As I said on another post, I don't know of any major problems with 3.3. So
were I allowed to vote, mine would be +0 since I won't have time to keep up
with such a fast moving target.
- Original Message -
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, September 10, 2001 4:39
As I expected (having spent enough time on encoded URLs), I can't reproduce
1483 against B2. It always finds the correct session both in stand-alone
and Ajp13.
- Original Message -
From: Larry Isaacs [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, September 12, 2001 8:31 AM
?) r-unparsed_uri to preserve encoding.
Therefore, any mod_rewrite munging of r-uri is invisible
to mod_jk. This is the issue to which Larry is referring,
not Apache module ordering.
Keith
| -Original Message-
| From: Bill Barker [mailto:[EMAIL PROTECTED]]
| Sent: Wednesday, September
Shouldn't 461 be re-classified as a 4.0 issue?
ServletRequest.setCharacterEncoding is a new feature of 2.3.
- Original Message -
From: Larry Isaacs [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, September 12, 2001 8:31 AM
Subject: Remaining Tomcat 3.3 Issues
Hi All,
I have
While 3.3 has this behavior as the default, it can be disabled in the config
by:
DecodeInterceptor safe=false /
Since the release is scheduled to happen by the end of the month, you might
consider jumping straight to 3.3.
- Original Message -
From: Lars Oppermann [EMAIL PROTECTED]
To:
Let's try that again.
- Original Message -
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, September 13, 2001 5:52 AM
Subject: [DO NOT REPLY: Bug 3581] New: Ctx() : Error creating validation
mark - java.io.FileNotFoundException
PLEASE DO NOT REPLY TO THIS MESSAGE. TO
with Linux that often, so I'm not sure of the cause.
Would this be a have to run as root or some other
permissions issue?
Cheers,
Larry
-Original Message-
From: Bill Barker [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 13, 2001 12:55 PM
To: [EMAIL PROTECTED]
Subject: [PATCH
I interpreted #111 to be the graceful restart clean-up problem that was
fixed some months ago.
- Original Message -
From: GOMEZ Henri [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, September 13, 2001 12:13 PM
Subject: RE: Remaining Tomcat 3.3 Issues
7. Evaluate whether
]
To: [EMAIL PROTECTED]
Sent: Thursday, September 13, 2001 1:06 PM
Subject: RE: Remaining Tomcat 3.3 Issues
Thanks. Do you know if just 3.3 was affected
or 3.2.x as well? If you can give me a clue as to
what was changed, I can try to determine this.
Larry
-Original Message-
From: Bill
At least with isTomcatAuth=false and mod_ssl configured properly, 274
should work now. I don't have a system configured to be able to test it
(e.g. no user certs), but mod_ssl will set REMOTE_USER to the CN, and Ajp13
will allocate a SimplePrincipal to match the REMOTE_USER.
- Original
Re. 7) Since there is only one facade per Request and only one Request per
thread, you could avoid synchronized all together by having an instance of
SimpleDateFormat in either the Request or the facade. That would just leave
ServerCookie using DateTool, where the hit would be minimal. Just me
This is now implemented automatically in the ApacheConfig module. By
default it does:
JkMount /myapp/* ajp13
Turning this off (via forwardAll=false), then it outputs all of the
defined mappings (including j_security_check for form auth contexts).
- Original Message -
From: Bojan Smojver
I don't get this with RC1. From tomcat-log with debugging enabled for
Sessions and Decode:
2001-09-26 11:04:29 - DecodeInterceptor: Before
/index.jsp%3bjsessionid=xx7xdv3ca1
2001-09-26 11:04:29 - DecodeInterceptor: After
/index.jsp;jsessionid=xx7xdv3ca1
2001-09-26 11:04:29 - SessionId: Url
Yes.
- Original Message -
From: Keith Wannamaker [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, September 26, 2001 10:57 AM
Subject: RE: TC 3.3: getRequestURI()
Are you using mod_jk?
| -Original Message-
| From: Bill Barker [mailto:[EMAIL PROTECTED]]
| Sent
While checking to see how mod_jk handled the ;jsessionid= in the URL, I was
horrified to see how easily it would be to take control of the server with a
relatively small buffer overflow. I'm not really an Apache person, so I'm
certain that this can be improved on.
**
This message is
Urm, let's try that again with a patch that at least compiles..
- Original Message -
From: Bill Barker [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, September 26, 2001 11:30 AM
Subject: [PATCH] Potential buffer overflow attach in mod_jk
While checking to see how mod_jk
or jk_pool_strdup.
That would be a better way to solve the problem. Apache
modules should and do avoid os memory-allocation routines
like the plague. I think uw_map-p would be ok, but please
do some testing.
Thanks,
Keith
| -Original Message-
| From: Bill Barker [mailto:[EMAIL PROTECTED
It seems that I must have been bad in a past life, since my Karma isn't high
enough.:)
I've added the code to re-encode the URL to DecodeInterceptor on my machine.
If you want it right away, I can post a diff.
- Original Message -
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent:
there is zero hit for pages that don't ask for
RequestURI). Currently, nobody uses unparsedURI, and it is arguably a
protocol violation if a servlet serves different pages for equivalent URIs
- Original Message -
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]; Bill Barker
[EMAIL PROTECTED]
Sent: Sunday
What I get for trying to do this on a computer without javac installed.
Diff file with typos fixed and exceptions handled.
- Original Message -
From: Bill Barker [EMAIL PROTECTED]
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; Bill Barker
[EMAIL PROTECTED]
Sent: Sunday, September 30, 2001 12
Actually, Google is one of the few sites that do cache pages with query
strings (try searching for tmwx if you don't believe me).
- Original Message -
From: Jon Stevens [EMAIL PROTECTED]
To: tomcat-dev [EMAIL PROTECTED]
Sent: Sunday, September 30, 2001 6:37 PM
Subject: Re: SCRIPT_NAME and
As much as my personal preference is the same as Jon and Costin, it seems
that section 11.1 rule #3 explicitly dis-allows extension mappings to have a
PATH_INFO.
spec-quote
If the last segment in URL path contains an extension (e.g .jsp) the servlet
container will try to match a servlet that
While pooling was a very nice feature of JServe (which I have personally
taken advantage of in the past), the operative word in the spec is may.
The 3.x and 4.0 implementations are entirely within their rights within the
spec to simply synchronize.
In other words, this comes under the if it
Since I'm still low on the Karmic scale, I'll post this here.
Basically, I simply implemented the close method in the facade so that it
can continue to be recycled.
- Original Message -
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, October 01, 2001 10:32 AM
Subject: DO NOT
I know that Costin has strong feeling on which Jaxp version we should ship
with (I just don't remember what they are:). Does anyone else have an
opinion?
- Original Message -
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, October 04, 2001 12:51 PM
Subject: DO NOT REPLY [Bug
This still fails against HEAD. It's probably not serious enough to block
the release Monday (since there is a very annoying work-around), but I
personally would prefer to ship with this one CLOSED. However, I'm not a
Jaxp expert, so if Nacho/Costin want to weigh in, I'd appreciate the help.
I've looked at it, and will check it in after 3.3 goes final.
- Original Message -
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, October 04, 2001 6:07 PM
Subject: Re: [PATCH] SingleThreadModel Pool for TC 3.3
Thanks David.
I don't like STM, but since it's part of the
+1
- Original Message -
From: Christopher Cain [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, October 17, 2001 9:02 PM
Subject: [VOTE] New Committer
I would like to nominate Patrick Luby [EMAIL PROTECTED] for committer
status. His recent contributions include several
As promised, I've just checked this in. I've modified the original patch
slightly so that the configuration can be set as options to
Servlet22Interceptor. I've also added an option to disable pooling so that
we don't get flooded with why doesn't my CounterServlet work anymore
messages.
Yeah, well, but the're not really involved with the 3.3 branch.
- Original Message -
From: Paulo Gaspar [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, October 26, 2001 4:07 PM
Subject: RE: t3 and sun.com
They have slow reflexes???
Hey, but aren't some guys from Sun working
I know that Jon has already pointed out that Sun is going to sue the 3.x
branch out of Jakarta in five months, but is there any chance of setting
this up in the mean time for 3.x?
- Original Message -
From: Pier Fumagalli [EMAIL PROTECTED]
To: Tomcat Developers List [EMAIL PROTECTED];
This depends on the version of Tomcat, and to some extent whether you are
running Tomcat behind another web server.
- Original Message -
From: Hu, Xuebing [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, November 01, 2001 11:57 AM
Subject: How does Tomcat handle discarded-request
Generally with 3.2.x it will throw there, but it may throw later due to
buffering. And since the browser has closed the connection, no you can't
send/receive anything further. Of course, there is nothing to prevent you
inclosing your code in a try {} finally {} block if workBean needs to do
This is probably outside of the development plans for 3.2.x.
I'm +1 for supporting this in 3.3.1
I'm going to let the 4.0 people answer for themselves (e.g. I'm +0).
- Original Message -
From: Meren, Libby [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, November 01, 2001 9:30 PM
At http://jakarta.apache.org/tomcat/ there are documentation links on the
left side of the page. Select the version you are using.
In the future, questions like this should be directed to
[EMAIL PROTECTED]
- Original Message -
From: Samatha Sajja [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Wot?, you passed up your chance to experiance an W2K and XP coaster?
- Original Message -
From: Bojan Smojver [EMAIL PROTECTED]
To: Tomcat Developers List [EMAIL PROTECTED]
Sent: Friday, November 02, 2001 10:00 PM
Subject: Re: gdb gets SIGSEGV from JVM when running Tomcat 4.0 (Redhat 6.2,
I'm in favor of this, since the protocol is only being extended, not really
changed.
However, I think that one of the extensions that should be implemented early
on is a version negotiation so that the newer side can gracefully degrade in
the future without having to rely on the user changing
In j-t-c I could see putting in RequestBase. However, since connector
development (with the possible exception of Http10Interceptor, which isn't
in j-t-c) is frozen in 3.3, I can't really see modifying Request.
- Original Message -
From: Eric Rescorla [EMAIL PROTECTED]
To: Tomcat
+1
- Original Message -
From: [EMAIL PROTECTED]
To: Tomcat Developers List [EMAIL PROTECTED]; EKR
[EMAIL PROTECTED]
Sent: Friday, November 16, 2001 1:53 PM
Subject: Re: Portable SSL Support
On 16 Nov 2001, Eric Rescorla wrote:
William Barker [EMAIL PROTECTED] writes:
I was
No objection here.
- Original Message -
From: Bojan Smojver [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, November 16, 2001 6:44 PM
Subject: TC 3.3, Production Quality
I've noticed that on the main TC page of Jakarta site, TC 3.2.x is
still listed as production quality
You forgot to remove the is in beta testing from the 3.3 description.
- Original Message -
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Sunday, November 18, 2001 5:49 PM
Subject: cvs commit: jakarta-tomcat-site/xdocs index.xml
bojan 01/11/18 17:49:33
Modified:xdocs
of described releases
is changed? In other words, Tomcat 3.3/4.0 first and then others.
Bojan
Bill Barker wrote:
You forgot to remove the is in beta testing from the 3.3 description.
- Original Message -
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Sunday, November 18, 2001 5:49
[X] +1. I agree with the proposal and I will help support it.
[ ] +0. I agree with the proposal but I will not be able support it.
[ ] -0. I don't agree with the proposal but I won't stop it.
[ ] -1. I disagree with the proposal and will explain my reasons.
Bojan
--
To unsubscribe,
+1
- Original Message -
From: Remy Maucherat [EMAIL PROTECTED]
To: Tomcat Developers List [EMAIL PROTECTED]
Sent: Monday, November 19, 2001 10:29 AM
Subject: [VOTE] New committer: Michael Smith
Hi,
I'd like to nominate Michael Smith [msmith at apache.org] as a committer
on
the
Commenting out JspInterceptor effectively removes JSP support. Now you
either need to define a *.jsp mapping in your web.xml, or hack
WebXmlReader (line 67 of Final) so that it doesn't add a default *.jsp
mapping.
- Original Message -
From: Bojan Smojver [EMAIL PROTECTED]
To: Tomcat Dev
This is off-topic for the dev list. You'll probably get a better response
from [EMAIL PROTECTED]
What you want is @page extends=my.jsp.page.class %
- Original Message -
From: Alberto Romei [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, November 27, 2001 10:32 AM
Subject: Info on
I don't like to step on 4.x toes, or I'd do it my self. But isn't it time
to change the subject to [VOTE] and make Jazmin a committer?
- Original Message -
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, November 27, 2001 7:04 PM
Subject: [PATCH]
[ ] +1: I approve this plan, and I'll help
[X] +0: I approve this plan
[ ] -0: I'm against this plan, but I won't veto it
[ ] -1: I'm against this plan, and my reason is:
/ballot
Remy
--
To unsubscribe, e-mail:
mailto:[EMAIL PROTECTED]
For additional commands, e-mail:
mailto:[EMAIL
These types of questions are better addressed at
[EMAIL PROTECTED]
The short answer is that Tomcat 3.x currently supports only the 1.0
protocol. Tomcat 4.x also supports the 1.1. protocol.
- Original Message -
From: yuexiang [EMAIL PROTECTED]
To: Tomcat Developers List [EMAIL PROTECTED]
+1
- Original Message -
From: Amy Roh [EMAIL PROTECTED]
To: tomcat-dev [EMAIL PROTECTED]
Sent: Wednesday, November 28, 2001 11:04 AM
Subject: [VOTE] New Committer: Jazmin Jonson
As Bill Barker suggested, I would like to propose Jazmin Jonson as a new
committer.
She has contributed
]
To: 'Tomcat Developers List' [EMAIL PROTECTED]; 'Bill
Barker' [EMAIL PROTECTED]
Sent: Wednesday, November 28, 2001 1:06 PM
Subject: RE: TC 3.3: For Servlets only
This calls for adding some kind of attribute noJsp=false in
WebXmlReader interceptor to not add *.jsp to every context..
Saludos
Since I had the file open anyway, I've gone ahead and put this one in as
well.
- Original Message -
From: Schreibman, David [EMAIL PROTECTED]
To: 'Tomcat Developers List' [EMAIL PROTECTED]
Sent: Friday, November 09, 2001 9:27 AM
Subject: RE: [PATCH] TC 3.3 WebXmlReader.java
Ouch! Here
You can't return true always, since the spec (section 8.4.2) says that any
value for jsp_precompile other than none, true, or false will return
error code 500.
- Original Message -
From: Remy Maucherat [EMAIL PROTECTED]
To: Tomcat Developers List [EMAIL PROTECTED]
Sent: Thursday, November
I have no objection to help porting ${Server}Config to 4.x, but I'm still a
Catalina novice. The 3.3 API is more command and control, so it is easier
to get to the information. It will take me a little time to find out how to
get the servlet-mappings in Catalina.
- Original Message -
A JSP page (that is using the default *.jsp mapping) can't have PathInfo
(section 10.1 of the 2.2 spec, or 11.1 of the 2.3 spec). If PathInfo ==
null, then IMHO, then Tomcat cannot determine a valid file path, and so
must return null from getPathTranslated (section 5.5, resp section 4.5).
I'm too over-committed to projects right now to give more than +0, but it is
a very enthusiastic one :). I have cases where I want some contexts to have
different mapping options from others, and it is a nightmare to maintain.
I'm guessing that the context name is one of the entries in
Since no one else responded, I've gone ahead and checked in Eric's changes.
I haven't actually tried to build against PureTLS, but I assume that Eric
has. If I've missed anything in this commit, please let me know and I'll
try and include it asap.
- Original Message -
From: Eric Rescorla
also be a nice feature.
- Original Message -
From: Eric Rescorla [EMAIL PROTECTED]
To: Tomcat Developers List [EMAIL PROTECTED]
Sent: Thursday, December 06, 2001 9:52 PM
Subject: Re: Submission: Portable SSL Support
Bill Barker [EMAIL PROTECTED] writes:
Since no one else responded
The Ajp13 spec? :)
- Original Message -
From: Eric Rescorla [EMAIL PROTECTED]
To: Tomcat Developers List [EMAIL PROTECTED]; Tomcat
Developers List [EMAIL PROTECTED]
Sent: Friday, December 07, 2001 6:59 AM
Subject: Re: Submission: Portable SSL Support
Bill Barker [EMAIL PROTECTED
+1
- Original Message -
From: GOMEZ Henri [EMAIL PROTECTED]
To: Tomcat Developers List [EMAIL PROTECTED]
Sent: Friday, December 07, 2001 7:11 AM
Subject: [Vote] New committer: Eric Rescorla
As you may know, Eric Rescorla is one the few specialists in SSL
in the world, author of one of
+1
- Original Message -
From: Craig R. McClanahan [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, December 07, 2001 10:08 AM
Subject: [VOTE] New Watchdog Committer: Ryan Lubke
NOTE: I'm posting this here because Watchdog was originally contributed
to Apache along with Tomcat,
- Original Message -
From: Bill Barker [EMAIL PROTECTED]
To: Tomcat Developers List [EMAIL PROTECTED]; EKR
[EMAIL PROTECTED]
Sent: Thursday, December 06, 2001 10:43 PM
Subject: Re: Submission: Portable SSL Support
It compiles with or without JSSE, and runs fine without an SSL
I'm cross-posting since this started on the user list.
In Tomcat 3.3, JspServlet is largely deprecated (even if not yet
@deprecated). It is only still included in case some 3.2.x user really
needs it for something. It is much more likely to be removed in a future
release than fixed.
That
to a war file).
- Original Message -
From: Craig R. McClanahan [EMAIL PROTECTED]
To: Tomcat Developers List [EMAIL PROTECTED]
Sent: Sunday, December 02, 2001 4:17 PM
Subject: Re: AJP Todo
On Sat, 1 Dec 2001, Bill Barker wrote:
Date: Sat, 1 Dec 2001 17:17:31 -0800
From: Bill Barker
- Original Message -
From: Craig R. McClanahan [EMAIL PROTECTED]
To: Tomcat Developers List [EMAIL PROTECTED]
Sent: Sunday, December 09, 2001 8:29 PM
Subject: Re: AJP Todo
If the web app is deployed as a directory, you can call
context.getDocBase() for this. If the context is
- Original Message -
From: [EMAIL PROTECTED]
To: Tomcat Developers List [EMAIL PROTECTED]
Sent: Sunday, December 09, 2001 9:56 PM
Subject: Re: [j-t-c] ajp and headaches
The tomcat4.0 adapter - yes. The connector code ( low level Request, etc )
are based on MessageBytes, etc. It needs
- Original Message -
From: Incze Lajos [EMAIL PROTECTED]
To: Tomcat Developers List [EMAIL PROTECTED]
Sent: Monday, December 10, 2001 8:02 AM
Subject: Re: AJP Todo
What's wrong with this? (ServletContext method javadoc both 2.2 and 2.3)
Absolutely nothing. And indeed this is the
- Original Message -
From: Craig R. McClanahan [EMAIL PROTECTED]
To: Tomcat Developers List [EMAIL PROTECTED]
Sent: Monday, December 10, 2001 8:59 PM
Subject: Re: AJP Todo
On Mon, 10 Dec 2001, Bill Barker wrote:
Date: Mon, 10 Dec 2001 20:00:35 -0800
From: Bill Barker [EMAIL
If you are talking about status codes, I'm -1. That should be passed
through from Tomcat without change.
If Tomcat hangs up, then there is almost no useful information available, so
there isn't much to report. If the client hangs up, then like jk1, we
should just stop processing and return OK
I'm +1 on the move. However I think that we should hold off on removing it
from 3.3 just yet, and just agree to freeze development there.
- Original Message -
From: [EMAIL PROTECTED]
To: Tomcat Developers List [EMAIL PROTECTED]
Sent: Thursday, December 13, 2001 6:49 AM
Subject: Re:
- Original Message -
From: [EMAIL PROTECTED]
To: Tomcat Developers List [EMAIL PROTECTED]
Sent: Thursday, December 13, 2001 12:28 PM
Subject: Re: Jk2: error handling and method signatures
So far I have a -1, if Bill doesn't change his vote we'll keep the current
mechanism. But if we
The ${Server}Config files are about as good as I can get them. Any
remaining improvements would require someone that knows more about Catalina
than I do. The main improvement that I can think of would require an API
change in Catalina, but this configuration method will likely be obsolete by
I agree. And don't be overly concerned with making a mistake and closing
a report prematurely, since a developer could always reopen it.
And the person reporting it will almost certainly reopen it :).
Thanks for your offer to help!
Costin
Craig
--
To unsubscribe, e-mail:
The only thing that I can think of is that your javac doesn't support
the -encoding switch. Is it possible that you have an old copy of tools.jar
somewhere? Jasper writes out the .java file in UTF8 encoding, which is then
passed to javac to compile to a .class. If javac is trying to read the
Oh, well, I guess I had to screw up eventually :-(
Thanks for cleaning up my mess.
- Original Message -
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, December 18, 2001 6:39 PM
Subject: cvs commit: jakarta-tomcat/src/share/org/apache/tomcat/util
JavaGeneratorTool.java
I'm going to ignore the complete problem case where you have configured
Apache to be the default servlet, and index.html is a frameset with 'n'
jsp frames (which will typically result in 'n' different sessions). This is
why mod_webapp only supports forwardAll, and forwardAll is the default for
-
From: Bill Barker [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, December 19, 2001 1:09 AM
To: Tomcat Developers List
Subject: Re: cvs commit:
jakarta-tomcat/src/share/org/apache/tomcat/util
JavaGeneratorTool.java
Oh, well, I guess I had to screw up eventually
- Original Message -
From: Remy Maucherat [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, December 19, 2001 3:25 AM
Subject: [VOTES] Tomcat 4.0.2 beta 1
ballot
[X ] +1: Make the release
[ ] -1: I'm opposed to the release until the following issues are fixed:
/ballot
the inclusion/exclusion of Http10Interceptor can make any difference either.
I'm including the developer list in the reply, in the hopes that someone
else can spot what I'm missing.
- Original Message -
From: [EMAIL PROTECTED]
To: Bill Barker [EMAIL PROTECTED]
Sent: Monday, December 24
I've seen it, but couldn't track it down. I haven't seen it come back in
M4, but haven't been testing M4 long either.
- Original Message -
From: Angel Aray [EMAIL PROTECTED]
To: 'Tomcat-Dev [EMAIL PROTECTED]
Sent: Friday, June 29, 2001 4:29 PM
Subject: Ajp13 wrong Response
I am
I take back my previous post. This is still happening in M4 (and I'm still
clueless why).
- Original Message -
From: Angel Aray [EMAIL PROTECTED]
To: 'Tomcat-Dev [EMAIL PROTECTED]
Sent: Friday, June 29, 2001 4:29 PM
Subject: Ajp13 wrong Response
I am having a problem which is very
You probably want to start with org.apache.tomcat.modules.config.NSConfig
(it's 3.3 name, I don't know where it lives in 4.0), and see what needs to
be changed to go from NS-iPlanet.
- Original Message -
From: Colin Wilson-Salt [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday,
Personally, I agree with Justin and Costin that mod_jk should be able to use
the uri field.
Having said that, I'd like to point out that the mod_jk.c in j-t-c is
flat-out broken. It doesn't handle the case where the '?' itself is
encoded. Since this case is part of a currently popular attack
- Original Message -
From: Bill Barker [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, August 15, 2001 12:15 PM
Subject: Re: [TC3.2.3][PATCH] mod_jk / mod_rewrite bug fix
It is actually worse than that. TC3.3B1 (with the mod_jk that it ships
with, I haven't tried j-t-c yet
/path/to/ROOT/h1
followed by lines like:
img align=middle src=doc:/lib/images/ftp/file.gif width=32 height=32a
href=index.jspindex.jsp/abr
- Original Message -
From: [EMAIL PROTECTED]
To: Bill Barker [EMAIL PROTECTED]
Sent: Wednesday, August 15, 2001 12:59 PM
Subject: Re: [TC3.2.3][PATCH
1.3.17 (with negotiation_module removed to prevent that problem).
- Original Message -
From: [EMAIL PROTECTED]
To: Bill Barker [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Wednesday, August 15, 2001 1:01 PM
Subject: Re: [TC3.2.3][PATCH] mod_jk / mod_rewrite bug fix
Apache2.0 + mod_jk
I just lost half an hour of my life trying to set up TC3.3B1 on a
Windows box because I forgot to remove the randomFile attribute on
SessionIdGenerator. For the benefit of us under-priviledged people who have
to live on systems like Windows and Solaris, could this attribute please be
moved
The default checkInterval for org.apache.modules.session.SessionExpirer is
60 seconds. That means that on average, you can expect it to take 30
seconds before it looks.
- Original Message -
From: Prasanna Uppaladadium [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, August 17, 2001
It looks like 3.3B1 already handles 304
(o.a.tomcat.modules.generators.StaticInterceptor). However, I haven't
actually tested it (static files handled by Apache).
- Original Message -
From: Craig R. McClanahan [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, August 20, 2001 11:13 AM
It seems that everybody is delegating the checking of
transport-guarantee to somebody else, and as a result it is never checked.
Fortunately, this is easy to reproduce:
1) add a
user-data-constrainttransport-guaranteeCONFIDENTIAL/transport-guarantee
/user-data-constraint to the
I'm sure that other people are going to flame this thread as off-topic, but
the answer is to call
response.sendError(HttpServletResponse.SC_NOT_FOUND,someweirdlink doesn't
exist);
return;
- Original Message -
From: yhs [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, August 20,
I've confirmed that this also happens with TC3.3B1 stand-alone:
$ telnet localhost 8080
GET /%3f%41%3d%42.jsp HTTP/1.0
insert directory listing here
- Original Message -
From: William Barker [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, August 15, 2001 2:48 PM
Subject:
Tomcat 3.3 (which it seems is the version you are using) doesn't pass
the -encoding flag to Jikes (which is causing other headaches on the user
list :).
At the moment, there is no way to suppress the -encoding flag being passed
to javac. The only work around at the moment is to use Jikes (or
I was never really involved in the 3.2.x development, so I'm sending back to
the list to try and get ideas on how to get 3.3 to act more like 3.2.x in
the deprecated case.
- Original Message -
From: [EMAIL PROTECTED]
To: Bill Barker [EMAIL PROTECTED]
Sent: Friday, January 04, 2002 7:39 PM
Tomcat 3.3 looks like it has the same problem, only worse (since it will
fail a static jsp:include that lives in WEB-INF). However, the check isn't
really needed in 3.3, since if the request came from the user
AccessInterceptor would have already failed it. If nobody objects, I'll
remove the
There is a problem with 3.3.1 prior to about 12/31 (reported as bug 5390,
reopened) that could be this one.
I'm in the process of moving the StreamHandlerFactory into a module (where
it really belongs), but haven't finished testing it yet.
- Original Message -
From: Ray Pitmon [EMAIL
I don't see any problem with adding an option to LoaderInterceptor11 to
force it to use a SimpleClassLoader (the descendent of AdaptiveClassLoader)
even on a Java2 platform. There are some trade-offs, since
SimpleClassLoader is really meant for Java1.1 platforms, but for a lot of
people they
- Original Message -
From: Remy Maucherat [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, January 07, 2002 3:55 PM
Subject: Todo list for 4.0.2 b2
Hi,
Here goes the list:
- Tag the JK + util directories in j-t-c with some tag (Costin proposed
jk_14)
- Build the
This may be too kludgy, but my quick test shows that aux.ver
returns -1164447360 for lastModified.
Less kludgy would be to simply add a complete list of DOS devices to the
keywords that are mangled.
- Original Message -
From: Larry Isaacs [EMAIL PROTECTED]
To: 'Tomcat Developers
at org.apache.tomcat.util.compat.SimpleClassLoader.loadClass
My preference would be to build a solution on isFile() if it can be worked
out.
I still need to investigate where the test might best be applied.
Larry
-Original Message-
From: Bill Barker [mailto:[EMAIL PROTECTED]]
Sent: Tue 1/8/2002 3:39 PM
1 - 100 of 1050 matches
Mail list logo