rmaucher commented on code in PR #607:
URL: https://github.com/apache/tomcat/pull/607#discussion_r1152944003
##
java/org/apache/catalina/filters/RateLimitFilter.java:
##
@@ -0,0 +1,230 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor
All,
Yes, I could read the code, but I was wondering if the (Session)Manager
configuration attributes sessionAttributeNameFilter and
sessionAttributeValueClassNameFilter are expected to apply to both
clustering AND cross-restart persistence, or only clustering.
The documentation[1] says that
All,
On 3/30/23 10:02, Christopher Schultz wrote:
All,
Yes, I could read the code, but I was wondering if the (Session)Manager
configuration attributes sessionAttributeNameFilter and
sessionAttributeValueClassNameFilter are expected to apply to both
clustering AND cross-restart persistence,
On 30/03/2023 15:11, Christopher Schultz wrote:
All,
On 3/30/23 10:02, Christopher Schultz wrote:
All,
Yes, I could read the code, but I was wondering if the
(Session)Manager configuration attributes sessionAttributeNameFilter
and sessionAttributeValueClassNameFilter are expected to apply to
https://bz.apache.org/bugzilla/show_bug.cgi?id=66548
Bug ID: 66548
Summary: Tomcat does not validate value of Sec-Websocket-Key
header
Product: Tomcat 9
Version: 9.0.73
Hardware: All
OS: All
Stat
This is an automated email from the ASF dual-hosted git repository.
schultz pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 3ab4c0052e Make it clear that session-attribute nam
This is an automated email from the ASF dual-hosted git repository.
schultz pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new bbcbc5ef62 Make it clear that session-attribute
This is an automated email from the ASF dual-hosted git repository.
schultz pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 3d75bb000a Make it clear that session-attribute n
This is an automated email from the ASF dual-hosted git repository.
schultz pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 5ad12fc31a Make it clear that session-attribute n
https://bz.apache.org/bugzilla/show_bug.cgi?id=66548
--- Comment #1 from Christopher Schultz ---
Seems reasonable.
Care you provide a patch/PR?
--
You are receiving this mail because:
You are the assignee for the bug.
-
To uns
ChristopherSchultz commented on code in PR #607:
URL: https://github.com/apache/tomcat/pull/607#discussion_r1153742361
##
java/org/apache/catalina/filters/RateLimitFilter.java:
##
@@ -0,0 +1,230 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * co
ChristopherSchultz commented on code in PR #607:
URL: https://github.com/apache/tomcat/pull/607#discussion_r1153744130
##
java/org/apache/catalina/util/TimeBucketCounter.java:
##
@@ -0,0 +1,217 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * con
isapir commented on code in PR #607:
URL: https://github.com/apache/tomcat/pull/607#discussion_r1153762530
##
java/org/apache/catalina/filters/RateLimitFilter.java:
##
@@ -0,0 +1,230 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor li
isapir commented on code in PR #607:
URL: https://github.com/apache/tomcat/pull/607#discussion_r1153771643
##
java/org/apache/catalina/util/TimeBucketCounter.java:
##
@@ -0,0 +1,217 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor lic
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new a5962eaa50 Code clean-up. No functional change.
a5962
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new 8f492ec2a2 Code clean-up. No functional change.
8
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 9ad44a4cb5 Code clean-up. No functional change.
9ad
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new f76d39093f Code clean-up. No functional change.
f76
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 2cd3c6b620 Revert "Refactor AmbiguousBean test after
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 7690caf7dc Address CI failures for potentially ambigu
https://bz.apache.org/bugzilla/show_bug.cgi?id=66548
--- Comment #2 from Mark Thomas ---
Throwing an exception isn't appropriate here. Just returning SC_BAD_REQUEST is
sufficient.
I'll note that RFC 6455 also states:
"It is not necessary for the server to base64-decode the |Sec-WebSocket-Key|
v
https://bz.apache.org/bugzilla/show_bug.cgi?id=66548
--- Comment #3 from Mark Thomas ---
Sorry, comment was posted while incomplete. Continuing...
The changes required for c) are such that it would be simpler just to do the
decode.
I'd lean towards the a) + b) approach but have no objection to
22 matches
Mail list logo
