Author: kkolinko
Date: Wed Mar 4 15:02:22 2015
New Revision: 1664031
URL: http://svn.apache.org/r1664031
Log:
Add a comment from quick testing.
Modified:
tomcat/tc6.0.x/trunk/STATUS.txt
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1664031&r1=1664030&r2=1664031&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Wed Mar 4 15:02:22 2015
@@ -28,10 +28,30 @@ None
PATCHES PROPOSED TO BACKPORT:
[ New proposals should be added at the end of the list ]
-* http://svn.apache.org/r1662736
+* Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=57644
Update examples to use Apache Standard Taglibs 1.2.3
+ http://svn.apache.org/r1662736
+1: jboynes
-1:
+ +0: kkolinko
+ 1) When running with Security Manager enabled, it fails at
+ /examples/jsp/jsp2/tagfiles/products.jsp
+ and many subsequent pages with
+ java.security.AccessControlException: access denied
(java.util.PropertyPermission
org.apache.taglibs.standard.xml.accessExternalEntity read)
+
+ followed by java.lang.NoClassDefFoundError which result in compilation
failure.
+
+ Without Security Manager it runs OK.
+
+ 2) Do not forget to update webapps/docs/changelog.xml
+
+ 3) OK with scan exclusion lists.
+ Unlike Tomcat 7 and later there is no need to update them.
+
+ (Tomcat 6 does not perform annotation scanning, so exclusion does
+ not save much time. TLD exclusion lists are hard-coded in java code
+ (e.g. search for "ecj-4.3.1.jar"), and do not skip jstl.jar.)
+
* Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=57659
Restore ability to include javascript files via the DefaultServlet
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
