All,

I propose that we enable RECYCLE_FACADES by default in Tomcat 10.
Reasons:

1. It is "safer"

When running untrusted applications, a malicious application can potentially spy on others.
Application bugs can cause request/response confusion.

2. It reduces the number of false bug reports

Anytime something odd is happening with an application running on Tomcat, the application owner usually emails users@ and/or reports a bug against Tomcat. The first thing we say is "enable RECYCLE_FACADES to be sure it's not your application".
3. Performance hit is probably minimal

I have no data on this, but I'm assuming that GC isn't an issue at all: most requests/responses will be created and die all inside of the young generation (or whatever it's called these days).
I'm not sure how expensive creating a new request/response is. Perhaps 
we could look into some targeted performance optimizations in this area.
4. Re-enabling RECYCLE_FACADES is trivial

Just put it in setenv.sh/setenv.bat/catalina.policy

I do not think we should change the default in Tomcat <10 as this might be a surprise to a lot of users.
-chris

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to