkC0K9yrZVQusvRJaU2AafEhBC2 9RxgfsOnR71VbUWBCezYjfphDMIQBgtgccr2fRYX+GTEUN3vTsSxF1RASpiOuIIN eZGtLUukpiP8UdOPrPHEPlfE1XI13YwJ7RhSuNvqgSAb2MAx+72ssBpigywTBs13 9Y1AZ7UjdvvfcN7TuE24fX4mh6ltfZc/gYL13X/UW5GijVilM5l4932eKAvOFBhn mQuKx/nmdTuV6zNZ7RQcaV6Af2QL3eRn1uxjCQmPHzBl77TD5kSf/nXa7DTTJmrv 8+O50mT2uznF5Op1Eb3StHsW/dhMI2ZHDVk15xU6jcLmxEluBAFLMdAPhb6k9Hvz Drt8C3SrpcQmdx3SFdtXxdznpaCOnyrUXv/YXhnoALOy6jmKz7ZnpFzOhc27DoIV zLFoQ6SpDPy0R6emqkDsKgkF/gLbgnpDh6chyLoUU6L54BGX24cVoaTF52Ucwhfl Nk4/KpiZopCiVKkIK4IJvJP92AIIRfRY1B8y8LEohZ6tm2VshHA9dT4mhnB1bsLc N8ORq44eghgZz3TjgGT1UVXS+KP4W0hWeLw0rwBD1B+bBdN4A2Li392/yXcz3Ugb 8IiSWqHh0L3JuRdHSsxw1eY+LhAE6m23OxIMLJOu/eyS3I+I2Z8= =AKkE -END PGP SIGNATURE- - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: security.txt
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 9/1/20 14:38, Mark Thomas wrote: > On 01/09/2020 18:01, Christopher Schultz wrote: >> All, >> >> I'd like to propose that we publish a security.txt[1] file on our >> web site under /.well-known/security.txt and /security.txt >> >> This file contains information we all already know, but it's in >> obviously "proprietary" locations on our web site and might not >> easily be found by someone who maybe doesn't speak English, etc. >> >> Here's my proposed content: >> >> Contact: secur...@tomcat.apache.org Contact: >> https://tomcat.apache.org/security.html#Reporting_New_Security_Proble ms_ >> >> with_Apache_Tomcat >> Acknowledgments: https://tomcat.apache.org/security.html >> Preferred-Languages: en Canonical: >> https://tomcat.apache.org/.well-known/security.txt Hiring: >> https://tomcat.apache.org/getinvolved.html >> >> If there are no objections, I'll add it to the site repo, soon. > > +1 > >> What's the best way to make sure that the same file ends up in >> /.well-known/security.txt and /security.txt? Can git link them >> together or something like that? > > The site is in svn. Oh, right. I modify the site so rarely I forget it hasn't migrated to Gi t. > A rewrite rule? Sure. Shall I put an .htaccess file into the site's repo, then, at the top-level? RedirectPermanent /security.txt /.well-known/security.txt ? Aah, there's already a top-level .htaccess file. I'll just add to that one. - -chris -BEGIN PGP SIGNATURE- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl9QSTsACgkQHPApP6U8 pFiAGxAAhw/9IDGM7BbNCMGzhPkQwFrB8z+2rm25rmpJBYwYU/ZcnnIbky5Olz1x 83oygeQKTofmllEvZoAqyQEr3woFH2MZWL7/qluvCKhHpnxDBsYb6wYNX3pX9L1H SXHb237GiUEbKYLpwYtjjxOWQwbjTCGNm7fHtSW2X0luyvzjHDZd38WsIBI+JvRS KtYUwPTvzpRYWxzdx8feojUp+IUGrU6OUs39rYnbtNcgpZ7bpfmwFhH40K6BXjcb AzW1bIYWpyA2AeQw0jGoXPvReDwn3iOR4aO/IUSdTTWuVD8Tw+ChFDcWkcqcYXq/ lYkA+p/ceM+qBzCXxQK/rvjmN5DQZ1y7P3sHJBRvqCp/lcmK/JNFfzo0+e0sR3Yc ltSLqRKgdnvcNO8BRE1PJiz+b7S6Du8/OB66/byQduwacUUbz7pPxlNu1CkwKxh8 a5DGwiYnG5tAthbf512ASgWkFtU97et9JOwv0TXiTfVF9DVxw3Fp+6a1Akkh1+hZ Ebsliwp0FcAb8K6lhdNjG7LJik5vQrqCfJ6tJchwpmsCqfMCXb1+dApv6fFlTP0a Uf30XwzJkNX/uPqP1AAPFetUVBJScHwwNf5WH+/FtK1M15Ykj7hjPPNMFY1ej3Hp fdWaiP3LfZV8gR8HM4V5MM8OPkIKc0mUWxVs1WDSA46e4+Cf4kU= =aN45 -END PGP SIGNATURE- - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] kamnani commented on a change in pull request #351: Remove White Spaces from the JSP files
kamnani commented on a change in pull request #351: URL: https://github.com/apache/tomcat/pull/351#discussion_r482630409 ## File path: java/org/apache/jasper/JspC.java ## @@ -195,6 +196,7 @@ protected boolean compile = false; protected boolean failFast = false; protected boolean smapSuppressed = true; +protected boolean JSPWhiteSpaceTrimming = false; Review comment: Will change it to : jspWhiteSpaceTrimming This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] kamnani commented on a change in pull request #351: Remove White Spaces from the JSP files
kamnani commented on a change in pull request #351:
URL: https://github.com/apache/tomcat/pull/351#discussion_r482630168
##
File path: java/org/apache/jasper/compiler/Generator.java
##
@@ -81,6 +83,13 @@
private static final Class[] OBJECT_CLASS = { Object.class };
+//context param to enable or disable the excess white space trimming.
+private static final String JSP_WHITE_SPACE_TRIMMING =
"JSPWhiteSpaceTrimming";
+
+private static final Pattern PRE_TAG_PATTERN =
Pattern.compile("(?s).*(|).*");
+
+private static final Pattern BLANK_LINE_PATTERN =
Pattern.compile("(\\s*(\\n|\\r)+\\s*)");
Review comment:
I think we might need to add another JSP file, with the patterns. I will
look into it
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] kamnani commented on a change in pull request #351: Remove White Spaces from the JSP files
kamnani commented on a change in pull request #351:
URL: https://github.com/apache/tomcat/pull/351#discussion_r482630168
##
File path: java/org/apache/jasper/compiler/Generator.java
##
@@ -81,6 +83,13 @@
private static final Class[] OBJECT_CLASS = { Object.class };
+//context param to enable or disable the excess white space trimming.
+private static final String JSP_WHITE_SPACE_TRIMMING =
"JSPWhiteSpaceTrimming";
+
+private static final Pattern PRE_TAG_PATTERN =
Pattern.compile("(?s).*(|).*");
+
+private static final Pattern BLANK_LINE_PATTERN =
Pattern.compile("(\\s*(\\n|\\r)+\\s*)");
Review comment:
I think we might need to add another JSP file, with the patterns. I will
look into it.Thanks
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] kamnani commented on a change in pull request #351: Remove White Spaces from the JSP files
kamnani commented on a change in pull request #351: URL: https://github.com/apache/tomcat/pull/351#discussion_r482630308 ## File path: java/org/apache/jasper/Options.java ## @@ -47,6 +47,13 @@ */ public boolean getKeepGenerated(); +/** + * Returns the Value of JSPWhiteSpaceTrimming Flag Review comment: Yes, I think I can add some description there This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] kamnani commented on a change in pull request #351: Remove White Spaces from the JSP files
kamnani commented on a change in pull request #351:
URL: https://github.com/apache/tomcat/pull/351#discussion_r482622880
##
File path: java/org/apache/jasper/EmbeddedServletOptions.java
##
@@ -635,6 +648,19 @@ public EmbeddedServletOptions(ServletConfig config,
ServletContext context) {
}
}
+String jspWhiteSpaceTrim =
config.getInitParameter("JSPWhiteSpaceTrimming");
+if (jspWhiteSpaceTrim != null) {
+if (jspWhiteSpaceTrim.equalsIgnoreCase("true")) {
+this.JSPWhiteSpaceTrimming = true;
+} else if (jspWhiteSpaceTrim.equalsIgnoreCase("false")) {
+this.JSPWhiteSpaceTrimming = false;
+} else {
+if (log.isWarnEnabled()) {
+log.warn(Localizer.getMessage("Invalid Value for the
flag"));
Review comment:
Yes, I think we can add the name of the flag. That can be done.
##
File path: java/org/apache/jasper/compiler/Generator.java
##
@@ -81,6 +83,13 @@
private static final Class[] OBJECT_CLASS = { Object.class };
+//context param to enable or disable the excess white space trimming.
+private static final String JSP_WHITE_SPACE_TRIMMING =
"JSPWhiteSpaceTrimming";
+
+private static final Pattern PRE_TAG_PATTERN =
Pattern.compile("(?s).*(|).*");
+
+private static final Pattern BLANK_LINE_PATTERN =
Pattern.compile("(\\s*(\\n|\\r)+\\s*)");
Review comment:
I think we need input here, if we should add another webapp - for
testing this change.
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] kdillane commented on a change in pull request #351: Remove White Spaces from the JSP files
kdillane commented on a change in pull request #351:
URL: https://github.com/apache/tomcat/pull/351#discussion_r482627998
##
File path: java/org/apache/jasper/compiler/Generator.java
##
@@ -81,6 +83,13 @@
private static final Class[] OBJECT_CLASS = { Object.class };
+//context param to enable or disable the excess white space trimming.
+private static final String JSP_WHITE_SPACE_TRIMMING =
"JSPWhiteSpaceTrimming";
+
+private static final Pattern PRE_TAG_PATTERN =
Pattern.compile("(?s).*(|).*");
+
+private static final Pattern BLANK_LINE_PATTERN =
Pattern.compile("(\\s*(\\n|\\r)+\\s*)");
Review comment:
Can we not add tests here:
https://github.com/apache/tomcat/blob/master/test/org/apache/jasper/compiler/TestGenerator.java?
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] kamnani commented on a change in pull request #351: Remove White Spaces from the JSP files
kamnani commented on a change in pull request #351:
URL: https://github.com/apache/tomcat/pull/351#discussion_r482623460
##
File path: java/org/apache/jasper/compiler/Generator.java
##
@@ -81,6 +83,13 @@
private static final Class[] OBJECT_CLASS = { Object.class };
+//context param to enable or disable the excess white space trimming.
+private static final String JSP_WHITE_SPACE_TRIMMING =
"JSPWhiteSpaceTrimming";
+
+private static final Pattern PRE_TAG_PATTERN =
Pattern.compile("(?s).*(|).*");
+
+private static final Pattern BLANK_LINE_PATTERN =
Pattern.compile("(\\s*(\\n|\\r)+\\s*)");
Review comment:
I think we need input here, if we should add another webapp - for
testing this change.
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] kamnani commented on a change in pull request #351: Remove White Spaces from the JSP files
kamnani commented on a change in pull request #351:
URL: https://github.com/apache/tomcat/pull/351#discussion_r482622880
##
File path: java/org/apache/jasper/EmbeddedServletOptions.java
##
@@ -635,6 +648,19 @@ public EmbeddedServletOptions(ServletConfig config,
ServletContext context) {
}
}
+String jspWhiteSpaceTrim =
config.getInitParameter("JSPWhiteSpaceTrimming");
+if (jspWhiteSpaceTrim != null) {
+if (jspWhiteSpaceTrim.equalsIgnoreCase("true")) {
+this.JSPWhiteSpaceTrimming = true;
+} else if (jspWhiteSpaceTrim.equalsIgnoreCase("false")) {
+this.JSPWhiteSpaceTrimming = false;
+} else {
+if (log.isWarnEnabled()) {
+log.warn(Localizer.getMessage("Invalid Value for the
flag"));
Review comment:
Yes, I think we can add the name of the flag. That can be done.
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] kdillane commented on a change in pull request #351: Remove White Spaces from the JSP files
kdillane commented on a change in pull request #351:
URL: https://github.com/apache/tomcat/pull/351#discussion_r482606855
##
File path: java/org/apache/jasper/EmbeddedServletOptions.java
##
@@ -635,6 +648,19 @@ public EmbeddedServletOptions(ServletConfig config,
ServletContext context) {
}
}
+String jspWhiteSpaceTrim =
config.getInitParameter("JSPWhiteSpaceTrimming");
+if (jspWhiteSpaceTrim != null) {
+if (jspWhiteSpaceTrim.equalsIgnoreCase("true")) {
+this.JSPWhiteSpaceTrimming = true;
+} else if (jspWhiteSpaceTrim.equalsIgnoreCase("false")) {
+this.JSPWhiteSpaceTrimming = false;
+} else {
+if (log.isWarnEnabled()) {
+log.warn(Localizer.getMessage("Invalid Value for the
flag"));
Review comment:
Should you include which flag has an invalid value?
##
File path: java/org/apache/jasper/compiler/Generator.java
##
@@ -81,6 +83,13 @@
private static final Class[] OBJECT_CLASS = { Object.class };
+//context param to enable or disable the excess white space trimming.
+private static final String JSP_WHITE_SPACE_TRIMMING =
"JSPWhiteSpaceTrimming";
Review comment:
Where is this used?
##
File path: java/org/apache/jasper/JspC.java
##
@@ -195,6 +196,7 @@
protected boolean compile = false;
protected boolean failFast = false;
protected boolean smapSuppressed = true;
+protected boolean JSPWhiteSpaceTrimming = false;
Review comment:
Similar camelCase comment.
##
File path: java/org/apache/jasper/JspC.java
##
@@ -137,6 +137,7 @@
protected static final String SWITCH_POOLING = "-poolingEnabled";
protected static final String SWITCH_ENCODING = "-javaEncoding";
protected static final String SWITCH_SMAP = "-smap";
+protected static final String JSP_WHITE_SPACE_TRIM =
"-JSPWhiteSpaceTrimming";
Review comment:
The flags surrounding this one all follow camelCase. Should we update
the flag name here to follow?
##
File path: java/org/apache/jasper/Options.java
##
@@ -47,6 +47,13 @@
*/
public boolean getKeepGenerated();
+/**
+ * Returns the Value of JSPWhiteSpaceTrimming Flag
Review comment:
Provide a description that explains the impact of enabling this flag.
It's somewhat clear from the name, but being explicit helps.
##
File path: java/org/apache/jasper/compiler/Generator.java
##
@@ -81,6 +83,13 @@
private static final Class[] OBJECT_CLASS = { Object.class };
+//context param to enable or disable the excess white space trimming.
+private static final String JSP_WHITE_SPACE_TRIMMING =
"JSPWhiteSpaceTrimming";
+
+private static final Pattern PRE_TAG_PATTERN =
Pattern.compile("(?s).*(|).*");
+
+private static final Pattern BLANK_LINE_PATTERN =
Pattern.compile("(\\s*(\\n|\\r)+\\s*)");
Review comment:
We should provide a set of test cases that exercises these matchers.
##
File path: java/org/apache/jasper/compiler/Generator.java
##
@@ -2095,6 +2104,20 @@ public void visit(Node.JspElement n) throws
JasperException {
public void visit(Node.TemplateText n) throws JasperException {
String text = n.getText();
+// If the flag is active, attempt to minimize the frequency of
+// regex operations.
+if ((ctxt!=null) &&
+ctxt.getOptions().getJSPWhiteSpaceTrimFlag() &&
+text.contains("\n")) {
+// Ensure there are no or tags embedded in this
+// text - if there are, we want to NOT modify the whitespace.
+Matcher preMatcher = PRE_TAG_PATTERN.matcher(text);
Review comment:
Are we guaranteed to have well-formed tags here (i.e. open/close) or
could this split across tags? What are examples of text we might expect here?
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] kamnani commented on pull request #351: Remove White Spaces from the JSP files
kamnani commented on pull request #351: URL: https://github.com/apache/tomcat/pull/351#issuecomment-686061378 @rotty3000 Thanks for the comment. I have added the flag inside the jasper options as mentioned by you. Do we need any other change to this PR? This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] rotty3000 commented on pull request #351: Remove White Spaces from the JSP files
rotty3000 commented on pull request #351: URL: https://github.com/apache/tomcat/pull/351#issuecomment-685946608 I've been wondering why this flag is set by a context param instead of along with all other jsp compiler flags in the [jasper options](https://github.com/apache/tomcat/blob/master/java/org/apache/jasper/Options.java)? This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat Native 1.2.25
Am 21.08.20 um 20:22 schrieb Mark Thomas: > Version 1.2.25 includes the following changes compared to 1.2.24 > > - Improvements to LibreSSL support > > - Improvements to HP_UX support > > Various other fixes and improvements. See the changelog for details. > > The proposed release artefacts can be found at [1], > and the build was done using tag [2]. > > The Apache Tomcat Native 1.2.25 release is > [x] Stable, go ahead and release > [ ] Broken because of ... Unit tests ran OK with openssl 1.1.1g ( a few failures with libressl 3.1.4) Felix > Thanks, > > Mark > > > [1] > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-connectors/native/1.2.25 > [2] > https://gitbox.apache.org/repos/asf?p=tomcat-native.git;a=commit;h=a94590ec2a5e40b168a9494144125a52f41ed0b2 > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] markt-asf commented on pull request #332: Support sending the 100 continue response when the servlet reads the …
markt-asf commented on pull request #332: URL: https://github.com/apache/tomcat/pull/332#issuecomment-685933557 I just wanted to note that there are some edge cases - mainly around FORM authentication - I want to think about more carefully. I am also looking at do more via ActionCode.ACK. I'm unlikely to finish this today. I'll continue tomorrow. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] kamnani opened a new pull request #352: Optimizing Resource Lookup using Bloom Filter
kamnani opened a new pull request #352: URL: https://github.com/apache/tomcat/pull/352 This is a redo of Previous PR: https://github.com/apache/tomcat/pull/348 The following changes have been made based on the suggestions earlier: 1) Flag can be passed through Host Configuration. By default it remains false and Tomcat's default behavior will be untouched. See example below. 2) Jar Contents will be refreshed every 60 seconds if corresponding jar file has been modified. 3) PR is against master. Apologies in case something is missed. Example on Bloom Filter : https://llimllib.github.io/bloomfilter-tutorial/#:~:text=A%20Bloom%20filter%20is%20a,may%20be%20in%20the%20set. ``` This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] kamnani opened a new pull request #351: Remove White Spaces from the JSP files
kamnani opened a new pull request #351: URL: https://github.com/apache/tomcat/pull/351 This is a redo of Previous CR : https://github.com/apache/tomcat/pull/331 These changes enable the compiler to remove excess white space from the JSP files & thus reduce the JVM metadata _(Constant whitespace in a JSP is passed unchanged to the client browser (indentations, newlines, etc.). This results in bloated constant strings, and general waste in I/O operations. Trimming this whitespace results in smaller constants)._ This can be controlled by providing context init params inside web.xml file. Example attached. Based on your previous suggestions the following changes have been made: 1) Pre tags will be left untouched - to protect the behavioral changes on that tag. 2) By default this remains false, and thus will not affect any other supporting feature (SMAP for instance as suggested in previous CR) . 3) The flag is now initialized as a context param as mentioned in the example below. Apologies in case something is missed out. If any official documentation is required, can you attach the links on the PR? ``` JSPWhiteSpaceTrimming true This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] kamnani closed pull request #350: Optimize Resource Lookup Logic using bloom Filter
kamnani closed pull request #350: URL: https://github.com/apache/tomcat/pull/350 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] markt-asf commented on pull request #332: Support sending the 100 continue response when the servlet reads the …
markt-asf commented on pull request #332: URL: https://github.com/apache/tomcat/pull/332#issuecomment-685776905 I'm planning on looking at this next. I'll probably end up merging it manually as I find it easier to review larger PRs that way. I expect to back-port it to at least 8.5.x and, depending on how much extra work is involved, 7.0.x as well. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 64705] Host header differing from URL host is still allowed (even when allowHostHeaderMismatch="false" in Connector)
https://bz.apache.org/bugzilla/show_bug.cgi?id=64705 --- Comment #2 from Ronny Standnes-Ellstrøm --- (In reply to Mark Thomas from comment #1) > postman isn't doing what you think it is. Testing via telnet confirms Tomcat > 9.0.x is working as designed (and there have been no changes in this area > recently). Yes. I tried it myself with telnet now. Postman strips away the hostname part from the GET request. The report in the Postman console shows the GET request with the host part included. If we view the Raw data, then we see the URL was stripped away. Sorry for the false alarm. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Tweak the debug logging so the content of all header packets are dumped
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 7cef66b Tweak the debug logging so the content of all header packets
are dumped
7cef66b is described below
commit 7cef66bea2d04c266b6cf62dd63821e529d12fe9
Author: Mark Thomas
AuthorDate: Wed Sep 2 12:08:43 2020 +0100
Tweak the debug logging so the content of all header packets are dumped
---
java/org/apache/coyote/http11/Http11InputBuffer.java | 12 +++-
1 file changed, 7 insertions(+), 5 deletions(-)
diff --git a/java/org/apache/coyote/http11/Http11InputBuffer.java
b/java/org/apache/coyote/http11/Http11InputBuffer.java
index 3b2c118..3ed3f20 100644
--- a/java/org/apache/coyote/http11/Http11InputBuffer.java
+++ b/java/org/apache/coyote/http11/Http11InputBuffer.java
@@ -399,10 +399,6 @@ public class Http11InputBuffer implements InputBuffer,
ApplicationBufferHandler
parsingRequestLineStart = byteBuffer.position();
parsingRequestLinePhase = 2;
-if (log.isDebugEnabled()) {
-log.debug("Received ["
-+ new String(byteBuffer.array(),
byteBuffer.position(), byteBuffer.remaining(), StandardCharsets.ISO_8859_1) +
"]");
-}
}
if (parsingRequestLinePhase == 2) {
//
@@ -769,7 +765,7 @@ public class Http11InputBuffer implements InputBuffer,
ApplicationBufferHandler
private boolean fill(boolean block) throws IOException {
if (log.isDebugEnabled()) {
-log.debug("parsingHeader: [" + parsingHeader +
+log.debug("Before fill(): [" + parsingHeader +
"], parsingRequestLine: [" + parsingRequestLine +
"], parsingRequestLinePhase: [" + parsingRequestLinePhase +
"], parsingRequestLineStart: [" + parsingRequestLineStart +
@@ -795,6 +791,12 @@ public class Http11InputBuffer implements InputBuffer,
ApplicationBufferHandler
byteBuffer.limit(byteBuffer.capacity());
int nRead = wrapper.read(block, byteBuffer);
byteBuffer.limit(byteBuffer.position()).reset();
+
+if (log.isDebugEnabled()) {
+log.debug("Received ["
++ new String(byteBuffer.array(), byteBuffer.position(),
byteBuffer.remaining(), StandardCharsets.ISO_8859_1) + "]");
+}
+
if (nRead > 0) {
return true;
} else if (nRead == -1) {
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Tweak the debug logging so the content of all header packets are dumped
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 504445c Tweak the debug logging so the content of all header packets
are dumped
504445c is described below
commit 504445cd2c618fb1edbfeda62e07e1c29b4d285c
Author: Mark Thomas
AuthorDate: Wed Sep 2 12:08:43 2020 +0100
Tweak the debug logging so the content of all header packets are dumped
---
java/org/apache/coyote/http11/Http11InputBuffer.java | 12 +++-
1 file changed, 7 insertions(+), 5 deletions(-)
diff --git a/java/org/apache/coyote/http11/Http11InputBuffer.java
b/java/org/apache/coyote/http11/Http11InputBuffer.java
index 2d8b69f..f5538af 100644
--- a/java/org/apache/coyote/http11/Http11InputBuffer.java
+++ b/java/org/apache/coyote/http11/Http11InputBuffer.java
@@ -385,10 +385,6 @@ public class Http11InputBuffer implements InputBuffer,
ApplicationBufferHandler
parsingRequestLineStart = byteBuffer.position();
parsingRequestLinePhase = 2;
-if (log.isDebugEnabled()) {
-log.debug("Received ["
-+ new String(byteBuffer.array(),
byteBuffer.position(), byteBuffer.remaining(), StandardCharsets.ISO_8859_1) +
"]");
-}
}
if (parsingRequestLinePhase == 2) {
//
@@ -765,7 +761,7 @@ public class Http11InputBuffer implements InputBuffer,
ApplicationBufferHandler
private boolean fill(boolean block) throws IOException {
if (log.isDebugEnabled()) {
-log.debug("parsingHeader: [" + parsingHeader +
+log.debug("Before fill(): [" + parsingHeader +
"], parsingRequestLine: [" + parsingRequestLine +
"], parsingRequestLinePhase: [" + parsingRequestLinePhase +
"], parsingRequestLineStart: [" + parsingRequestLineStart +
@@ -797,6 +793,12 @@ public class Http11InputBuffer implements InputBuffer,
ApplicationBufferHandler
throw new CloseNowException(sm.getString("iib.eof.error"));
}
byteBuffer.limit(byteBuffer.position()).reset();
+
+if (log.isDebugEnabled()) {
+log.debug("Received ["
++ new String(byteBuffer.array(), byteBuffer.position(),
byteBuffer.remaining(), StandardCharsets.ISO_8859_1) + "]");
+}
+
if (nRead > 0) {
return true;
} else if (nRead == -1) {
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Tweak the debug logging so the content of all header packets are dumped
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/master by this push:
new 7e03713 Tweak the debug logging so the content of all header packets
are dumped
7e03713 is described below
commit 7e03713e1ca2078c9c841a847bc5b5d4356b87c4
Author: Mark Thomas
AuthorDate: Wed Sep 2 12:08:43 2020 +0100
Tweak the debug logging so the content of all header packets are dumped
---
java/org/apache/coyote/http11/Http11InputBuffer.java | 12 +++-
1 file changed, 7 insertions(+), 5 deletions(-)
diff --git a/java/org/apache/coyote/http11/Http11InputBuffer.java
b/java/org/apache/coyote/http11/Http11InputBuffer.java
index ca0b785..ab0d1c6 100644
--- a/java/org/apache/coyote/http11/Http11InputBuffer.java
+++ b/java/org/apache/coyote/http11/Http11InputBuffer.java
@@ -385,10 +385,6 @@ public class Http11InputBuffer implements InputBuffer,
ApplicationBufferHandler
parsingRequestLineStart = byteBuffer.position();
parsingRequestLinePhase = 2;
-if (log.isDebugEnabled()) {
-log.debug("Received ["
-+ new String(byteBuffer.array(),
byteBuffer.position(), byteBuffer.remaining(), StandardCharsets.ISO_8859_1) +
"]");
-}
}
if (parsingRequestLinePhase == 2) {
//
@@ -765,7 +761,7 @@ public class Http11InputBuffer implements InputBuffer,
ApplicationBufferHandler
private boolean fill(boolean block) throws IOException {
if (log.isDebugEnabled()) {
-log.debug("parsingHeader: [" + parsingHeader +
+log.debug("Before fill(): [" + parsingHeader +
"], parsingRequestLine: [" + parsingRequestLine +
"], parsingRequestLinePhase: [" + parsingRequestLinePhase +
"], parsingRequestLineStart: [" + parsingRequestLineStart +
@@ -797,6 +793,12 @@ public class Http11InputBuffer implements InputBuffer,
ApplicationBufferHandler
throw new CloseNowException(sm.getString("iib.eof.error"));
}
byteBuffer.limit(byteBuffer.position()).reset();
+
+if (log.isDebugEnabled()) {
+log.debug("Received ["
++ new String(byteBuffer.array(), byteBuffer.position(),
byteBuffer.remaining(), StandardCharsets.ISO_8859_1) + "]");
+}
+
if (nRead > 0) {
return true;
} else if (nRead == -1) {
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 64705] Host header differing from URL host is still allowed (even when allowHostHeaderMismatch="false" in Connector)
https://bz.apache.org/bugzilla/show_bug.cgi?id=64705 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED OS||All Resolution|--- |INVALID --- Comment #1 from Mark Thomas --- postman isn't doing what you think it is. Testing via telnet confirms Tomcat 9.0.x is working as designed (and there have been no changes in this area recently). -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 64705] New: Host header differing from URL host is still allowed (even when allowHostHeaderMismatch="false" in Connector)
https://bz.apache.org/bugzilla/show_bug.cgi?id=64705 Bug ID: 64705 Summary: Host header differing from URL host is still allowed (even when allowHostHeaderMismatch="false" in Connector) Product: Tomcat 9 Version: 9.0.37 Hardware: PC Status: NEW Severity: normal Priority: P2 Component: Connectors Assignee: dev@tomcat.apache.org Reporter: ronny.ellstr...@gmail.com Target Milestone: - I tried this with version 9.0.37 (Windows 10) and 9.0.33 (Windows Server 2016) The documentation states: "allowHostHeaderMismatch By default Tomcat will reject requests that specify a host in the request line but specify a different host in the host header. This check can be disabled by setting this attribute to true. If not specified, the default is false." I tried setting allowHostHeaderMismatch both to true and false, and also not setting it at all. I used Postman to send a GET request with a Host header differing from the URL host. The server always responds with HTTP 200, but the server should respond with 400. Configuration: The release log states this was fixed earlier: Tomcat 9.0.0 (markt) Implement the requirements of RFC 7230 that any HTTP/1.1 request that specifies a host in the request line, must specify the same host in the Host header and that any such request that does not, must be rejected with a 400 response. This check is optional but enabled by default. It may be disabled with the allowHostHeaderMismatch attribute of the Connector. (markt) -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
