svn commit: r671103 - /tomcat/tc6.0.x/trunk/STATUS.txt
Author: remm Date: Tue Jun 24 02:41:44 2008 New Revision: 671103 URL: http://svn.apache.org/viewvc?rev=671103&view=rev Log: - Votes. Modified: tomcat/tc6.0.x/trunk/STATUS.txt Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=671103&r1=671102&r2=671103&view=diff == --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Tue Jun 24 02:41:44 2008 @@ -36,7 +36,7 @@ You can't use an unescaped quote if you quote the value with that character http://svn.apache.org/viewvc?rev=657231&view=rev http://svn.apache.org/viewvc?rev=670074&view=rev - +1: markt + +1: markt, remm -1: remm (I think it is a good patch, but it throws an error for something which was working before, so I would think keeping it for the next release would be better) markt How about making it optional with a system property that can be used @@ -49,20 +49,20 @@ * Enhancement https://issues.apache.org/bugzilla/show_bug.cgi?id=45155 Provide a workaround to a buggy MS WebDAV client. http://svn.apache.org/viewvc?rev=664345&view=rev - +1: markt, fhanik + +1: markt, fhanik, remm -1: * Provide belt and braces XSS protection. Really an app responsbility but worth protecting against in case the app forgets. http://svn.apache.org/viewvc?rev=664483&view=rev - +1: markt, fhanik + +1: markt, fhanik, remm -1: * Make fix for https://issues.apache.org/bugzilla/show_bug.cgi?id=43285 optional Coercion of null and "" to zero can now be disabled if required Patch by Nils Eckert http://svn.apache.org/viewvc?rev=665756&view=rev - +1: markt + +1: markt, remm +1: fhanik - candidate for STRICT_SERVLET_COMPLIANCE? markt - Probably not. STRICT_SERVLET_COMPLIANCE is a shortcut to set all options that are non-compliant by default. This one is already @@ -74,14 +74,14 @@ is a regression from 5.0.x. Also avoid NPE on remove. http://svn.apache.org/viewvc?rev=667604&view=rev http://svn.apache.org/viewvc?rev=668854&view=rev - +1: markt + +1: markt, remm -1: * Another fix for https://issues.apache.org/bugzilla/show_bug.cgi?id=43683 JMX re-registration was causing the context to briefly disappear from the mapper during reload causing 404s http://svn.apache.org/viewvc?rev=667644&view=rev - +1: markt + +1: markt, remm -1: * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=45212 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
svn commit: r671153 - /tomcat/connectors/trunk/jni/java/org/apache/tomcat/jni/Library.java
Author: jfclere
Date: Tue Jun 24 05:26:55 2008
New Revision: 671153
URL: http://svn.apache.org/viewvc?rev=671153&view=rev
Log:
Log the exception when the file we dlopen exists.
Otherwise errors like:
+++
java.lang.UnsatisfiedLinkError:
/home/jfclere/jbossweb_trunk/output/build/bin/META-INF/lib/linux2/x64/libaprutil-1.so.0.2.8:
libpq.so.3: cannot open shared object file: No such file or directory
+++
Can't be traced.
Modified:
tomcat/connectors/trunk/jni/java/org/apache/tomcat/jni/Library.java
Modified: tomcat/connectors/trunk/jni/java/org/apache/tomcat/jni/Library.java
URL:
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jni/java/org/apache/tomcat/jni/Library.java?rev=671153&r1=671152&r2=671153&view=diff
==
--- tomcat/connectors/trunk/jni/java/org/apache/tomcat/jni/Library.java
(original)
+++ tomcat/connectors/trunk/jni/java/org/apache/tomcat/jni/Library.java Tue Jun
24 05:26:55 2008
@@ -33,6 +33,7 @@
static private Library _instance = null;
private Library()
+throws Exception
{
boolean loaded = false;
String err = "";
@@ -42,6 +43,16 @@
loaded = true;
}
catch (Throwable e) {
+String name = System.mapLibraryName(NAMES[i]);
+String path = System.getProperty("java.library.path");
+String sep = System.getProperty("path.separator");
+String [] paths = path.split(sep);
+for (int j=0; j 0)
err += ", ";
err += e.getMessage();
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Tagging TOMCAT_NATIVE_1_1_14
Hi, I would like to tag tcnative to 1.1.14 to prepare a vote for a release. Any pending fixes/improvements/comments? Cheers Jean-Frederic - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tagging TOMCAT_NATIVE_1_1_14
+0 What's the updates ? 2008/6/24 jean-frederic clere <[EMAIL PROTECTED]>: > Hi, > > I would like to tag tcnative to 1.1.14 to prepare a vote for a release. > > Any pending fixes/improvements/comments? > > Cheers > > Jean-Frederic > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tagging TOMCAT_NATIVE_1_1_14
Henri Gomez wrote: +0 What's the updates ? +++ bug 45071 requires openssl 0.9.8a instead 0.9.8b optGet always throws exception and optSet doesn't. +++ Cheers Jean-Frederic 2008/6/24 jean-frederic clere <[EMAIL PROTECTED]>: Hi, I would like to tag tcnative to 1.1.14 to prepare a vote for a release. Any pending fixes/improvements/comments? Cheers Jean-Frederic - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[OT] Re: svn commit: r671153 - /tomcat/connectors/trunk/jni/java/org/apache/tomcat/jni/Library.java
Dumb question. (More of a curiosity since I see this a lot)
Is there a reason to use:
java.io.File fd =
new java.io.File(paths[j] +
System.getProperty("file.separator") + name);
Instead of
java.io.File fd = new java.io.File(paths[j], name);
-Tim
[EMAIL PROTECTED] wrote:
Author: jfclere
Date: Tue Jun 24 05:26:55 2008
New Revision: 671153
URL: http://svn.apache.org/viewvc?rev=671153&view=rev
+java.io.File fd = new java.io.File(paths[j] +
System.getProperty("file.separator") + name);
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
DO NOT REPLY [Bug 45272] New: Version 1 cookie not persisted in IE
https://issues.apache.org/bugzilla/show_bug.cgi?id=45272 Summary: Version 1 cookie not persisted in IE Product: Tomcat 5 Version: 5.5.26 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: Catalina AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] A cookie with value "MIGCBgkrBgEEAYI3WAOgdTBzBgorBgEEAYI3WAMBoGUwYwIDAgABAgJmAwICAMAECN7UUhW1gKdu%0ABBBgywr0Nm%2FxNVdoCHCcNMB2BDiF%2FIwn6i47%2B1H0fKHpkJeDVFhEvyYKke1zTGupImD7r2JOcdo%2F%0A6%2FK85sELQu%2BbOW%2BH9lhDfwdxHA%3D%3D" and version 1 is persisted correctly and returned using tomcat 5.5.26 and Firefox but not persisted using tomcat 5.5.26 and IE. This issue is not present in 5.5.25. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[Tomcat Wiki] Update of "Tomcat/UTF-8" by ChristopherSchultz
Dear Wiki user, You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change notification. The following page has been changed by ChristopherSchultz: http://wiki.apache.org/tomcat/Tomcat/UTF-8 The comment on the change is: Added some external documentation -- Note that this changes the behavior of reading GET parameters from the request URI and will not affect POST parameters at all. + == See Also == + * http://wiki.apache.org/tomcat/Tomcat/UTF-8 + * http://java.sun.com/developer/technicalArticles/Intl/HTTPCharset/ + - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[Tomcat Wiki] Update of "FAQ/Logging" by markt
Dear Wiki user,
You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change
notification.
The following page has been changed by markt:
http://wiki.apache.org/tomcat/FAQ/Logging
--
The Servlet Specification requires Servlet Containers like Tomcat to provide
at least a rudimentary implementation of the {{{ServletContext#log}}} method.
Tomcat provides a much richer implementation than required by the Spec, as
follows:
- * Prior to Tomcat 5.5, Tomcat provided a Logger element that you could
configure and extend according to your needs. If you are using a Tomcat version
previous to Tomcat 5.5, make sure to read the
[http://tomcat.apache.org/tomcat-5.0-doc/config/logger.html Logger
configuration reference].
+ * Prior to Tomcat 5.5, Tomcat provided a Logger element that you could
configure and extend according to your needs. If you are using a Tomcat version
previous to Tomcat 5.5, make sure to read the
[http://tomcat.apache.org/tomcat-4.1-doc/config/logger.html Logger
configuration reference].
* Starting with Tomcat 5.5, Logger was removed and
[http://jakarta.apache.org/commons/logging Jakarta Commons-Logging] {{{Log}}}
is used everywhere in Tomcat. Read the Commons-Logging documentation if you'd
like to know how to better use and configure Tomcat's internal logging. See
also [http://tomcat.apache.org/tomcat-5.5-doc/logging.html]
* To enable request logging similar to the Apache HTTP server, you may
include the following line in the server.xml file, in the tag:
[Tomcat Wiki] Update of "FAQ/Logging" by markt
Dear Wiki user, You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change notification. The following page has been changed by markt: http://wiki.apache.org/tomcat/FAQ/Logging The comment on the change is: More broken links -- * [http://marc.theaimsgroup.com/?l=tomcat-user&m=106623436423859&w=2 A log4j example] * [http://marc.theaimsgroup.com/?l=tomcat-user&m=108330970225012&w=2 Logging Configuration] * [http://marc.theaimsgroup.com/?l=tomcat-user&m=108578233003073&w=2 Example with JSVC and running on port 80.] - * [http://mail-archives.apache.org/eyebrowse/[EMAIL PROTECTED]&by=thread&from=877025 Need for it to be in bootstrap classpath.] + * [http://markmail.org/message/3sgxfol3njcfutsm Need for it to be in bootstrap classpath.] [[Anchor(Q3)]]'''How should I log in my own webapps?''' @@ -56, +56 @@ See these mailing list archive threads: - * [http://mail-archives.apache.org/eyebrowse/[EMAIL PROTECTED]&by=thread&from=863525Where are the Tomcat logs when running as a Windows service?] + * [http://markmail.org/message/3fjakrf77dqmy5nz Where are the Tomcat logs when running as a Windows service?] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
svn commit: r671346 - /tomcat/tc6.0.x/trunk/STATUS.txt
Author: markt Date: Tue Jun 24 14:09:58 2008 New Revision: 671346 URL: http://svn.apache.org/viewvc?rev=671346&view=rev Log: Clean up now the -1 has been resolved Modified: tomcat/tc6.0.x/trunk/STATUS.txt Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=671346&r1=671345&r2=671346&view=diff == --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Tue Jun 24 14:09:58 2008 @@ -34,17 +34,12 @@ * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=45015 You can't use an unescaped quote if you quote the value with that character + The second svn commit provides an option to disable the error raised + by the first. http://svn.apache.org/viewvc?rev=657231&view=rev http://svn.apache.org/viewvc?rev=670074&view=rev +1: markt, remm - -1: remm (I think it is a good patch, but it throws an error for something which was working before, -so I would think keeping it for the next release would be better) - markt How about making it optional with a system property that can be used -to restore the current behaviour is an app depends on it? - remm Ok with this addition, but I would only vote +0 for inclusion in this release - (this still sounds like a very minor fix) - markt The second svn commit provides an option to disable the error raised -by the first. + -1: * Enhancement https://issues.apache.org/bugzilla/show_bug.cgi?id=45155 Provide a workaround to a buggy MS WebDAV client. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
svn commit: r671347 - in /tomcat/tc6.0.x/trunk: STATUS.txt java/org/apache/catalina/valves/WebdavFixValve.java webapps/docs/changelog.xml
Author: markt Date: Tue Jun 24 14:17:34 2008 New Revision: 671347 URL: http://svn.apache.org/viewvc?rev=671347&view=rev Log: Provide a workaround for the buggy MS webdav client Added: tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/WebdavFixValve.java Modified: tomcat/tc6.0.x/trunk/STATUS.txt tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=671347&r1=671346&r2=671347&view=diff == --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Tue Jun 24 14:17:34 2008 @@ -41,12 +41,6 @@ +1: markt, remm -1: -* Enhancement https://issues.apache.org/bugzilla/show_bug.cgi?id=45155 - Provide a workaround to a buggy MS WebDAV client. - http://svn.apache.org/viewvc?rev=664345&view=rev - +1: markt, fhanik, remm - -1: - * Provide belt and braces XSS protection. Really an app responsbility but worth protecting against in case the app forgets. http://svn.apache.org/viewvc?rev=664483&view=rev Added: tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/WebdavFixValve.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/WebdavFixValve.java?rev=671347&view=auto == --- tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/WebdavFixValve.java (added) +++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/WebdavFixValve.java Tue Jun 24 14:17:34 2008 @@ -0,0 +1,78 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.catalina.valves; + +import java.io.IOException; + +import javax.servlet.ServletException; + +import org.apache.catalina.valves.ValveBase; +import org.apache.catalina.connector.Request; +import org.apache.catalina.connector.Response; + +/** + * Valve that attempts to force MS WebDAV clients connecting on port 80 to use + * a WebDAV client that actually works. Other workarounds that might help + * include: + * + * Specifing the port, even if it is port 80, when trying to connect. + * Canceling the first authentication dialog box and then trying to + * reconnect. + * + * To use this valve add the following+ * to your Engine, Host or Context as + * required. Normally, this valve would be used at the Context + * level. + * + * @version $Revision: 420067 $, $Date: 2006-07-08 09:16:58 +0200 (sub, 08 srp 2006) $ + */ + +public class WebdavFixValve +extends ValveBase { + +/** + * Check for the broken MS WebDAV client and if detected issue a re-direct + * that hopefully will cause the non-broken client to be used. + */ +public void invoke(Request request, Response response) +throws IOException, ServletException { + +String ua = request.getHeader("User-Agent"); +if (ua != null && ua.contains("MiniRedir")) { +response.sendRedirect(buildRedirect(request)); +} else { +getNext().invoke(request, response); +} +} + +private String buildRedirect(Request request) { +StringBuffer location = +new StringBuffer(request.getRequestURL().length()); +location.append(request.getScheme()); +location.append("://"); +location.append(request.getHost().getName()); +location.append(':'); +// If we include the port, even if it is 80, then MS clients will use +// a WebDAV client that works rather than the MiniRedir that has +// problems with BASIC authentication +location.append(request.getServerPort()); +location.append(request.getRequestURI()); +return location.toString(); +} +} Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=671347&r1=671346&r2=671347&view=diff == --- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc6.0.x/trunk/we
svn commit: r671351 - in /tomcat/tc6.0.x/trunk: STATUS.txt java/org/apache/jasper/security/SecurityUtil.java java/org/apache/jasper/servlet/JspServlet.java webapps/docs/changelog.xml
Author: markt
Date: Tue Jun 24 14:27:37 2008
New Revision: 671351
URL: http://svn.apache.org/viewvc?rev=671351&view=rev
Log:
Provide belt and braces XSS protection. Really an app responsibility but worth
protecting against in case the app forgets.
Modified:
tomcat/tc6.0.x/trunk/STATUS.txt
tomcat/tc6.0.x/trunk/java/org/apache/jasper/security/SecurityUtil.java
tomcat/tc6.0.x/trunk/java/org/apache/jasper/servlet/JspServlet.java
tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=671351&r1=671350&r2=671351&view=diff
==
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Tue Jun 24 14:27:37 2008
@@ -41,12 +41,6 @@
+1: markt, remm
-1:
-* Provide belt and braces XSS protection. Really an app responsbility but worth
- protecting against in case the app forgets.
- http://svn.apache.org/viewvc?rev=664483&view=rev
- +1: markt, fhanik, remm
- -1:
-
* Make fix for https://issues.apache.org/bugzilla/show_bug.cgi?id=43285
optional
Coercion of null and "" to zero can now be disabled if required
Patch by Nils Eckert
Modified: tomcat/tc6.0.x/trunk/java/org/apache/jasper/security/SecurityUtil.java
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/jasper/security/SecurityUtil.java?rev=671351&r1=671350&r2=671351&view=diff
==
--- tomcat/tc6.0.x/trunk/java/org/apache/jasper/security/SecurityUtil.java
(original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/jasper/security/SecurityUtil.java Tue
Jun 24 14:27:37 2008
@@ -40,5 +40,42 @@
return false;
}
-
+
+/**
+ * Filter the specified message string for characters that are sensitive
+ * in HTML. This avoids potential attacks caused by including JavaScript
+ * codes in the request URL that is often reported in error messages.
+ *
+ * @param message The message string to be filtered
+ */
+public static String filter(String message) {
+
+if (message == null)
+return (null);
+
+char content[] = new char[message.length()];
+message.getChars(0, message.length(), content, 0);
+StringBuffer result = new StringBuffer(content.length + 50);
+for (int i = 0; i < content.length; i++) {
+switch (content[i]) {
+case '<':
+result.append("<");
+break;
+case '>':
+result.append(">");
+break;
+case '&':
+result.append("&");
+break;
+case '"':
+result.append(""");
+break;
+default:
+result.append(content[i]);
+}
+}
+return (result.toString());
+
+}
+
}
Modified: tomcat/tc6.0.x/trunk/java/org/apache/jasper/servlet/JspServlet.java
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/jasper/servlet/JspServlet.java?rev=671351&r1=671350&r2=671351&view=diff
==
--- tomcat/tc6.0.x/trunk/java/org/apache/jasper/servlet/JspServlet.java
(original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/jasper/servlet/JspServlet.java Tue Jun
24 14:27:37 2008
@@ -35,6 +35,7 @@
import org.apache.jasper.Options;
import org.apache.jasper.compiler.JspRuntimeContext;
import org.apache.jasper.compiler.Localizer;
+import org.apache.jasper.security.SecurityUtil;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
@@ -311,8 +312,12 @@
if (includeRequestUri != null) {
// This file was included. Throw an exception as
// a response.sendError() will be ignored
-throw new ServletException(Localizer.getMessage(
-"jsp.error.file.not.found",jspUri));
+String msg = Localizer.getMessage(
+"jsp.error.file.not.found",jspUri);
+// Strictly, filtering this is an application
+// responsibility but just in case...
+throw new ServletException(
+SecurityUtil.filter(msg));
} else {
try {
response.sendError(
Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=671351&r1=671350&r2=671351&view=diff
==
--- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (ori
svn commit: r671352 - /tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
Author: markt Date: Tue Jun 24 14:30:19 2008 New Revision: 671352 URL: http://svn.apache.org/viewvc?rev=671352&view=rev Log: Typo Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=671352&r1=671351&r2=671352&view=diff == --- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Tue Jun 24 14:30:19 2008 @@ -194,7 +194,7 @@ provided by Chris Hubick. (markt) -A new valve, org.apache.catalina.valves.WebdavFixValve, +A new valve, org.apache.catalina.valves.WebdavFixValve, that forces MS clients connecting to the WebDAV Servlet on port 80 to use a client that works rather than the default broken one. (markt) - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
svn commit: r671358 - in /tomcat/tc6.0.x/trunk: STATUS.txt java/org/apache/el/parser/AstValue.java webapps/docs/changelog.xml webapps/docs/config/systemprops.xml
Author: markt
Date: Tue Jun 24 14:42:27 2008
New Revision: 671358
URL: http://svn.apache.org/viewvc?rev=671358&view=rev
Log:
Make coercion of "" and null to zero in EL configurable
Modified:
tomcat/tc6.0.x/trunk/STATUS.txt
tomcat/tc6.0.x/trunk/java/org/apache/el/parser/AstValue.java
tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
tomcat/tc6.0.x/trunk/webapps/docs/config/systemprops.xml
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=671358&r1=671357&r2=671358&view=diff
==
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Tue Jun 24 14:42:27 2008
@@ -41,17 +41,6 @@
+1: markt, remm
-1:
-* Make fix for https://issues.apache.org/bugzilla/show_bug.cgi?id=43285
optional
- Coercion of null and "" to zero can now be disabled if required
- Patch by Nils Eckert
- http://svn.apache.org/viewvc?rev=665756&view=rev
- +1: markt, remm
- +1: fhanik - candidate for STRICT_SERVLET_COMPLIANCE?
- markt - Probably not. STRICT_SERVLET_COMPLIANCE is a shortcut to set all
- options that are non-compliant by default. This one is already
- compliant by defult
- -1:
-
* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=45195
NPE when calling getAttribute(null). The spec is unclear but this
is a regression from 5.0.x. Also avoid NPE on remove.
Modified: tomcat/tc6.0.x/trunk/java/org/apache/el/parser/AstValue.java
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/el/parser/AstValue.java?rev=671358&r1=671357&r2=671358&view=diff
==
--- tomcat/tc6.0.x/trunk/java/org/apache/el/parser/AstValue.java (original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/el/parser/AstValue.java Tue Jun 24
14:42:27 2008
@@ -38,6 +38,10 @@
*/
public final class AstValue extends SimpleNode {
+protected static final boolean COERCE_TO_ZERO =
+Boolean.valueOf(System.getProperty(
+"org.apache.el.parser.COERCE_TO_ZERO", "true")).booleanValue();
+
protected static class Target {
protected Object base;
@@ -129,12 +133,28 @@
Target t = getTarget(ctx);
ctx.setPropertyResolved(false);
ELResolver resolver = ctx.getELResolver();
-resolver.setValue(ctx, t.base, t.property,
- // coerce to the expected type
- ELSupport.coerceToType(value,
- resolver.getType(ctx, t.base,
t.property)));
+
+// coerce to the expected type
+Class targetClass = resolver.getType(ctx, t.base, t.property);
+if (COERCE_TO_ZERO == true
+|| !isAssignable(value, targetClass)) {
+value = ELSupport.coerceToType(value, targetClass);
+}
+resolver.setValue(ctx, t.base, t.property, value);
+}
+
+private boolean isAssignable(Object value, Class targetClass) {
+if (targetClass == null) {
+return false;
+} else if (value != null && targetClass.isPrimitive()) {
+return false;
+} else if (value != null && !targetClass.isInstance(value)) {
+return false;
+}
+return true;
}
+
public MethodInfo getMethodInfo(EvaluationContext ctx, Class[] paramTypes)
throws ELException {
Target t = getTarget(ctx);
Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=671358&r1=671357&r2=671358&view=diff
==
--- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Tue Jun 24 14:42:27 2008
@@ -86,6 +86,13 @@
43150: Allow Tomcat to start correctly when installed on a
path that contains a # character. (markt)
+
+The fix for 43285 had the side-effct of coercing
+null values to zero. This side-effect has been made
+configurable with a system property,
+org.apache.el.parser.COERCE_TO_ZERO which defaults to
+true. Patch provided by Nils Eckert. (markt)
+
43343: Correctly handle requesting a session we are in the
middle of persisting. Based on a suggestion by Wade Chandler. (markt)
Modified: tomcat/tc6.0.x/trunk/webapps/docs/config/systemprops.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/config/systemprops.xml?rev=671358&r1=671357&r2=671358&view=diff
==
--- tomcat/tc6.0.x/trunk/webapps/docs/config/systemprops.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/config/systemprops.xml Tue Jun 24
14:42:27 2008
@@ -48,6 +48
