I was recently perusing security implementation guides and ran across one
that required that sessions id's be "destroyed" after use and not reused.
>From my understanding, it looks like the java/tomcat/servlet equivalent is
the jessionid. I'm assuming this is probably a randomly generated id but I
Hello,
Tomcat: 9.0.4
Debian server
Java 8
We have have enabled Gzip for http/2 but we are not getting *Content
Enabled: Gzip* in our HTML Response from our server.
Our server is still sending the full sized response.
If this doesn’t cause pain, I would do the following:
1) Replace all in-body scriptlets and use JSTL core tags in offending
JSPs. Most of the codebloats are caused by using intermediate scriptlets
e.g.
<% if (foo.bar() == jack.jill() ) { %>
// lots of jsp code
<%} else <%{ %>
2) use all your co
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Jan,
On 2/7/18 3:13 PM, Mark Thomas wrote:
> On 07/02/18 19:19, Jan Tosovsky wrote:
>> Dear All,
>>
>> I've updated ancient tomcat to 8.0.49 and deployed app now throws
>> '65535 bytes limit' exception for certain JSPs.
>>
>> Following this (older
On 07/02/18 19:19, Jan Tosovsky wrote:
> Dear All,
>
> I've updated ancient tomcat to 8.0.49 and deployed app now throws '65535
> bytes limit' exception for certain JSPs.
>
> Following this (older) thread
> https://stackoverflow.com/questions/5484253/jspservice-is-exceeding-the-6553
> 5-bytes-lim
Dear All,
I've updated ancient tomcat to 8.0.49 and deployed app now throws '65535
bytes limit' exception for certain JSPs.
Following this (older) thread
https://stackoverflow.com/questions/5484253/jspservice-is-exceeding-the-6553
5-bytes-limit I changed that mappedfile parameter, but it didn't h
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
To whom it may concern,
On 2/6/18 3:57 PM, M. Manna wrote:
> How r u bootstrapping the application? As installed service or
> invoking main() usimg bootstrap.jar?
>
> Also, I would try loading the jar from -classpath location.
> Typically, it shoul
Hi Marek, Hi Mark.
Thank you very much.
Best regards
G
-Ursprüngliche Nachricht-
Von: Mark Thomas [mailto:ma...@apache.org]
Gesendet: Mittwoch, 7. Februar 2018 09:51
An: Tomcat Users List
Betreff: [EXTERNAL] Re: Migration from Tomcat 8.0.37 to 8.5.24 , changes to
protocol at Http11NioP
Hi Lauria,
This seems like everything is the same for you on both Tomcat 8 and 8.5;
what changed is that the SSL implementation gets displayed in the console.
JSSE means you're using Java runtime JSSE implementation. There's the
possibility to use OpenSSL implementation as well. See the docs
On 07/02/18 08:41, Lauria Giuseppe wrote:
> Hi tomcat users.
>
>
> We are in transition from Tomcat 8.0.37 to 8.5.24.
> What is the meaning of this ? Is this just naming change ?
> Or did functionality change ? If yes, what is different between http-nio and
> https-jsse-nio ?
8.0.x only supp
Hi tomcat users.
We are in transition from Tomcat 8.0.37 to 8.5.24.
We checked Tomcat docs and FAQ and searched in google for this topic but did
not find an explanation.
Question:
Even we did not change server.xml for the connector , now the 'protocol' in the
log changed to different value;
11 matches
Mail list logo
