[GitHub] [tomcat] sekikn commented on pull request #318: Use https for dependency download URL
sekikn commented on pull request #318: URL: https://github.com/apache/tomcat/pull/318#issuecomment-654547586 Sorry, I've just noticed it's a problem for Ant and has been fixed in its latest release. https://bz.apache.org/bugzilla/show_bug.cgi?id=62164 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] sekikn closed pull request #318: Use https for dependency download URL
sekikn closed pull request #318: URL: https://github.com/apache/tomcat/pull/318 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] sekikn commented on pull request #318: Use https for dependency download URL
sekikn commented on pull request #318: URL: https://github.com/apache/tomcat/pull/318#issuecomment-654534409 Oh, I confirmed this PR worked locally, but it looks like it can occur another problem on CI. Will close this for now. Sorry. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] sekikn opened a new pull request #318: Use https for dependency download URL
sekikn opened a new pull request #318: URL: https://github.com/apache/tomcat/pull/318 I tried to build Tomcat 8.5.50 and ran into the following error: ``` ~/repos/tomcat$ git checkout 8.5.50 ~/repos/tomcat$ ant dist-static (snip) trydownload: [get] Getting: http://www.apache.org/dyn/closer.lua?action=download&filename=/tomcat/tomcat-connectors/native/1.2.23/binaries/tomcat-native-1.2.23-openssl-1.1.1c-win32-bin.zip [get] To: /home/sekikn/tomcat-build-libs/download-2064114466.zip [get] http://www.apache.org/dyn/closer.lua?action=download&filename=/tomcat/tomcat-connectors/native/1.2.23/binaries/tomcat-native-1.2.23-openssl-1.1.1c-win32-bin.zip moved to https://ftp.jaist.ac.jp/pub/apache//tomcat/tomcat-connectors/native/1.2.23/binaries/tomcat-native-1.2.23-openssl-1.1.1c-win32-bin.zip [get] https://ftp.jaist.ac.jp/pub/apache//tomcat/tomcat-connectors/native/1.2.23/binaries/tomcat-native-1.2.23-openssl-1.1.1c-win32-bin.zip moved to http://ftp.jaist.ac.jp/pub/apache/tomcat/tomcat-connectors/native/1.2.23/binaries/tomcat-native-1.2.23-openssl-1.1.1c-win32-bin.zip BUILD FAILED /home/sekikn/repos/tomcat/build.xml:2879: The following error occurred while executing this line: /home/sekikn/repos/tomcat/build.xml:3113: The following error occurred while executing this line: /home/sekikn/repos/tomcat/build.xml:3188: Redirection detected from https to http. Protocol switch unsafe, not allowed. Total time: 1 second ``` Tomcat native connector 1.2.23 is not published on the Apache download site now, so ant tries to fall back to the Apache archive site, but that action is regarded as unsafe. Users can avoid this by overriding the "base-apache.loc.1" property, but it's a bit bothering so I'd like to fix the default value. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Catalina internals available from HttpServletRequest?
On 06/07/2020 21:23, Christopher Schultz wrote: > All, > > I'm looking at modifying the existing LoadBalancerDrainingValve to > also function as a Filter if necessary (my application uses a Filter > to establish authentication information, so I'd like the "valve" to > act *after* the filter if possible) and it looks like I need access to > some Tomcat internals. > > Specifically, I'd like to be able to get to the > org.apache.catalina.Context object for the request. Is this available > without reflection and/or other ugly things? > > Hmm. It looks like a Valve *cannot* be a Filter because of the > presence of the incompatible destroy() method. > > I still want to provide a Filter if possible, so the above question > still stands. > > If the Context isn't available, could it be added to the > ServletContext attributes, possibly under a non-reported hash key? That would create security issues. A Filter equivalent to ContainerServlet could work - although that is a fairly invasive change for something that could be fixed more easily. How about a Valve that injects the necessary internal object(s) as request attributes? Alternatively, you could inject some custom object that held the references internally and just exposed the functionality you wanted to expose. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 64582] New: SecurityClassLoad - CoyoteOutputStream
https://bz.apache.org/bugzilla/show_bug.cgi?id=64582
Bug ID: 64582
Summary: SecurityClassLoad - CoyoteOutputStream
Product: Tomcat 9
Version: 9.0.36
Hardware: Macintosh
Status: NEW
Severity: normal
Priority: P2
Component: Catalina
Assignee: dev@tomcat.apache.org
Reporter: johnathan.gil...@contrastsecurity.com
Target Milestone: -
Created attachment 37351
--> https://bz.apache.org/bugzilla/attachment.cgi?id=37351&action=edit
patch
A basic servlet application that prints a message to the ServletOutputStream
may fail unexpectedly with an AccessControlException when Tomcat is configured
to use a Java security policy and circumstances in the JVM defer loading the
CoyoteOutputStream class until org.apache.catalina.Response.getOutputStream()
is called.
I was able to reproduce this behavior on Tomcat 9.0.26, but not with 7.0.94 nor
8.5.43. The environment in testing is
openjdk version "1.8.0_222"
OpenJDK Runtime Environment (AdoptOpenJDK)(build 1.8.0_222-b10)
OpenJDK 64-Bit Server VM (AdoptOpenJDK)(build 25.222-b10, mixed mode)
Under normal circumstances, verbose:class logs indicate that HotSpot loads the
CoyoteOutputStream class during application initialization before handling any
requests; however, this class is not resolved until the application handles a
request and the servlet calls `Response.getOutputStream()` wherein the
CoyoteOutputStream is lazily initialized. Based on the JVM specification for
class loading and resolution, I don't believe there is anything compelling
HotSpot to load the `CoyoteOutputStream` class when it does; rather, this
appears to be an eager class load at HotSpot's discretion. This timing is
fortunate, because the application needs `CoyoteOutputStream` to be pre-loaded
prior to resolving it in the call to `Response.getOutputStream()`, since the
application does not have permissions to load classes in the
org.apache.catalina.connector package. In order to guarantee that HotSpot loads
CoyoteOutputStream before the user's application needs it, Tomcat should
include this class in its `SecurityClassLoad` utility (patch attached) which I
understand is built to handle these cases.
Without the proposed change to `SecurityClassLoad`, circumstances which affect
HotSpot's class loading could defer loading the `CoyoteOutputStream` until the
application calls `Response.getOutputStream()` thus causing an
AccessControlException. The only example I have of such a circumstance is the
inclusion of the Contrast Security Java agent. When the Contrast Security Java
agent (see
https://docs.contrastsecurity.com/installation-java.html#java-overview) is
added to the JVM via `CATALINA_OPTS`, the CoyoteOutputStream class is not
loaded during application initialization; rather, the class is loaded just
prior to resolving it when the CoyoteOutputStream field in Response is lazily
instantiated in `Response.getOutputStream()`.
```
> The server encountered an unexpected condition that prevented it from
> fulfilling the
> request.Exceptionjava.security.AccessControlException:
> access denied ("java.lang.RuntimePermission"
> "accessClassInPackage.org.apache.catalina.connector")
java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
java.security.AccessController.checkPermission(AccessController.java:886)
java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1564)
sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:329)
java.lang.ClassLoader.loadClass(ClassLoader.java:411)
java.lang.ClassLoader.loadClass(ClassLoader.java:357)
org.apache.catalina.connector.Response.getOutputStream(Response.java:552)
org.apache.catalina.connector.ResponseFacade.getOutputStream(ResponseFacade.java:210)
com.contrastsecurity.testapp.servlet25.servletoutputstream.PrintServlet.doGet(PrintServlet.java:30)
javax.servlet.http.HttpServlet.service(HttpServlet.java:634)
javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
```
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Catalina internals available from HttpServletRequest?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, I'm looking at modifying the existing LoadBalancerDrainingValve to also function as a Filter if necessary (my application uses a Filter to establish authentication information, so I'd like the "valve" to act *after* the filter if possible) and it looks like I need access to some Tomcat internals. Specifically, I'd like to be able to get to the org.apache.catalina.Context object for the request. Is this available without reflection and/or other ugly things? Hmm. It looks like a Valve *cannot* be a Filter because of the presence of the incompatible destroy() method. I still want to provide a Filter if possible, so the above question still stands. If the Context isn't available, could it be added to the ServletContext attributes, possibly under a non-reported hash key? - -chris -BEGIN PGP SIGNATURE- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl8DiCYACgkQHPApP6U8 pFh3KA//X9HEOKbQPvMJ981Zo0xzIaPvM3t2RqCDJPxVqGi2A0URPAEuIy13eSNu oApBBMetDHCwYKZ6T6gzPzCR9JUm6xzCu8jBXP0spqlockQqFM5jW6CIBJxoWeWn uFujY8hnh4wY0K3c7seIkvsogiaNHnCSZPl/0rIEhk2KVI+Loh0KhywURDgLvCab Flry3UaKxt3j+PEat1wlL2NCVJGtNHnxukQIKfMUl0LuolYlq99mfP/qzfvmt2q/ 9ALVvSjQ8++xurIeIS1O1d9QaJWai1maxAxUssdIAodDm4iSot1vdJGMWdojuYur bctZniM2c2zJfLCQE6OtdLzFpppjLVYpXNkJCRn7QdaN6SLTdl5jL8itdsHrtSsV 9kyebADc9iqF6GoX2Q5EfAC2DbIuwG5DqofSeha8gByMSwT2/dv6bQjybKVCiSOL bS1HF03XxnNGm8txfwyBCHvbz0j7NcGxWm/qdN0DbT4bYTPozYbj4xkyabbsqTw1 4vD2/qGncH3M9npRMYq1qf5DG+js0RnGj+Vx9F6XDV7KEc9WEYrvBxj5zdDjfxlV xwJIr7Tn9o4Fa9uRO8WpvJap/qS1wZ31uXQJXIqps8foizefBtewocKYFIegtOG1 CTe5GiBBRDrJezx+gLTxPLlgCrOCp9OTboWNWSQprtMwyCiTekA= =J09l -END PGP SIGNATURE- - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Add release date for Apache Tomcat 8.5.57
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new 032e8a5 Add release date for Apache Tomcat 8.5.57 032e8a5 is described below commit 032e8a5a31ca8b7924bf6458ae4bb8be4d2e51a0 Author: Mark Thomas AuthorDate: Mon Jul 6 21:15:28 2020 +0100 Add release date for Apache Tomcat 8.5.57 --- webapps/docs/changelog.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 408877e..76ecd4f 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -46,7 +46,7 @@ --> - + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Add release date for Apache Tomcat 9.0.37
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 5cd1a5d Add release date for Apache Tomcat 9.0.37 5cd1a5d is described below commit 5cd1a5d0dc43cb85e9a041d8a204af3e0ec934b8 Author: Mark Thomas AuthorDate: Mon Jul 6 21:14:40 2020 +0100 Add release date for Apache Tomcat 9.0.37 --- webapps/docs/changelog.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 65c6ddd..0bf321c 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -46,7 +46,7 @@ --> - + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Add release date for Apache Tomcat 10.0.0-M7
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new 1d5edc9 Add release date for Apache Tomcat 10.0.0-M7 1d5edc9 is described below commit 1d5edc9c07e7f81dae3ab9b3ad177d5e3385435e Author: Mark Thomas AuthorDate: Mon Jul 6 21:13:51 2020 +0100 Add release date for Apache Tomcat 10.0.0-M7 --- webapps/docs/changelog.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index fcd4cc8..fc799f2 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -46,7 +46,7 @@ --> - + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1879568 - in /tomcat/site/trunk: docs/index.html xdocs/index.xml
Author: markt Date: Mon Jul 6 20:13:08 2020 New Revision: 1879568 URL: http://svn.apache.org/viewvc?rev=1879568&view=rev Log: Correct release dates Modified: tomcat/site/trunk/docs/index.html tomcat/site/trunk/xdocs/index.xml Modified: tomcat/site/trunk/docs/index.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/index.html?rev=1879568&r1=1879567&r2=1879568&view=diff == --- tomcat/site/trunk/docs/index.html (original) +++ tomcat/site/trunk/docs/index.html Mon Jul 6 20:13:08 2020 @@ -28,7 +28,7 @@ wiki page. Apache Tomcat, Tomcat, Apache, the Apache feather, and the Apache Tomcat project logo are trademarks of the Apache Software Foundation. -2020-07-06 Tomcat 9.0.37 Released +2020-07-05 Tomcat 9.0.37 Released The Apache Tomcat Project is proud to announce the release of version 9.0.37 of Apache Tomcat. The notable changes compared to 9.0.36 include: @@ -48,7 +48,7 @@ changelog. https://tomcat.apache.org/download-90.cgi";>Download -2020-07-06 Tomcat 8.5.57 Released +2020-07-05 Tomcat 8.5.57 Released The Apache Tomcat Project is proud to announce the release of version 8.5.57 of Apache Tomcat. Apache Tomcat 8.5.x replaces 8.0.x and includes new features @@ -69,7 +69,7 @@ changelog. https://tomcat.apache.org/download-80.cgi";>Download -2020-07-06 Tomcat 10.0.0-M7 Released +2020-07-05 Tomcat 10.0.0-M7 Released The Apache Tomcat Project is proud to announce the release of version 10.0.0-M7 of Apache Tomcat. This release is a milestone release and is targeted at Jakarta Modified: tomcat/site/trunk/xdocs/index.xml URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/index.xml?rev=1879568&r1=1879567&r2=1879568&view=diff == --- tomcat/site/trunk/xdocs/index.xml (original) +++ tomcat/site/trunk/xdocs/index.xml Mon Jul 6 20:13:08 2020 @@ -40,7 +40,7 @@ project logo are trademarks of the Apach - + The Apache Tomcat Project is proud to announce the release of version 9.0.37 of Apache Tomcat. The notable changes compared to 9.0.36 include: @@ -62,7 +62,7 @@ changelog. - + The Apache Tomcat Project is proud to announce the release of version 8.5.57 of Apache Tomcat. Apache Tomcat 8.5.x replaces 8.0.x and includes new features @@ -85,7 +85,7 @@ changelog. - + The Apache Tomcat Project is proud to announce the release of version 10.0.0-M7 of Apache Tomcat. This release is a milestone release and is targeted at Jakarta - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[ANN] Apache Tomcat 8.5.57 available
The Apache Tomcat team announces the immediate availability of Apache Tomcat 8.5.57. Apache Tomcat 8 is an open source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language, Java WebSocket and Java Authentication Service Provider Interface for Containers technologies. Apache Tomcat 8.5.x replaces 8.0.x and includes new features pulled forward from the 9.0.x branch. The notable changes since 8.5.56 include: - Implement a significant portion of the TLS environment variables for the rewrite valve. - Reduce memory footprint of closed HTTP/2 streams - Improve parsing of RFC 2109 cookies Please refer to the change log for the complete list of changes: http://tomcat.apache.org/tomcat-8.5-doc/changelog.html Downloads: http://tomcat.apache.org/download-80.cgi Migration guides from Apache Tomcat 7.x and 8.0.x: http://tomcat.apache.org/migration.html Enjoy! - The Apache Tomcat team - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1879567 - in /tomcat/site/trunk: docs/ xdocs/
Author: markt Date: Mon Jul 6 20:06:54 2020 New Revision: 1879567 URL: http://svn.apache.org/viewvc?rev=1879567&view=rev Log: Update site for Apache Tomcat 8.5.57 release Modified: tomcat/site/trunk/docs/doap_Tomcat.rdf tomcat/site/trunk/docs/download-80.html tomcat/site/trunk/docs/index.html tomcat/site/trunk/docs/migration-85.html tomcat/site/trunk/docs/oldnews.html tomcat/site/trunk/docs/whichversion.html tomcat/site/trunk/xdocs/doap_Tomcat.rdf tomcat/site/trunk/xdocs/download-80.xml tomcat/site/trunk/xdocs/index.xml tomcat/site/trunk/xdocs/migration-85.xml tomcat/site/trunk/xdocs/oldnews.xml tomcat/site/trunk/xdocs/whichversion.xml Modified: tomcat/site/trunk/docs/doap_Tomcat.rdf URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/doap_Tomcat.rdf?rev=1879567&r1=1879566&r2=1879567&view=diff == --- tomcat/site/trunk/docs/doap_Tomcat.rdf (original) +++ tomcat/site/trunk/docs/doap_Tomcat.rdf Mon Jul 6 20:06:54 2020 @@ -67,8 +67,8 @@ Latest Stable 8.5.x Release -2020-06-07 -8.5.56 +2020-07-06 +8.5.57 Modified: tomcat/site/trunk/docs/download-80.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-80.html?rev=1879567&r1=1879566&r2=1879567&view=diff == --- tomcat/site/trunk/docs/download-80.html (original) +++ tomcat/site/trunk/docs/download-80.html Mon Jul 6 20:06:54 2020 @@ -12,7 +12,7 @@ Quick Navigation -[define v]8.5.56[end] +[define v]8.5.57[end] https://downloads.apache.org/tomcat/tomcat-8/KEYS";>KEYS | [v] | Browse | Modified: tomcat/site/trunk/docs/index.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/index.html?rev=1879567&r1=1879566&r2=1879567&view=diff == --- tomcat/site/trunk/docs/index.html (original) +++ tomcat/site/trunk/docs/index.html Mon Jul 6 20:06:54 2020 @@ -37,6 +37,7 @@ of Apache Tomcat. The notable changes co rewrite valve. Improvements to the creation of OSGi manifests. Reduce the memory footprint of closed HTTP/2 streams +Improve parsing of RFC 2109 cookies Full details of these changes, and all the other changes, are available in the @@ -47,6 +48,27 @@ changelog. https://tomcat.apache.org/download-90.cgi";>Download +2020-07-06 Tomcat 8.5.57 Released + +The Apache Tomcat Project is proud to announce the release of version 8.5.57 +of Apache Tomcat. Apache Tomcat 8.5.x replaces 8.0.x and includes new features +pulled forward from Tomcat 9.0.x. The minimum Java version and implemented +specification versions remain unchanged. The notable changes compared +to 8.5.56 include: + +Improvements to the creation of OSGi manifests. +Reduce the memory footprint of closed HTTP/2 streams + + + +Full details of these changes, and all the other changes, are available in the +Tomcat 8.5 +changelog. + + + +https://tomcat.apache.org/download-80.cgi";>Download + 2020-07-06 Tomcat 10.0.0-M7 Released The Apache Tomcat Project is proud to announce the release of version 10.0.0-M7 @@ -76,31 +98,6 @@ Full details of these changes, and all t https://tomcat.apache.org/download-10.cgi";>Download -2020-06-07 Tomcat 8.5.56 Released - -The Apache Tomcat Project is proud to announce the release of version 8.5.56 -of Apache Tomcat. Apache Tomcat 8.5.x replaces 8.0.x and includes new features -pulled forward from Tomcat 9.0.x. The minimum Java version and implemented -specification versions remain unchanged. The notable changes compared -to 8.5.55 include: - -Add support for ALPN on recent OpenJDK 8 releases. -Add support for the CATALINA_OUT_CMD environment variable that defines a -command to which captured stdout and stderr will be redirected. For use -with, for example, rotatelogs. Patch provided by Harald Dunkel. -Be more flexible with respect to the ordering of groups, roles and users in -the tomcat-users.xml file. - - - -Full details of these changes, and all the other changes, are available in the -Tomcat 8.5 -changelog. - - - -https://tomcat.apache.org/download-80.cgi";>Download - 2020-05-16 Tomcat 7.0.104 Released The Apache Tomcat Project is proud to announce the release of version 7.0.104 of Modified: tomcat/site/trunk/docs/migration-85.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/migration-85.html?rev=1879567&r1=1879566&r2=1879567&view=diff == --- tomcat/site/trunk/docs/migration-85.html (original) +++ tomcat/site/trunk/docs/migration-85.html Mon Jul 6 20:06:54 2020 @@ -317,8 +317,9 @@ of Apache Tomcat. 8.5.51 8.5.53 8.5.54 -8.5.55 -8.5.56 +8.5.55 +8.5.56 +8.5.57 , new version: 8.5.0 @@ -
svn commit: r1879566 - in /tomcat/site/trunk: ./ docs/tomcat-8.5-doc/ docs/tomcat-8.5-doc/annotationapi/ docs/tomcat-8.5-doc/annotationapi/javax/annotation/ docs/tomcat-8.5-doc/annotationapi/javax/ann
Author: markt Date: Mon Jul 6 20:06:09 2020 New Revision: 1879566 URL: http://svn.apache.org/viewvc?rev=1879566&view=rev Log: Update docs only for Apache Tomcat 8.5.57 release [This commit notification would consist of 63 parts, which exceeds the limit of 50 ones, so it was shortened to the summary.] - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1879565 - in /tomcat/site/trunk: docs/index.html xdocs/index.xml
Author: markt Date: Mon Jul 6 19:56:43 2020 New Revision: 1879565 URL: http://svn.apache.org/viewvc?rev=1879565&view=rev Log: Fix changelog link Modified: tomcat/site/trunk/docs/index.html tomcat/site/trunk/xdocs/index.xml Modified: tomcat/site/trunk/docs/index.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/index.html?rev=1879565&r1=1879564&r2=1879565&view=diff == --- tomcat/site/trunk/docs/index.html (original) +++ tomcat/site/trunk/docs/index.html Mon Jul 6 19:56:43 2020 @@ -40,7 +40,7 @@ of Apache Tomcat. The notable changes co Full details of these changes, and all the other changes, are available in the -Tomcat 9 +Tomcat 9 changelog. Modified: tomcat/site/trunk/xdocs/index.xml URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/index.xml?rev=1879565&r1=1879564&r2=1879565&view=diff == --- tomcat/site/trunk/xdocs/index.xml (original) +++ tomcat/site/trunk/xdocs/index.xml Mon Jul 6 19:56:43 2020 @@ -52,7 +52,7 @@ of Apache Tomcat. The notable changes co Full details of these changes, and all the other changes, are available in the -Tomcat 9 +Tomcat 9 changelog. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[ANN] Apache Tomcat 9.0.37 available
The Apache Tomcat team announces the immediate availability of Apache Tomcat 9.0.37. Apache Tomcat 9 is an open source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language, Java WebSocket and JASPIC technologies. Apache Tomcat 9.0.37 is a bugfix and feature release. The notable changes compared to 9.0.36 include: - Implement a significant portion of the TLS environment variables for the rewrite valve. - Improvements to the creation of OSGi manifests. - Reduce memory footprint of closed HTTP/2 streams Please refer to the change log for the complete list of changes: http://tomcat.apache.org/tomcat-9.0-doc/changelog.html Downloads: http://tomcat.apache.org/download-90.cgi Migration guides from Apache Tomcat 7.x and 8.x: http://tomcat.apache.org/migration.html Enjoy! - The Apache Tomcat team - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1879564 - in /tomcat/site/trunk: docs/ xdocs/
Author: markt Date: Mon Jul 6 19:51:37 2020 New Revision: 1879564 URL: http://svn.apache.org/viewvc?rev=1879564&view=rev Log: Update site for Apache Tomcat 9.0.37 release Modified: tomcat/site/trunk/docs/doap_Tomcat.rdf tomcat/site/trunk/docs/download-90.html tomcat/site/trunk/docs/index.html tomcat/site/trunk/docs/migration-9.html tomcat/site/trunk/docs/oldnews.html tomcat/site/trunk/docs/whichversion.html tomcat/site/trunk/xdocs/doap_Tomcat.rdf tomcat/site/trunk/xdocs/download-90.xml tomcat/site/trunk/xdocs/index.xml tomcat/site/trunk/xdocs/migration-9.xml tomcat/site/trunk/xdocs/oldnews.xml tomcat/site/trunk/xdocs/whichversion.xml Modified: tomcat/site/trunk/docs/doap_Tomcat.rdf URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/doap_Tomcat.rdf?rev=1879564&r1=1879563&r2=1879564&view=diff == --- tomcat/site/trunk/docs/doap_Tomcat.rdf (original) +++ tomcat/site/trunk/docs/doap_Tomcat.rdf Mon Jul 6 19:51:37 2020 @@ -60,8 +60,8 @@ Latest Stable 9.0.x Release -2020-06-07 -9.0.36 +2020-07-06 +9.0.37 Modified: tomcat/site/trunk/docs/download-90.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-90.html?rev=1879564&r1=1879563&r2=1879564&view=diff == --- tomcat/site/trunk/docs/download-90.html (original) +++ tomcat/site/trunk/docs/download-90.html Mon Jul 6 19:51:37 2020 @@ -12,7 +12,7 @@ Quick Navigation -[define v]9.0.36[end] +[define v]9.0.37[end] https://downloads.apache.org/tomcat/tomcat-9/KEYS";>KEYS | [v] | Browse | Modified: tomcat/site/trunk/docs/index.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/index.html?rev=1879564&r1=1879563&r2=1879564&view=diff == --- tomcat/site/trunk/docs/index.html (original) +++ tomcat/site/trunk/docs/index.html Mon Jul 6 19:51:37 2020 @@ -28,6 +28,25 @@ wiki page. Apache Tomcat, Tomcat, Apache, the Apache feather, and the Apache Tomcat project logo are trademarks of the Apache Software Foundation. +2020-07-06 Tomcat 9.0.37 Released + +The Apache Tomcat Project is proud to announce the release of version 9.0.37 +of Apache Tomcat. The notable changes compared to 9.0.36 include: + +Implement a significant portion of the TLS environment variables for the +rewrite valve. +Improvements to the creation of OSGi manifests. +Reduce the memory footprint of closed HTTP/2 streams + + +Full details of these changes, and all the other changes, are available in the +Tomcat 9 +changelog. + + + +https://tomcat.apache.org/download-90.cgi";>Download + 2020-07-06 Tomcat 10.0.0-M7 Released The Apache Tomcat Project is proud to announce the release of version 10.0.0-M7 @@ -57,27 +76,6 @@ Full details of these changes, and all t https://tomcat.apache.org/download-10.cgi";>Download -2020-06-07 Tomcat 9.0.36 Released - -The Apache Tomcat Project is proud to announce the release of version 9.0.36 -of Apache Tomcat. The notable changes compared to 9.0.35 include: - -Add support for ALPN on recent OpenJDK 8 releases. -Add support for the CATALINA_OUT_CMD environment variable that defines a -command to which captured stdout and stderr will be redirected. For use -with, for example, rotatelogs. Patch provided by Harald Dunkel. -Be more flexible with respect to the ordering of groups, roles and users in -the tomcat-users.xml file - - -Full details of these changes, and all the other changes, are available in the -Tomcat 9 -changelog. - - - -https://tomcat.apache.org/download-90.cgi";>Download - 2020-06-07 Tomcat 8.5.56 Released The Apache Tomcat Project is proud to announce the release of version 8.5.56 Modified: tomcat/site/trunk/docs/migration-9.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/migration-9.html?rev=1879564&r1=1879563&r2=1879564&view=diff == --- tomcat/site/trunk/docs/migration-9.html (original) +++ tomcat/site/trunk/docs/migration-9.html Mon Jul 6 19:51:37 2020 @@ -398,8 +398,9 @@ of Apache Tomcat. 9.0.31 9.0.33 9.0.34 -9.0.35 -9.0.36 +9.0.35 +9.0.36 +9.0.37 , new version: 9.0.0-M1 @@ -446,7 +447,8 @@ of Apache Tomcat. 9.0.33 9.0.34 9.0.35 -9.0.36 +9.0.36 +9.0.37 trunk (unreleased) Modified: tomcat/site/trunk/docs/oldnews.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/oldnews.html?rev=1879564&r1=1879563&r2=1879564&view=diff == --- tomcat/site/trunk/docs/oldnews.html (original) +++ tomcat/site/trunk/docs/oldnews.html Mon Jul 6 19:51:37 2020 @@ -16
svn commit: r1879563 - in /tomcat/site/trunk: ./ docs/tomcat-9.0-doc/ docs/tomcat-9.0-doc/annotationapi/ docs/tomcat-9.0-doc/annotationapi/javax/annotation/ docs/tomcat-9.0-doc/annotationapi/javax/ann
Author: markt Date: Mon Jul 6 19:48:15 2020 New Revision: 1879563 URL: http://svn.apache.org/viewvc?rev=1879563&view=rev Log: Update docs only for Tomcat 9.0.37 release [This commit notification would consist of 70 parts, which exceeds the limit of 50 ones, so it was shortened to the summary.] - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Improving SameSite support
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, Jakarta EE 5.0 does not appear to include support for SameSite cookies. Tomcat's CookieProcessor allows an administrator to set the SameSite cookie policy, but it's a blanket policy. So for example, if you want a JSESSIONID cookie to be "strict" but some other cookie (e.g. "FOO") to be "unset" or "lax" or whatever, you will have to manually-build your "Set-Cookie" headers for your FOO cooki e. This is not terribly convenient. Unfortunately, *any* solution to this problem will be container-specific. The current Tomcat solution is of course a solution only for Tomcat, and only for versions which contain that SameSite support. I'm wondering if we can do better. Instead of a single "sameSiteCookies" setting which applies to *all* cookies, perhaps the CookieProcessor could have a different policy for specific cookies. Something like this: ... In the above setup, the "sameSiteCookie" attribute of the CookieProcessor sets the default policy for the CookieProcessor. Then, each of the elements sets the policy for a specific cookie by name. This would allow applications to set their policies without having to construct their own Set-Cookie response headers, handle encoding, etc. and it would also inherit any other Tomcat-supplied cookie-related policies. Another option would be to provide a subclass of j.s.h.Cookie which includes a setSameSite(String) method. The CookieProcessor could check for instanceof EnhancedCookie (or whatever) and use that setting for each Cookie object. But that seems like less of a good idea -- except that it would be easier for refactoring tools to locate instances of the Tomcat-specific Cookie class and replace them with a future SameSite-supporting official Jakarta EE Cookie class. WDYT? - -chris -BEGIN PGP SIGNATURE- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl8DexAACgkQHPApP6U8 pFjDZBAAiaKBAla3DJ+SHvHTkADOeGXqrMX9kbrIZB3ajnq+m4MEWPH6dmQrg9+j ROcPVNsj8gahrJSWEzvdu7bQc96tWQ8RD265DQ1pbjwNCfWGHMM8FPJaRp4DO7av zvWMtNLI/Sv+63CmZr27mzE1o/iJturdNAu/12kOUDd5RVVnM8CROKVtE5rmbVN8 dFQIuMD6mQov+J+Eqg6sqJLPVNoxcjRo25QsrfEOUnsbXx+0sHCe0QMiv4wgMf3G LnPEY7GhOBOcjaN6lWENAWAkeuoUZIlVpbndk6RRihziSGNAZ+uNORy54mP8SGkR z33lWKMIolYBBqcmvuFy7OOsfdLGI50kUIc05Hd+T9XMO4p7OSOeJDwvGTmN6Kie 2ZChodQYnWEN//VrD0UxN7t4rlujXF0sS40hryoehzDge/UjVFabR/nEKsySWigR eddvNhumWqxtjEt8K+/5um366ybVr6VkzpaGfBZ6inzYZtmLmMNr1xd/hz9V5c7j 4KZiGvB5qxZpcrNtmiYJHYzEE8PHauGsEUzG08Skd4SJmo6TkyvefdnaPHezNOse Ikd78TLvPLNMEE2dUqZ508wYTmR14/ZEiEOt2IUYHD1Dk1oFOgmnR8jbG6+ONZMp Fjmv5qWfAAeGmWsuMUCHpiz0w3LGJGGlrLur1NXwLkhtz+epx4M= =dJAO -END PGP SIGNATURE- - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[ANN] Apache Tomcat 10.0.0-M7 available
The Apache Tomcat team announces the immediate availability of Apache Tomcat 10.0.0-M7. Apache Tomcat 10 is an open source software implementation of the Jakarta Servlet, Jakarta Server Pages, Jakarta Expression Language, Jakarta WebSocket, Jakarta Authentication and Jakarta Annotations specifications. Users of Tomcat 10 onwards should be aware that, as a result of the move from Java EE to Jakarta EE as part of the transfer of Java EE to the Eclipse Foundation, the primary package for all implemented APIs has changed from javax.* to jakarta.*. This will almost certainly require code changes to enable applications to migrate from Tomcat 9 and earlier to Tomcat 10 and later. A migration tool is under development to aid this process. Apache Tomcat 10.0.0-M7 is a milestone release of the 10.0.x branch and has been made to provide users with early access to the new features in Apache Tomcat 10.0.x so that they may provide feedback. The notable changes compared to 10.0.0-M6 include: - Implement a significant portion of the TLS environment variables for the rewrite valve. - Add the Jakarta EE 9 schema. - Improvements to the creation of OSGi manifests. Please refer to the change log for the complete list of changes: http://tomcat.apache.org/tomcat-10.0-doc/changelog.html Downloads: http://tomcat.apache.org/download-10.cgi Migration guides from Apache Tomcat 7.0.x, 8.5.x and 9.0.x: http://tomcat.apache.org/migration.html Enjoy! - The Apache Tomcat team - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1879561 - in /tomcat/site/trunk: ./ docs/tomcat-10.0-doc/ docs/tomcat-10.0-doc/WEB-INF/ docs/tomcat-10.0-doc/annotationapi/ docs/tomcat-10.0-doc/annotationapi/jakarta/annotation/ docs/tom
Author: markt Date: Mon Jul 6 18:48:55 2020 New Revision: 1879561 URL: http://svn.apache.org/viewvc?rev=1879561&view=rev Log: Update docs only for Apache Tomcat 10.0.0-M7 release [This commit notification would consist of 72 parts, which exceeds the limit of 50 ones, so it was shortened to the summary.] - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1879562 - in /tomcat/site/trunk: docs/download-10.html docs/index.html docs/migration-10.html docs/oldnews.html docs/whichversion.html xdocs/download-10.xml xdocs/index.xml xdocs/migratio
Author: markt Date: Mon Jul 6 18:49:55 2020 New Revision: 1879562 URL: http://svn.apache.org/viewvc?rev=1879562&view=rev Log: Update site for release of Apache Tomcat 10.0.0-M7 Modified: tomcat/site/trunk/docs/download-10.html tomcat/site/trunk/docs/index.html tomcat/site/trunk/docs/migration-10.html tomcat/site/trunk/docs/oldnews.html tomcat/site/trunk/docs/whichversion.html tomcat/site/trunk/xdocs/download-10.xml tomcat/site/trunk/xdocs/index.xml tomcat/site/trunk/xdocs/migration-10.xml tomcat/site/trunk/xdocs/oldnews.xml tomcat/site/trunk/xdocs/whichversion.xml Modified: tomcat/site/trunk/docs/download-10.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-10.html?rev=1879562&r1=1879561&r2=1879562&view=diff == --- tomcat/site/trunk/docs/download-10.html (original) +++ tomcat/site/trunk/docs/download-10.html Mon Jul 6 18:49:55 2020 @@ -21,7 +21,7 @@ Quick Navigation -[define v]10.0.0-M6[end] +[define v]10.0.0-M7[end] https://downloads.apache.org/tomcat/tomcat-10/KEYS";>KEYS | [v] | Browse | Modified: tomcat/site/trunk/docs/index.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/index.html?rev=1879562&r1=1879561&r2=1879562&view=diff == --- tomcat/site/trunk/docs/index.html (original) +++ tomcat/site/trunk/docs/index.html Mon Jul 6 18:49:55 2020 @@ -28,6 +28,35 @@ wiki page. Apache Tomcat, Tomcat, Apache, the Apache feather, and the Apache Tomcat project logo are trademarks of the Apache Software Foundation. +2020-07-06 Tomcat 10.0.0-M7 Released + +The Apache Tomcat Project is proud to announce the release of version 10.0.0-M7 +of Apache Tomcat. This release is a milestone release and is targeted at Jakarta +EE 9. +Users of Tomcat 10 onwards should be aware that, as a result of the move from +Java EE to Jakarta EE as part of the transfer of Java EE to the Eclipse +Foundation, the primary package for all implemented APIs has changed from +javax.* to jakarta.*. This will almost certainly +require code changes to enable applications to migrate from Tomcat 9 and earlier +to Tomcat 10 and later. A +https://github.com/apache/tomcat-jakartaee-migration";>migration +tool is under development to aid this process. +The notable changes in this release are: + +Implement a significant portion of the TLS environment variables for the +rewrite valve. +Add the Jakarta EE 9 schema. +Improvements to the creation of OSGi manifests. + + +Full details of these changes, and all the other changes, are available in the +Tomcat 10 +(alpha) changelog. + + + +https://tomcat.apache.org/download-10.cgi";>Download + 2020-06-07 Tomcat 9.0.36 Released The Apache Tomcat Project is proud to announce the release of version 9.0.36 @@ -74,37 +103,6 @@ changelog. https://tomcat.apache.org/download-80.cgi";>Download -2020-06-07 Tomcat 10.0.0-M6 Released - -The Apache Tomcat Project is proud to announce the release of version 10.0.0-M6 -of Apache Tomcat. This release is a milestone release and is targeted at Jakarta -EE 9. -Users of Tomcat 10 onwards should be aware that, as a result of the move from -Java EE to Jakarta EE as part of the transfer of Java EE to the Eclipse -Foundation, the primary package for all implemented APIs has changed from -javax.* to jakarta.*. This will almost certainly -require code changes to enable applications to migrate from Tomcat 9 and earlier -to Tomcat 10 and later. A -https://github.com/apache/tomcat-jakartaee-migration";>migration -tool is under development to aid this process. -The notable changes in this release are: - -Add support for ALPN on recent OpenJDK 8 releases. -Add support for the CATALINA_OUT_CMD environment variable that defines a -command to which captured stdout and stderr will be redirected. For use -with, for example, rotatelogs. Patch provided by Harald Dunkel. -Be more flexible with respect to the ordering of groups, roles and users in -the tomcat-users.xml file - - -Full details of these changes, and all the other changes, are available in the -Tomcat 10 -(alpha) changelog. - - - -https://tomcat.apache.org/download-10.cgi";>Download - 2020-05-16 Tomcat 7.0.104 Released The Apache Tomcat Project is proud to announce the release of version 7.0.104 of Modified: tomcat/site/trunk/docs/migration-10.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/migration-10.html?rev=1879562&r1=1879561&r2=1879562&view=diff == --- tomcat/site/trunk/docs/migration-10.html (original) +++ tomcat/site/trunk/docs/migration-10.html Mon Jul 6 18:49:55 2020 @@ -166,15 +166,17 @@ of Apache Tomcat. 10.0.0-M1 10.0.0-M3 10.0.0-M4 -10.0.0-M5 -10.0.0-M6 +10.0.0-M5 +10.0.0-M6 +10.0.0-M7 , new
[GitHub] [tomcat] rotty3000 opened a new pull request #317: Fix BZ 64548 - generate JPMS metadata
rotty3000 opened a new pull request #317: URL: https://github.com/apache/tomcat/pull/317 Signed-off-by: Raymond Augé This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1879559 - in /tomcat/site/trunk: docs/whoweare.html xdocs/whoweare.xml
Author: markt Date: Mon Jul 6 18:26:26 2020 New Revision: 1879559 URL: http://svn.apache.org/viewvc?rev=1879559&view=rev Log: Move André to the emeritus PMC member section Modified: tomcat/site/trunk/docs/whoweare.html tomcat/site/trunk/xdocs/whoweare.xml Modified: tomcat/site/trunk/docs/whoweare.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/whoweare.html?rev=1879559&r1=1879558&r2=1879559&view=diff == --- tomcat/site/trunk/docs/whoweare.html (original) +++ tomcat/site/trunk/docs/whoweare.html Mon Jul 6 18:26:26 2020 @@ -137,9 +137,6 @@ A complete list of all the Apache Commit Keith Wannamaker (keith at apache.org) -André Warnier (soliplaya at apache.org) - - Tim Whittington (timw at apache.org) @@ -159,6 +156,7 @@ Emeritus is defined in the Apache gl Amy Roh (amyroh at apache.org) Yoav Shapira (yoavs at apache.org) +André Warnier (soliplaya at apache.org) Emeritus Committers Modified: tomcat/site/trunk/xdocs/whoweare.xml URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/whoweare.xml?rev=1879559&r1=1879558&r2=1879559&view=diff == --- tomcat/site/trunk/xdocs/whoweare.xml (original) +++ tomcat/site/trunk/xdocs/whoweare.xml Mon Jul 6 18:26:26 2020 @@ -145,9 +145,6 @@ A complete list of all the Apache Commit Keith Wannamaker (keith at apache.org) -André Warnier (soliplaya at apache.org) - - Tim Whittington (timw at apache.org) @@ -174,6 +171,7 @@ Yoav Shapira contributes to numerous Apa open-source projects: you can read more about him at http://www.yoavshapira.com";>YoavShapira.com. --> +André Warnier (soliplaya at apache.org) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [tomcat] branch master updated: Use StringBuilder instead of StringBuffer
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Martin,
On 7/6/20 03:09, mgrigo...@apache.org wrote:
> diff --git
> a/java/org/apache/catalina/connector/CoyotePrincipal.java
> b/java/org/apache/catalina/connector/CoyotePrincipal.java index
> 1ae5608..93d7c02 100644 ---
> a/java/org/apache/catalina/connector/CoyotePrincipal.java +++
> b/java/org/apache/catalina/connector/CoyotePrincipal.java @@ -64,7
> +64,7 @@ public class CoyotePrincipal implements Principal,
> Serializable { public String toString() { StringBuilder sb = new
> StringBuilder("CoyotePrincipal["); sb.append(this.name); -
> sb.append("]"); +sb.append(']'); return sb.toString(); }
Might I suggest further improvements?
Step 1:
public String toString() {
return new StringBuilder("CoyotePrincipal[")
.append(this.name);
.append(']');
.toString();
It turns out that the generated bytecode is something like 2/3 as long
as the sb.append(); sb.append(); sb.append(); code. JIT probably does
the same thing eventually, but why not help it out?
Step 2:
public String toString() {
return "CoyotePrincipal[" + this.name + ']';
}
This has a few advantages:
1. It's dead easy to read
2. The compiler makes the best decision as to how to perform the
concatenation
In very old versions of Java, you'll get StringBuffer concatenation as
the pre-commit version. Later versions get you StringBuilder as
post-commit version. Post 9.x-versions get you a call to
StringConcatFactory.makeConcatWithConstants which is presumably even
more efficient.
I understand that this was supposed to be a small patch, but I think
further improvements are possible in many cases like this one.
Thanks,
- -chris
-BEGIN PGP SIGNATURE-
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl8DMT8ACgkQHPApP6U8
pFgUtA/+OoHnIgHBLoIOXqP5t10g/dBFxGrIpOUOe1MvIhWMdObcNIlZmnM1vv0Z
xCRYXxGCj20xm4P/NEzvRlEPWfd0uvoZczr34JVPlgOWUBJeRHmLQ+KlGdCeuuKk
cmxV4ZXZSt8bzVMufQ+N2RPOCGUvti2kin0CSj9BlygKuTAMuXgwVcyEo7XvLf3z
153dHylBL3ka5jo2lR4vYlj8U6PvzoZuLj3NAnrRZP3YttbQKimhXDcOg7zkeVP+
GFINDBE+fux+s5P38vqRLqzA4JEDFfjsKzT4JV21BrSbxhdUbXyYE4RMhW+izKB8
B/SJhBtEN1huED3GkZbg/DN0nYgY4vVeoHz4kdal1E5uVybG5SLj6xoz6tkRsayB
pOHguW1ds8NLPJwHBEATq6YQOXGfqECbW+iWuP54F7eBzo57CiZWsnQPalpSo9pn
mdBRbcfyI7z9vJFaiGCpudKGKK5+F1VFj6KELxZP7nAO0Lyhwapsai9TzLXLOTk1
8ReS5GENoZDrzrb3Gn/YCmdYAxdED9ejjkiY5qVjX3ZXWXaeytcz1h3bY2opV4Ks
a+tahArWqI1t44cemejJuiXFZB0xrDjji6pnd3ZqZ4vG1TREKxK2hdLjuwP3vaw9
fqt4d3E596rPtqF2e0aJLGfW+3iJ2r67c7DP9ARHMAdadMIi23U=
=N+0c
-END PGP SIGNATURE-
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 7.0.105
Am 02.07.20 um 15:08 schrieb Violeta Georgieva: > The proposed Apache Tomcat 7.0.105 release is now available for voting. > > It can be obtained from: > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-7/v7.0.105/ > The Maven staging repo is: > https://repository.apache.org/content/repositories/orgapachetomcat-1275/ > The git tag is: > https://github.com/apache/tomcat/tree/7.0.105 > f95f4e146e7eb463abdd8d7e2c47095d50075d97 > > The proposed 7.0.105 release is: > [ ] Broken - do not release > [x] Stable - go ahead and release as 7.0.105 Stable Felix > > Regards, > Violeta - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Plans to get GenericPrincipal to inherit CallerPrincipal?
On 06/07/2020 12:43, Jean-Louis MONTEIRO wrote: > Hi, > > I would like to know if there are any plans to get GenericPrincipal to > inherit CallerPrincipal? > From a backward compatibility perspective, it does not seem to hurt > because the getName() is already in the GenericPrincipal. > > The question comes because I was reading the Java Security API and this > chapter > https://javaee.github.io/security-spec/spec/jsr375-spec.html#_caller_principal_types > > Seems to advise that app server should inherit from CallerPrincipal. JSR-375 was released after Java EE 8 - i.e. too late for Tomcat 9. Tomcat implements JASPIC, now Jakarta Authentication. We do need to look at what is changed in that spec for Jakarta EE 9 (Tomcat 10) - which should be very little. I don't think anyone has looked at looked at the Jakarta Security 2.0 spec for Jakarta EE 9 (Tomcat 10). I agree having GenericPrincipal extend CallerPrincipal should be low impact. However, it would need to be looked at in the wider context of the entire spec. We can't just pick a single class. Taking a quick look the spec depends on CDI which Tomcat does not support. Adding a dependency to that JAR just to extend CallerPrincipal seems a little excessive at this point. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Plans to get GenericPrincipal to inherit CallerPrincipal?
Hi, I would like to know if there are any plans to get GenericPrincipal to inherit CallerPrincipal? >From a backward compatibility perspective, it does not seem to hurt because the getName() is already in the GenericPrincipal. The question comes because I was reading the Java Security API and this chapter https://javaee.github.io/security-spec/spec/jsr375-spec.html#_caller_principal_types Seems to advise that app server should inherit from CallerPrincipal. Thanks -- Jean-Louis
Re: [tomcat] branch 9.0.x updated: Fix case of JavaScript.
On 06/07/2020 09:36, mgrigo...@apache.org wrote: Thanks for back-porting these. Mark > This is an automated email from the ASF dual-hosted git repository. > > mgrigorov pushed a commit to branch 9.0.x > in repository https://gitbox.apache.org/repos/asf/tomcat.git > > > The following commit(s) were added to refs/heads/9.0.x by this push: > new 97e3caa Fix case of JavaScript. > 97e3caa is described below > > commit 97e3caa80ae496006562275dc33b3f354e382390 > Author: John Bampton > AuthorDate: Sat Jul 4 09:28:13 2020 +1000 > > Fix case of JavaScript. > > Changes were: > > - `javascript` to `JavaScript` > - `Javascript` to `JavaScript` > > (cherry picked from commit 96b5ab3aac24c25f478b8299110dfd02ca0e1507) > --- > conf/web.xml | 2 +- > webapps/docs/ssi-howto.xml | 2 +- > webapps/docs/ssl-howto.xml | 2 +- > webapps/examples/websocket/chat.xhtml | 4 ++-- > webapps/examples/websocket/drawboard.xhtml | 4 ++-- > webapps/examples/websocket/echo.xhtml | 4 ++-- > webapps/examples/websocket/snake.xhtml | 4 ++-- > 7 files changed, 11 insertions(+), 11 deletions(-) > > diff --git a/conf/web.xml b/conf/web.xml > index bd17e85..a9e29ee 100644 > --- a/conf/web.xml > +++ b/conf/web.xml > @@ -543,7 +543,7 @@ > > > > - > + > > > > diff --git a/webapps/docs/ssi-howto.xml b/webapps/docs/ssi-howto.xml > index 8d672de..8f866cc 100644 > --- a/webapps/docs/ssi-howto.xml > +++ b/webapps/docs/ssi-howto.xml > @@ -61,7 +61,7 @@ is mapped to the URL pattern "*.shtml". > is mapped to the URL pattern "*.shtml", though it can be mapped to "*" as > it will selectively enable/disable SSI processing based on mime types. The > contentType init param allows you to apply SSI processing to JSP pages, > -javascript, or any other content you wish. > +JavaScript, or any other content you wish. > By default SSI support is disabled in Tomcat. > > > diff --git a/webapps/docs/ssl-howto.xml b/webapps/docs/ssl-howto.xml > index 91b5dd2..a508e20 100644 > --- a/webapps/docs/ssl-howto.xml > +++ b/webapps/docs/ssl-howto.xml > @@ -155,7 +155,7 @@ scenarios, they are not suitable for any form of > production use. > > When securing a website with SSL it's important to make sure that all > assets > that the site uses are served over SSL, so that an attacker can't bypass > -the security by injecting malicious content in a javascript file or similar. > To > +the security by injecting malicious content in a JavaScript file or similar. > To > further enhance the security of your website, you should evaluate to use the > HSTS header. It allows you to communicate to the browser that your site > should > always be accessed over https. > diff --git a/webapps/examples/websocket/chat.xhtml > b/webapps/examples/websocket/chat.xhtml > index fca748c..806c172 100644 > --- a/webapps/examples/websocket/chat.xhtml > +++ b/webapps/examples/websocket/chat.xhtml > @@ -122,8 +122,8 @@ > ]]> > > > -Seems your browser doesn't > support Javascript! Websockets rely on Javascript being enabled. Please enable > -Javascript and reload this page! > +Seems your browser doesn't > support JavaScript! Websockets rely on JavaScript being enabled. Please enable > +JavaScript and reload this page! > > > id="chat" /> > diff --git a/webapps/examples/websocket/drawboard.xhtml > b/webapps/examples/websocket/drawboard.xhtml > index 82e494f..14c5b2a 100644 > --- a/webapps/examples/websocket/drawboard.xhtml > +++ b/webapps/examples/websocket/drawboard.xhtml > @@ -858,8 +858,8 @@ > ]]> > > > -Seems your browser doesn't support Javascript! Websockets rely on > Javascript being enabled. Please enable > -Javascript and reload this page! > +Seems your browser doesn't support JavaScript! Websockets rely on > JavaScript being enabled. Please enable > +JavaScript and reload this page! > > > > diff --git a/webapps/examples/websocket/echo.xhtml > b/webapps/examples/websocket/echo.xhtml > index 89347bb..ac2a732 100644 > --- a/webapps/examples/websocket/echo.xhtml > +++ b/webapps/examples/websocket/echo.xhtml > @@ -136,8 +136,8 @@ > ]]> > > > -Seems your browser doesn't > support Javascript! Websockets rely on Javascript being enabled. Please enable > -Javascript and reload this page! > +Seems your browser doesn't > support JavaScript! Websockets rely on JavaScript being enabled. Please enable > +JavaScript and reload this page! > > > > diff --git a/webapps/examples/websocket/snake.xhtml > b/webapps/examples/websocket/snake.xhtml > index b71077c..f0dee27 100644 > --- a/webapps/examples/websocket/snake.xhtml > +++ b/webapps/examples/websocket/snake.xhtml > @@ -49,8 +49,8 @@ > ]]> > > > -Seems your browser > doesn't support Javascript! Websockets rely on Javascript being enabled. > Please enable > -
[tomcat] branch 8.5.x updated: Fix case of JavaScript.
This is an automated email from the ASF dual-hosted git repository. mgrigorov pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new ba64002 Fix case of JavaScript. ba64002 is described below commit ba640022060ad97beb7f2d195fa85d919a04876c Author: John Bampton AuthorDate: Sat Jul 4 09:28:13 2020 +1000 Fix case of JavaScript. Changes were: - `javascript` to `JavaScript` - `Javascript` to `JavaScript` (cherry picked from commit 96b5ab3aac24c25f478b8299110dfd02ca0e1507) --- conf/web.xml | 2 +- webapps/docs/ssi-howto.xml | 2 +- webapps/docs/ssl-howto.xml | 2 +- webapps/examples/websocket/chat.xhtml | 4 ++-- webapps/examples/websocket/drawboard.xhtml | 4 ++-- webapps/examples/websocket/echo.xhtml | 4 ++-- webapps/examples/websocket/snake.xhtml | 4 ++-- 7 files changed, 11 insertions(+), 11 deletions(-) diff --git a/conf/web.xml b/conf/web.xml index cf873f6..4392dcd 100644 --- a/conf/web.xml +++ b/conf/web.xml @@ -537,7 +537,7 @@ - + diff --git a/webapps/docs/ssi-howto.xml b/webapps/docs/ssi-howto.xml index 8d672de..8f866cc 100644 --- a/webapps/docs/ssi-howto.xml +++ b/webapps/docs/ssi-howto.xml @@ -61,7 +61,7 @@ is mapped to the URL pattern "*.shtml". is mapped to the URL pattern "*.shtml", though it can be mapped to "*" as it will selectively enable/disable SSI processing based on mime types. The contentType init param allows you to apply SSI processing to JSP pages, -javascript, or any other content you wish. +JavaScript, or any other content you wish. By default SSI support is disabled in Tomcat. diff --git a/webapps/docs/ssl-howto.xml b/webapps/docs/ssl-howto.xml index 91b5dd2..a508e20 100644 --- a/webapps/docs/ssl-howto.xml +++ b/webapps/docs/ssl-howto.xml @@ -155,7 +155,7 @@ scenarios, they are not suitable for any form of production use. When securing a website with SSL it's important to make sure that all assets that the site uses are served over SSL, so that an attacker can't bypass -the security by injecting malicious content in a javascript file or similar. To +the security by injecting malicious content in a JavaScript file or similar. To further enhance the security of your website, you should evaluate to use the HSTS header. It allows you to communicate to the browser that your site should always be accessed over https. diff --git a/webapps/examples/websocket/chat.xhtml b/webapps/examples/websocket/chat.xhtml index fca748c..806c172 100644 --- a/webapps/examples/websocket/chat.xhtml +++ b/webapps/examples/websocket/chat.xhtml @@ -122,8 +122,8 @@ ]]> -Seems your browser doesn't support Javascript! Websockets rely on Javascript being enabled. Please enable -Javascript and reload this page! +Seems your browser doesn't support JavaScript! Websockets rely on JavaScript being enabled. Please enable +JavaScript and reload this page! diff --git a/webapps/examples/websocket/drawboard.xhtml b/webapps/examples/websocket/drawboard.xhtml index ff63366..52df651 100644 --- a/webapps/examples/websocket/drawboard.xhtml +++ b/webapps/examples/websocket/drawboard.xhtml @@ -858,8 +858,8 @@ ]]> -Seems your browser doesn't support Javascript! Websockets rely on Javascript being enabled. Please enable -Javascript and reload this page! +Seems your browser doesn't support JavaScript! Websockets rely on JavaScript being enabled. Please enable +JavaScript and reload this page! diff --git a/webapps/examples/websocket/echo.xhtml b/webapps/examples/websocket/echo.xhtml index 89347bb..ac2a732 100644 --- a/webapps/examples/websocket/echo.xhtml +++ b/webapps/examples/websocket/echo.xhtml @@ -136,8 +136,8 @@ ]]> -Seems your browser doesn't support Javascript! Websockets rely on Javascript being enabled. Please enable -Javascript and reload this page! +Seems your browser doesn't support JavaScript! Websockets rely on JavaScript being enabled. Please enable +JavaScript and reload this page! diff --git a/webapps/examples/websocket/snake.xhtml b/webapps/examples/websocket/snake.xhtml index b71077c..f0dee27 100644 --- a/webapps/examples/websocket/snake.xhtml +++ b/webapps/examples/websocket/snake.xhtml @@ -49,8 +49,8 @@ ]]> -Seems your browser doesn't support Javascript! Websockets rely on Javascript being enabled. Please enable -Javascript and reload this page! +Seems your browser doesn't support JavaScript! Websockets rely on JavaScript being enabled. Please enable +JavaScript and reload this page! - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apach
[tomcat] branch 9.0.x updated: Fix case of JavaScript.
This is an automated email from the ASF dual-hosted git repository. mgrigorov pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 97e3caa Fix case of JavaScript. 97e3caa is described below commit 97e3caa80ae496006562275dc33b3f354e382390 Author: John Bampton AuthorDate: Sat Jul 4 09:28:13 2020 +1000 Fix case of JavaScript. Changes were: - `javascript` to `JavaScript` - `Javascript` to `JavaScript` (cherry picked from commit 96b5ab3aac24c25f478b8299110dfd02ca0e1507) --- conf/web.xml | 2 +- webapps/docs/ssi-howto.xml | 2 +- webapps/docs/ssl-howto.xml | 2 +- webapps/examples/websocket/chat.xhtml | 4 ++-- webapps/examples/websocket/drawboard.xhtml | 4 ++-- webapps/examples/websocket/echo.xhtml | 4 ++-- webapps/examples/websocket/snake.xhtml | 4 ++-- 7 files changed, 11 insertions(+), 11 deletions(-) diff --git a/conf/web.xml b/conf/web.xml index bd17e85..a9e29ee 100644 --- a/conf/web.xml +++ b/conf/web.xml @@ -543,7 +543,7 @@ - + diff --git a/webapps/docs/ssi-howto.xml b/webapps/docs/ssi-howto.xml index 8d672de..8f866cc 100644 --- a/webapps/docs/ssi-howto.xml +++ b/webapps/docs/ssi-howto.xml @@ -61,7 +61,7 @@ is mapped to the URL pattern "*.shtml". is mapped to the URL pattern "*.shtml", though it can be mapped to "*" as it will selectively enable/disable SSI processing based on mime types. The contentType init param allows you to apply SSI processing to JSP pages, -javascript, or any other content you wish. +JavaScript, or any other content you wish. By default SSI support is disabled in Tomcat. diff --git a/webapps/docs/ssl-howto.xml b/webapps/docs/ssl-howto.xml index 91b5dd2..a508e20 100644 --- a/webapps/docs/ssl-howto.xml +++ b/webapps/docs/ssl-howto.xml @@ -155,7 +155,7 @@ scenarios, they are not suitable for any form of production use. When securing a website with SSL it's important to make sure that all assets that the site uses are served over SSL, so that an attacker can't bypass -the security by injecting malicious content in a javascript file or similar. To +the security by injecting malicious content in a JavaScript file or similar. To further enhance the security of your website, you should evaluate to use the HSTS header. It allows you to communicate to the browser that your site should always be accessed over https. diff --git a/webapps/examples/websocket/chat.xhtml b/webapps/examples/websocket/chat.xhtml index fca748c..806c172 100644 --- a/webapps/examples/websocket/chat.xhtml +++ b/webapps/examples/websocket/chat.xhtml @@ -122,8 +122,8 @@ ]]> -Seems your browser doesn't support Javascript! Websockets rely on Javascript being enabled. Please enable -Javascript and reload this page! +Seems your browser doesn't support JavaScript! Websockets rely on JavaScript being enabled. Please enable +JavaScript and reload this page! diff --git a/webapps/examples/websocket/drawboard.xhtml b/webapps/examples/websocket/drawboard.xhtml index 82e494f..14c5b2a 100644 --- a/webapps/examples/websocket/drawboard.xhtml +++ b/webapps/examples/websocket/drawboard.xhtml @@ -858,8 +858,8 @@ ]]> -Seems your browser doesn't support Javascript! Websockets rely on Javascript being enabled. Please enable -Javascript and reload this page! +Seems your browser doesn't support JavaScript! Websockets rely on JavaScript being enabled. Please enable +JavaScript and reload this page! diff --git a/webapps/examples/websocket/echo.xhtml b/webapps/examples/websocket/echo.xhtml index 89347bb..ac2a732 100644 --- a/webapps/examples/websocket/echo.xhtml +++ b/webapps/examples/websocket/echo.xhtml @@ -136,8 +136,8 @@ ]]> -Seems your browser doesn't support Javascript! Websockets rely on Javascript being enabled. Please enable -Javascript and reload this page! +Seems your browser doesn't support JavaScript! Websockets rely on JavaScript being enabled. Please enable +JavaScript and reload this page! diff --git a/webapps/examples/websocket/snake.xhtml b/webapps/examples/websocket/snake.xhtml index b71077c..f0dee27 100644 --- a/webapps/examples/websocket/snake.xhtml +++ b/webapps/examples/websocket/snake.xhtml @@ -49,8 +49,8 @@ ]]> -Seems your browser doesn't support Javascript! Websockets rely on Javascript being enabled. Please enable -Javascript and reload this page! +Seems your browser doesn't support JavaScript! Websockets rely on JavaScript being enabled. Please enable +JavaScript and reload this page! - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apach
[tomcat] branch 8.5.x updated: Use StringBuilder instead of StringBuffer
This is an automated email from the ASF dual-hosted git repository. mgrigorov pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new 9d2afb9 Use StringBuilder instead of StringBuffer 9d2afb9 is described below commit 9d2afb9c594c0d3b3867b88f17abfdc5fe96d4ea Author: Martin Tzvetanov Grigorov AuthorDate: Fri Jul 3 10:29:04 2020 +0300 Use StringBuilder instead of StringBuffer There is no need of synchronization when it is a method local variable. Append character instead of String when possible Replace more .append(String) with .append(char) (cherry picked from commit d106b2b0305e443261704ee44fa0ce8f696d1059) --- .../authenticator/SingleSignOnSessionKey.java| 2 +- .../apache/catalina/connector/CoyotePrincipal.java | 2 +- java/org/apache/catalina/connector/Response.java | 4 ++-- .../catalina/core/ApplicationFilterConfig.java | 2 +- java/org/apache/catalina/core/StandardServer.java| 2 +- java/org/apache/catalina/core/StandardService.java | 2 +- .../org/apache/catalina/ha/session/DeltaRequest.java | 2 +- .../org/apache/catalina/ha/session/DeltaSession.java | 2 +- java/org/apache/catalina/loader/WebappLoader.java| 4 ++-- java/org/apache/catalina/mbeans/MBeanDumper.java | 1 - java/org/apache/catalina/realm/GenericPrincipal.java | 4 ++-- java/org/apache/catalina/realm/RealmBase.java| 6 +++--- java/org/apache/catalina/servlets/CGIServlet.java| 12 ++-- .../org/apache/catalina/servlets/DefaultServlet.java | 20 ++-- java/org/apache/catalina/session/ManagerBase.java| 2 +- .../org/apache/catalina/session/StandardSession.java | 2 +- .../org/apache/catalina/ssi/ExpressionParseTree.java | 4 ++-- .../catalina/ssi/SSIServletExternalResolver.java | 8 java/org/apache/catalina/startup/ContextConfig.java | 1 - .../apache/catalina/startup/SetNextNamingRule.java | 3 +-- java/org/apache/catalina/startup/Tomcat.java | 4 ++-- .../apache/catalina/storeconfig/StoreFileMover.java | 10 +- .../apache/catalina/tribes/group/GroupChannel.java | 6 +++--- java/org/apache/catalina/tribes/io/ChannelData.java | 8 .../catalina/tribes/membership/MemberImpl.java | 14 +++--- .../catalina/tribes/tipis/AbstractReplicatedMap.java | 2 +- java/org/apache/catalina/tribes/util/Arrays.java | 8 .../apache/catalina/users/MemoryUserDatabase.java| 2 +- java/org/apache/catalina/util/Extension.java | 2 +- java/org/apache/catalina/util/ManifestResource.java | 2 +- java/org/apache/catalina/util/Strftime.java | 2 +- .../catalina/valves/AbstractAccessLogValve.java | 2 +- .../catalina/valves/ExtendedAccessLogValve.java | 4 ++-- .../catalina/valves/StuckThreadDetectionValve.java | 2 +- .../apache/catalina/valves/rewrite/RewriteValve.java | 6 +++--- .../apache/catalina/valves/rewrite/Substitution.java | 2 +- java/org/apache/coyote/ajp/AjpMessage.java | 2 +- java/org/apache/jasper/compiler/Generator.java | 2 +- java/org/apache/jasper/compiler/PageDataImpl.java| 18 +- java/org/apache/juli/JdkLoggerFormatter.java | 6 +++--- java/org/apache/naming/AbstractRef.java | 4 ++-- java/org/apache/tomcat/util/Diagnostics.java | 2 +- java/org/apache/tomcat/util/MultiThrowable.java | 4 ++-- .../util/bcel/classfile/ArrayElementValue.java | 6 +++--- java/org/apache/tomcat/util/buf/UriUtil.java | 2 +- .../util/descriptor/web/ApplicationParameter.java| 2 +- .../tomcat/util/descriptor/web/ContextEjb.java | 2 +- .../util/descriptor/web/ContextEnvironment.java | 2 +- .../tomcat/util/descriptor/web/ContextHandler.java | 2 +- .../tomcat/util/descriptor/web/ContextLocalEjb.java | 2 +- .../tomcat/util/descriptor/web/ContextResource.java | 2 +- .../util/descriptor/web/ContextResourceEnvRef.java | 2 +- .../util/descriptor/web/ContextResourceLink.java | 2 +- .../tomcat/util/descriptor/web/ContextService.java | 2 +- .../util/descriptor/web/ContextTransaction.java | 2 +- .../apache/tomcat/util/descriptor/web/ErrorPage.java | 2 +- .../apache/tomcat/util/descriptor/web/FilterDef.java | 2 +- .../apache/tomcat/util/descriptor/web/FilterMap.java | 2 +- .../tomcat/util/descriptor/web/LoginConfig.java | 2 +- .../util/descriptor/web/MessageDestination.java | 2 +- .../util/descriptor/web/MessageDestinationRef.java | 2 +- .../util/descriptor/web/SecurityCollection.java | 2 +- .../util/descriptor/web/SecurityConstraint.java | 2 +- .../tomcat/util/descriptor/web/SecurityRoleRef.java | 2 +- .../tomcat/util/descriptor/web/WebRuleSet.java | 2 +- .../apache/tomcat/util/descriptor/web/WebXml.java| 2 +- .../apac
Re: [VOTE] Release Apache Tomcat 7.0.105
On Thu, Jul 2, 2020 at 3:08 PM Violeta Georgieva wrote: > The proposed Apache Tomcat 7.0.105 release is now available for voting. > > It can be obtained from: > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-7/v7.0.105/ > The Maven staging repo is: > https://repository.apache.org/content/repositories/orgapachetomcat-1275/ > The git tag is: > https://github.com/apache/tomcat/tree/7.0.105 > f95f4e146e7eb463abdd8d7e2c47095d50075d97 > > The proposed 7.0.105 release is: > [ ] Broken - do not release > [X] Stable - go ahead and release as 7.0.105 Stable > Rémy
buildbot success in on tomcat-trunk
The Buildbot has detected a restored build on builder tomcat-trunk while building tomcat. Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/5290 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: asf946_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch master] 19f6175d3cd3deca5e0c484e271473bc7d9df870 Blamelist: John Bampton ,Martin Grigorov Build succeeded! Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Use StringBuilder instead of StringBuffer
This is an automated email from the ASF dual-hosted git repository. mgrigorov pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 2946ec0 Use StringBuilder instead of StringBuffer 2946ec0 is described below commit 2946ec0d0eae385dda7dcef0b5dac0cc72e27dec Author: Martin Tzvetanov Grigorov AuthorDate: Fri Jul 3 10:29:04 2020 +0300 Use StringBuilder instead of StringBuffer There is no need of synchronization when it is a method local variable. Append character instead of String when possible Replace more .append(String) with .append(char) (cherry picked from commit d106b2b0305e443261704ee44fa0ce8f696d1059) --- java/org/apache/catalina/Container.java| 2 +- .../authenticator/SingleSignOnSessionKey.java | 2 +- .../apache/catalina/connector/CoyotePrincipal.java | 2 +- java/org/apache/catalina/connector/Response.java | 4 ++-- .../catalina/core/ApplicationFilterConfig.java | 2 +- java/org/apache/catalina/core/StandardServer.java | 2 +- java/org/apache/catalina/core/StandardService.java | 2 +- .../apache/catalina/ha/session/DeltaRequest.java | 2 +- .../apache/catalina/ha/session/DeltaSession.java | 2 +- java/org/apache/catalina/loader/WebappLoader.java | 4 ++-- java/org/apache/catalina/mbeans/MBeanDumper.java | 4 ++-- .../apache/catalina/realm/GenericPrincipal.java| 4 ++-- java/org/apache/catalina/realm/RealmBase.java | 6 +++--- java/org/apache/catalina/servlets/CGIServlet.java | 12 +-- .../apache/catalina/servlets/DefaultServlet.java | 20 +- java/org/apache/catalina/session/ManagerBase.java | 2 +- .../apache/catalina/session/StandardSession.java | 2 +- .../apache/catalina/ssi/ExpressionParseTree.java | 4 ++-- .../catalina/ssi/SSIServletExternalResolver.java | 8 java/org/apache/catalina/startup/Catalina.java | 6 +++--- .../catalina/startup/CertificateCreateRule.java| 6 +++--- .../catalina/startup/ConnectorCreateRule.java | 2 +- .../org/apache/catalina/startup/ContextConfig.java | 14 ++--- .../catalina/startup/ListenerCreateRule.java | 2 +- .../apache/catalina/startup/SetNextNamingRule.java | 4 ++-- java/org/apache/catalina/startup/Tomcat.java | 4 ++-- .../catalina/storeconfig/StoreFileMover.java | 10 - .../apache/catalina/tribes/group/GroupChannel.java | 6 +++--- .../org/apache/catalina/tribes/io/ChannelData.java | 8 .../catalina/tribes/membership/MemberImpl.java | 14 ++--- .../membership/StaticMembershipProvider.java | 4 ++-- .../tribes/tipis/AbstractReplicatedMap.java| 4 ++-- java/org/apache/catalina/tribes/util/Arrays.java | 8 .../apache/catalina/users/MemoryUserDatabase.java | 2 +- java/org/apache/catalina/util/Extension.java | 2 +- .../org/apache/catalina/util/ManifestResource.java | 2 +- java/org/apache/catalina/util/Strftime.java| 2 +- .../catalina/valves/AbstractAccessLogValve.java| 2 +- .../catalina/valves/ExtendedAccessLogValve.java| 4 ++-- .../catalina/valves/StuckThreadDetectionValve.java | 2 +- .../catalina/valves/rewrite/RewriteValve.java | 6 +++--- .../catalina/valves/rewrite/Substitution.java | 2 +- java/org/apache/coyote/ajp/AjpMessage.java | 2 +- java/org/apache/jasper/compiler/Generator.java | 2 +- java/org/apache/jasper/compiler/PageDataImpl.java | 18 java/org/apache/juli/JdkLoggerFormatter.java | 6 +++--- java/org/apache/naming/AbstractRef.java| 4 ++-- java/org/apache/tomcat/util/Diagnostics.java | 2 +- java/org/apache/tomcat/util/MultiThrowable.java| 4 ++-- .../util/bcel/classfile/ArrayElementValue.java | 6 +++--- java/org/apache/tomcat/util/buf/UriUtil.java | 2 +- .../util/descriptor/web/ApplicationParameter.java | 2 +- .../tomcat/util/descriptor/web/ContextEjb.java | 2 +- .../util/descriptor/web/ContextEnvironment.java| 2 +- .../tomcat/util/descriptor/web/ContextHandler.java | 2 +- .../util/descriptor/web/ContextLocalEjb.java | 2 +- .../util/descriptor/web/ContextResource.java | 2 +- .../util/descriptor/web/ContextResourceEnvRef.java | 2 +- .../util/descriptor/web/ContextResourceLink.java | 2 +- .../tomcat/util/descriptor/web/ContextService.java | 2 +- .../util/descriptor/web/ContextTransaction.java| 2 +- .../tomcat/util/descriptor/web/ErrorPage.java | 2 +- .../tomcat/util/descriptor/web/FilterDef.java | 2 +- .../tomcat/util/descriptor/web/FilterMap.java | 2 +- .../tomcat/util/descriptor/web/LoginConfig.java| 2 +- .../util/descriptor/web/MessageDestination.java| 2 +- .../util/descriptor/web/MessageDestinationRef.java | 2 +- .../util/descriptor/web/SecurityCollection.java| 2 +-
[tomcat] branch master updated: Use StringBuilder instead of StringBuffer
This is an automated email from the ASF dual-hosted git repository. mgrigorov pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new d106b2b Use StringBuilder instead of StringBuffer new d905816 Merge pull request #312 from martin-g/master d106b2b is described below commit d106b2b0305e443261704ee44fa0ce8f696d1059 Author: Martin Tzvetanov Grigorov AuthorDate: Fri Jul 3 10:29:04 2020 +0300 Use StringBuilder instead of StringBuffer There is no need of synchronization when it is a method local variable. Append character instead of String when possible Replace more .append(String) with .append(char) --- java/org/apache/catalina/Container.java| 2 +- .../authenticator/SingleSignOnSessionKey.java | 2 +- .../apache/catalina/connector/CoyotePrincipal.java | 2 +- java/org/apache/catalina/connector/Response.java | 4 ++-- .../catalina/core/ApplicationFilterConfig.java | 2 +- java/org/apache/catalina/core/StandardServer.java | 2 +- java/org/apache/catalina/core/StandardService.java | 2 +- .../apache/catalina/ha/session/DeltaRequest.java | 2 +- .../apache/catalina/ha/session/DeltaSession.java | 2 +- java/org/apache/catalina/loader/WebappLoader.java | 4 ++-- java/org/apache/catalina/mbeans/MBeanDumper.java | 4 ++-- .../apache/catalina/realm/GenericPrincipal.java| 4 ++-- java/org/apache/catalina/realm/RealmBase.java | 6 +++--- java/org/apache/catalina/servlets/CGIServlet.java | 12 +-- .../apache/catalina/servlets/DefaultServlet.java | 20 +- java/org/apache/catalina/session/ManagerBase.java | 2 +- .../apache/catalina/session/StandardSession.java | 2 +- .../apache/catalina/ssi/ExpressionParseTree.java | 4 ++-- .../catalina/ssi/SSIServletExternalResolver.java | 8 java/org/apache/catalina/startup/Catalina.java | 6 +++--- .../catalina/startup/CertificateCreateRule.java| 6 +++--- .../catalina/startup/ConnectorCreateRule.java | 2 +- .../org/apache/catalina/startup/ContextConfig.java | 14 ++--- .../catalina/startup/ListenerCreateRule.java | 2 +- .../apache/catalina/startup/SetNextNamingRule.java | 4 ++-- java/org/apache/catalina/startup/Tomcat.java | 4 ++-- .../catalina/storeconfig/StoreFileMover.java | 10 - .../apache/catalina/tribes/group/GroupChannel.java | 6 +++--- .../org/apache/catalina/tribes/io/ChannelData.java | 8 .../catalina/tribes/membership/MemberImpl.java | 14 ++--- .../membership/StaticMembershipProvider.java | 4 ++-- .../tribes/tipis/AbstractReplicatedMap.java| 4 ++-- java/org/apache/catalina/tribes/util/Arrays.java | 8 .../apache/catalina/users/MemoryUserDatabase.java | 2 +- java/org/apache/catalina/util/Extension.java | 2 +- .../org/apache/catalina/util/ManifestResource.java | 2 +- java/org/apache/catalina/util/Strftime.java| 2 +- .../catalina/valves/AbstractAccessLogValve.java| 2 +- .../catalina/valves/ExtendedAccessLogValve.java| 4 ++-- .../catalina/valves/StuckThreadDetectionValve.java | 2 +- .../catalina/valves/rewrite/RewriteValve.java | 6 +++--- .../catalina/valves/rewrite/Substitution.java | 2 +- java/org/apache/coyote/ajp/AjpMessage.java | 2 +- java/org/apache/jasper/compiler/Generator.java | 2 +- java/org/apache/jasper/compiler/PageDataImpl.java | 18 java/org/apache/juli/JdkLoggerFormatter.java | 6 +++--- java/org/apache/naming/AbstractRef.java| 4 ++-- java/org/apache/tomcat/util/Diagnostics.java | 2 +- java/org/apache/tomcat/util/MultiThrowable.java| 4 ++-- .../util/bcel/classfile/ArrayElementValue.java | 6 +++--- java/org/apache/tomcat/util/buf/UriUtil.java | 2 +- .../util/descriptor/web/ApplicationParameter.java | 2 +- .../tomcat/util/descriptor/web/ContextEjb.java | 2 +- .../util/descriptor/web/ContextEnvironment.java| 2 +- .../tomcat/util/descriptor/web/ContextHandler.java | 2 +- .../util/descriptor/web/ContextLocalEjb.java | 2 +- .../util/descriptor/web/ContextResource.java | 2 +- .../util/descriptor/web/ContextResourceEnvRef.java | 2 +- .../util/descriptor/web/ContextResourceLink.java | 2 +- .../tomcat/util/descriptor/web/ContextService.java | 2 +- .../util/descriptor/web/ContextTransaction.java| 2 +- .../tomcat/util/descriptor/web/ErrorPage.java | 2 +- .../tomcat/util/descriptor/web/FilterDef.java | 2 +- .../tomcat/util/descriptor/web/FilterMap.java | 2 +- .../tomcat/util/descriptor/web/LoginConfig.java| 2 +- .../util/descriptor/web/MessageDestination.java| 2 +- .../util/descriptor/web/MessageDestinationRef.java | 2 +- .../util/descriptor/web/SecurityCollection.java| 2 +- .../util/des
[GitHub] [tomcat] martin-g merged pull request #312: Use StringBuilder instead of StringBuffer
martin-g merged pull request #312: URL: https://github.com/apache/tomcat/pull/312 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 7.0.105
На чт, 2.07.2020 г. в 16:08 Violeta Georgieva написа: > > The proposed Apache Tomcat 7.0.105 release is now available for voting. > > It can be obtained from: > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-7/v7.0.105/ > The Maven staging repo is: > https://repository.apache.org/content/repositories/orgapachetomcat-1275/ > The git tag is: > https://github.com/apache/tomcat/tree/7.0.105 > f95f4e146e7eb463abdd8d7e2c47095d50075d97 > > The proposed 7.0.105 release is: > [ ] Broken - do not release > [X] Stable - go ahead and release as 7.0.105 Stable +1 Regards, Violeta >
[GitHub] [tomcat] martin-g commented on a change in pull request #316: Use lowercase HTML tags and attributes. Add quotes around attributes.
martin-g commented on a change in pull request #316:
URL: https://github.com/apache/tomcat/pull/316#discussion_r450023003
##
File path: webapps/ROOT/index.jsp
##
@@ -25,11 +25,11 @@ request.setAttribute("tomcatExamplesUrl", "/examples/");
-
+
Review comment:
I know, but it does not do any harm either.
This change makes the diff bigger and harder to back-port to the other
branches.
I prefer the XHTML style because it is easier to spot errors in the IDE/text
editor without copying to W3C validator in the web.
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] martin-g commented on a change in pull request #315: Standardize XSL files. Fix spelling.
martin-g commented on a change in pull request #315: URL: https://github.com/apache/tomcat/pull/315#discussion_r450021185 ## File path: webapps/docs/tomcat-docs.xsl ## @@ -88,9 +86,9 @@ --> - + - + Review comment: should this be indented as well ? This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] jbampton commented on a change in pull request #316: Use lowercase HTML tags and attributes. Add quotes around attributes.
jbampton commented on a change in pull request #316:
URL: https://github.com/apache/tomcat/pull/316#discussion_r450021555
##
File path: webapps/ROOT/index.jsp
##
@@ -25,11 +25,11 @@ request.setAttribute("tomcatExamplesUrl", "/examples/");
-
+
Review comment:
In HTML5 you don't need the auto-closing.
I got the style from MDN.
https://developer.mozilla.org/en-US/docs/Web/HTML/Element/meta
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] martin-g commented on a change in pull request #316: Use lowercase HTML tags and attributes. Add quotes around attributes.
martin-g commented on a change in pull request #316:
URL: https://github.com/apache/tomcat/pull/316#discussion_r450018806
##
File path: webapps/ROOT/index.jsp
##
@@ -25,11 +25,11 @@ request.setAttribute("tomcatExamplesUrl", "/examples/");
-
+
Review comment:
Why did you remove the auto-closing ? It doesn't do any harm. I,
personally, prefer the style it was before.
##
File path: webapps/examples/jsp/cal/cal2.jsp
##
@@ -15,31 +15,30 @@
limitations under the License.
--%>
<%@page contentType="text/html; charset=UTF-8" %>
-
-
-Calendar: A JSP APPLICATION
-
+
+
+Calendar: A JSP APPLICATION
+
-
-
+
<%
String time = request.getParameter ("time");
%>
- Please add the following event:
- Date <%= table.getDate() %>
- Time <%= util.HTMLFilter.filter(time) %>
-
-
-
-
-
- Description of the event
-
-
-
-
-
+ Please add the following event:
+ Date <%= table.getDate() %>
Review comment:
indentation
##
File path: webapps/examples/jsp/cal/cal1.jsp
##
@@ -32,63 +31,60 @@
%>
-
-
-
- prev
- Calendar:<%= table.getDate() %>
- next
-
-
+
+
+
+ prev
+ Calendar:<%= table.getDate() %>
+ next
Review comment:
no indentation
##
File path: webapps/examples/jsp/cal/cal1.jsp
##
@@ -15,13 +15,12 @@
limitations under the License.
--%>
<%@page contentType="text/html; charset=UTF-8" %>
-
-
-Calendar: A JSP APPLICATION
-
+
+
+Calendar: A JSP APPLICATION
Review comment:
There is no indentation here.
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
