[jira] [Created] (MTOMCAT-313) shahintel

2018-02-21 Thread shahin mondal (JIRA) 
shahin mondal created MTOMCAT-313:
-

 Summary: shahintel
 Key: MTOMCAT-313
 URL: https://issues.apache.org/jira/browse/MTOMCAT-313
 Project: Apache Tomcat Maven Plugin
  Issue Type: Access
  Components: tomcat7
Affects Versions: 2.2
 Environment: shain
Reporter: shahin mondal
Assignee: Olivier Lamy (*$^¨%`£)
 Fix For: 2.2


# 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 60362] Missing reason phrase in response

2018-02-21 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=60362

--- Comment #68 from William Watson  ---
I believe an option to send a reason phrase should be maintained in Tomcat 9.

The reason phrase should be ignored by RFC-compliant client software.  But RFC
compliant software is not the only thing that consumes responses.

HTTP responses are also read by developers.  In this case, the reason phrase
can provide useful information.  The developer experience of a REST API is
improved with a reason phrase.  The reason phrase may be visible to a developer
using cURL or when debugging their application.

In short, "405 METHOD NOT ALLOWED" provides a better developer experience than
"405 ".

(Let me know if I should open a new bug against Tomcat 9 to progress this
case).

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 62123] New: concurrentmodification exception on cleanup of RMI objects when stopping webapp

2018-02-21 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=62123

Bug ID: 62123
   Summary: concurrentmodification exception on cleanup of RMI
objects when stopping webapp
   Product: Tomcat 9
   Version: 9.0.4
  Hardware: PC
Status: NEW
  Severity: normal
  Priority: P2
 Component: Catalina
  Assignee: dev@tomcat.apache.org
  Reporter: zerov...@gmail.com
  Target Milestone: -

Receive this exception occasionally when shutting down tomcat when webapp has
left RMI objects in memory.  Does not always happen.

Similar to issue 31334, but different stack.

21-Feb-2018 02:05:58.192 SEVERE [Catalina-startStop-2]
org.apache.catalina.core.ContainerBase.stopInternal A child container failed
during stop
java.util.concurrent.ExecutionException:
org.apache.catalina.LifecycleException: Failed to stop component
[WebappLoader[StandardEngine[Catalina].StandardHost[localhost].StandardContext[]]]
   at java.util.concurrent.FutureTask.report(FutureTask.java:122)
   at java.util.concurrent.FutureTask.get(FutureTask.java:192)
   at
org.apache.catalina.core.ContainerBase.stopInternal(ContainerBase.java:1003)
   at
org.apache.catalina.util.LifecycleBase.stop(LifecycleBase.java:257)
   at
org.apache.catalina.core.ContainerBase$StopChild.call(ContainerBase.java:1441)
   at
org.apache.catalina.core.ContainerBase$StopChild.call(ContainerBase.java:1430)
   at java.util.concurrent.FutureTask.run(FutureTask.java:266)
   at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
   at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
   at java.lang.Thread.run(Thread.java:745)
Caused by: org.apache.catalina.LifecycleException: Failed to stop component
[WebappLoader[StandardEngine[Catalina].StandardHost[localhost].StandardContext[]]]
   at
org.apache.catalina.util.LifecycleBase.handleSubClassException(LifecycleBase.java:441)
   at
org.apache.catalina.util.LifecycleBase.stop(LifecycleBase.java:267)
   at
org.apache.catalina.core.StandardContext.stopInternal(StandardContext.java:5363)
   at
org.apache.catalina.util.LifecycleBase.stop(LifecycleBase.java:257)
   at
org.apache.catalina.core.ContainerBase$StopChild.call(ContainerBase.java:1441)
   at
org.apache.catalina.core.ContainerBase$StopChild.call(ContainerBase.java:1430)
   at java.util.concurrent.FutureTask.run(FutureTask.java:266)
   at
org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorService.java:75)
   at
java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.java:134)
   at
org.apache.catalina.core.ContainerBase.stopInternal(ContainerBase.java:997)
   ... 7 more
Caused by: java.util.ConcurrentModificationException
   at java.util.HashMap$HashIterator.nextNode(HashMap.java:1437)
   at java.util.HashMap$ValueIterator.next(HashMap.java:1466)
   at
org.apache.catalina.loader.WebappClassLoaderBase.clearReferencesRmiTargets(WebappClassLoaderBase.java:2081)
   at
org.apache.catalina.loader.WebappClassLoaderBase.clearReferences(WebappClassLoaderBase.java:1521)
   at
org.apache.catalina.loader.WebappClassLoaderBase.stop(WebappClassLoaderBase.java:1463)
   at
org.apache.catalina.loader.WebappLoader.stopInternal(WebappLoader.java:443)
   at
org.apache.catalina.util.LifecycleBase.stop(LifecycleBase.java:257)
   ... 15 more

21-Feb-2018 02:05:58.193 SEVERE [Thread-115]
org.apache.catalina.core.ContainerBase.stopInternal A child container failed
during stop
java.util.concurrent.ExecutionException:
org.apache.catalina.LifecycleException: A child container failed during stop
   at java.util.concurrent.FutureTask.report(FutureTask.java:122)
   at java.util.concurrent.FutureTask.get(FutureTask.java:192)
   at
org.apache.catalina.core.ContainerBase.stopInternal(ContainerBase.java:1003)
   at
org.apache.catalina.util.LifecycleBase.stop(LifecycleBase.java:257)
   at
org.apache.catalina.core.StandardService.stopInternal(StandardService.java:471)
   at
org.apache.catalina.util.LifecycleBase.stop(LifecycleBase.java:257)
   at
org.apache.catalina.core.StandardServer.stopInternal(StandardServer.java:791)
   at
org.apache.catalina.util.LifecycleBase.stop(LifecycleBase.java:257)
   at org.apache.catalina.startup.Catalina.stop(Catalina.java:744)
   at
org.apache.catalina.startup.Catalina$CatalinaShutdownHook.run(Catalina.java:845)
Caused by: org.apache.catalina.LifecycleException: A child container failed
during stop
   at

[Bug 62122] New: undefined symbol: SSL_COMP_free_compression_methods

2018-02-21 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=62122

Bug ID: 62122
   Summary: undefined symbol: SSL_COMP_free_compression_methods
   Product: Tomcat Native
   Version: 1.2.14
  Hardware: PC
OS: Linux
Status: NEW
  Severity: major
  Priority: P2
 Component: Library
  Assignee: dev@tomcat.apache.org
  Reporter: jbal...@akamai.com
  Target Milestone: ---

OpenSSL 1.1.0 removed this function,
https://www.openssl.org/docs/man1.1.0/ssl/SSL_COMP_free_compression_methods.html
 

native/src/ssl.c

366 #if OPENSSL_VERSION_NUMBER >= 0x1000200fL
367 SSL_COMP_free_compression_methods();
368 #endif

this will need to be patched, suggestion below this is untested:

366 #if OPENSSL_VERSION_NUMBER >= 0x1000200fL && OPENSSL_VERSION_NUMBER <
0x1010L 
367 SSL_COMP_free_compression_methods();
368 #endif

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

FINAL REMINDER: CFP for Apache EU Roadshow Closes 25th February

2018-02-21 Thread Sharan F 

Hello Apache Supporters and Enthusiasts

This is your FINAL reminder that the Call for Papers (CFP) for the 
Apache EU Roadshow is closing soon. Our Apache EU Roadshow will focus on 
Cloud, IoT, Apache Tomcat, Apache Http and will run from 13-14 June 2018 
in Berlin.
Note that the CFP deadline has been extended to *25*^*th* *February *and 
it will be your final opportunity to submit a talk for thisevent.


Please make your submissions at http://apachecon.com/euroadshow18/

Also note that early bird ticket registrations to attend FOSS Backstage 
including the Apache EU Roadshow, have also been extended and will be 
available until 23^rd February. Please register at 
https://foss-backstage.de/tickets


We look forward to seeing you in Berlin!

Thanks
Sharan Foga, VP Apache Community Development

PLEASE NOTE: You are receiving this message because you are subscribed 
to a user@ or dev@ list of one or more Apache Software Foundation projects.

Re: [Git migration] Commit message format

2018-02-21 Thread Mark Thomas 
On 21/02/18 16:10, Rainer Jung wrote:
> Am 21.02.2018 um 16:53 schrieb Mark Thomas:
>> The next issue on the list is the format of commit messages.
>>
>> The commit messages we are seeing for the tomcat-training repository
>> have the same format as the commit message for the main tomcat repo will
>> have.
>>
>> Does anyone have any concerns regarding the format?
> 
> Would we be able to determine the branch from the subject line, e.g.
> would it be part of what is written between the square brackets? I
> personally find it very convenient to be able to easily filter commit
> mails by branch.

Where there are new files described in subsequent commits, those commits
don't have a branch in the subject. You can see how this works in
practice on comm...@infra.apache.org

Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [Git migration] Commit message format

2018-02-21 Thread Rainer Jung 

Am 21.02.2018 um 16:53 schrieb Mark Thomas:

The next issue on the list is the format of commit messages.

The commit messages we are seeing for the tomcat-training repository
have the same format as the commit message for the main tomcat repo will
have.

Does anyone have any concerns regarding the format?


Would we be able to determine the branch from the subject line, e.g. 
would it be part of what is written between the square brackets? I 
personally find it very convenient to be able to easily filter commit 
mails by branch.


Regards,

Rainer


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [Git migration] Commit message format

2018-02-21 Thread Rémy Maucherat 
On Wed, Feb 21, 2018 at 4:53 PM, Mark Thomas  wrote:

> The next issue on the list is the format of commit messages.
>
> The commit messages we are seeing for the tomcat-training repository
> have the same format as the commit message for the main tomcat repo will
> have.
>
> Does anyone have any concerns regarding the format?
>
> I'm too used to the old one ;)
So I guess it's fine, the good thing is that I suppose it'll get rid of the
revision merge info.

Rémy

[Git migration] Commit message format

2018-02-21 Thread Mark Thomas 
The next issue on the list is the format of commit messages.

The commit messages we are seeing for the tomcat-training repository
have the same format as the commit message for the main tomcat repo will
have.

Does anyone have any concerns regarding the format?

Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [Git migration] How to handle svn:external used by Tomcat Native

2018-02-21 Thread Mark Thomas 
On 20/02/18 13:19, Emmanuel Bourg wrote:
> Le 20/02/2018 à 13:42, Mark Thomas a écrit :
> 
>> But they'd be in the source bundle. Isn't that sufficient to build off-line?
> 
> Yes it is, and that's fine for Debian (Although currently the Debian
> package doesn't use the source bundle but checks out from SVN, but this
> can be changed).
> 
>> I'm not clear on what Debian needs here. There clearer you can be, the
>> more likely we are to pick a solution that works for Debian as well as
>> Tomcat.
> 
> I see two options:
> 1) Turn Tomcat Native into a "standard" dependency (bundled in its own
> jar downloaded from Maven Central)
> 2) Add an independent Ant target that downloads the Tomcat Native source
> files into the Tomcat source tree, the commit hash or tag being
> specified in a build property.

OK. I think 2 is the way to go here. I'll update the wiki accordingly.

Thanks for all the feedback on this issue.

Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat-training] branch master updated (483ef61 -> 49e338a)

2018-02-21 Thread markt 
This is an automated email from the ASF dual-hosted git repository.

markt pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat-training.git.


from 483ef61  Add agenda. Start to fill out intro module.
 new 9887e1a  Keep place when refreshing after update and testing on a 
local server
 new c9ba54c  Add some content
 new 49e338a  Flesh out the background module Other minor tweaks

The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 courses/tomcat-for-administrators.html | 15 --
 modules/background-01.html | 91 --
 modules/intro.html | 39 +++
 3 files changed, 137 insertions(+), 8 deletions(-)

-- 
To stop receiving notification emails like this one, please contact
ma...@apache.org.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat-training] 02/03: Add some content

2018-02-21 Thread markt 
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat-training.git

commit c9ba54c4a75ba7a49ec77f1c6b7a84c7a6bbca14
Author: Mark Thomas 
AuthorDate: Mon Feb 19 22:22:02 2018 +

Add some content
---
 modules/intro.html | 33 +
 1 file changed, 33 insertions(+)

diff --git a/modules/intro.html b/modules/intro.html
index 4abbc62..c52262a 100644
--- a/modules/intro.html
+++ b/modules/intro.html
@@ -20,4 +20,37 @@
  at GitHub in the https://github.com/apache/tomcat-training;>tomcat-training
  repository.
   Pull requests welcome.
+  
+Mention community and contributing back. 
+  
 
+
+  Open source
+  Apache Tomcat is open source under the Apache License version 2
+  
+Freely available
+Permissive license
+Don't have to contribute back
+It is nice if you do
+  
+  
+Key aspects of ALv2. Take the code. Do what you like but acknowledge
+
+  where you got the code from
+  trademarks
+
+  
+
+
+  Resources
+  Website: https://tomcat.apache.org;>https://tomcat.apache.org
+  Mailing lists: https://tomcat.apache.org/lists.html;>https://tomcat.apache.org/lists.html
+  Source code: https://github.com/apache/tomcat;>https://github.com/apache/tomcat
+  Issue tracker: https://bz.apache.org/bugzilla;>https://bz.apache.org/bugzilla
+  Stack overflow
+  
+Master source code currently in svn but looking to move to git soon.
+
+Aim to fix all open bugs (not enhancements) before next release. Monthly 
release cycle. 
+  
+
\ No newline at end of file

-- 
To stop receiving notification emails like this one, please contact
ma...@apache.org.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat-training] 03/03: Flesh out the background module Other minor tweaks

2018-02-21 Thread markt 
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat-training.git

commit 49e338a6dfc82674814040034167b2e5660ee555
Author: Mark Thomas 
AuthorDate: Wed Feb 21 15:25:05 2018 +

Flesh out the background module
Other minor tweaks
---
 courses/tomcat-for-administrators.html | 14 --
 modules/background-01.html | 91 --
 modules/intro.html | 10 +++-
 3 files changed, 105 insertions(+), 10 deletions(-)

diff --git a/courses/tomcat-for-administrators.html 
b/courses/tomcat-for-administrators.html
index 4ef4f2c..a532816 100644
--- a/courses/tomcat-for-administrators.html
+++ b/courses/tomcat-for-administrators.html
@@ -65,16 +65,19 @@
   
 
   Tomcat for Administrators
+
+
+  Introduction
   
 Welcome everyone.
 
+If there are any venue announcements (WiFi access, fire exits 
etc.) do those now.
+
 Introduce yourself here. Get the class to do short introductions 
as well. Find out any
 particular topics of interest.
 
-If there are any venue announcements (WiFi access, fire exits 
etc.) do those now.
   
 
-Introduction
 
   Agenda - Morning
   
@@ -145,8 +148,8 @@
 
   
   
-Wrap up session is an opportunity to ask general Tomcat questions, 
dig a little deeper into an
-earlier topic etc.
+Wrap up session is an opportunity to ask general Tomcat questions, 
dig a little deeper
+into an earlier topic etc.
 
 Questions are welcome at any time. Just get my attention.
   
@@ -155,6 +158,9 @@
  

  

  
+
+  Lunch
+
  
  
  

diff --git a/modules/background-01.html b/modules/background-01.html
index adad088..44d00bf 100644
--- a/modules/background-01.html
+++ b/modules/background-01.html
@@ -14,7 +14,90 @@
   See the License for the specific language governing permissions and
   limitations under the License.
 -->
-Background 01
-Slide 1
-Slide 2
-
+
+  Installation
+
+
+  Dependencies
+  Java Runtime
+  Full JDK not required
+  Tomcat 9 requires Java 8 or later
+  Tomcat 8 requires Java 7 or later
+  Tomcat 7 requires Java 6 or later
+  Tomcat Native for OpenSSL support
+  
+Very old versions of Tomcat (10+ years ago) required the JDK for JSPs. All 
current versions of
+Tomcat include the Eclipse compilers.
+
+off-by-one pattern broken by Java's switch sto a 6-monthly release cycle.
+
+Tomcat 9 and 8.5 require Java 9 for pure Java HTTP/2 support
+
+Tomcat 7 requires Java 7 for JSR 356
+  
+
+
+  Installation options
+  Unpack an archive
+  Tomcat Installer for Windows
+  Package from Linux distribution
+  Build from source
+  
+Various services provide packaged Tomcat instances. Not going to cover 
those.
+  
+
+
+  Installing from an archive
+  .zip for Windows
+  .tar.gz for Linux, OSX etc
+  Contents is largely the same
+  Line endings vary
+  Tomcat Native binary for Windows is included in .zip
+
+
+  Demonstration
+  Installing from an archive
+  Windows
+  Linux
+
+
+  Exercise
+  Install from an archive
+  Display Tomcat home page in browser
+
+
+  File structure
+
+
+  Running as a Service
+  Windows
+  Runs as LocalService by default - TODO Check
+
+
+  Running as a Daemon
+  TODO commons daemon
+
+
+  Tomcat Installer for Windows
+  Unpacks archive
+  Creates a service
+  Automates the manual steps
+  Provides a GUI to set some basic options
+  
+Original target was setting up developers, not production systems.
+  
+
+
+  Demonstration
+  Installing with the Tomcat Installer for Windows
+
+
+  Demonstration
+  Installing from a Linux package
+
+
+  Exercise
+  Install from the Installer for Windows
+  or
+  Install from a Linux package
+
diff --git a/modules/intro.html b/modules/intro.html
index c52262a..e784b90 100644
--- a/modules/intro.html
+++ b/modules/intro.html
@@ -42,8 +42,8 @@
   
 
 
-  Resources
-  Website: https://tomcat.apache.org;>https://tomcat.apache.org
+  Tomcat Resources
+  Web site: https://tomcat.apache.org;>https://tomcat.apache.org
   Mailing lists: https://tomcat.apache.org/lists.html;>https://tomcat.apache.org/lists.html
   Source code: https://github.com/apache/tomcat;>https://github.com/apache/tomcat
   Issue tracker: https://bz.apache.org/bugzilla;>https://bz.apache.org/bugzilla
@@ -53,4 +53,10 @@
 
 Aim to fix all open bugs (not enhancements) before next release. Monthly 
release cycle. 
   
+
+
+  Training Resources for Today
+  WiFi: TOMCAT-TRAINING
+  Pwd: 'let me in' (excluding quotes)
+  Files: http://192.168.0.1/shares
 
\ No newline at end of file

--

[tomcat-training] 01/03: Keep place when refreshing after update and testing on a local server

2018-02-21 Thread markt 
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat-training.git

commit 9887e1a171e625e045e9de351d71af122eaf7583
Author: Mark Thomas 
AuthorDate: Mon Feb 19 22:21:38 2018 +

Keep place when refreshing after update and testing on a local server
---
 courses/tomcat-for-administrators.html | 1 +
 1 file changed, 1 insertion(+)

diff --git a/courses/tomcat-for-administrators.html 
b/courses/tomcat-for-administrators.html
index e80d0cd..4ef4f2c 100644
--- a/courses/tomcat-for-administrators.html
+++ b/courses/tomcat-for-administrators.html
@@ -168,6 +168,7 @@

Re: How to proceed on the CSP issue.

2018-02-21 Thread Rémy Maucherat 
On Wed, Feb 14, 2018 at 1:39 PM, Mark Thomas  wrote:

> httpd's mod_headers module
>
> Since I did the rewrite valve then, I had a plan at some point to do it,
but it looked like quite a bit of effort for less gain (than the rewrite
valve).  So no mod_headers valve, my bad :)

Rémy

[Bug 62090] NPE in o.a.t.util.modeler.Util when servlet-name does not exist in web.xml

2018-02-21 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=62090

--- Comment #11 from Remy Maucherat  ---
https://github.com/apache/tomcat/blob/trunk/java/org/apache/catalina/startup/ContextConfig.java#L1339

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: How to proceed on the CSP issue.

2018-02-21 Thread Christopher Schultz 
Rahul,

On 2/21/18 9:55 AM, Rahul Chhabra wrote:
> 
> On Sat, Feb 17, 2018 at 4:30 AM, Christopher Schultz <
> ch...@christopherschultz.net> wrote:
> 
> Mark,
> 
> On 2/14/18 7:39 AM, Mark Thomas wrote:
 On 14/02/18 11:51, Harrison & Wells wrote:
> Sorry to disturb you.

 Not at all.

> I read the Contributing.md
>  on
> your github mirror and even found the beginner issues
>  =ASSIGNED_status=REOPENED_status=NEEDINFO=Beginner
> ords_type=allwords_id=160824=Tomcat%207=Tomcat%208&
> product=Tomcat%209_format=advanced>
>
>
> .
> Except there are only three of them, out of which one is already
> solved, one is a case of XML validation (not a bug, technically)
> and one can be solved using a filter.
>  So I
> decided I could go with the filter one but man, CSP is complex
> and I don't think one could just do a general 'default-src'
> because even that can be pretty tight. So it is a bit unclear.
> Thanks for reading. I'd appreciate any help in getting started.

 I agree with you completely regarding the complexity of CSP. I'm
 not convinced that a CSP specific filter is possible.
> 
> I guess is just depends upon one's perspective and requirements. For
> our CSP, we just said "we need a sane policy like [no scripts from
> other domains]" and that applies everywhere. That can be some with a
> dead-simply Filter that just regurgitates the same CSP for every request
> .
> 
> But if you want a Filter that tries to guess what the policy of a
> particular page should be, well, then you are indeed going to build a
> PHD-worthy Filter.
> 
 Igal's suggestion in comment #6 is probably the way to go. A
 generic HTTP header filter. I'd look at httpd's mod_headers module
 for inspiration for the sort of features a generic HTTP header
 filter should provide.
> 
> Or just use the rewrite filter Tomcat already provides, if the
> requirements are simple enough.
> 
 I don't think the first iteration needs to completely cover all of
 the mod_headers functionality (adding headers to the response is
 probably enough at this point) but having the eventual
 functionality in mind will ensure that configuration parameters
 (likely filter parameters in this case) are chosen appropriately.
> 
> The only other thing I can think of that a CSP filter could provide
> would be the "signing" capabilities.
> 
> CSP can say "it's okay to run a script as long as the hash of the
> script is #foo". That means that the script-hasher and the CSP header
> have to agree. So perhaps the Filter could maintain an LRU list of
> hashes produced elsewhere (and possible run through the Filter). I
> think this is a big rathole that ... probably nobody should bother to
> go down.
> 
> One can also use a nonce. Technically, the nonce should be one-time
> use (it's called a nonce ffs!), but since you have to actually use it
> twice for it to be useful, I think it's okay for e.g. a Filter to emit
> the same nonce multiple times, for a short period of time.

> Rahul wrote:
> Obviously, *guessing *a policy is beyond mortal comprehension.
>
> We could take the value as an init parameter.
> Then whenever the filter is applied, it just puts that CSP.
> 
> 
> default-src
> 'none'
> 
> 
>
> That's one way to make a CSP filter and preserve your sanity

Yes, that's basically what I had in mind. This should be able to be done
with Tomcat's RewriteValve -- configuration only and no additional code.
So I'm not entirely sure what a CSP-specific Filter/Valve could hope to
achieve.

-chris



signature.asc
Description: OpenPGP digital signature

[Bug 62090] NPE in o.a.t.util.modeler.Util when servlet-name does not exist in web.xml

2018-02-21 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=62090

--- Comment #10 from Christopher Schultz  ---
(In reply to Slava Risenberg from comment #8)
> (In reply to Remy Maucherat from comment #6)
> > I'd rather add an IAE to ContainerBase.setName.
> 
> ContainerBase is an abstract class, making change in it will affect other
> irrelevant Classes like StandardContext, StandardEngine, StandardHost and
> StandardWrapper, so it's definitely not a good place for the fix.

Also, the default value for "name" is null, and this check can only be made it
setName(String) is actually called. Assuming Tomcat uses digester to parse XML
files, a missing servlet-name will skip the call to
ContainerBase.setName(String), no?

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: How to proceed on the CSP issue.

2018-02-21 Thread Rahul Chhabra 
Obviously, *guessing *a policy is beyond mortal comprehension.

We could take the value as an init parameter.
Then whenever the filter is applied, it just puts that CSP.


default-src
'none'



That's one way to make a CSP filter and preserve your sanity

On Sat, Feb 17, 2018 at 4:30 AM, Christopher Schultz <
ch...@christopherschultz.net> wrote:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Mark,
>
> On 2/14/18 7:39 AM, Mark Thomas wrote:
> > On 14/02/18 11:51, Harrison & Wells wrote:
> >> Sorry to disturb you.
> >
> > Not at all.
> >
> >> I read the Contributing.md
> >>  on
> >> your github mirror and even found the beginner issues
> >>  =ASSIGNED_status=REOPENED_status=NEEDINFO=Beginner
> ords_type=allwords_id=160824=Tomcat%207=Tomcat%208&
> product=Tomcat%209_format=advanced>
> >>
> >>
> .
> >> Except there are only three of them, out of which one is already
> >> solved, one is a case of XML validation (not a bug, technically)
> >> and one can be solved using a filter.
> >>  So I
> >> decided I could go with the filter one but man, CSP is complex
> >> and I don't think one could just do a general 'default-src'
> >> because even that can be pretty tight. So it is a bit unclear.
> >> Thanks for reading. I'd appreciate any help in getting started.
> >
> > I agree with you completely regarding the complexity of CSP. I'm
> > not convinced that a CSP specific filter is possible.
>
> I guess is just depends upon one's perspective and requirements. For
> our CSP, we just said "we need a sane policy like [no scripts from
> other domains]" and that applies everywhere. That can be some with a
> dead-simply Filter that just regurgitates the same CSP for every request
> .
>
> But if you want a Filter that tries to guess what the policy of a
> particular page should be, well, then you are indeed going to build a
> PHD-worthy Filter.
>
> > Igal's suggestion in comment #6 is probably the way to go. A
> > generic HTTP header filter. I'd look at httpd's mod_headers module
> > for inspiration for the sort of features a generic HTTP header
> > filter should provide.
>
> Or just use the rewrite filter Tomcat already provides, if the
> requirements are simple enough.
>
> > I don't think the first iteration needs to completely cover all of
> > the mod_headers functionality (adding headers to the response is
> > probably enough at this point) but having the eventual
> > functionality in mind will ensure that configuration parameters
> > (likely filter parameters in this case) are chosen appropriately.
>
> The only other thing I can think of that a CSP filter could provide
> would be the "signing" capabilities.
>
> CSP can say "it's okay to run a script as long as the hash of the
> script is #foo". That means that the script-hasher and the CSP header
> have to agree. So perhaps the Filter could maintain an LRU list of
> hashes produced elsewhere (and possible run through the Filter). I
> think this is a big rathole that ... probably nobody should bother to
> go down.
>
> One can also use a nonce. Technically, the nonce should be one-time
> use (it's called a nonce ffs!), but since you have to actually use it
> twice for it to be useful, I think it's okay for e.g. a Filter to emit
> the same nonce multiple times, for a short period of time.
>
> - -chris
> -BEGIN PGP SIGNATURE-
> Comment: GPGTools - http://gpgtools.org
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iQJRBAEBCAA7FiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlqHYoEdHGNocmlzQGNo
> cmlzdG9waGVyc2NodWx0ei5uZXQACgkQHPApP6U8pFjK/g/9GOCZ2W7c7R0gE2YV
> lE5TN89zuPhOjkDu07yJ1xhIOR2nl7t/cHY3KNIZsXw/r0nPrIbC+/ZbZ1PeaqJR
> VVGZe4FDobEYUZH+TaDUtWuiVwHRmxqoAnFJqlPDTF2n5pa5dwjHt65C2C76g4eE
> wf2UNxxWUovlnvQCwZ6/gdb2aokkxZDqszU+nxWPhQRcUh5pgP127TWwaPHyJCf+
> T6zIqal5jQYFZV9GsW90Xv736jZDgdWM3oKOmra1dl6qjv9Ii/2bTDfVo9r25M0t
> wmoayvUBn0zBkk/IP4N254vQJ3Og1bAPKB7m6DO+4P4ElptVn1Tz81/M9Wpeg90z
> ITzT7WpX78OC8wkcguWpbKocw9cf6vxT+c+Nq5lBn/hJ5yfQ+f4/JYTIT2V1iOx/
> 7sU7dywr3CxABxPheZa/aW+scJCKhRBDncL63U1l9RJuR+nC4V8MKpVmBhcslClh
> V3AmjW+3MIDSGRFd+1e7X2ve61EQHzRnzUx/66JE7Wv+sIjMc3tiOU63lsj/6HSi
> DedbA95GIJC8hYCj+ZP29HevXq+DKBOkKfIxBsy90+unoWa3UTZ61kg53X8h8CLx
> poRBX7mXSxZuYAnEcITwvQgvKLcMMGeBFMhIt4qfGtjXMN8RZS18OMXwG5Os/rVK
> iF81wnQcC6Ste5e9c9uoaJt6GjY=
> =wBml
> -END PGP SIGNATURE-
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
>

svn commit: r25181 - /release/tomcat/tomcat-9/v9.0.4/

2018-02-21 Thread markt 
Author: markt
Date: Wed Feb 21 13:38:44 2018
New Revision: 25181

Log:
Drop 9.0.4 from mirrors

Removed:
release/tomcat/tomcat-9/v9.0.4/


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 62090] NPE in o.a.t.util.modeler.Util when servlet-name does not exist in web.xml

2018-02-21 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=62090

--- Comment #9 from Remy Maucherat  ---
For starters, wrapper = servlet so that should be ok. Then containers are
supposed to have names in Catalina (they go in children maps keyed by name
...), so it's good to do it that way.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1824964 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/catalina/filters/RequestDumperFilter.java webapps/docs/changelog.xml

2018-02-21 Thread violetagg 
Author: violetagg
Date: Wed Feb 21 13:24:01 2018
New Revision: 1824964

URL: http://svn.apache.org/viewvc?rev=1824964=rev
Log:
Fix for RequestDumperFilter log attribute. Patch provided by Kirill Romanov via 
Github.

Modified:
tomcat/tc7.0.x/trunk/   (props changed)

tomcat/tc7.0.x/trunk/java/org/apache/catalina/filters/RequestDumperFilter.java
tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc7.0.x/trunk/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Wed Feb 21 13:24:01 2018
@@ -1,3 +1,3 @@
 
/tomcat/tc8.0.x/trunk:1636525,1637336,1637685,1637709,1638726,1640089,1640276,1640349,1640363,1640366,1640642,1640672,1640674,1640689,1640884,1641001,1641065,1641067,1641375,1641638,1641723,1641726,1641729-1641730,1641736,1641988,1642669-1642670,1642698,1642701,1643205,1643215,1643217,1643230,1643232,1643273,1643285,1643329-1643330,1643511,1643513,1643521,1643539,1643571,1643581-1643582,1643635,1643655,1643738,1643964,1644018,1644333,1644525,1644954,1644992,1645014,1645360,1645456,1645627,1645642,1645686,1645903-1645904,1645908-1645909,1645913,1645920,1646458,1646460-1646462,1646735,1646738-1646741,1646744,1646746,1646748-1646755,1646757,1646759-1646760,1647043,1648816,1651420-1651422,1651844,1652926,1652939-1652940,1652973,1653798,1653817,1653841,1654042,1654161,1654736,1654767,1654787,1656592,1659907,1662986,1663265,1663278,1663325,1663535,1663567,1663679,1663997,1664175,1664321,1664872,1665061,1665086,1666027,1666395,1666503,1666506,1666560,1666570,1666581,1666759,1666967,1666988
 
,1667553-1667555,1667558,1667617,1667633,1667637,1667747,1667767,1667873,1668028,1668137,1668634,1669432,1669801,1669840,1669895-1669896,1670398,1670435,1670592,1670605-1670607,1670609,1670632,1670720,1670725,1670727,1670731,1671114,1672273,1672285,1673759,1674220,1674295,1675469,1675488,1675595,1675831,1676232,1676367-1676369,1676382,1676394,1676483,1676556,1676635,1678178,1679536,1679988,1680256,1681124,1681182,1681703,1681730,1681840,1681864,1681869,1682010,1682034,1682047,1682052-1682053,1682062,1682064,1682070,1682312,1682325,1682331,1682386,1684367,1684385,1685759,1685774,1685827,1685892,1687341,1688904,1689358,1689657,1689921,1692850,1693093,1693108,1693324,1694060,1694115,1694291,1694427,1694431,1694503,1694549,1694789,1694873,1694881,1695356,1695372,1695823-1695825,1696200,1696281,1696379,1696468,1700608,1700871,1700897,1700978,1701094,1701124,1701608,1701668,1701676,1701766,1701944,1702248,1702252,1702314,1702390,1702723,1702725,1702728,1702730,1702733,1702735,1702737,1702
 
739,1702742,1702744,1702748,1702751,1702754,1702758,1702760,1702763,1702766,1708779,1708782,1708806,1709314,1709670,1710347,1710442,1710448,1710490,1710574,1710578,1712226,1712229,1712235,1712255,1712618,1712649,1712655,1712860,1712899,1712903,1712906,1712913,1712926,1712975,1713185,1713262,1713287,1713613,1713621,1713872,1713976,1713994,1713998,1714004,1714013,1714059,1714538,1714580,1715189,1715207,1715544,1715549,1715637,1715639-1715645,1715667,1715683,1715866,1715978,1715981,1716216-1716217,1716355,1716414,1716421,1717208-1717209,1717257,1717283,1717288,1717291,1717421,1717517,1717529,1718797,1718840-1718843,1719348,1719357-1719358,1719400,1719491,1719737,1720235,1720396,1720442,1720446,1720450,1720463,1720658-1720660,1720756,1720816,1721813,1721818,1721831,1721861,1721867,1721882,1722523,1722527,1722800,1722926,1722941,1722997,1723130,1723440,1723488,1723890,1724434,1724674,1724792,1724803,1724902,1725128,1725131,1725154,1725167,1725911,1725921,1725929,1725963-1725965,1725970,1
 
725974,1726171-1726173,1726175,1726179-1726182,1726190-1726191,1726195-1726200,1726203,1726226,1726576,1726630,1726992,1727029,1727037,1727671,1727676,1727900,1728028,1728092,1728439,1728449,1729186,1729362,1731009,1731303,1731867,1731872,1731874,1731876,1731885,1731947,1731955,1731959,1731977,1731984,1732360,1732490,1732672,1732902,1733166,1733603,1733619,1733735,1733752,1733764,1733915,1733941,1733964,1734115,1734133,1734261,1734421,1734531,1736286,1737967,1738173,1738182,1738992,1739039,1739089-1739091,1739294,1739777,1739821,1739981,1740513,1740726,1741019,1741162,1741217,1743647,1743681,1744152,1744272,1746732,1746750,1752739,1754615,1755886,1756018,1758563,1759565,1761686,1762173,1762206,1766280,1767507-1767508,1767653,1767656,1769267,1772949,1773521,1773527,1774104,1777015,1777213,1779330,1783151,1784188,1784966,1785670,1786846,1788260,1788999,1789140,1789402,1791529,1791559,1795291,1796906,1797523,1799214,1800998-1800999,1801003,1801007-1801008,1801017,1801020,1802808,180281

svn commit: r1824961 - in /tomcat/tc8.0.x/trunk: ./ java/org/apache/catalina/filters/RequestDumperFilter.java webapps/docs/changelog.xml

2018-02-21 Thread violetagg 
Author: violetagg
Date: Wed Feb 21 13:11:10 2018
New Revision: 1824961

URL: http://svn.apache.org/viewvc?rev=1824961=rev
Log:
Fix for RequestDumperFilter log attribute. Patch provided by Kirill Romanov via 
Github.

Modified:
tomcat/tc8.0.x/trunk/   (props changed)

tomcat/tc8.0.x/trunk/java/org/apache/catalina/filters/RequestDumperFilter.java
tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc8.0.x/trunk/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Wed Feb 21 13:11:10 2018
@@ -1,2 +1,2 @@
-/tomcat/tc8.5.x/trunk:1735042,1737966,1743139-1743140,1744151,1747537,1747925,1748002,1754614,1754643,1762124,1762183,1762203,1763792,1772948,1777014,1779719,1782037,1782240,1782386-1782387,1785669,1786845,1788249,1788324,1788905,1789216,1789335,1791528,1791558,1796697-1796698,1797521,1798543,1799162,1800143,1801693,1802805,1806799,1807079-1807080,1808880,1809831,1812093,1812143,1812145,1812319,1814975,1815945,1815956,1820207,1822186,1823164,1823497
-/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1637890,1637892,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886
 
,1644890,1644892,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1649973,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-1654852,1654978,1655122-1655124,1655126-1655127,1655129-1655130,1655132-1655133,1655312,1655351,1655438,1655441,1655454,168,1656087,1656299,1656319,1656331,1656345,1656350,1656590,1656648-1656650,1656657,1657041,1657054,1657374,1657492,1657510,1657565,1657580,1657584,1657586,1657589,1657
 
592,1657607,1657609,1657682,1657907,1658207,1658734,1658781,1658790,1658799,1658802,1658804,1658833,1658840,1658966,1659043,1659053,1659059,1659174,1659184,1659188-1659189,1659216,1659263,1659293,1659304,1659306-1659307,1659382,1659384,1659428,1659471,1659486,1659505,1659516,1659521,1659524,1659559,1659562,1659803,1659806,1659814,1659833,1659862,1659905,1659919,1659948,1659967,1659983-1659984,1660060,1660074,1660077,1660133,1660168,1660331-1660332,1660353,1660358,1660924,1661386,1661770,1661867,1661972,1661990,1662200,1662308-1662309,1662548,1662614,1662696,1662736,1662985,1662988-1662989,1663264,1663277,1663298,1663534,1663562,1663676,1663715,1663754,1663768,1663772,1663781,1663893,1663995,1664143,1664163,1664174,1664301,1664317,1664347,1664657,1664659,1664710,1664863-1664864,1664866,1665085,1665292,1665559,1665653,1665661,1665672,1665694,1665697,1665736,1665779,1665976-1665977,1665980-1665981,1665985-1665986,1665989,1665998,1666004,1666008,1666013,1666017,1666024,1666116,1666386-1

svn commit: r1824960 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/catalina/filters/RequestDumperFilter.java webapps/docs/changelog.xml

2018-02-21 Thread violetagg 
Author: violetagg
Date: Wed Feb 21 13:10:01 2018
New Revision: 1824960

URL: http://svn.apache.org/viewvc?rev=1824960=rev
Log:
Fix for RequestDumperFilter log attribute. Patch provided by Kirill Romanov via 
Github.

Modified:
tomcat/tc8.5.x/trunk/   (props changed)

tomcat/tc8.5.x/trunk/java/org/apache/catalina/filters/RequestDumperFilter.java
tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc8.5.x/trunk/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Wed Feb 21 13:10:01 2018
@@ -1,2 +1,2 @@
 /tomcat/tc8.0.x/trunk:1809644
-/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739492,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409
 
,1741501,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744149,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745535,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747
 
404,1747506,1747536,1747924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1
 
756289,1756408-1756410,1756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-176205

[GitHub] tomcat pull request #100: Fix for RequestDumperFilter log attribute

2018-02-21 Thread asfgit 
Github user asfgit closed the pull request at:

https://github.com/apache/tomcat/pull/100


---

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1824959 - in /tomcat/trunk: java/org/apache/catalina/filters/RequestDumperFilter.java webapps/docs/changelog.xml

2018-02-21 Thread violetagg 
Author: violetagg
Date: Wed Feb 21 13:07:33 2018
New Revision: 1824959

URL: http://svn.apache.org/viewvc?rev=1824959=rev
Log:
Fix for RequestDumperFilter log attribute. Patch provided by Kirill Romanov via 
Github.
This closes #100

Modified:
tomcat/trunk/java/org/apache/catalina/filters/RequestDumperFilter.java
tomcat/trunk/webapps/docs/changelog.xml

Modified: tomcat/trunk/java/org/apache/catalina/filters/RequestDumperFilter.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/filters/RequestDumperFilter.java?rev=1824959=1824958=1824959=diff
==
--- tomcat/trunk/java/org/apache/catalina/filters/RequestDumperFilter.java 
(original)
+++ tomcat/trunk/java/org/apache/catalina/filters/RequestDumperFilter.java Wed 
Feb 21 13:07:33 2018
@@ -233,7 +233,7 @@ public class RequestDumperFilter extends
 }
 
 if (hResponse == null) {
-doLog("remoteUser", NON_HTTP_RES_MSG);
+doLog("status", NON_HTTP_RES_MSG);
 } else {
 doLog("status",
 Integer.toString(hResponse.getStatus()));

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1824959=1824958=1824959=diff
==
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Wed Feb 21 13:07:33 2018
@@ -83,6 +83,10 @@
 the specified interface rather than the concrete type. Based on a
 suggestion by Ángel Álvarez Páscua. (markt)
   
+  
+Fix for RequestDumperFilter log attribute. Patch provided
+by Kirill Romanov via Github. (violetagg)
+  
 
   
   



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] tomcat pull request #100: Fix for RequestDumperFilter log attribute

2018-02-21 Thread Djaler 
GitHub user Djaler opened a pull request:

https://github.com/apache/tomcat/pull/100

Fix for RequestDumperFilter log attribute



You can merge this pull request into a Git repository by running:

$ git pull https://github.com/Djaler/tomcat patch-1

Alternatively you can review and apply these changes as the patch at:

https://github.com/apache/tomcat/pull/100.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

This closes #100


commit 18ec0443a2e4664b36373bca90b51b356fdf2dda
Author: Kirill Romanov 
Date:   2018-02-21T11:42:34Z

Fix for RequestDumperFilter log attribute




---

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 62090] NPE in o.a.t.util.modeler.Util when servlet-name does not exist in web.xml

2018-02-21 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=62090

--- Comment #8 from Slava Risenberg  ---
(In reply to Remy Maucherat from comment #6)
> I'd rather add an IAE to ContainerBase.setName.

ContainerBase is an abstract class, making change in it will affect other
irrelevant Classes like StandardContext, StandardEngine, StandardHost and
StandardWrapper, so it's definitely not a good place for the fix.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org