https://bz.apache.org/bugzilla/show_bug.cgi?id=63311
Bug ID: 63311
Summary: Allow to use https: protocol in xsi:schemaLocation of
web.xml, web-fragment.xml (validation fails with
recent releases of Spring)
Product: Tomcat 9
Version: 9.0.17
Hardware: PC
Status: NEW
Severity: normal
Priority: P2
Component: Catalina
Assignee: dev@tomcat.apache.org
Reporter: knst.koli...@gmail.com
Target Milestone: -----
Spring Framework has a META-INF/web-fragment.xml file in their
spring-web-4.3.*.jar library. In the version 4.3.23 that was released on March
31st they changed the value of xsi:schemaLocation in that file:
- xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-fragment_3_0.xsd";
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
https://java.sun.com/xml/ns/javaee/web-fragment_3_0.xsd";
The schema URL was changed from "http:" to "https:".
The problem is that if Tomcat or web application are configured so that the
web.xml and web-fragment.xml files are validated, the web application fails to
start.
Steps to reproduce
with ROOT application on a clean Tomcat 9.0.17 install:
1. Add the following line to conf/catalina.properties:
org.apache.catalina.STRICT_SERVLET_COMPLIANCE=true
2. Create directory webapps/ROOT/WEB-INF/lib and place the following jar file
there:
spring-web-4.3.23.RELEASE.jar
The library can be downloaded from the following page:
https://search.maven.org/artifact/org.springframework/spring-web/4.3.23.RELEASE/jar
3. Start Tomcat.
4. ACTUAL:
The ROOT web application fails to start, and the following error is printed
into catalina.2019-04-**.log:
03-Apr-2019 **:**:**.234 SEVERE [main]
org.apache.tomcat.util.digester.Digester.warning Parse warning at line [5]
column [41]
03-Apr-2019 **:**:**.248 SEVERE [main]
org.apache.tomcat.util.digester.Digester.error Parse error at line [5] column
[41]
org.xml.sax.SAXParseException; systemId:
jar:file:*OMITTED*/webapps/ROOT/WEB-INF/lib/spring-web-4.3.23.RELEASE.jar!/META-INF/web-fragment.xml;
lineNumber: 5; columnNumber: 41; cvc-elt.1: Cannot find the declaration of
element 'web-fragment'.
at
com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:203)
at
com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.error(ErrorHandlerWrapper.java:134)
at
com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:396)
at
com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:327)
at
com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:284)
at
com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.handleStartElement(XMLSchemaValidator.java:1901)
at
com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.startElement(XMLSchemaValidator.java:741)
[...]
at org.apache.tomcat.util.digester.Digester.parse(Digester.java:1431)
at
org.apache.tomcat.util.descriptor.web.WebXmlParser.parseWebXml(WebXmlParser.java:119)
at
org.apache.tomcat.util.descriptor.web.FragmentJarScannerCallback.scan(FragmentJarScannerCallback.java:77)
at
org.apache.tomcat.util.scan.StandardJarScanner.process(StandardJarScanner.java:378)
at
org.apache.tomcat.util.scan.StandardJarScanner.scan(StandardJarScanner.java:191)
at
org.apache.catalina.startup.ContextConfig.processJarsForWebFragments(ContextConfig.java:1956)
at
org.apache.catalina.startup.ContextConfig.webConfig(ContextConfig.java:1122)
at
org.apache.catalina.startup.ContextConfig.configureStart(ContextConfig.java:768)
at
org.apache.catalina.startup.ContextConfig.lifecycleEvent(ContextConfig.java:301)
[...]
EXPECTED:
If the library is downgraded to version 4.3.22, the web application starts
successfully.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
