Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5 CoyoteAdapter.java
[EMAIL PROTECTED] wrote: remm2004/05/14 04:00:25 Modified:catalina/src/share/org/apache/coyote/tomcat5 CoyoteAdapter.java Log: - Major mistake: the sever cookies should be parsed after the context is mapped, otherwise, the session cookie is never considered valid, and it will use the last one. - Bug 28971. So we're going to have a hotfix ... Two possibilities: - 5.0.25 (cool, I thought we had avoided it ;) ) - A hotfix for 5.0.24 (I'll put and sign a .zip and a .tgz, sign them, and link them from the news and binaries pages) Rémy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5 CoyoteAdapter.java
Remy Maucherat wrote: Two possibilities: - 5.0.25 (cool, I thought we had avoided it ;) ) - A hotfix for 5.0.24 (I'll put and sign a .zip and a .tgz, sign them, and link them from the news and binaries pages) I know i have no rights to +1 here (i am not an tomcat committer), but from the sight of an developeradministrator of some tomcat instances i definitley would be happy with the hotfix - small to download, easy to drop into the tomcat installation. The 5.0.25 might come soon enough. However, even if others vote for a new release, it would be nice if you could provide the hotfix for download too. -- Mario - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5 CoyoteAdapter.java
Remy Maucherat wrote: [EMAIL PROTECTED] wrote: remm2004/05/14 04:00:25 Modified:catalina/src/share/org/apache/coyote/tomcat5 CoyoteAdapter.java Log: - Major mistake: the sever cookies should be parsed after the context is mapped, otherwise, the session cookie is never considered valid, and it will use the last one. - Bug 28971. So we're going to have a hotfix ... Two possibilities: - 5.0.25 (cool, I thought we had avoided it ;) ) - A hotfix for 5.0.24 (I'll put and sign a .zip and a .tgz, sign them, and link them from the news and binaries pages) +1 for the hotfix (seems less work and the fastest way) -- Jeanfrancois Rémy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5 CoyoteAdapter.java
- 5.0.25 +1 - A hotfix for 5.0.24 Big -1 Filip - Original Message - From: Remy Maucherat [EMAIL PROTECTED] To: Tomcat Developers List [EMAIL PROTECTED] Sent: Friday, May 14, 2004 6:32 AM Subject: Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5 CoyoteAdapter.java [EMAIL PROTECTED] wrote: remm2004/05/14 04:00:25 Modified:catalina/src/share/org/apache/coyote/tomcat5 CoyoteAdapter.java Log: - Major mistake: the sever cookies should be parsed after the context is mapped, otherwise, the session cookie is never considered valid, and it will use the last one. - Bug 28971. So we're going to have a hotfix ... Two possibilities: - 5.0.25 (cool, I thought we had avoided it ;) ) - A hotfix for 5.0.24 (I'll put and sign a .zip and a .tgz, sign them, and link them from the news and binaries pages) Rémy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5 CoyoteAdapter.java
I guess I should explain, since a bunch of user already downloaded 5.0.24, it is not a good idea to release a fix with the same version number. Makes it a lot harder to help people out on the user list Filip - Original Message - From: Filip Hanik - Dev [EMAIL PROTECTED] To: Tomcat Developers List [EMAIL PROTECTED] Sent: Friday, May 14, 2004 9:14 AM Subject: Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5 CoyoteAdapter.java - 5.0.25 +1 - A hotfix for 5.0.24 Big -1 Filip - Original Message - From: Remy Maucherat [EMAIL PROTECTED] To: Tomcat Developers List [EMAIL PROTECTED] Sent: Friday, May 14, 2004 6:32 AM Subject: Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5 CoyoteAdapter.java [EMAIL PROTECTED] wrote: remm2004/05/14 04:00:25 Modified:catalina/src/share/org/apache/coyote/tomcat5 CoyoteAdapter.java Log: - Major mistake: the sever cookies should be parsed after the context is mapped, otherwise, the session cookie is never considered valid, and it will use the last one. - Bug 28971. So we're going to have a hotfix ... Two possibilities: - 5.0.25 (cool, I thought we had avoided it ;) ) - A hotfix for 5.0.24 (I'll put and sign a .zip and a .tgz, sign them, and link them from the news and binaries pages) Rémy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5 CoyoteAdapter.java
Filip Hanik - Dev wrote: - 5.0.25 +1 - A hotfix for 5.0.24 Big -1 You seem to be alone, so ... Sorry :/ Rémy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5 CoyoteAdapter.java
since when could a -1 be shut down by one person, you so far you only have one +1 (Jeanfrancois) Filip - Original Message - From: Remy Maucherat [EMAIL PROTECTED] To: Tomcat Developers List [EMAIL PROTECTED] Sent: Friday, May 14, 2004 9:22 AM Subject: Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5 CoyoteAdapter.java Filip Hanik - Dev wrote: - 5.0.25 +1 - A hotfix for 5.0.24 Big -1 You seem to be alone, so ... Sorry :/ Rémy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5 CoyoteAdapter.java
Filip Hanik - Dev wrote: since when could a -1 be shut down by one person, you so far you only have one +1 (Jeanfrancois) This is a release, not a vote with a veto. I have 3 yes (Yoav - look in tc-user: he fully agrees with this, JF, me), and 1 no (you), so it's enough to put out a package. Anyway, I don't think you can prevent the release of such a patch since it will be useful for people. I understand the point of trying to encourage releasing a new build very soon, but I don't see the point of forcing people to d/l and install a big bundle again just for a simple fix. Rémy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5 CoyoteAdapter.java
roger that, didn't see the votes in tc-user, didn't even know we were voting in that forum :) Filip - Original Message - From: Remy Maucherat [EMAIL PROTECTED] To: Tomcat Developers List [EMAIL PROTECTED] Sent: Friday, May 14, 2004 9:41 AM Subject: Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5 CoyoteAdapter.java Filip Hanik - Dev wrote: since when could a -1 be shut down by one person, you so far you only have one +1 (Jeanfrancois) This is a release, not a vote with a veto. I have 3 yes (Yoav - look in tc-user: he fully agrees with this, JF, me), and 1 no (you), so it's enough to put out a package. Anyway, I don't think you can prevent the release of such a patch since it will be useful for people. I understand the point of trying to encourage releasing a new build very soon, but I don't see the point of forcing people to d/l and install a big bundle again just for a simple fix. Rémy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5 CoyoteAdapter.java
Filip Hanik - Dev wrote: roger that, didn't see the votes in tc-user, didn't even know we were voting in that forum :) It of course doesn't officially count (only tc-dev posts are official), but it seems Yoav thinks the patch will help people. And anytime he feels ready, he can do a new 5.0.25 build. Rémy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5 CoyoteAdapter.java CoyoteOutputStream.java CoyoteReader.java CoyoteRequest.java CoyoteWriter.java
Bill Barker wrote: I'm -0 on this. The classes modified are all internal to the Tomcat 5.x CoyoteConnector, so there is no good reason to make them public. The way that Coyote is designed, this should always be unnecessary. The way to build a new connector is to define a new ProtocolHandler that deals with the transport. I agree, but right now the access declarations were inconsistent. I know Jean-François used this for pretty advanced embedding, so being able to extend doesn't hurt. Rémy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5 CoyoteAdapter.java CoyoteOutputStream.java CoyoteReader.java CoyoteRequest.java CoyoteWriter.java
Remy Maucherat wrote: Bill Barker wrote: I'm -0 on this. The classes modified are all internal to the Tomcat 5.x CoyoteConnector, so there is no good reason to make them public. The way that Coyote is designed, this should always be unnecessary. The way to build a new connector is to define a new ProtocolHandler that deals with the transport. I agree, but right now the access declarations were inconsistent. I know Jean-François used this for pretty advanced embedding, so being able to extend doesn't hurt. Exactly. I agree re-writting a Protocolhandler was the solution (and I did it), but I was still looking to extends CoyoteAdapter. As an example, if cookie are already parsed by the NSAPI, I don't want to call CoyoteAdapter.parseSessionId(..), but I still want to re-use the remaining of the class. -- Jeanfrancois Rémy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5 CoyoteAdapter.java CoyoteOutputStream.java CoyoteReader.java CoyoteRequest.java CoyoteWriter.java
- Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, April 05, 2004 5:55 PM Subject: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5 CoyoteAdapter.java CoyoteOutputStream.java CoyoteReader.java CoyoteRequest.java CoyoteWriter.java jfarcand2004/04/05 17:55:07 Modified:catalina/src/share/org/apache/coyote/tomcat5 CoyoteAdapter.java CoyoteOutputStream.java CoyoteReader.java CoyoteRequest.java CoyoteWriter.java Log: Add public method consistently. Currently some methods were private, some final and some public. I'm -0 on this. The classes modified are all internal to the Tomcat 5.x CoyoteConnector, so there is no good reason to make them public. Making such classes public allowed re-utilization of those classes as a base for new connector( ex: NSAPI) The way that Coyote is designed, this should always be unnecessary. The way to build a new connector is to define a new ProtocolHandler that deals with the transport. This message is intended only for the use of the person(s) listed above as the intended recipient(s), and may contain information that is PRIVILEGED and CONFIDENTIAL. If you are not an intended recipient, you may not read, copy, or distribute this message or any attachment. If you received this communication in error, please notify us immediately by e-mail and then delete all copies of this message and any attachments. In addition you should be aware that ordinary (unencrypted) e-mail sent through the Internet is not secure. Do not send confidential or sensitive information, such as social security numbers, account numbers, personal identification numbers and passwords, to us via ordinary (unencrypted) e-mail. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5 CoyoteAdapter.java
I been unsuccessful all afternoon at building j-t-catalina, and end-of-day
has caught me. If this commit gives anyone fits, let me know and I'll be
glad to roll it back.
Keith
| -Original Message-
| From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
| Sent: Thursday, September 18, 2003 6:21 PM
| To: [EMAIL PROTECTED]
| Subject: cvs commit:
| jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5
| CoyoteAdapter.java
|
|
| keith 2003/09/18 15:20:51
|
| Modified:catalina/src/share/org/apache/coyote/tomcat5
| CoyoteAdapter.java
| Log:
| Respond 400 to requests which contain '%' with no or invalid trailing hex digits
|
| Revision ChangesPath
| 1.13 +11 -5
jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5/CoyoteAdapter.java
|
| Index: CoyoteAdapter.java
| ===
| RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5/CoyoteAdapter.java,v
| retrieving revision 1.12
| retrieving revision 1.13
| diff -u -r1.12 -r1.13
| --- CoyoteAdapter.java 7 Sep 2003 07:38:42 - 1.12
| +++ CoyoteAdapter.java 18 Sep 2003 22:20:51 - 1.13
| @@ -265,7 +265,13 @@
|// URI decoding
|MessageBytes decodedURI = req.decodedURI();
|decodedURI.duplicate(req.requestURI());
| -req.getURLDecoder().convert(decodedURI, false);
| +try {
| + req.getURLDecoder().convert(decodedURI, false);
| +} catch (IOException ioe) {
| + res.setStatus(400);
| + res.setMessage(Invalid URI);
| + throw ioe;
| +}
|
|// Normalize decoded URI
|if (!normalize(req.decodedURI())) {
|
|
|
|
| -
| To unsubscribe, e-mail: [EMAIL PROTECTED]
| For additional commands, e-mail: [EMAIL PROTECTED]
|
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5 CoyoteAdapter.java
- Original Message - From: Remy Maucherat [EMAIL PROTECTED] To: Tomcat Developers List [EMAIL PROTECTED] Sent: Wednesday, July 02, 2003 11:49 PM Subject: Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5 CoyoteAdapter.java [EMAIL PROTECTED] wrote: keith 2003/07/02 17:16:49 Modified:catalina/src/share/org/apache/coyote/tomcat5 CoyoteAdapter.java Log: Allow * as a valid url Errr, ok, well, that's a possibly risky patch. I think that does get mapped to the root context and its default servlet (and the servlet path should be *). I verified a /* security constraint mapping matched this URL. I've checked this briefly. It looks Ok to me. The original problem was with: $ telnet localhost 8080 OPTIONS * /HTTP1.1 Host: localhost:8080 Previously this would generate a 400 error. Now it generates the correct values for the OPTIONS with a (correct) 200 response. Remy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] This message is intended only for the use of the person(s) listed above as the intended recipient(s), and may contain information that is PRIVILEGED and CONFIDENTIAL. If you are not an intended recipient, you may not read, copy, or distribute this message or any attachment. If you received this communication in error, please notify us immediately by e-mail and then delete all copies of this message and any attachments. In addition you should be aware that ordinary (unencrypted) e-mail sent through the Internet is not secure. Do not send confidential or sensitive information, such as social security numbers, account numbers, personal identification numbers and passwords, to us via ordinary (unencrypted) e-mail. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5 CoyoteAdapter.java
Hi Remy, * does map to the default context. Can you think of any special downstream handling that we should do for '*'? Keith | -Original Message- | From: Remy Maucherat [mailto:[EMAIL PROTECTED] | Sent: Thursday, July 03, 2003 2:50 AM | To: Tomcat Developers List | Subject: Re: cvs commit: | jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5 | CoyoteAdapter.java | | | [EMAIL PROTECTED] wrote: | keith 2003/07/02 17:16:49 | |Modified:catalina/src/share/org/apache/coyote/tomcat5 | CoyoteAdapter.java |Log: |Allow * as a valid url | | Errr, ok, well, that's a possibly risky patch. I think that does get | mapped to the root context and its default servlet (and the servlet path | should be *). | I verified a /* security constraint mapping matched this URL. | | Remy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
