JDK 14 - Early Access build 25 is available

Hi Mark, *OpenJDK builds  - JDK 14 *- Early Access build 25 is available at http://jdk.java.net/14/ These early-access, open-source builds are provided under the GNU General Public License, version 2, with the Classpath Exception . * *Next Mile

[Bug 63191] RemoteEndpoint.Async#sendText(String, SendHandler) never calls the callback

https://bz.apache.org/bugzilla/show_bug.cgi?id=63191 --- Comment #15 from Boris Petrov --- So, actually the bug is still here even on `9.0.29`, although maybe less often, yes. Actually it happens mostly (only?) with Safari on Mac OS X, not that it should matter. This is the stacktrace when runnin

[Bug 63969] Stackoverflow in JSF

https://bz.apache.org/bugzilla/show_bug.cgi?id=63969 --- Comment #3 from Patrick WENDJI --- Hello, Has the fix been ported to 8.5.x branch? -- You are receiving this mail because: You are the assignee for the bug. - To unsubsc

[Bug 63969] Stackoverflow in JSF

https://bz.apache.org/bugzilla/show_bug.cgi?id=63969 --- Comment #4 from Mark Thomas --- 8.5.50-dev build - same caveats apply as for the 9.0.x dev build -- You are receiving this mail because: You are the assignee for the bug. ---

[Bug 63939] CORS filter incorrectly implements same/local origin check

https://bz.apache.org/bugzilla/show_bug.cgi?id=63939 --- Comment #1 from Mark Thomas --- The CORS specification references RFC 6454 for the definition of the origin header. RFC 6454 states that the port should only be included in serialized form (which is the form used in the HTTP header) if the

[Bug 63939] CORS filter incorrectly implements same/local origin check

https://bz.apache.org/bugzilla/show_bug.cgi?id=63939 --- Comment #2 from Mark Thomas --- As far as the case sensitivity of the check (or not) goes, both the scheme and host are case insensitive although lower case is the convention for both. It really should not make any difference at all whether

Re: [tomcat] branch master updated: Update with the release of Graal 19.3

On Thu, Nov 28, 2019 at 10:39 AM wrote: > Missing items for better Tomcat functionality: > > - Java 11: ALPN for TLS, TLS 1.3, etc >BeanInfo support: BeanInfo use in JSP taglibs must be configured > manually in descriptors >Java serialization: Clustering,

[tomcat] branch master updated: Improve Graal doc again

This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new 6e25e58 Improve Graal doc again 6e25e58 is descri

[Bug 63939] CORS filter incorrectly implements same/local origin check

https://bz.apache.org/bugzilla/show_bug.cgi?id=63939 --- Comment #3 from Michael Osipov --- (In reply to Mark Thomas from comment #1) > The CORS specification references RFC 6454 for the definition of the origin > header. > > RFC 6454 states that the port should only be included in serialized fo

[Bug 63939] CORS filter incorrectly implements same/local origin check

https://bz.apache.org/bugzilla/show_bug.cgi?id=63939 --- Comment #4 from Michael Osipov --- (In reply to Mark Thomas from comment #2) > As far as the case sensitivity of the check (or not) goes, both the scheme > and host are case insensitive although lower case is the convention for > both. It r

[Bug 63938] CORS filter adds headers to non-CORS request

https://bz.apache.org/bugzilla/show_bug.cgi?id=63938 --- Comment #3 from Michael Osipov --- (In reply to Michael Osipov from comment #2) > (In reply to Mark Thomas from comment #1) > > This behaviour is deliberate. The reasoning is in the code comments. Also, > > see bug 57724. > > I do not real

[Bug 63939] CORS filter incorrectly implements same/local origin check

https://bz.apache.org/bugzilla/show_bug.cgi?id=63939 --- Comment #5 from Mark Thomas --- The bug requiring refactoring is bug 63937. The RFC 6454 inconsistency is unhelpful but the intention seems clear from section 3.2. The Spring reference was useful as it suggested we should include ws/wss w