[Bug 60362] Missing reason phrase in response
https://bz.apache.org/bugzilla/show_bug.cgi?id=60362 --- Comment #16 from Michael Osipov <1983-01...@gmx.net> --- (In reply to Remy Maucherat from comment #15) > The only good place to put all these non upgradeable IoT devices is the > trash. Therefore, IoT = Internet of Trash -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 60362] Missing reason phrase in response
https://bz.apache.org/bugzilla/show_bug.cgi?id=60362 --- Comment #15 from Remy Maucherat--- The only good place to put all these non upgradeable IoT devices is the trash. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 60362] Missing reason phrase in response
https://bz.apache.org/bugzilla/show_bug.cgi?id=60362 --- Comment #14 from Ken DeLong--- For a short time, I'm happy to run on 8.0.x (that's what I'm doing now). But that's unsustainable; eventually the rest of my tech stack (Spring Boot) will outpace me and I'll be in a can't-upgrade-ever-again situation. Been there, done that before. Even if there was a way to add a Valve or something that could decorate the response, that would work for me. I poked around the source code a bit but could not figure out how one might do that. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot success in on tomcat-trunk
The Buildbot has detected a restored build on builder tomcat-trunk while building . Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/2074 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch tomcat/trunk] 1780610 Blamelist: markt Build succeeded! Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1780611 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/tomcat/util/http/parser/Cookie.java test/org/apache/tomcat/util/http/TestCookies.java
Author: markt Date: Fri Jan 27 21:03:41 2017 New Revision: 1780611 URL: http://svn.apache.org/viewvc?rev=1780611=rev Log: Follow-up to r1780607 Ensure RFC2109 cookie is created with correct version Modified: tomcat/tc8.5.x/trunk/ (props changed) tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java tomcat/tc8.5.x/trunk/test/org/apache/tomcat/util/http/TestCookies.java Propchange: tomcat/tc8.5.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Fri Jan 27 21:03:41 2017 @@ -1 +1 @@ -/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501 ,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747536,1747 924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1756289,1756408-1756410,1 756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-1762053,1762123,1762168,176217
svn commit: r1780610 - /tomcat/trunk/test/org/apache/tomcat/util/http/TestCookies.java
Author: markt Date: Fri Jan 27 21:03:15 2017 New Revision: 1780610 URL: http://svn.apache.org/viewvc?rev=1780610=rev Log: Update comment Modified: tomcat/trunk/test/org/apache/tomcat/util/http/TestCookies.java Modified: tomcat/trunk/test/org/apache/tomcat/util/http/TestCookies.java URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/http/TestCookies.java?rev=1780610=1780609=1780610=diff == --- tomcat/trunk/test/org/apache/tomcat/util/http/TestCookies.java (original) +++ tomcat/trunk/test/org/apache/tomcat/util/http/TestCookies.java Fri Jan 27 21:03:15 2017 @@ -384,7 +384,7 @@ public class TestCookies { @Test public void rfc2109Version0Rfc6265() { -// Neither RFC2109 nor RFC6265 allow version 0 +// Neither RFC6265 will parse version 0 using RFC2109 test(true, "$Version=0;foo=bar", FOO); } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1780609 - in /tomcat/trunk: java/org/apache/tomcat/util/http/parser/Cookie.java test/org/apache/tomcat/util/http/TestCookies.java
Author: markt Date: Fri Jan 27 21:02:08 2017 New Revision: 1780609 URL: http://svn.apache.org/viewvc?rev=1780609=rev Log: Follow-up to r1780606 Ensure RFC2109 cookie is created with correct version Modified: tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java tomcat/trunk/test/org/apache/tomcat/util/http/TestCookies.java Modified: tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java?rev=1780609=1780608=1780609=diff == --- tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java (original) +++ tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java Fri Jan 27 21:02:08 2017 @@ -145,7 +145,7 @@ public class Cookie { skipLWS(bb); byte b = bb.get(); if (b == SEMICOLON_BYTE || b == COMMA_BYTE) { -parseCookieRfc2109(bb, serverCookies); +parseCookieRfc2109(bb, serverCookies, version - 48); } return; } else { @@ -244,7 +244,8 @@ public class Cookie { } -private static void parseCookieRfc2109(ByteBuffer bb, ServerCookies serverCookies) { +private static void parseCookieRfc2109(ByteBuffer bb, ServerCookies serverCookies, +int version) { boolean moreToProcess = true; @@ -347,7 +348,7 @@ public class Cookie { if (name.hasRemaining() && value != null && value.hasRemaining()) { ServerCookie sc = serverCookies.addCookie(); -sc.setVersion(1); +sc.setVersion(version); sc.getName().setBytes(name.array(), name.position(), name.remaining()); sc.getValue().setBytes(value.array(), value.position(), value.remaining()); if (domain != null) { Modified: tomcat/trunk/test/org/apache/tomcat/util/http/TestCookies.java URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/http/TestCookies.java?rev=1780609=1780608=1780609=diff == --- tomcat/trunk/test/org/apache/tomcat/util/http/TestCookies.java (original) +++ tomcat/trunk/test/org/apache/tomcat/util/http/TestCookies.java Fri Jan 27 21:02:08 2017 @@ -384,8 +384,8 @@ public class TestCookies { @Test public void rfc2109Version0Rfc6265() { -// Neither RFC2109 nor RFc6265 allow version 0 -test(true, "$Version=0;foo=bar"); +// Neither RFC2109 nor RFC6265 allow version 0 +test(true, "$Version=0;foo=bar", FOO); } @Test - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 60594] RFC 7230/3986 url requirement that prevents unencoded curly braces should be optional, since it breaks existing sites
https://bz.apache.org/bugzilla/show_bug.cgi?id=60594 --- Comment #8 from Mark Thomas--- I think I prefer the whitelist option but I'd like to see it limited to - at this point - '{', '}' and '|'. Other characters can be considered on a case by case basis. Documentation should go in the system properties section of the config docs although I'm still mulling over what a Connector config option might look like. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 60594] RFC 7230/3986 url requirement that prevents unencoded curly braces should be optional, since it breaks existing sites
https://bz.apache.org/bugzilla/show_bug.cgi?id=60594 --- Comment #7 from Coty Sutherland--- Created attachment 34687 --> https://bz.apache.org/bugzilla/attachment.cgi?id=34687=edit whitelist patch proposal For reference, and so I don't accidentally delete it :) -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 60594] RFC 7230/3986 url requirement that prevents unencoded curly braces should be optional, since it breaks existing sites
https://bz.apache.org/bugzilla/show_bug.cgi?id=60594 --- Comment #6 from eolivelli--- Hi, for my use cases I would like to have just a whitelist and let Tomcat handle all the RFC blacklisted chars automatically. In my case I had to whitelist curly braces and pipe. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59797] Per thread error hash grows indefinitely
https://bz.apache.org/bugzilla/show_bug.cgi?id=59797 NateCchanged: What|Removed |Added Attachment #34597|0 |1 is obsolete|| --- Comment #9 from NateC --- Created attachment 34686 --> https://bz.apache.org/bugzilla/attachment.cgi?id=34686=edit Native patch to handle releasing ssl errors on thread exit Same as previous patch but added error handling around creating the thread local. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot failure in on tomcat-trunk
The Buildbot has detected a new failure on builder tomcat-trunk while building . Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/2073 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch tomcat/trunk] 1780606 Blamelist: markt BUILD FAILED: failed compile_1 Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 60627] Wrong cookie makes Rfc6265CookieProcessor ommit all following cookies
https://bz.apache.org/bugzilla/show_bug.cgi?id=60627 Mark Thomaschanged: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #3 from Mark Thomas --- Fixed in: - trunk for 9.0.0.M18 onwards - 8.5.x for 8.5.12 onwards -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1780607 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/tomcat/util/http/parser/Cookie.java test/org/apache/tomcat/util/http/TestCookieParsing.java webapps/docs/changelog.xml
Author: markt Date: Fri Jan 27 20:14:59 2017 New Revision: 1780607 URL: http://svn.apache.org/viewvc?rev=1780607=rev Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=60627 Modify the Rfc6265CookieProcessor so that in addition to cookie headers that start with an explicit RFC 2109 $Version=1, cookies that start with $Version=0 are also parsed as RFC 2109 cookies. Modified: tomcat/tc8.5.x/trunk/ (props changed) tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java tomcat/tc8.5.x/trunk/test/org/apache/tomcat/util/http/TestCookieParsing.java tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc8.5.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Fri Jan 27 20:14:59 2017 @@ -1 +1 @@ -/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501 ,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747536,1747 924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1756289,1756408-1756410,1 756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-1762053,1762123,1762168,176217
svn commit: r1780606 - in /tomcat/trunk: java/org/apache/tomcat/util/http/parser/Cookie.java test/org/apache/tomcat/util/http/TestCookieParsing.java webapps/docs/changelog.xml
Author: markt Date: Fri Jan 27 20:14:21 2017 New Revision: 1780606 URL: http://svn.apache.org/viewvc?rev=1780606=rev Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=60627 Modify the Rfc6265CookieProcessor so that in addition to cookie headers that start with an explicit RFC 2109 $Version=1, cookies that start with $Version=0 are also parsed as RFC 2109 cookies. Modified: tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java tomcat/trunk/test/org/apache/tomcat/util/http/TestCookieParsing.java tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java?rev=1780606=1780605=1780606=diff == --- tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java (original) +++ tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java Fri Jan 27 20:14:21 2017 @@ -138,8 +138,10 @@ public class Cookie { ByteBuffer value = readCookieValue(bb); if (value != null && value.remaining() == 1) { -if (value.get() == (byte) 49) { +byte version = value.get(); +if (version == (byte) 49 || version == (byte) 48) { // $Version=1 -> RFC2109 +// $Version=0 -> RFC2109 skipLWS(bb); byte b = bb.get(); if (b == SEMICOLON_BYTE || b == COMMA_BYTE) { Modified: tomcat/trunk/test/org/apache/tomcat/util/http/TestCookieParsing.java URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/http/TestCookieParsing.java?rev=1780606=1780605=1780606=diff == --- tomcat/trunk/test/org/apache/tomcat/util/http/TestCookieParsing.java (original) +++ tomcat/trunk/test/org/apache/tomcat/util/http/TestCookieParsing.java Fri Jan 27 20:14:21 2017 @@ -51,6 +51,11 @@ public class TestCookieParsing extends T private static final String[] COOKIES_WITH_QUOTES = new String[] { "name=\"val\\\"ue\"", "name=\"value\"" }; +private static final String[] COOKIES_V0 = new String[] { +"$Version=0;name=\"val ue\"", "$Version=0;name=\"val\tue\""}; + +private static final String COOKIES_V0_CONCAT = "name=\"val ue\"name=\"val\tue\""; + private static final String[] COOKIES_V1 = new String[] { "$Version=1;name=\"val ue\"", "$Version=1;name=\"val\tue\""}; @@ -134,6 +139,14 @@ public class TestCookieParsing extends T client.doRequest(); } + +@Test +public void testRfc6265V0() throws Exception { +TestCookieParsingClient client = new TestCookieParsingClient( +new Rfc6265CookieProcessor(), COOKIES_V0, COOKIES_V0_CONCAT); +client.doRequest(); +} + @Test public void testRfc6265V1() throws Exception { Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1780606=1780605=1780606=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Fri Jan 27 20:14:21 2017 @@ -86,6 +86,12 @@ Restore Java 9 direct byte buffer compatibility. (remm) + +60627: Modify the Rfc6265CookieProcessor so that +in addition to cookie headers that start with an explicit RFC 2109 +$Version=1, cookies that start with $Version=0 +are also parsed as RFC 2109 cookies. (markt) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 60594] RFC 7230/3986 url requirement that prevents unencoded curly braces should be optional, since it breaks existing sites
https://bz.apache.org/bugzilla/show_bug.cgi?id=60594 --- Comment #5 from Coty Sutherland--- (In reply to Mark Thomas from comment #4) > I generally dislike configuration via system property. That said, making > this per Connector will be significantly more invasive. I agree on both points. The system property seemed to be the least invasive way to achieve the desired result. > Any proposed patch needs to include documentation. That documentation needs > to include a very large, very clear warning the deviating from the default > is a security risk. Also agreed. Where would that documentation go? > If this feature is implemented, I'd prefer to see the option to allow > illegal characters limited to a much smaller sub-set. Other than space, which characters should absolutely be excluded in all cases? I can create a secondary list containing those and programmatically add them if a user tries to remove them from the blacklist. Also, my initial patch used a whitelist instead of a blacklist so that the system property was either commented out by default, or contained a few characters that were the exception to the rule. I inversed it to a blacklist to remove some logic and make it perform better; do you think that a whitelist would work better here? I can provide that patch also. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1780569 - in /tomcat/site/trunk: docs/conference.html xdocs/conference.xml
On 27/01/2017 18:54, Christopher Schultz wrote: > Mark, > > On 1/27/17 10:18 AM, Mark Thomas wrote: >> On 27/01/2017 15:13, ma...@apache.org wrote: >>> Author: markt >>> Date: Fri Jan 27 15:13:26 2017 >>> New Revision: 1780569 >>> >>> URL: http://svn.apache.org/viewvc?rev=1780569=rev >>> Log: >>> Add a page for TomcatCon >> >> Improvements welcome. I put this up so we had something to start >> pointing folks towards. > > How about promoting it on tomcat.apache.org? I see it's listed on the > left, but I think it warrants a "new item" in the main body. Go for it. We can keep it at the top (i.e. put new releases below it) as well. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 60362] Missing reason phrase in response
https://bz.apache.org/bugzilla/show_bug.cgi?id=60362 --- Comment #13 from Mark Thomas--- Is running on 7.0.x or 8.0.x not an option? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 60594] RFC 7230/3986 url requirement that prevents unencoded curly braces should be optional, since it breaks existing sites
https://bz.apache.org/bugzilla/show_bug.cgi?id=60594 --- Comment #4 from Mark Thomas--- Allowing some of those (e.g. space) is extremely dangerous and should not be allowed under any circumstances. I generally dislike configuration via system property. That said, making this per Connector will be significantly more invasive. Any proposed patch needs to include documentation. That documentation needs to include a very large, very clear warning the deviating from the default is a security risk. If this feature is implemented, I'd prefer to see the option to allow illegal characters limited to a much smaller sub-set. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 60362] Missing reason phrase in response
https://bz.apache.org/bugzilla/show_bug.cgi?id=60362 --- Comment #12 from Ken DeLong--- Our software interfaces with IoT devices which contain firmware (beyond our control) that expects the "OK" (they parse for "200 OK"; just "200" is parsed as an error). I'm sympathetic with the argument that these devices are not spec-compliant. However, getting a new build from the manufacturer, and replacing thousands of units in the field around the world with spec-compliant IC boards would be, to say the least, prohibitively expensive. Leave the reason phrase off by default; but give those of us stuck between a rock and a hard place an option that we can configure so that we can continue to use Tomcat. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 60362] Missing reason phrase in response
https://bz.apache.org/bugzilla/show_bug.cgi?id=60362 Ken DeLongchanged: What|Removed |Added CC||kenwdel...@yahoo.com -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1780569 - in /tomcat/site/trunk: docs/conference.html xdocs/conference.xml
Mark, On 1/27/17 10:18 AM, Mark Thomas wrote: > On 27/01/2017 15:13, ma...@apache.org wrote: >> Author: markt >> Date: Fri Jan 27 15:13:26 2017 >> New Revision: 1780569 >> >> URL: http://svn.apache.org/viewvc?rev=1780569=rev >> Log: >> Add a page for TomcatCon > > Improvements welcome. I put this up so we had something to start > pointing folks towards. How about promoting it on tomcat.apache.org? I see it's listed on the left, but I think it warrants a "new item" in the main body. -chris signature.asc Description: OpenPGP digital signature
[Bug 60645] StatementFinalizer is not thread-safe
https://bz.apache.org/bugzilla/show_bug.cgi?id=60645 Christopher Schultzchanged: What|Removed |Added Keywords||PatchAvailable --- Comment #5 from Christopher Schultz --- (In reply to baier from comment #4) > But why would you want to keep both the original StatementFinalizer class > and the thread-safe StatementFinalizer class? Synchronization is not necessary for most users, so they don't need to pay the penalty. Yes, uncontested locks are fairly inexpensive, but when they aren't needed at all, they can be completely eliminated. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 60594] RFC 7230/3986 url requirement that prevents unencoded curly braces should be optional, since it breaks existing sites
https://bz.apache.org/bugzilla/show_bug.cgi?id=60594 --- Comment #3 from Coty Sutherland--- Created attachment 34684 --> https://bz.apache.org/bugzilla/attachment.cgi?id=34684=edit patch proposal In response to the numerous complaints on the users list I decided to give this a shot. I added a system property which contains a blacklist that's used for validation of request targets rather than the long if statement that was there. If a users needs to allow unencoded | characters then they can just remove it from the blacklist defined in the tomcat.util.http.parser.HttpParser.blacklist property. If this looks good to everyone I can push it to whichever versions of tomcat we want to allow an option for. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1780601 - in /tomcat/trunk: java/org/apache/jasper/compiler/Generator.java test/webapp/WEB-INF/tags/bug42390.tag test/webapp/bug48nnn/bug48616b.jsp webapps/docs/changelog.xml
Author: remm Date: Fri Jan 27 18:35:02 2017 New Revision: 1780601 URL: http://svn.apache.org/viewvc?rev=1780601=rev Log: Improve the error handling for simple tags to ensure that the tag is released and destroyed once used (v2 with Violeta). Modified: tomcat/trunk/java/org/apache/jasper/compiler/Generator.java tomcat/trunk/test/webapp/WEB-INF/tags/bug42390.tag tomcat/trunk/test/webapp/bug48nnn/bug48616b.jsp tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/java/org/apache/jasper/compiler/Generator.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/jasper/compiler/Generator.java?rev=1780601=1780600=1780601=diff == --- tomcat/trunk/java/org/apache/jasper/compiler/Generator.java (original) +++ tomcat/trunk/java/org/apache/jasper/compiler/Generator.java Fri Jan 27 18:35:02 2017 @@ -2640,9 +2640,15 @@ class Generator { declareScriptingVars(n, VariableInfo.AT_BEGIN); saveScriptingVars(n, VariableInfo.AT_BEGIN); +// Declare AT_END scripting variables +declareScriptingVars(n, VariableInfo.AT_END); + String tagHandlerClassName = tagHandlerClass.getCanonicalName(); writeNewInstance(tagHandlerVar, tagHandlerClassName); +out.printil("try {"); +out.pushIndent(); + generateSetters(n, tagHandlerVar, handlerInfo, true); // Set the body @@ -2682,13 +2688,19 @@ class Generator { // Synchronize AT_BEGIN scripting variables syncScriptingVars(n, VariableInfo.AT_BEGIN); -// Declare and synchronize AT_END scripting variables -declareScriptingVars(n, VariableInfo.AT_END); +// Synchronize AT_END scripting variables syncScriptingVars(n, VariableInfo.AT_END); +out.popIndent(); +out.printil("} finally {"); +out.pushIndent(); + // Resource injection writeDestroyInstance(tagHandlerVar); +out.popIndent(); +out.printil("}"); + n.setEndJavaLine(out.getJavaLine()); } Modified: tomcat/trunk/test/webapp/WEB-INF/tags/bug42390.tag URL: http://svn.apache.org/viewvc/tomcat/trunk/test/webapp/WEB-INF/tags/bug42390.tag?rev=1780601=1780600=1780601=diff == --- tomcat/trunk/test/webapp/WEB-INF/tags/bug42390.tag (original) +++ tomcat/trunk/test/webapp/WEB-INF/tags/bug42390.tag Fri Jan 27 18:35:02 2017 @@ -14,5 +14,5 @@ See the License for the specific language governing permissions and limitations under the License. --%> -<%@ variable name-given="X" scope="AT_BEGIN" %> +<%@ variable name-given="X" scope="AT_END" %> \ No newline at end of file Modified: tomcat/trunk/test/webapp/bug48nnn/bug48616b.jsp URL: http://svn.apache.org/viewvc/tomcat/trunk/test/webapp/bug48nnn/bug48616b.jsp?rev=1780601=1780600=1780601=diff == --- tomcat/trunk/test/webapp/bug48nnn/bug48616b.jsp (original) +++ tomcat/trunk/test/webapp/bug48nnn/bug48616b.jsp Fri Jan 27 18:35:02 2017 @@ -26,3 +26,6 @@ +<% + out.println(X); +%> Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1780601=1780600=1780601=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Fri Jan 27 18:35:02 2017 @@ -94,6 +94,10 @@ Refactor code generated for JSPs to reduce the size of the code required for tags. (markt) + +Improve the error handling for simple tags to ensure that the tag is +released and destroyed once used. (remm, violetagg) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 60645] StatementFinalizer is not thread-safe
https://bz.apache.org/bugzilla/show_bug.cgi?id=60645 --- Comment #4 from ba...@semedy.com --- (In reply to Christopher Schultz from comment #3) > Could this class have been written as a subclass of StatementFinalizer that > simply overrides all the methods with synchronized versions and delegates to > the superclass? That would be less code to maintain. The new StatementFinalizer class also replaces the LinkedList with an ArrayList (but this is not the important change - I think it would also be okay if you would keep the original LinkedList implementation). But why would you want to keep both the original StatementFinalizer class and the thread-safe StatementFinalizer class? I think it would be really good to have just one StatementFinalizer class which is thread-safe. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [POLL] Will you be at ApacheCon NA 2017?
All, For completeness. On 1/24/17 10:46 AM, Mark Thomas wrote: > I will be attending ApacheCon NA: > > [ X ] Yes > > If attending, I would be willing to present a session at TomcatCon: > > [ X ] Yes signature.asc Description: OpenPGP digital signature
[Bug 60645] StatementFinalizer is not thread-safe
https://bz.apache.org/bugzilla/show_bug.cgi?id=60645 --- Comment #3 from Christopher Schultz--- Could this class have been written as a subclass of StatementFinalizer that simply overrides all the methods with synchronized versions and delegates to the superclass? That would be less code to maintain. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 60645] StatementFinalizer is not thread-safe
https://bz.apache.org/bugzilla/show_bug.cgi?id=60645 Christopher Schultzchanged: What|Removed |Added Attachment #34679|text/x-java-source |text/plain mime type|| -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1780569 - in /tomcat/site/trunk: docs/conference.html xdocs/conference.xml
On 27/01/2017 15:13, ma...@apache.org wrote: > Author: markt > Date: Fri Jan 27 15:13:26 2017 > New Revision: 1780569 > > URL: http://svn.apache.org/viewvc?rev=1780569=rev > Log: > Add a page for TomcatCon Improvements welcome. I put this up so we had something to start pointing folks towards. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1780571 - in /tomcat/site/trunk: docs/ xdocs/stylesheets/
Author: markt Date: Fri Jan 27 15:17:39 2017 New Revision: 1780571 URL: http://svn.apache.org/viewvc?rev=1780571=rev Log: Add a link to TomcatCon to the menu Modified: tomcat/site/trunk/docs/bugreport.html tomcat/site/trunk/docs/ci.html tomcat/site/trunk/docs/conference.html tomcat/site/trunk/docs/contact.html tomcat/site/trunk/docs/download-60.html tomcat/site/trunk/docs/download-70.html tomcat/site/trunk/docs/download-80.html tomcat/site/trunk/docs/download-90.html tomcat/site/trunk/docs/download-connectors.html tomcat/site/trunk/docs/download-native.html tomcat/site/trunk/docs/download-taglibs.html tomcat/site/trunk/docs/findhelp.html tomcat/site/trunk/docs/getinvolved.html tomcat/site/trunk/docs/heritage.html tomcat/site/trunk/docs/index.html tomcat/site/trunk/docs/irc.html tomcat/site/trunk/docs/legal.html tomcat/site/trunk/docs/lists.html tomcat/site/trunk/docs/maven-plugin.html tomcat/site/trunk/docs/migration-6.html tomcat/site/trunk/docs/migration-7.html tomcat/site/trunk/docs/migration-8.html tomcat/site/trunk/docs/migration-85.html tomcat/site/trunk/docs/migration-9.html tomcat/site/trunk/docs/migration.html tomcat/site/trunk/docs/oldnews-2010.html tomcat/site/trunk/docs/oldnews-2011.html tomcat/site/trunk/docs/oldnews-2012.html tomcat/site/trunk/docs/oldnews-2013.html tomcat/site/trunk/docs/oldnews-2014.html tomcat/site/trunk/docs/oldnews-2015.html tomcat/site/trunk/docs/oldnews.html tomcat/site/trunk/docs/presentations.html tomcat/site/trunk/docs/resources.html tomcat/site/trunk/docs/security-3.html tomcat/site/trunk/docs/security-4.html tomcat/site/trunk/docs/security-5.html tomcat/site/trunk/docs/security-6.html tomcat/site/trunk/docs/security-7.html tomcat/site/trunk/docs/security-8.html tomcat/site/trunk/docs/security-9.html tomcat/site/trunk/docs/security-impact.html tomcat/site/trunk/docs/security-jk.html tomcat/site/trunk/docs/security-native.html tomcat/site/trunk/docs/security-taglibs.html tomcat/site/trunk/docs/security.html tomcat/site/trunk/docs/svn.html tomcat/site/trunk/docs/taglibs.html tomcat/site/trunk/docs/tomcat-55-eol.html tomcat/site/trunk/docs/tomcat-60-eol.html tomcat/site/trunk/docs/tools.html tomcat/site/trunk/docs/whichversion.html tomcat/site/trunk/docs/whoweare.html tomcat/site/trunk/xdocs/stylesheets/project.xml Modified: tomcat/site/trunk/docs/bugreport.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/bugreport.html?rev=1780571=1780570=1780571=diff == --- tomcat/site/trunk/docs/bugreport.html (original) +++ tomcat/site/trunk/docs/bugreport.html Fri Jan 27 15:17:39 2017 @@ -53,6 +53,14 @@ +TomcatCon + + +North America 2017 + + + + Download Modified: tomcat/site/trunk/docs/ci.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/ci.html?rev=1780571=1780570=1780571=diff == --- tomcat/site/trunk/docs/ci.html (original) +++ tomcat/site/trunk/docs/ci.html Fri Jan 27 15:17:39 2017 @@ -52,6 +52,14 @@ +TomcatCon + + +North America 2017 + + + + Download Modified: tomcat/site/trunk/docs/conference.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/conference.html?rev=1780571=1780570=1780571=diff == --- tomcat/site/trunk/docs/conference.html (original) +++ tomcat/site/trunk/docs/conference.html Fri Jan 27 15:17:39 2017 @@ -52,6 +52,14 @@ +TomcatCon + + +North America 2017 + + + + Download Modified: tomcat/site/trunk/docs/contact.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/contact.html?rev=1780571=1780570=1780571=diff == --- tomcat/site/trunk/docs/contact.html (original) +++ tomcat/site/trunk/docs/contact.html Fri Jan 27 15:17:39 2017 @@ -52,6 +52,14 @@ +TomcatCon + + +North America 2017 + + + + Download Modified: tomcat/site/trunk/docs/download-60.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-60.html?rev=1780571=1780570=1780571=diff == --- tomcat/site/trunk/docs/download-60.html (original) +++ tomcat/site/trunk/docs/download-60.html Fri Jan 27 15:17:39 2017 @@ -52,6 +52,14 @@ +TomcatCon + + +North America 2017 + + + + Download Modified: tomcat/site/trunk/docs/download-70.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-70.html?rev=1780571=1780570=1780571=diff == --- tomcat/site/trunk/docs/download-70.html (original) +++
svn commit: r1780569 - in /tomcat/site/trunk: docs/conference.html xdocs/conference.xml
Author: markt Date: Fri Jan 27 15:13:26 2017 New Revision: 1780569 URL: http://svn.apache.org/viewvc?rev=1780569=rev Log: Add a page for TomcatCon Added: tomcat/site/trunk/docs/conference.html (with props) tomcat/site/trunk/xdocs/conference.xml (with props) Added: tomcat/site/trunk/docs/conference.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/conference.html?rev=1780569=auto == --- tomcat/site/trunk/docs/conference.html (added) +++ tomcat/site/trunk/docs/conference.html Fri Jan 27 15:13:26 2017 @@ -0,0 +1,338 @@ + + + + + +Apache Tomcat - TomcatCon + + + + + + + + +http://tomcat.apache.org/;> + + + +http://www.apache.org/events/current-event.html; target="_blank">http://www.apache.org/events/current-event-234x60.png; alt="Upcoming Event" style="margin-right: 15px;">http://www.apache.org/; target="_blank"> + +Apache Tomcat + + + +https://www.google.com/search; method="get"> +Search + + + + + + + + + + + + + + +Apache Tomcat + + +Home + + +Taglibs + + +Maven Plugin + + + + +Download + + +Which version? + + +Tomcat 9 + + +Tomcat 8 + + +Tomcat 7 + + +Tomcat 6 + + +Tomcat Connectors + + +Tomcat Native + + +Taglibs + + +http://archive.apache.org/dist/tomcat/;>Archives + + + + +Documentation + + +Tomcat 9.0 + + +Tomcat 8.5 + + +Tomcat 8.0 + + +Tomcat 7.0 + + +Tomcat 6.0 + + +Tomcat Connectors + + +Tomcat Native + + +http://wiki.apache.org/tomcat/FrontPage;>Wiki + + +Migration Guide + + +Presentations + + + + +Problems? + + +Security Reports + + +Find help + + +http://wiki.apache.org/tomcat/FAQ;>FAQ + + +Mailing Lists + + +Bug Database + + +IRC + + + + +Get Involved + + +Overview + + +SVN Repositories + + +Buildbot + + +https://reviews.apache.org/groups/tomcat/;>Reviewboard + + +Tools + + + + +Media + + +https://twitter.com/theapachetomcat;>Twitter + + +https://www.youtube.com/channel/UCpqpJ0-G1lYfUBQ6_36Au_g;>YouTube + + +http://blogs.apache.org/tomcat/;>Blog + + + + +Misc + + +Who We Are + + +Heritage + + +http://www.apache.org;>Apache Home + + +Resources + + +Contact + + +Legal + + +http://www.apache.org/foundation/sponsorship.html;>Sponsorship + + +http://www.apache.org/foundation/thanks.html;>Thanks + + + + + + + + +Content +TomcatCon + + + + +When + + + +May 16 to May 18 2017. + + + + + + + +Where + + + +Intercontinental Miami, Miami, Florida, alongside ApacheCon NA 2017. + + + + + + + +What + + + +TomcatCon is the place for all users of Tomcat to expand their Tomcat + knowledge in areas such as networking, security, performance and deployment. + It also offers an opportunity to discuss the current Tomcat roadmap and + help inform future development. + + +Access to TomcatCon is included with ApacheCon registration. + + +Interested in submitting to speak at TomcatCon? Submit your talk idea to the + http://events.linuxfoundation.org/events/apachecon-north-america/program/cfp;>ApacheCon + CFP by February 11, and be sure to note quot;Tomcatquot; in the + Target Audience field. + + + + + + + +Schedule + + + +The schedule will be finalised in early March. The planning is based around + the following outline schedule: + + + +Day 1 + + + +Opening session + +State of the Cat + +~4 sessions on security topics + + + +Day 2 + + + +~3 sessions on networking (reverse proxying, load-balancing, clustering) + +~2 sessions on performance / monitoring + +~1 session on reactive + + + +Day 3 + + + +~1 session on migration / upgrade + +~1 session on packaging + +~1 session on microservices + +~1 session on cloud + +Wrap-up + + + + + + + + + + + + + + + + + +Copyright 1999-2017, The Apache Software Foundation + +Apache Tomcat, Tomcat, Apache, the Apache feather, and the Apache Tomcat +project logo are either registered trademarks or trademarks of the Apache +Software Foundation. + + + + + Propchange: tomcat/site/trunk/docs/conference.html -- svn:eol-style = native Added: tomcat/site/trunk/xdocs/conference.xml URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/conference.xml?rev=1780569=auto == --- tomcat/site/trunk/xdocs/conference.xml (added) +++ tomcat/site/trunk/xdocs/conference.xml Fri Jan 27 15:13:26 2017 @@ -0,0 +1,72 @@ + + + + +TomcatCon + + + + + + + + +May 16 to May 18 2017. + + + + + +Intercontinental Miami, Miami, Florida, alongside ApacheCon NA 2017. + + + + + +TomcatCon is the place for all users of Tomcat to expand their Tomcat + knowledge in areas such as networking, security, performance and deployment. + It also offers an opportunity to discuss the current Tomcat roadmap and + help inform future development. + +Access to TomcatCon is included with ApacheCon
[Bug 60613] getting Maximum code footprint error after upgrade to Tomcat 8.5.11
https://bz.apache.org/bugzilla/show_bug.cgi?id=60613 --- Comment #9 from Mark Thomas--- One of the optimisations was buggy. Removing it gives: - after clean-up but with optimisations - 258 Setting mappedFile to false permits another 10 tags to used. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1780563 - /tomcat/trunk/java/org/apache/jasper/compiler/Generator.java
Author: markt Date: Fri Jan 27 14:36:36 2017 New Revision: 1780563 URL: http://svn.apache.org/viewvc?rev=1780563=rev Log: Revert r1780530 Moving setters into a separate method didn't work if attribute values used scriplets. Modified: tomcat/trunk/java/org/apache/jasper/compiler/Generator.java Modified: tomcat/trunk/java/org/apache/jasper/compiler/Generator.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/jasper/compiler/Generator.java?rev=1780563=1780562=1780563=diff == --- tomcat/trunk/java/org/apache/jasper/compiler/Generator.java (original) +++ tomcat/trunk/java/org/apache/jasper/compiler/Generator.java Fri Jan 27 14:36:36 2017 @@ -1796,8 +1796,7 @@ class Generator { // to a method. ServletWriter outSave = null; Node.ChildInfo ci = n.getChildInfo(); -boolean hasNoScriptingElement = ci.isScriptless() && !ci.hasScriptingVars(); -if (hasNoScriptingElement) { +if (ci.isScriptless() && !ci.hasScriptingVars()) { // The tag handler and its body code can reside in a separate // method if it is scriptless and does not have any scripting // variable defined. @@ -1892,14 +1891,14 @@ class Generator { if (n.implementsSimpleTag()) { -generateCustomDoTag(n, handlerInfo, tagHandlerVar, hasNoScriptingElement); +generateCustomDoTag(n, handlerInfo, tagHandlerVar); } else { /* * Classic tag handler: Generate code for start element, body, * and end element */ generateCustomStart(n, handlerInfo, tagHandlerVar, tagEvalVar, -tagPushBodyCountVar, hasNoScriptingElement); +tagPushBodyCountVar); // visit body String tmpParent = parent; @@ -1927,7 +1926,7 @@ class Generator { tagPushBodyCountVar); } -if (hasNoScriptingElement) { +if (ci.isScriptless() && !ci.hasScriptingVars()) { // Generate end of method if (methodNesting > 0) { out.printil("return false;"); @@ -2367,9 +2366,10 @@ class Generator { } } -private void generateCustomStart(Node.CustomTag n, TagHandlerInfo handlerInfo, -String tagHandlerVar, String tagEvalVar, String tagPushBodyCountVar, -boolean hasNoScriptingElement) throws JasperException { +private void generateCustomStart(Node.CustomTag n, +TagHandlerInfo handlerInfo, String tagHandlerVar, +String tagEvalVar, String tagPushBodyCountVar) +throws JasperException { Class tagHandlerClass = handlerInfo.getTagHandlerClass(); @@ -2407,7 +2407,7 @@ class Generator { out.pushIndent(); // includes setting the context -generateSetters(n, tagHandlerVar, handlerInfo, false, hasNoScriptingElement); +generateSetters(n, tagHandlerVar, handlerInfo, false); if (n.implementsTryCatchFinally()) { out.printin("int[] "); @@ -2625,8 +2625,9 @@ class Generator { restoreScriptingVars(n, VariableInfo.AT_BEGIN); } -private void generateCustomDoTag(Node.CustomTag n, TagHandlerInfo handlerInfo, -String tagHandlerVar, boolean hasNoScriptingElement) throws JasperException { +private void generateCustomDoTag(Node.CustomTag n, +TagHandlerInfo handlerInfo, String tagHandlerVar) +throws JasperException { Class tagHandlerClass = handlerInfo.getTagHandlerClass(); @@ -2642,7 +2643,7 @@ class Generator { String tagHandlerClassName = tagHandlerClass.getCanonicalName(); writeNewInstance(tagHandlerVar, tagHandlerClassName); -generateSetters(n, tagHandlerVar, handlerInfo, true, hasNoScriptingElement); +generateSetters(n, tagHandlerVar, handlerInfo, true); // Set the body if (findJspBody(n) == null) { @@ -3148,55 +3149,9 @@ class Generator { } private void generateSetters(Node.CustomTag n, String tagHandlerVar, -TagHandlerInfo handlerInfo, boolean simpleTag, boolean hasNoScriptingElement) +TagHandlerInfo handlerInfo, boolean simpleTag) throws JasperException { -ServletWriter outSave = null; -// If the tag contains scripting elements, the setters can still be -// generated in a separate method. This reduces the amount of code -// required in the _jspService() method -if (!hasNoScriptingElement) { -
Re: svn commit: r1780530 - /tomcat/trunk/java/org/apache/jasper/compiler/Generator.java
On 27/01/2017 14:08, Rémy Maucherat wrote: > 2017-01-27 10:55 GMT+01:00: > >> Author: markt >> Date: Fri Jan 27 09:55:04 2017 >> New Revision: 1780530 >> >> URL: http://svn.apache.org/viewvc?rev=1780530=rev >> Log: >> More refactoring of generated code so tags require less code >> Extract setters into a separate method when tag handling is in-lined in >> _jspService() >> > > I am now not convinced this is valid, since it breaks visibility with > expressions. Unfortunately :( I see the problem. We could check all of the attributes to ensure that they are literals but my expectation is that most tags will have at least one attribute that is not a literal which makes the idea of extracting the setters into a separate method a lot less attractive. I'll revert the patch. I'm running out of ideas on ways to reduce the size of the _jspService() method. Suggestions welcome. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 6.0.50
2017-01-26 22:13 GMT+01:00 Mark Thomas: > On 26/01/2017 14:38, Rémy Maucherat wrote: > > 2017-01-26 15:29 GMT+01:00 Mark Thomas : > >> On 26 January 2017 13:53:22 GMT+00:00, Konstantin Kolinko < > >> knst.koli...@gmail.com> wrote: > > > > >>> It needs some actual numbers - how big of a JSP can be compiled by > >>> Tomcat. > >> > >> It took around 250 tags with a scriplet on a single page to trigger the > >> problem. I need to test how much difference the try/finally fix made. > >> > > Working with Tomcat 6 (9 won't be that much different), before the > try/finally clean-up code was added a JSP page could handle 299 > instances of the foo tag (from the examples webapp) before the method > got too big. After adding the try/finally clean-up, that drops to 228. > > I've been looking at the generated code for a while. One obvious > optimisation had no effect (I'm guessing the compiler found it anyway). > > With a couple a small changes, I got the maximum tag count back up to 249. > > To take this further, I think the next step is to take the setters and, > if the tag processed in _jspService(), move the setters for that tag > into a separate method. > > I intend to explore this in 9.0.x with a view to back-porting if it works. > > If the try/finally fix is supposed to be important, it would be good to use this opportunity to resurrect my try/finally patch for simple tags now that the release cycle is done (otherwise, they have the same bug). With the addition of Violeta's idea though. Rémy
Re: svn commit: r1780530 - /tomcat/trunk/java/org/apache/jasper/compiler/Generator.java
2017-01-27 10:55 GMT+01:00: > Author: markt > Date: Fri Jan 27 09:55:04 2017 > New Revision: 1780530 > > URL: http://svn.apache.org/viewvc?rev=1780530=rev > Log: > More refactoring of generated code so tags require less code > Extract setters into a separate method when tag handling is in-lined in > _jspService() > I am now not convinced this is valid, since it breaks visibility with expressions. Unfortunately :( Rémy > > Modified: > tomcat/trunk/java/org/apache/jasper/compiler/Generator.java > > Modified: tomcat/trunk/java/org/apache/jasper/compiler/Generator.java > URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/ > jasper/compiler/Generator.java?rev=1780530=1780529=1780530=diff > > == > --- tomcat/trunk/java/org/apache/jasper/compiler/Generator.java (original) > +++ tomcat/trunk/java/org/apache/jasper/compiler/Generator.java Fri Jan > 27 09:55:04 2017 > @@ -1796,7 +1796,8 @@ class Generator { > // to a method. > ServletWriter outSave = null; > Node.ChildInfo ci = n.getChildInfo(); > -if (ci.isScriptless() && !ci.hasScriptingVars()) { > +boolean hasNoScriptingElement = ci.isScriptless() && > !ci.hasScriptingVars(); > +if (hasNoScriptingElement) { > // The tag handler and its body code can reside in a > separate > // method if it is scriptless and does not have any > scripting > // variable defined. > @@ -1891,14 +1892,14 @@ class Generator { > > > if (n.implementsSimpleTag()) { > -generateCustomDoTag(n, handlerInfo, tagHandlerVar); > +generateCustomDoTag(n, handlerInfo, tagHandlerVar, > hasNoScriptingElement); > } else { > /* > * Classic tag handler: Generate code for start element, > body, > * and end element > */ > generateCustomStart(n, handlerInfo, tagHandlerVar, > tagEvalVar, > -tagPushBodyCountVar); > +tagPushBodyCountVar, hasNoScriptingElement); > > // visit body > String tmpParent = parent; > @@ -1926,7 +1927,7 @@ class Generator { > tagPushBodyCountVar); > } > > -if (ci.isScriptless() && !ci.hasScriptingVars()) { > +if (hasNoScriptingElement) { > // Generate end of method > if (methodNesting > 0) { > out.printil("return false;"); > @@ -2366,10 +2367,9 @@ class Generator { > } > } > > -private void generateCustomStart(Node.CustomTag n, > -TagHandlerInfo handlerInfo, String tagHandlerVar, > -String tagEvalVar, String tagPushBodyCountVar) > -throws JasperException { > +private void generateCustomStart(Node.CustomTag n, > TagHandlerInfo handlerInfo, > +String tagHandlerVar, String tagEvalVar, String > tagPushBodyCountVar, > +boolean hasNoScriptingElement) throws JasperException { > > Class tagHandlerClass = > handlerInfo.getTagHandlerClass(); > @@ -2407,7 +2407,7 @@ class Generator { > out.pushIndent(); > > // includes setting the context > -generateSetters(n, tagHandlerVar, handlerInfo, false); > +generateSetters(n, tagHandlerVar, handlerInfo, false, > hasNoScriptingElement); > > if (n.implementsTryCatchFinally()) { > out.printin("int[] "); > @@ -2625,9 +2625,8 @@ class Generator { > restoreScriptingVars(n, VariableInfo.AT_BEGIN); > } > > -private void generateCustomDoTag(Node.CustomTag n, > -TagHandlerInfo handlerInfo, String tagHandlerVar) > -throws JasperException { > +private void generateCustomDoTag(Node.CustomTag n, > TagHandlerInfo handlerInfo, > +String tagHandlerVar, boolean hasNoScriptingElement) > throws JasperException { > > Class tagHandlerClass = > handlerInfo.getTagHandlerClass(); > @@ -2643,7 +2642,7 @@ class Generator { > String tagHandlerClassName = tagHandlerClass. > getCanonicalName(); > writeNewInstance(tagHandlerVar, tagHandlerClassName); > > -generateSetters(n, tagHandlerVar, handlerInfo, true); > +generateSetters(n, tagHandlerVar, handlerInfo, true, > hasNoScriptingElement); > > // Set the body > if (findJspBody(n) == null) { > @@ -3149,9 +3148,55 @@ class Generator { > } > > private void generateSetters(Node.CustomTag n, String > tagHandlerVar, > -TagHandlerInfo handlerInfo, boolean simpleTag) > +TagHandlerInfo handlerInfo, boolean
[Bug 60597] Add ability to set cipher suites for websocket client connections
https://bz.apache.org/bugzilla/show_bug.cgi?id=60597 --- Comment #8 from Mark Thomas--- I think an SSLEngine is required rather than a socket factory but apart from that I think that is the way to go. The code already started down that route with SSLContext but I think SSLEngine is the right way to do this. Note: I'd deprecate the other constants in 7.0 to 8.5 and remove them entirely in 9.0. The docs will need an appropriate update as well. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 60615] 20% CPU use while check for modified resource
https://bz.apache.org/bugzilla/show_bug.cgi?id=60615 --- Comment #4 from Mark Thomas--- I've put together a possible patch for this: http://home.apache.org/~markt/patches/2017-01-27-bug60615-tc9-v1.patch It does require a change to the WebResource interface as well as to a number of the resource implementation classes. I'm a little concerned about the impact it may have on any custom resource implementations (although I haven't seen any of those). The patch also assumes that class loader only resources won't be modified. While that is correct for classes in JAR files, it is possible that a custom implementation could use class loader only resources that could be modified. What is really required is "does this resource need to be checked for modifications" flag. There is another argument that if a JAR is updated to replace a class file that has not yet been used, then a reload is unnecessary. The current implementation correctly handles this scenario and only by checking individual classes can it be handled correctly. The requested change would break this behaviour. The more I think about this, the more I am leaning towards WONTFIX as a solution. Keep in mind that if re-loading is required then it may be a simpler option to update the .class file(s) and then touch web.xml to trigger a reload rather than setting reloadable on the Context. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 60659] Eclipse WTP "Serve modules without publishing" broken with tomcat8
https://bz.apache.org/bugzilla/show_bug.cgi?id=60659 Mark Thomaschanged: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |INVALID --- Comment #1 from Mark Thomas --- There is no evidence of a Tomcat bug in this report. You will need to contact the Eclipse maintainers in the first instance. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 60659] New: Eclipse WTP "Serve modules without publishing" broken with tomcat8
https://bz.apache.org/bugzilla/show_bug.cgi?id=60659 Bug ID: 60659 Summary: Eclipse WTP "Serve modules without publishing" broken with tomcat8 Product: Tomcat 8 Version: 8.5.x-trunk Hardware: All OS: All Status: NEW Severity: normal Priority: P2 Component: Catalina Assignee: dev@tomcat.apache.org Reporter: rustam...@gmail.com Target Milestone: "Serve modules without publishing" is borken in Tomcat8+. Worked fine in tc7. How to reproduce: git clone https://github.com/rustyx/serve-test Import as a Maven project Add serve-test to a Tomcat8 server Disable "Serve modules without publishing" Start server, navigate to http://localhost:8080/serve-test/test.jsp Notice no error Stop the server Enable "Serve modules without publishing" Start server, navigate to http://localhost:8080/serve-test/test.jsp Notice the error: org.apache.jasper.JasperException: The absolute uri: http://java.sun.com/jsp/jstl/core cannot be resolved in either web.xml or the jar files deployed with this application at org.apache.jasper.compiler.DefaultErrorHandler.jspError(DefaultErrorHandler.java:55) at org.apache.jasper.compiler.ErrorDispatcher.dispatch(ErrorDispatcher.java:277) at org.apache.jasper.compiler.ErrorDispatcher.jspError(ErrorDispatcher.java:75) at org.apache.jasper.compiler.TagLibraryInfoImpl.generateTldResourcePath(TagLibraryInfoImpl.java:250) at org.apache.jasper.compiler.TagLibraryInfoImpl.(TagLibraryInfoImpl.java:125) at org.apache.jasper.compiler.Parser.parseTaglibDirective(Parser.java:421) at org.apache.jasper.compiler.Parser.parseDirective(Parser.java:479) at org.apache.jasper.compiler.Parser.parseElements(Parser.java:1435) at org.apache.jasper.compiler.Parser.parse(Parser.java:139) at org.apache.jasper.compiler.ParserController.doParse(ParserController.java:227) at org.apache.jasper.compiler.ParserController.parse(ParserController.java:100) at org.apache.jasper.compiler.Compiler.generateJava(Compiler.java:199) at org.apache.jasper.compiler.Compiler.compile(Compiler.java:356) at org.apache.jasper.compiler.Compiler.compile(Compiler.java:336) at org.apache.jasper.compiler.Compiler.compile(Compiler.java:323) at org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:585) at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:363) at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:396) at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:340) at javax.servlet.http.HttpServlet.service(HttpServlet.java:729) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:292) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:94) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:620) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:509) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1104) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:684) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1524) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1480) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:745) -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail:
[Bug 60613] getting Maximum code footprint error after upgrade to Tomcat 8.5.11
https://bz.apache.org/bugzilla/show_bug.cgi?id=60613 Mark Thomaschanged: What|Removed |Added CC||bmi...@automationdirect.com --- Comment #8 from Mark Thomas --- *** Bug 60653 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 60653] remove or make optional output of comment
https://bz.apache.org/bugzilla/show_bug.cgi?id=60653 Mark Thomaschanged: What|Removed |Added Resolution|--- |DUPLICATE Status|NEW |RESOLVED --- Comment #1 from Mark Thomas --- Comments have no impact on the size of the generated class file. This appears to be a duplicate of the issues raised after the try/finally clean-up fixes. *** This bug has been marked as a duplicate of bug 60613 *** -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 60613] getting Maximum code footprint error after upgrade to Tomcat 8.5.11
https://bz.apache.org/bugzilla/show_bug.cgi?id=60613 --- Comment #7 from Mark Thomas--- While the long term advice is still try to restructure the JSP, I've spent time looking more closely at the generated code. I found several potential changes that might reduce the overall size of the _jspService() method but because of compiler optimisations, changes that look like they should reduce the method size, don't always have the expected effect. I've now implemented the changes that appear to have a positive effect in trunk (9.0.x). With the tag I was testing with (the foo tag from the JSP examples) the number of instances of the tag I could use on a single page were: - before the try/finally clean-up fixes - 301 - after the try/finally clean-up fixes - 221 - after clean-up but with optimisations - 292 The figures will vary from tag to tag. The more attributes a tag has, the greater the effect of the optimisations (the foo tag has three). I'd like to get some feedback on these changes from end-users (to the dev@ list please) before back-porting them so any feedback you can provide based on testing of the current trunk (9.0.x) would be appreciated. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1780530 - /tomcat/trunk/java/org/apache/jasper/compiler/Generator.java
Author: markt Date: Fri Jan 27 09:55:04 2017 New Revision: 1780530 URL: http://svn.apache.org/viewvc?rev=1780530=rev Log: More refactoring of generated code so tags require less code Extract setters into a separate method when tag handling is in-lined in _jspService() Modified: tomcat/trunk/java/org/apache/jasper/compiler/Generator.java Modified: tomcat/trunk/java/org/apache/jasper/compiler/Generator.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/jasper/compiler/Generator.java?rev=1780530=1780529=1780530=diff == --- tomcat/trunk/java/org/apache/jasper/compiler/Generator.java (original) +++ tomcat/trunk/java/org/apache/jasper/compiler/Generator.java Fri Jan 27 09:55:04 2017 @@ -1796,7 +1796,8 @@ class Generator { // to a method. ServletWriter outSave = null; Node.ChildInfo ci = n.getChildInfo(); -if (ci.isScriptless() && !ci.hasScriptingVars()) { +boolean hasNoScriptingElement = ci.isScriptless() && !ci.hasScriptingVars(); +if (hasNoScriptingElement) { // The tag handler and its body code can reside in a separate // method if it is scriptless and does not have any scripting // variable defined. @@ -1891,14 +1892,14 @@ class Generator { if (n.implementsSimpleTag()) { -generateCustomDoTag(n, handlerInfo, tagHandlerVar); +generateCustomDoTag(n, handlerInfo, tagHandlerVar, hasNoScriptingElement); } else { /* * Classic tag handler: Generate code for start element, body, * and end element */ generateCustomStart(n, handlerInfo, tagHandlerVar, tagEvalVar, -tagPushBodyCountVar); +tagPushBodyCountVar, hasNoScriptingElement); // visit body String tmpParent = parent; @@ -1926,7 +1927,7 @@ class Generator { tagPushBodyCountVar); } -if (ci.isScriptless() && !ci.hasScriptingVars()) { +if (hasNoScriptingElement) { // Generate end of method if (methodNesting > 0) { out.printil("return false;"); @@ -2366,10 +2367,9 @@ class Generator { } } -private void generateCustomStart(Node.CustomTag n, -TagHandlerInfo handlerInfo, String tagHandlerVar, -String tagEvalVar, String tagPushBodyCountVar) -throws JasperException { +private void generateCustomStart(Node.CustomTag n, TagHandlerInfo handlerInfo, +String tagHandlerVar, String tagEvalVar, String tagPushBodyCountVar, +boolean hasNoScriptingElement) throws JasperException { Class tagHandlerClass = handlerInfo.getTagHandlerClass(); @@ -2407,7 +2407,7 @@ class Generator { out.pushIndent(); // includes setting the context -generateSetters(n, tagHandlerVar, handlerInfo, false); +generateSetters(n, tagHandlerVar, handlerInfo, false, hasNoScriptingElement); if (n.implementsTryCatchFinally()) { out.printin("int[] "); @@ -2625,9 +2625,8 @@ class Generator { restoreScriptingVars(n, VariableInfo.AT_BEGIN); } -private void generateCustomDoTag(Node.CustomTag n, -TagHandlerInfo handlerInfo, String tagHandlerVar) -throws JasperException { +private void generateCustomDoTag(Node.CustomTag n, TagHandlerInfo handlerInfo, +String tagHandlerVar, boolean hasNoScriptingElement) throws JasperException { Class tagHandlerClass = handlerInfo.getTagHandlerClass(); @@ -2643,7 +2642,7 @@ class Generator { String tagHandlerClassName = tagHandlerClass.getCanonicalName(); writeNewInstance(tagHandlerVar, tagHandlerClassName); -generateSetters(n, tagHandlerVar, handlerInfo, true); +generateSetters(n, tagHandlerVar, handlerInfo, true, hasNoScriptingElement); // Set the body if (findJspBody(n) == null) { @@ -3149,9 +3148,55 @@ class Generator { } private void generateSetters(Node.CustomTag n, String tagHandlerVar, -TagHandlerInfo handlerInfo, boolean simpleTag) +TagHandlerInfo handlerInfo, boolean simpleTag, boolean hasNoScriptingElement) throws JasperException { +ServletWriter outSave = null; +// If the tag contains scripting elements, the setters can still be +// generated in a separate method. This reduces the amount of code +// required in the _jspService() method +if
svn commit: r1780528 - in /tomcat/site/trunk: docs/security-6.html docs/security-7.html docs/security-8.html xdocs/security-6.xml xdocs/security-7.xml xdocs/security-8.xml
Author: markt Date: Fri Jan 27 09:48:50 2017 New Revision: 1780528 URL: http://svn.apache.org/viewvc?rev=1780528=rev Log: Update the fix versions and release dates now the votes for 8.0.x and 7..x have passed. Add the usual text regarding fixes in releases where the release vote did not pass. Modified: tomcat/site/trunk/docs/security-6.html tomcat/site/trunk/docs/security-7.html tomcat/site/trunk/docs/security-8.html tomcat/site/trunk/xdocs/security-6.xml tomcat/site/trunk/xdocs/security-7.xml tomcat/site/trunk/xdocs/security-8.xml Modified: tomcat/site/trunk/docs/security-6.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-6.html?rev=1780528=1780527=1780528=diff == --- tomcat/site/trunk/docs/security-6.html (original) +++ tomcat/site/trunk/docs/security-6.html Fri Jan 27 09:48:50 2017 @@ -219,7 +219,7 @@ Apache Tomcat 6.x vulnerabilities -Fixed in Apache Tomcat 6.0.49 +Fixed in Apache Tomcat 6.0.50 Fixed in Apache Tomcat 6.0.48 @@ -340,12 +340,21 @@ - -not yet released Fixed in Apache Tomcat 6.0.49 + +not yet released Fixed in Apache Tomcat 6.0.50 +Note: The issue below was fixed in Apache Tomcat 6.0.49 but the + release vote for the 6.0.49 release candidate did not pass. Therefore, + although users must download 6.0.50 to obtain a version that includes + the fix for this issue, version 6.0.49 is not included in the list of + affected versions. + + + + Important: Information Disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745; rel="nofollow">CVE-2016-8745 Modified: tomcat/site/trunk/docs/security-7.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-7.html?rev=1780528=1780527=1780528=diff == --- tomcat/site/trunk/docs/security-7.html (original) +++ tomcat/site/trunk/docs/security-7.html Fri Jan 27 09:48:50 2017 @@ -219,7 +219,7 @@ Apache Tomcat 7.x vulnerabilities -Fixed in Apache Tomcat 7.0.74 +Fixed in Apache Tomcat 7.0.75 Fixed in Apache Tomcat 7.0.73 @@ -366,8 +366,8 @@ - -not yet released Fixed in Apache Tomcat 7.0.74 + +24 January 2017 Fixed in Apache Tomcat 7.0.75 @@ -377,6 +377,15 @@ + +Note: The issue below was fixed in Apache Tomcat 7.0.74 but the + release vote for the 7.0.74 release candidate did not pass. Therefore, + although users must download 7.0.75 to obtain a version that includes + the fix for this issue, version 7.0.74 is not included in the list of + affected versions. + + + A bug in the error handling of the send file code for the NIO HTTP connector resulted in the current Processor object being added to the Processor cache multiple times. This in turn meant that the same Modified: tomcat/site/trunk/docs/security-8.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-8.html?rev=1780528=1780527=1780528=diff == --- tomcat/site/trunk/docs/security-8.html (original) +++ tomcat/site/trunk/docs/security-8.html Fri Jan 27 09:48:50 2017 @@ -219,7 +219,7 @@ Apache Tomcat 8.x vulnerabilities -Fixed in Apache Tomcat 8.0.40 +Fixed in Apache Tomcat 8.0.41 Fixed in Apache Tomcat 8.5.9 @@ -318,12 +318,21 @@ - -not yet released Fixed in Apache Tomcat 8.0.40 + +24 January 2017 Fixed in Apache Tomcat 8.0.41 +Note: The issue below was fixed in Apache Tomcat 8.0.40 but the + release vote for the 8.0.40 release candidate did not pass. Therefore, + although users must download 8.0.41 to obtain a version that includes + the fix for this issue, version 8.0.40 is not included in the list of + affected versions. + + + + Important: Information Disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745; rel="nofollow">CVE-2016-8745 Modified: tomcat/site/trunk/xdocs/security-6.xml URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-6.xml?rev=1780528=1780527=1780528=diff == --- tomcat/site/trunk/xdocs/security-6.xml (original) +++ tomcat/site/trunk/xdocs/security-6.xml Fri Jan 27 09:48:50 2017 @@ -48,7 +48,13 @@ - + + +Note: The issue below was fixed in Apache Tomcat 6.0.49 but the + release vote for the 6.0.49 release candidate did not pass. Therefore, + although users must download 6.0.50 to obtain a version that includes + the fix for this issue, version 6.0.49 is not included in the list of + affected versions. Important: Information Disclosure CVE-2016-8745 Modified: tomcat/site/trunk/xdocs/security-7.xml URL:
Re: [POLL] Will you be at ApacheCon NA 2017?
On 01/24/2017 04:46 PM, Mark Thomas wrote: > Hi, > > I'm sure you have all seen the TomcatCon discussion I started on the > users@ list. We are getting enthusiastic support from the ApacheCon > organisers at both the ASF and the Linux Foundation. > > I am starting to think about the overall schedule. Key to that is which > talks we can find someone to give. I'd like to get a wide a range of > speakers as possible. I've started to reach out privately to a few > potential session speakers but my expectation at this point is that most > speakers will come from within the Tomcat community. With that in mind > it would be extremely helpful if you could complete the following poll: > > I will be attending ApacheCon NA: > > [ X ] Yes > [ ] Maybe > [ ] No > > If attending, I would be willing to present a session at TomcatCon: > > [ X ] Yes > [ ] Maybe > [ ] No > > If you have an idea / some ideas about potential session topics please > feel free to suggest them. The ideas so far are summarized on the wiki > [1]. Both new suggestions and amendments to existing ideas are very welcome. Sure I will ;-) Cheers Jean-Frederic > > Thanks, > > Mark > > > [1] https://cwiki.apache.org/confluence/display/TOMCAT/TomcatCon+NA+2017 > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > > - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1780516 - /tomcat/trunk/java/org/apache/jasper/compiler/Generator.java
Author: markt Date: Fri Jan 27 08:31:35 2017 New Revision: 1780516 URL: http://svn.apache.org/viewvc?rev=1780516=rev Log: Reduce duplicated generation code. No functional change. Modified: tomcat/trunk/java/org/apache/jasper/compiler/Generator.java Modified: tomcat/trunk/java/org/apache/jasper/compiler/Generator.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/jasper/compiler/Generator.java?rev=1780516=1780515=1780516=diff == --- tomcat/trunk/java/org/apache/jasper/compiler/Generator.java (original) +++ tomcat/trunk/java/org/apache/jasper/compiler/Generator.java Fri Jan 27 08:31:35 2017 @@ -2409,14 +2409,6 @@ class Generator { // includes setting the context generateSetters(n, tagHandlerVar, handlerInfo, false); -// JspIdConsumer (after context has been set) -if (n.implementsJspIdConsumer()) { -out.printin(tagHandlerVar); -out.print(".setJspId(\""); -out.print(createJspId()); -out.println("\");"); -} - if (n.implementsTryCatchFinally()) { out.printin("int[] "); out.print(tagPushBodyCountVar); @@ -2653,14 +2645,6 @@ class Generator { generateSetters(n, tagHandlerVar, handlerInfo, true); -// JspIdConsumer (after context has been set) -if (n.implementsJspIdConsumer()) { -out.printin(tagHandlerVar); -out.print(".setJspId(\""); -out.print(createJspId()); -out.println("\");"); -} - // Set the body if (findJspBody(n) == null) { /* @@ -3255,6 +3239,14 @@ class Generator { out.println(");"); } } + +// JspIdConsumer (after context has been set) +if (n.implementsJspIdConsumer()) { +out.printin(tagHandlerVar); +out.print(".setJspId(\""); +out.print(createJspId()); +out.println("\");"); +} } /* - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1780515 - /tomcat/trunk/java/org/apache/jasper/compiler/Generator.java
Author: markt Date: Fri Jan 27 08:22:43 2017 New Revision: 1780515 URL: http://svn.apache.org/viewvc?rev=1780515=rev Log: Reduce duplicated generation code. No functional change. Modified: tomcat/trunk/java/org/apache/jasper/compiler/Generator.java Modified: tomcat/trunk/java/org/apache/jasper/compiler/Generator.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/jasper/compiler/Generator.java?rev=1780515=1780514=1780515=diff == --- tomcat/trunk/java/org/apache/jasper/compiler/Generator.java (original) +++ tomcat/trunk/java/org/apache/jasper/compiler/Generator.java Fri Jan 27 08:22:43 2017 @@ -2485,24 +2485,21 @@ class Generator { } private void writeNewInstance(String tagHandlerVar, String tagHandlerClassName) { +out.printin(tagHandlerClassName); +out.print(" "); +out.print(tagHandlerVar); +out.print(" = "); if (Constants.USE_INSTANCE_MANAGER_FOR_TAGS) { -out.printin(tagHandlerClassName); -out.print(" "); -out.print(tagHandlerVar); -out.print(" = ("); +out.print("("); out.print(tagHandlerClassName); out.print(")"); out.print("_jsp_getInstanceManager().newInstance(\""); out.print(tagHandlerClassName); out.println("\", this.getClass().getClassLoader());"); } else { -out.printin(tagHandlerClassName); -out.print(" "); -out.print(tagHandlerVar); -out.print(" = ("); out.print("new "); out.print(tagHandlerClassName); -out.println("());"); +out.println("();"); out.printin("_jsp_getInstanceManager().newInstance("); out.print(tagHandlerVar); out.println(");"); - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1780514 - in /tomcat/trunk/java/org/apache/jasper: compiler/Generator.java runtime/JspRuntimeLibrary.java
Author: markt Date: Fri Jan 27 08:21:17 2017 New Revision: 1780514 URL: http://svn.apache.org/viewvc?rev=1780514=rev Log: More refactoring of generated code so tags require less code Modified: tomcat/trunk/java/org/apache/jasper/compiler/Generator.java tomcat/trunk/java/org/apache/jasper/runtime/JspRuntimeLibrary.java Modified: tomcat/trunk/java/org/apache/jasper/compiler/Generator.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/jasper/compiler/Generator.java?rev=1780514=1780513=1780514=diff == --- tomcat/trunk/java/org/apache/jasper/compiler/Generator.java (original) +++ tomcat/trunk/java/org/apache/jasper/compiler/Generator.java Fri Jan 27 08:21:17 2017 @@ -2451,7 +2451,6 @@ class Generator { out.println(" != javax.servlet.jsp.tagext.Tag.EVAL_BODY_INCLUDE) {"); // Assume EVAL_BODY_BUFFERED out.pushIndent(); -out.printil("out = _jspx_page_context.pushBody();"); if (n.implementsTryCatchFinally()) { out.printin(tagPushBodyCountVar); out.println("[0]++;"); @@ -2459,11 +2458,10 @@ class Generator { out.printin(pushBodyCountVar); out.println("[0]++;"); } -out.printin(tagHandlerVar); - out.println(".setBodyContent((javax.servlet.jsp.tagext.BodyContent) out);"); -out.printin(tagHandlerVar); -out.println(".doInitBody();"); - +out.printin("out = org.apache.jasper.runtime.JspRuntimeLibrary.startBufferedBody("); +out.print("_jspx_page_context, "); +out.print(tagHandlerVar); +out.println(");"); out.popIndent(); out.printil("}"); Modified: tomcat/trunk/java/org/apache/jasper/runtime/JspRuntimeLibrary.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/jasper/runtime/JspRuntimeLibrary.java?rev=1780514=1780513=1780514=diff == --- tomcat/trunk/java/org/apache/jasper/runtime/JspRuntimeLibrary.java (original) +++ tomcat/trunk/java/org/apache/jasper/runtime/JspRuntimeLibrary.java Fri Jan 27 08:21:17 2017 @@ -29,9 +29,11 @@ import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; +import javax.servlet.jsp.JspException; import javax.servlet.jsp.JspWriter; import javax.servlet.jsp.PageContext; import javax.servlet.jsp.tagext.BodyContent; +import javax.servlet.jsp.tagext.BodyTag; import javax.servlet.jsp.tagext.Tag; import org.apache.jasper.JasperException; @@ -970,6 +972,15 @@ public class JspRuntimeLibrary { } +public static JspWriter startBufferedBody(PageContext pageContext, BodyTag tag) +throws JspException { +BodyContent out = pageContext.pushBody(); +tag.setBodyContent(out); +tag.doInitBody(); +return out; +} + + public static void releaseTag(Tag tag, InstanceManager instanceManager, boolean reused) { // Caller ensures pool is non-null if reuse is true if (!reused) { - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [POLL] Will you be at ApacheCon NA 2017?
Provide my answers: On 24/01/2017 15:46, Mark Thomas wrote: > I will be attending ApacheCon NA: > [ X ] Yes > > If attending, I would be willing to present a session at TomcatCon: > [ X ] Yes Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org