Re: XML parsing config clean-up
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 23/11/2013 04:14, Jeremy Boynes wrote: > On Nov 22, 2013, at 8:24 AM, Mark Thomas wrote: > >> Signed PGP part On 22/11/2013 16:18, Jeremy Boynes wrote: >>> On Nov 22, 2013, at 5:40 AM, Mark Thomas >>> wrote: >>> On 22/11/2013 13:04, Konstantin Kolinko wrote: > 2013/11/22 Mark Thomas : >>> ... > It does not mention anything else. > > There might be 3rd-party tag libraries that do not > validate. I think it is good to have a separate option. OK. That is enough to nudge me off the fence. I'll get that code re-instated. Another advantage is that 7.0.x and 8.0.x will the same code. >>> >>> Is the change backward compatible in 7.0.x? E.g. does >>> "validating" init-param for JspServlet still work? >> >> Where is (was?) that in the 7.0.x code base? I can;t see it now >> and I don't recall removing it from 7.0.x. > > This was the change: > http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/jasper/EmbeddedServletOptions.java?r1=1155369&r2=1544198&diff_format=h > > Looking at the code, it looks the option wouldn't work in the > first place as the default value in ParserUtils is false and ESO > never sets the value true. I did a little digging and it has been like that for all of 6.0.x and all of 7.0.x. Given that there have been no bug reports, I'm confident that no-one has been trying to use that feature. I also couldn't find any documentation on it. Therefore, I'm happy removing the code. Mark -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJSkxq4AAoJEBDAHFovYFnngJsP/1PeBZEl0R3jSdtRNheV/EaK jOc8IjBEbH80Wh1iAJjiW6Z6FVPvfvZiwlMEvMgHCGePTHX3LYx8NnHetWDlyv2J HUiq7PTeetjdK/sG6jpKZ+hdaWYBXNlh/nPrCgj+XQrIoxGFRUVUjtoZrECNNEfz H+oRPvH/j5cqGqk40l/0Bpo+f+vo9+pqoEh7PEtf+nc3XVNXOJkcmZ4zJ+t7BIjg zZQghd6HjFYd0R/rts0eSw1UaJAl57WpMkGDf5mO9oUDyMW44POgU1VKUMoDbalv t5Cgzd1u5sHMy281bhB3eiEXaMF5I/cpfcYbO53qt9wvx3kulvF3FdrpxKn698Am HZMmJFvP9AXM+amMf4eZwjhfWJsr9ukqOE8MB3K6Hy4L2+QPeKUrW2qseVb+teov w6t/joe7TNTqtUrgLWCZf9VWvNct9pdHOAzOWWgZkBZ2AtjL6yAWGZGeE1i8dBhL ARhZKot+F80l8JA+SH0TITMw15i1m3Uw02HZWy+wJykE/ju5F/Ypg8+G1451lmX8 E97mo1VMiT0vWwFJNQNEU65k9F5x2hwQ1MYAG2bii67zWsuVSz/pWRa3xmduSYJL 40nSbOuvmMfNevYEfjvAQ1wIVZa9B0FxiMcNHutiysOBExaDq5em6uoeXpw7yVEX eHZUQRWTcgnKfpn6Ytl7 =1Ae9 -END PGP SIGNATURE- - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: XML parsing config clean-up
On Nov 22, 2013, at 8:24 AM, Mark Thomas wrote: > Signed PGP part > On 22/11/2013 16:18, Jeremy Boynes wrote: > > On Nov 22, 2013, at 5:40 AM, Mark Thomas wrote: > > > >> On 22/11/2013 13:04, Konstantin Kolinko wrote: > >>> 2013/11/22 Mark Thomas : > > ... > >> > >>> It does not mention anything else. > >>> > >>> There might be 3rd-party tag libraries that do not validate. I > >>> think it is good to have a separate option. > >> > >> OK. That is enough to nudge me off the fence. I'll get that code > >> re-instated. Another advantage is that 7.0.x and 8.0.x will the > >> same code. > > > > Is the change backward compatible in 7.0.x? E.g. does "validating" > > init-param for JspServlet still work? > > Where is (was?) that in the 7.0.x code base? I can;t see it now and I > don't recall removing it from 7.0.x. This was the change: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/jasper/EmbeddedServletOptions.java?r1=1155369&r2=1544198&diff_format=h Looking at the code, it looks the option wouldn't work in the first place as the default value in ParserUtils is false and ESO never sets the value true. Cheers Jeremy signature.asc Description: Message signed with OpenPGP using GPGMail
Re: XML parsing config clean-up
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 22/11/2013 16:18, Jeremy Boynes wrote: > On Nov 22, 2013, at 5:40 AM, Mark Thomas wrote: > >> On 22/11/2013 13:04, Konstantin Kolinko wrote: >>> 2013/11/22 Mark Thomas : > ... >> >>> It does not mention anything else. >>> >>> There might be 3rd-party tag libraries that do not validate. I >>> think it is good to have a separate option. >> >> OK. That is enough to nudge me off the fence. I'll get that code >> re-instated. Another advantage is that 7.0.x and 8.0.x will the >> same code. > > Is the change backward compatible in 7.0.x? E.g. does "validating" > init-param for JspServlet still work? Where is (was?) that in the 7.0.x code base? I can;t see it now and I don't recall removing it from 7.0.x. Mark -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJSj4VHAAoJEBDAHFovYFnnhzIQAMy+9lLs+p28v4df0UsXPP3+ kGTKnR9RXu3dlqKWk7sIcpyq58OFs3NdpqPX0MeE4fAvWpyewiLw+JtwUcl9o/OY omL3LFxL7mMvpczeOEAQLcZbuvJAvQRPjhr1bOOQK2A1Ewr7eMbmdsiZwgEUVi9c zo4qVbYtRk+TtzN2Yvzec1p6y3p98Yp0FUgEQ3zXM8d9fL+GlZKuGyxsU8wL96FN Cf1poZn33d4Q/Vn+829sbLaw6+sqzG/XBL7EnhR5ouYgsF70N3jIsqyNLCecdf2t 3PYgUFTYNoPA8509UOcxvYnPiPBh9H9Rh8U+YP+RxRxJ/cBZ5uwlPCHJEhU/v7aU hQBwZEHAGs3/GUxnJYsRSAzuS6h9RHYxy3uXzFkk00Ztd/C5OMZ4mdkJH+OTAkLd SYa+CPrWxeBZdEHIY35iS8r5EQXZCa5SNbP+c7LuL+FlU04aquSgM/6ebE5Fz490 tGSIwn/SjgisFyzivni1zmbrzHcYod3P1Zh/3ohV/vGyrIxGXKdEKRT6bA+L9aB3 PZRZSqxXAgWUo+v3b22HtLR1iDyPWjV6HUuPRIna0b8KNxozCmO0ReYuDkELPqEI 3KrZTN7u785Iv7FNVbRr1GzRdggYfyEOyAoJ7srg6aRa28qflNcJ983kx1Hzi+fj OgAfzuZ4c2dPeAK+n30H =kljq -END PGP SIGNATURE- - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: XML parsing config clean-up
On Nov 22, 2013, at 5:40 AM, Mark Thomas wrote: > On 22/11/2013 13:04, Konstantin Kolinko wrote: >> 2013/11/22 Mark Thomas : ... > >> It does not mention anything else. >> >> There might be 3rd-party tag libraries that do not validate. I think >> it is good to have a separate option. > > OK. That is enough to nudge me off the fence. I'll get that code > re-instated. Another advantage is that 7.0.x and 8.0.x will the same code. Is the change backward compatible in 7.0.x? E.g. does "validating" init-param for JspServlet still work? signature.asc Description: Message signed with OpenPGP using GPGMail
Re: XML parsing config clean-up
On 22/11/2013 13:04, Konstantin Kolinko wrote: > 2013/11/22 Mark Thomas : >> All, >> >> I think I have finished cleaning up the configuration of the XML parsers >> in 7.0.x and trunk. There is one obvious difference between 7.0.x and >> 8.0.x and that is that 7.0.x separates enabling validation for TLDs and >> enabling validation for web.xml/web-fragment.xml >> >> I'm currently on the fence whether or not to re-introduce a TLD specific >> option in 8.0.x. Thoughts? >> > > When we run in "strict compliance" mode we have to enable validation > for web.xml. > > Do we need to enable validation for TLD files at the same time? > I am OK with enabling it, but ch.15.4.3 only mentions validating the > deployment descriptor. 7.0.x enables validation for TLDs with strict compliance and no-one has complained so I am also happy with leaving this as the default. > It does not mention anything else. > > There might be 3rd-party tag libraries that do not validate. I think > it is good to have a separate option. OK. That is enough to nudge me off the fence. I'll get that code re-instated. Another advantage is that 7.0.x and 8.0.x will the same code. > BTW, it seems there have been no changelog.xml entry for adding the > new option in r1544477 Thanks, I'll fix that too. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: XML parsing config clean-up
2013/11/22 Mark Thomas : > All, > > I think I have finished cleaning up the configuration of the XML parsers > in 7.0.x and trunk. There is one obvious difference between 7.0.x and > 8.0.x and that is that 7.0.x separates enabling validation for TLDs and > enabling validation for web.xml/web-fragment.xml > > I'm currently on the fence whether or not to re-introduce a TLD specific > option in 8.0.x. Thoughts? > When we run in "strict compliance" mode we have to enable validation for web.xml. Do we need to enable validation for TLD files at the same time? I am OK with enabling it, but ch.15.4.3 only mentions validating the deployment descriptor. It does not mention anything else. There might be 3rd-party tag libraries that do not validate. I think it is good to have a separate option. BTW, it seems there have been no changelog.xml entry for adding the new option in r1544477 Best regards, Konstantin Kolinko - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
XML parsing config clean-up
All, I think I have finished cleaning up the configuration of the XML parsers in 7.0.x and trunk. There is one obvious difference between 7.0.x and 8.0.x and that is that 7.0.x separates enabling validation for TLDs and enabling validation for web.xml/web-fragment.xml I'm currently on the fence whether or not to re-introduce a TLD specific option in 8.0.x. Thoughts? Mark P.S. Given the number of moving parts there is a reasonable chance I have missed something so if you spot a problem do let me know - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org