svn commit: r830875 - in /tomcat/site/trunk: docs/index.html xdocs/index.xml
Author: jfclere Date: Thu Oct 29 09:45:48 2009 New Revision: 830875 URL: http://svn.apache.org/viewvc?rev=830875&view=rev Log: Arrange the conference program and add the meetup. Modified: tomcat/site/trunk/docs/index.html tomcat/site/trunk/xdocs/index.xml Modified: tomcat/site/trunk/docs/index.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/index.html?rev=830875&r1=830874&r2=830875&view=diff == --- tomcat/site/trunk/docs/index.html (original) +++ tomcat/site/trunk/docs/index.html Thu Oct 29 09:45:48 2009 @@ -3,18 +3,18 @@ Apache Tomcat - Welcome! - - - + + + - - + + http://tomcat.apache.org/";> - + @@ -25,28 +25,28 @@ http://www.apache.org/";> -http://www.apache.org/images/asf-logo.gif"; align="right" alt="Apache Logo" border="0"/> +http://www.apache.org/images/asf-logo.gif"; /> -http://www.google.com/search"; method="get"> - - - +http://www.google.com/search";> + + + - + - + - + Apache Tomcat @@ -178,11 +178,11 @@ - - + + - + Apache Tomcat @@ -215,14 +215,14 @@ - + - + - + Upcoming: Tomcat tracks at ApacheCon US 2009 @@ -234,12 +234,12 @@ http://www.us.apachecon.com/c/acus2009/";> -http://www.apache.org/ads/ApacheCon/2009-usa-125x125.png"; style="width: 125px;height: 125px;" align="right"/> +http://www.apache.org/ads/ApacheCon/2009-usa-125x125.png"; style="width: 125px;height: 125px;" align="right" /> ApacheCon US 2009, 2-6 November 2009 in Oakland, CA, will have a dedicated track about Tomcat topics. We will celebrate our 10th anniversary as an Apache project, explain the future developements: Tomcat7, asynchrounous servlets, show how to get the best of Tomcat and how to front-end Tomcat clusters. - And the day after we will have a "geek day" where you can get hands-on advice and really join the ranks of the Tomcat initiated! + We also have a http://wiki.apache.org/tomcat/TomcatAtApacheConUs2009";>meetup on Monday evening where you can get hands-on advice and really join the ranks of the Tomcat initiated! Join us in Oakland! @@ -251,14 +251,14 @@ - + - + - + Live Video Streaming of Tomcat Talks at ApacheCon Europe 2009 @@ -269,7 +269,7 @@ -http://eu.apachecon.com/page_attachments//0188/Live_Video_v2.gif"; alt="[Live Video Streaming at ApacheCon]" align="right"/> +http://eu.apachecon.com/page_attachments//0188/Live_Video_v2.gif"; alt="[Live Video Streaming at ApacheCon]" align="right" /> ApacheCon Europe 2009, 23-27 March in Amsterdam, has a dedicated track about Tomcat topics. If you cannot make it to Amsterdam this time, you can @@ -293,14 +293,14 @@ - + - + - + Apache Tomcat Versions @@ -317,51 +317,51 @@ - - + + Servlet/JSP Spec - - + + Apache Tomcat version - -2.5/2.1 + +2.5/2.1 - -6.0.20 + +6.0.20 - -2.4/2.0 + +2.4/2.0 - -5.5.28 + +5.5.28 - -2.3/1.2 + +2.3/1.2 - -4.1.40 + +4.1.40 - -2.2/1.1 + +2.2/1.1 - -3.3.2 (archived) + +3.3.2 (archived) @@ -387,7 +387,7 @@ - + @@ -396,17 +396,17 @@ - + - + Copyright © 1999-2009, The Apache Software Foundation - + "Apache", the Apache feather, and the Apache Tomcat logo are trademarks of the Apache Software Foundation for our open source software. Modified: tomcat/site/trunk/xdocs/index.xml URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/index.xml?rev=830875&r1=830874&r2=830875&view=diff == --- tomcat/site/trunk/xdocs/index.xml (original) +++ tomcat/site/trunk/xdocs/index.xml Thu Oct 29 09:45:48 2009 @@ -34,7 +34,7 @@ ApacheCon US 2009, 2-6 November 2009 in Oakland, CA, will have a dedicated track about Tomcat topics. We will celebrate our 10th anniversary as an Apache project, explain the future developements: Tomcat7, asynchrounous servlets, show how to get the best of Tomcat and how to front-end Tomcat clusters. - And the day after we will have a "geek day" where you can get hands-on advice and really join the ranks of the Tomcat initiated! + We also have a http://wiki.apache.org/tomcat/TomcatAtApacheConUs2009";>meetup on Monday evening where you can get hands-on advice and really join the ranks of the Tomcat initiated! Join us in Oakland! - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r830890 - /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
Author: markt
Date: Thu Oct 29 10:58:49 2009
New Revision: 830890
URL: http://svn.apache.org/viewvc?rev=830890&view=rev
Log:
Clean-up - no functional change
Modified:
tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
Modified:
tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java?rev=830890&r1=830889&r2=830890&view=diff
==
---
tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
(original)
+++
tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
Thu Oct 29 10:58:49 2009
@@ -75,7 +75,7 @@
/*
* Several components end up opening JarURLConnections without
first
- * disabling chaching. This effectively locks the file. Whilst more
+ * disabling caching. This effectively locks the file. Whilst more
* noticeable and harder to ignore on Windows, it affects all
* operating systems.
*
@@ -88,7 +88,7 @@
try {
// Doesn't matter that this JAR doesn't exist - just as long as
// the URL is well-formed
-URL url = new URL("jar:file://dummy.jar!/dummy.txt");
+URL url = new URL("jar:file://dummy.jar!/");
URLConnection uConn = url.openConnection();
uConn.setDefaultUseCaches(false);
} catch (MalformedURLException e) {
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r830736 - in /tomcat/trunk/java/org/apache/catalina/core: JreMemoryLeakPreventionListener.java LocalStrings.properties
Konstantin Kolinko wrote:
> 2009/10/28 :
>> Author: markt
>> Date: Wed Oct 28 19:25:31 2009
>> New Revision: 830736
>>
>> URL: http://svn.apache.org/viewvc?rev=830736&view=rev
>> Log:
>> Add a workaround for a common cause of locked files.
>>
>> Modified:
>>
>> tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
>>tomcat/trunk/java/org/apache/catalina/core/LocalStrings.properties
>>
>> + * Several components end up opening JarURLConnections without
>> first
>> + * disabling chaching. This effectively locks the file. Whilst
>> more
>
> A typo:
>
> s/chaching/caching/
Fixed.
>
>> +URL url = new URL("jar:file://dummy.jar!/dummy.txt");
>> +URLConnection uConn = url.openConnection();
>> +uConn.setDefaultUseCaches(false);
>
> What I can see from JDK sources as of 6u15,
> URLConnection#defaultUseCaches field is static and thus is shared by
> all subclasses.
>
> Thus this setting will affect not only JAR files, but e.g.
> sun.net.www.protocol.http.HttpURLConnection#getInputStream()
> -- there is a getUseCaches() call, which determines whether the
> java.net.ResponseCache cache will be used or not.
>
> Even if we agree to include this feature in
> JreMemoryLeakPreventionListener, there should be an easy way to turn
> it off. Also I would propose to turn it off by default.
Happy with making it configurable. Not so sure about changing the
default. I see more issues with apps locking files that I see apps
making outbound connections.
> Regarding implementation:
>
> The "file://dummy.jar" URL apparently is a relative one and references
> a file in the current working directory. No file operations are
> actually performed in those calls, so I think that actually does not
> matter.
That was my thinking.
> I thought of an alternative implementation: to create a dummy
> subclass of URLConnection, and call its setDefaultUseCaches() method.
> But using Mark's method should be better, in view of possible Java API
> changes.
>
> Also, "dummy.txt" part of the URL is not necessary. It would be
> sufficient to end the URL with "!/", see syntax here:
> http://java.sun.com/javase/6/docs/api/java/net/JarURLConnection.html
I'll clean that up.
Cheers,
Mark
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r830908 - in /tomcat/trunk: java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java webapps/docs/config/listeners.xml
Author: markt
Date: Thu Oct 29 12:03:48 2009
New Revision: 830908
URL: http://svn.apache.org/viewvc?rev=830908&view=rev
Log:
Make leak prevention listener more configurable
Modified:
tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
tomcat/trunk/webapps/docs/config/listeners.xml
Modified:
tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java?rev=830908&r1=830907&r2=830908&view=diff
==
---
tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
(original)
+++
tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
Thu Oct 29 12:03:48 2009
@@ -51,7 +51,30 @@
LogFactory.getLog(JreMemoryLeakPreventionListener.class);
protected static final StringManager sm =
StringManager.getManager(Constants.Package);
-
+
+/**
+ * Protect against the memory leak caused when the first call to
+ * sun.awt.AppContext.getAppContext() is triggered by a web
+ * application. Defaults to true.
+ */
+protected boolean appContextProtection = true;
+public boolean isAppContextProtection() { return appContextProtection; }
+public void setAppContextProtection(boolean appContextProtection) {
+this.appContextProtection = appContextProtection;
+}
+
+/**
+ * Protect against resources being read for JAR files and, as a
side-effect,
+ * the JAR file becoming locked. Note this disables caching for all
+ * {...@link URLConnection}s, regardless of type. Defaults to
+ * true.
+ */
+protected boolean urlCacheProtection = true;
+public boolean isUrlCacheProtection() { return urlCacheProtection; }
+public void setUrlCacheProtection(boolean urlCacheProtection) {
+this.urlCacheProtection = urlCacheProtection;
+}
+
@Override
public void lifecycleEvent(LifecycleEvent event) {
// Initialise these classes when Tomcat starts
@@ -71,7 +94,9 @@
// Trigger a call to sun.awt.AppContext.getAppContext(). This will
// pin the common class loader in memory but that shouldn't be an
// issue.
-ImageIO.getCacheDirectory();
+if (appContextProtection) {
+ImageIO.getCacheDirectory();
+}
/*
* Several components end up opening JarURLConnections without
first
@@ -84,19 +109,21 @@
* - javax.xml.bind.JAXBContext.newInstance()
*/
-// Set the default JAR URL caching policy to not to cache
-try {
-// Doesn't matter that this JAR doesn't exist - just as long as
-// the URL is well-formed
-URL url = new URL("jar:file://dummy.jar!/");
-URLConnection uConn = url.openConnection();
-uConn.setDefaultUseCaches(false);
-} catch (MalformedURLException e) {
-log.error(sm.getString(
-"jreLeakListener.jarUrlConnCacheFail"), e);
-} catch (IOException e) {
-log.error(sm.getString(
-"jreLeakListener.jarUrlConnCacheFail"), e);
+// Set the default URL caching policy to not to cache
+if (urlCacheProtection) {
+try {
+// Doesn't matter that this JAR doesn't exist - just as
long as
+// the URL is well-formed
+URL url = new URL("jar:file://dummy.jar!/");
+URLConnection uConn = url.openConnection();
+uConn.setDefaultUseCaches(false);
+} catch (MalformedURLException e) {
+log.error(sm.getString(
+"jreLeakListener.jarUrlConnCacheFail"), e);
+} catch (IOException e) {
+log.error(sm.getString(
+"jreLeakListener.jarUrlConnCacheFail"), e);
+}
}
}
}
Modified: tomcat/trunk/webapps/docs/config/listeners.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/listeners.xml?rev=830908&r1=830907&r2=830908&view=diff
==
--- tomcat/trunk/webapps/docs/config/listeners.xml (original)
+++ tomcat/trunk/webapps/docs/config/listeners.xml Thu Oct 29 12:03:48 2009
@@ -227,19 +227,36 @@
leak if a web application class loader happens to be the context class
loader at the time. The work-around is to initialise these singletons when
this listener starts as Tomcat's common class loader is the context class
-loader at that time.
+loader at that time. It also provides work-arounds for known issues that
+ca
DO NOT REPLY [Bug 48083] New: IIS7 with Tomcat-Connector
https://issues.apache.org/bugzilla/show_bug.cgi?id=48083 Summary: IIS7 with Tomcat-Connector Product: Tomcat Connectors Version: 1.2.28 Platform: PC OS/Version: Windows Server 2008 (Longhorn) Status: NEW Severity: major Priority: P2 Component: isapi AssignedTo: dev@tomcat.apache.org ReportedBy: gre...@familyfischer.net Created an attachment (id=24443) --> (https://issues.apache.org/bugzilla/attachment.cgi?id=24443) config files Everything set up right, allthough IIS7 gives this 500.0 error: Modul IsapiFilterModule Notification AuthenticateRequest Handler StaticFile Errprcode 0x80070001 Requested URL http://apps.myserver.local:80/myapp/index.html Physical Path C:\inetpub\apps Before I get into configuration details (see attachment): Has anybody ever had IIS7 correctly working with Tomcat connector? whats the secret? -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r830589 - /tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java
On 10/28/2009 10:54 PM, Konstantin Kolinko wrote:
2009/10/28:
Author: markt
Date: Wed Oct 28 15:30:49 2009
New Revision: 830589
+if (endpoint.getCurrentThreadsBusy()>0&&
+endpoint.getMaxThreads()>0) {
+threadRatio = (endpoint.getCurrentThreadsBusy() * 100)
+/ endpoint.getMaxThreads();
+}
I think that endpoint.getCurrentThreadsBusy() call is not cheap
in trunk, this is cheap if they are using the executor that comes with
Tomcat. It's a read from a volatile variable.
(and
can provide different results between calls). It would be better to
cache its result in a local variable.
in trunk, this call will go away in the processor, as the processor no
longer needs to control this.
Best regards,
Konstantin Kolinko
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r830965 - /tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java
Author: markt
Date: Thu Oct 29 14:39:38 2009
New Revision: 830965
URL: http://svn.apache.org/viewvc?rev=830965&view=rev
Log:
No longer required since all connectors now use acceptors
Modified:
tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java
Modified: tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java?rev=830965&r1=830964&r2=830965&view=diff
==
--- tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java (original)
+++ tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java Thu Oct 29
14:39:38 2009
@@ -171,20 +171,6 @@
int soTimeout = endpoint.getSoTimeout();
-int threadRatio = -1;
-// These may return zero or negative values
-// Only calculate a thread ratio when both are >0 to ensure we get a
-// sensible result
-if (endpoint.getCurrentThreadsBusy() >0 &&
-endpoint.getMaxThreads() >0) {
-threadRatio = (endpoint.getCurrentThreadsBusy() * 100)
-/ endpoint.getMaxThreads();
-}
-// Disable keep-alive if we are running low on threads
-if (threadRatio > 75) {
-keepAliveLeft = 1;
-}
-
try {
socket.setSoTimeout(soTimeout);
} catch (Throwable t) {
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r830980 - in /tomcat/tc6.0.x/trunk: ./ java/org/apache/coyote/http11/ java/org/apache/tomcat/util/net/ webapps/docs/
Author: markt
Date: Thu Oct 29 14:54:00 2009
New Revision: 830980
URL: http://svn.apache.org/viewvc?rev=830980&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=47161
Make maxThreads return consistent. Will still return -1 in many cases but that
is better than previously.
Note: Also ensures new return values don't break keep-alive auto-disable for
the BIO HTTP connector.
Modified:
tomcat/tc6.0.x/trunk/STATUS.txt
tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11Processor.java
tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/JIoEndpoint.java
tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java
tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=830980&r1=830979&r2=830980&view=diff
==
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Thu Oct 29 14:54:00 2009
@@ -323,23 +323,6 @@
+1: rjung, pero
-1:
-* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=47161
- Make maxThreads return consistent. Will still return -1 in many cases but
that
- is better than previously.
- https://issues.apache.org/bugzilla/attachment.cgi?id=24341&action=edit
- +1: markt, kkolinko, rjung
- -1:
- kkolinko: (We need to make some decision regarding the following lines in
Http11Processor#process():
-int threadRatio = (endpoint.getCurrentThreadsBusy() * 100)
-/ endpoint.getMaxThreads();
-When JIoEndpoint uses an executor this value that was (-100) will now be
(+100).
-I am in favour of using the (threadRatio <= 75) branch when threadRatio
-cannot be reliably calculated.
-
-Besides that, I see no problems with this patch.
- rjung: me to (threadRatio <= 75 branch).
- )
-
* Fix memory leak causes by a JRE implementation change in 1.6.0_15 onwards
http://svn.apache.org/viewvc?view=revision&revision=828196
http://svn.apache.org/viewvc?view=revision&revision=830378
Modified:
tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11Processor.java
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11Processor.java?rev=830980&r1=830979&r2=830980&view=diff
==
--- tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11Processor.java
(original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11Processor.java Thu
Oct 29 14:54:00 2009
@@ -774,10 +774,15 @@
int keepAliveLeft = maxKeepAliveRequests;
int soTimeout = endpoint.getSoTimeout();
-int threadRatio = (endpoint.getCurrentThreadsBusy() * 100)
-/ endpoint.getMaxThreads();
-if (threadRatio > 75) {
-keepAliveLeft = 1;
+// When using an executor, these values may return non-positive values
+int curThreads = endpoint.getCurrentThreadsBusy();
+int maxThreads = endpoint.getMaxThreads();
+if (curThreads > 0 && maxThreads >0) {
+// Only auto-disable keep-alive if the current thread usage % can
be
+// calculated correctly
+if (curThreads*100/maxThreads > 75) {
+keepAliveLeft = 1;
+}
}
try {
Modified: tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java?rev=830980&r1=830979&r2=830980&view=diff
==
--- tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
(original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java Thu
Oct 29 14:54:00 2009
@@ -36,7 +36,6 @@
import org.apache.tomcat.jni.SSLSocket;
import org.apache.tomcat.jni.Socket;
import org.apache.tomcat.jni.Status;
-import org.apache.tomcat.util.net.JIoEndpoint.Worker;
import org.apache.tomcat.util.res.StringManager;
/**
@@ -188,7 +187,13 @@
}
}
}
-public int getMaxThreads() { return maxThreads; }
+public int getMaxThreads() {
+if (executor != null) {
+return -1;
+} else {
+return maxThreads;
+}
+}
/**
@@ -539,7 +544,7 @@
* @return the amount of threads that are managed by the pool
*/
public int getCurrentThreadCount() {
-if (executor!=null) {
+if (executor != null) {
return -1;
} else {
return curThreads;
Modified: tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/JIoEndpoint.java
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/JIoEndpoint.java?rev=830980&r1=830979
svn commit: r830999 - in /tomcat/trunk: java/org/apache/tomcat/util/http/Cookies.java test/org/apache/tomcat/util/http/TestCookies.java
Author: markt
Date: Thu Oct 29 15:27:58 2009
New Revision: 830999
URL: http://svn.apache.org/viewvc?rev=830999&view=rev
Log:
The single quote character ' is not a separator so it is allowed in unquoted
values.
Modified:
tomcat/trunk/java/org/apache/tomcat/util/http/Cookies.java
tomcat/trunk/test/org/apache/tomcat/util/http/TestCookies.java
Modified: tomcat/trunk/java/org/apache/tomcat/util/http/Cookies.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/http/Cookies.java?rev=830999&r1=830998&r2=830999&view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/http/Cookies.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/http/Cookies.java Thu Oct 29
15:27:58 2009
@@ -51,10 +51,10 @@
Excluding the '/' char violates the RFC, but
it looks like a lot of people put '/'
in unquoted values: '/': ; //47
-'\t':9 ' ':32 '\"':34 '\'':39 '(':40 ')':41 ',':44 ':':58 ';':59 '<':60
+'\t':9 ' ':32 '\"':34 '(':40 ')':41 ',':44 ':':58 ';':59 '<':60
'=':61 '>':62 '?':63 '@':64 '[':91 '\\':92 ']':93 '{':123 '}':125
*/
-public static final char SEPARATORS[] = { '\t', ' ', '\"', '\'', '(', ')',
',',
+public static final char SEPARATORS[] = { '\t', ' ', '\"', '(', ')', ',',
':', ';', '<', '=', '>', '?', '@', '[', '\\', ']', '{', '}' };
protected static final boolean separators[] = new boolean[128];
Modified: tomcat/trunk/test/org/apache/tomcat/util/http/TestCookies.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/http/TestCookies.java?rev=830999&r1=830998&r2=830999&view=diff
==
--- tomcat/trunk/test/org/apache/tomcat/util/http/TestCookies.java (original)
+++ tomcat/trunk/test/org/apache/tomcat/util/http/TestCookies.java Thu Oct 29
15:27:58 2009
@@ -74,19 +74,19 @@
test("$Version=1;foo=\"b\"ar\";$Domain=apache.org;$Port=8080;a=b",
"foo", "b", "a", "b"); // Incorrectly escaped.
test("$Version=1;foo=\"b\\\"ar\";$Domain=apache.org;$Port=8080;a=b",
"foo", "b\"ar", "a", "b"); // correctly escaped.
test("$Version=1;foo=\"b'ar\";$Domain=apache.org;$Port=8080;a=b",
"foo", "b'ar", "a", "b");
-// JFC: sure it is "b" and not b'ar ?
-test("$Version=1;foo=b'ar;$Domain=apache.org;$Port=8080;a=b", "foo",
"b", "a", "b");
+// ba'r is OK - ' is not a separator
+test("$Version=1;foo=b'ar;$Domain=apache.org;$Port=8080;a=b", "foo",
"b'ar", "a", "b");
// Ends in quoted value
test("foo=bar;a=\"b\"", "foo", "bar", "a", "b");
test("foo=bar;a=\"b\";", "foo", "bar", "a", "b");
// Last character is an escape character
-
test("$Version=1;foo=b'ar;$Domain=\"apache.org\";$Port=8080;a=\"b\\\"", "foo",
"b");
-test("$Version=1;foo=b'ar;$Domain=\"apache.org\";$Port=8080;a=\"b\\",
"foo", "b");
+
test("$Version=1;foo=b'ar;$Domain=\"apache.org\";$Port=8080;a=\"b\\\"", "foo",
"b'ar");
+test("$Version=1;foo=b'ar;$Domain=\"apache.org\";$Port=8080;a=\"b\\",
"foo", "b'ar");
-// Bad... a token cannot be quoted with ' chars
-test("$Version=\"1\"; foo='bar'; $Path=/path; $Domain=\"localhost\"");
+// A token cannot be quoted with ' chars - they should be treated as
part of the value
+test("$Version=\"1\"; foo='bar'; $Path=/path; $Domain=\"localhost\"",
"foo", "'bar'");
// wrong, path should not have '/' JVK
test("$Version=1;foo=\"bar\";$Path=/examples;a=b; ; ", "foo", "bar",
"a", "b");
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r831059 - in /tomcat/trunk: java/org/apache/tomcat/util/http/Cookies.java java/org/apache/tomcat/util/http/ServerCookie.java webapps/docs/config/systemprops.xml
Author: markt
Date: Thu Oct 29 18:36:49 2009
New Revision: 831059
URL: http://svn.apache.org/viewvc?rev=831059&view=rev
Log:
Add system property to control treatment of / as a separator when processing
cookies
Modify ALWAYS_ADD_EXPIRES so STRICT_SERVLET_COMPLIANCE changes the default to a
strict interpretation of the specs
Note: I'll refactor the common code into a Constants class once I am finished
but I'm doing that last as the refactoring won't be proposed for back-port to
6.0.x/5.5.x
Modified:
tomcat/trunk/java/org/apache/tomcat/util/http/Cookies.java
tomcat/trunk/java/org/apache/tomcat/util/http/ServerCookie.java
tomcat/trunk/webapps/docs/config/systemprops.xml
Modified: tomcat/trunk/java/org/apache/tomcat/util/http/Cookies.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/http/Cookies.java?rev=831059&r1=831058&r2=831059&view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/http/Cookies.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/http/Cookies.java Thu Oct 29
18:36:49 2009
@@ -46,19 +46,54 @@
MimeHeaders headers;
+/**
+ * If set to true, we parse cookies strictly according to the servlet,
+ * cookie and HTTP specs by default.
+ */
+public static final boolean STRICT_SERVLET_COMPLIANCE;
+
+/**
+ * If set to true, the / character will be treated as a
+ * separator. Default is usually false. If STRICT_SERVLET_COMPLIANCE==true
+ * then default is true. Explicitly setting always takes priority.
+ */
+public static final boolean FWD_SLASH_IS_SEPARATOR;
+
/*
List of Separator Characters (see isSeparator())
-Excluding the '/' char violates the RFC, but
-it looks like a lot of people put '/'
-in unquoted values: '/': ; //47
-'\t':9 ' ':32 '\"':34 '(':40 ')':41 ',':44 ':':58 ';':59 '<':60
-'=':61 '>':62 '?':63 '@':64 '[':91 '\\':92 ']':93 '{':123 '}':125
*/
-public static final char SEPARATORS[] = { '\t', ' ', '\"', '(', ')', ',',
-':', ';', '<', '=', '>', '?', '@', '[', '\\', ']', '{', '}' };
+public static final char SEPARATORS[];
protected static final boolean separators[] = new boolean[128];
static {
+STRICT_SERVLET_COMPLIANCE = Boolean.valueOf(System.getProperty(
+"org.apache.catalina.STRICT_SERVLET_COMPLIANCE",
+"false")).booleanValue();
+
+String fwdSlashIsSeparator = System.getProperty(
+
"org.apache.tomcat.util.http.ServerCookie.FWD_SLASH_IS_SEPARATOR");
+if (fwdSlashIsSeparator == null) {
+FWD_SLASH_IS_SEPARATOR = STRICT_SERVLET_COMPLIANCE;
+} else {
+FWD_SLASH_IS_SEPARATOR =
+Boolean.valueOf(fwdSlashIsSeparator).booleanValue();
+}
+
+/*
+Excluding the '/' char by default violates the RFC, but
+it looks like a lot of people put '/'
+in unquoted values: '/': ; //47
+'\t':9 ' ':32 '\"':34 '(':40 ')':41 ',':44 ':':58 ';':59 '<':60
+'=':61 '>':62 '?':63 '@':64 '[':91 '\\':92 ']':93 '{':123 '}':125
+*/
+if (FWD_SLASH_IS_SEPARATOR) {
+SEPARATORS = new char[] { '\t', ' ', '\"', '(', ')', ',', '/',
+':', ';', '<', '=', '>', '?', '@', '[', '\\', ']', '{',
'}' };
+} else {
+SEPARATORS = new char[] { '\t', ' ', '\"', '(', ')', ',',
+':', ';', '<', '=', '>', '?', '@', '[', '\\', ']', '{',
'}' };
+}
+
for (int i = 0; i < 128; i++) {
separators[i] = false;
}
Modified: tomcat/trunk/java/org/apache/tomcat/util/http/ServerCookie.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/http/ServerCookie.java?rev=831059&r1=831058&r2=831059&view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/http/ServerCookie.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/http/ServerCookie.java Thu Oct 29
18:36:49 2009
@@ -68,22 +68,53 @@
};
private static final String ancientDate;
-
-static {
-ancientDate = OLD_COOKIE_FORMAT.get().format(new Date(1));
-}
+/**
+ * If set to true, we parse cookies strictly according to the servlet,
+ * cookie and HTTP specs by default.
+ */
+public static final boolean STRICT_SERVLET_COMPLIANCE;
/**
- * If set to true, we parse cookies according to the servlet spec,
+ * If set to false, we don't use the IE6/7 Max-Age/Expires work around.
+ * Default is usually true. If STRICT_SERVLET_COMPLIANCE==true then default
+ * is false. Explicitly setting always takes priority.
*/
-public static final boolean STRICT_SERVLET_COMPLIANCE =
-
Boolean.valueOf(System.getProperty("org.apache.catalina.STRICT_SERVLET_COMPLIAN
svn commit: r831069 - in /tomcat/trunk: java/javax/servlet/http/Cookie.java webapps/docs/config/systemprops.xml
Author: markt
Date: Thu Oct 29 19:26:52 2009
New Revision: 831069
URL: http://svn.apache.org/viewvc?rev=831069&view=rev
Log:
Add an option to strictly enforce cookie naming rules.
I'm not wild about the implementation but since we can't change the API, this
was the best I could come up with. Suggestions for improvements welcome.
Modified:
tomcat/trunk/java/javax/servlet/http/Cookie.java
tomcat/trunk/webapps/docs/config/systemprops.xml
Modified: tomcat/trunk/java/javax/servlet/http/Cookie.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/javax/servlet/http/Cookie.java?rev=831069&r1=831068&r2=831069&view=diff
==
--- tomcat/trunk/java/javax/servlet/http/Cookie.java (original)
+++ tomcat/trunk/java/javax/servlet/http/Cookie.java Thu Oct 29 19:26:52 2009
@@ -17,6 +17,7 @@
package javax.servlet.http;
import java.text.MessageFormat;
+import java.util.Date;
import java.util.ResourceBundle;
/**
@@ -486,8 +487,56 @@
// private static final String tspecials = "()<>@,;:\\\"/[]?={} \t";
private static final String tspecials = ",; ";
+private static final String tspecials2 = "()<>@,;:\\\"/[]?={} \t";
+private static final String tspecials2NoSlash = "()<>@,;:\\\"/[]?={} \t";
-
+/**
+ * If set to true, we parse cookies strictly according to the servlet,
+ * cookie and HTTP specs by default.
+ */
+private static final boolean STRICT_SERVLET_COMPLIANCE;
+
+/**
+ * If set to true, the / character will be treated as a
+ * separator. Default is usually false. If STRICT_SERVLET_COMPLIANCE==true
+ * then default is true. Explicitly setting always takes priority.
+ */
+private static final boolean FWD_SLASH_IS_SEPARATOR;
+
+/**
+ * If set to false, we don't use the IE6/7 Max-Age/Expires work around.
+ * Default is usually true. If STRICT_SERVLET_COMPLIANCE==true then default
+ * is false. Explicitly setting always takes priority.
+ */
+private static final boolean STRICT_NAMING;
+
+
+static {
+STRICT_SERVLET_COMPLIANCE = Boolean.valueOf(System.getProperty(
+"org.apache.catalina.STRICT_SERVLET_COMPLIANCE",
+"false")).booleanValue();
+
+String fwdSlashIsSeparator = System.getProperty(
+
"org.apache.tomcat.util.http.ServerCookie.FWD_SLASH_IS_SEPARATOR");
+if (fwdSlashIsSeparator == null) {
+FWD_SLASH_IS_SEPARATOR = STRICT_SERVLET_COMPLIANCE;
+} else {
+FWD_SLASH_IS_SEPARATOR =
+Boolean.valueOf(fwdSlashIsSeparator).booleanValue();
+}
+
+String strictNaming = System.getProperty(
+"javax.servlet.http.Cookie.STRICT_NAMING");
+if (strictNaming == null) {
+STRICT_NAMING = STRICT_SERVLET_COMPLIANCE;
+} else {
+STRICT_NAMING =
+Boolean.valueOf(strictNaming).booleanValue();
+}
+
+}
+
+
/*
@@ -500,24 +549,27 @@
* a reserved token; false
* if it is not
*/
-
private boolean isToken(String value) {
- int len = value.length();
+int len = value.length();
- for (int i = 0; i < len; i++) {
- char c = value.charAt(i);
+for (int i = 0; i < len; i++) {
+char c = value.charAt(i);
- if (c < 0x20 || c >= 0x7f || tspecials.indexOf(c) != -1)
- return false;
- }
- return true;
+if (c < 0x20 ||
+c >= 0x7f ||
+(!STRICT_NAMING && tspecials.indexOf(c) != -1) ||
+(STRICT_NAMING && !FWD_SLASH_IS_SEPARATOR &&
+tspecials2NoSlash.indexOf(c) != -1) ||
+(STRICT_NAMING && FWD_SLASH_IS_SEPARATOR &&
+tspecials2.indexOf(c) != -1)) {
+return false;
+}
+}
+return true;
}
-
-
-
/**
*
* Overrides the standard java.lang.Object.clone
Modified: tomcat/trunk/webapps/docs/config/systemprops.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/systemprops.xml?rev=831069&r1=831068&r2=831069&view=diff
==
--- tomcat/trunk/webapps/docs/config/systemprops.xml (original)
+++ tomcat/trunk/webapps/docs/config/systemprops.xml Thu Oct 29 19:26:52 2009
@@ -248,11 +248,17 @@
The default value will be changed for
org.apache.tomcat.util.http.ServerCookie.ALWAYS_ADD_EXPIRES.
org.apache.tomcat.util.http.ServerCookie.FWD_SLASH_IS_SEPARATOR.
+org.apache.tomcat.util.http.ServerCookie.STRICT_NAMING.
- Note that where setting this to true changes a default,
- that can always be overridden by setting a system prope
Re: svn commit: r831069 - in /tomcat/trunk: java/javax/servlet/http/Cookie.java webapps/docs/config/systemprops.xml
2009/10/29 :
> Author: markt
> Date: Thu Oct 29 19:26:52 2009
> New Revision: 831069
>
> URL: http://svn.apache.org/viewvc?rev=831069&view=rev
> Log:
> Add an option to strictly enforce cookie naming rules.
> I'm not wild about the implementation but since we can't change the API, this
> was the best I could come up with. Suggestions for improvements welcome.
>
> Modified:
> tomcat/trunk/java/javax/servlet/http/Cookie.java
> tomcat/trunk/webapps/docs/config/systemprops.xml
> private static final String tspecials = ",; ";
> + private static final String tspecials2 = "()<>@,;:\\\"/[]?={} \t";
> + private static final String tspecials2NoSlash = "()<>@,;:\\\"/[]?={} \t";
1) What is the difference between tspecials2 and tspecials2NoSlash.
The above two values are the same ("()<>@,;:\\\"/[]?={} \t")
2) I think that you can do
private static final String tspecials2NoSlash = "()<>@,;:\\\"[]?={} \t";
private static final String tspecials2WithSlash = tspecials2NoSlash + "/";
(and compiler will calculate the second constant).
3)
and later
> +(STRICT_NAMING && !FWD_SLASH_IS_SEPARATOR &&
> +tspecials2NoSlash.indexOf(c) != -1) ||
> +(STRICT_NAMING && FWD_SLASH_IS_SEPARATOR &&
> +tspecials2.indexOf(c) != -1)) {
We can preselect the effective value for tspecials2:
e.g. (but better to move into the above static{} block):
private static final String tspecials2 = FWD_SLASH_IS_SEPARATOR ?
tspecials2WithSlash : tspecials2NoSlash;
Thus the condition will become more simple,
(STRICT_NAMING && tspecials2.indexOf(c) != -1)) {
>
> -
> + /**
> + * If set to true, we parse cookies strictly according to the servlet,
> + * cookie and HTTP specs by default.
> + */
> + private static final boolean STRICT_SERVLET_COMPLIANCE;
> +
> + /**
> + * If set to true, the / character will be treated as a
> + * separator. Default is usually false. If
> STRICT_SERVLET_COMPLIANCE==true
> + * then default is true. Explicitly setting always takes priority.
> + */
> + private static final boolean FWD_SLASH_IS_SEPARATOR;
> +
> + /**
> + * If set to false, we don't use the IE6/7 Max-Age/Expires work around.
> + * Default is usually true. If STRICT_SERVLET_COMPLIANCE==true then
> default
> + * is false. Explicitly setting always takes priority.
> + */
> +private static final boolean STRICT_NAMING;
The above JavaDoc looks just copied over from the ALWAYS_ADD_EXPIRES
property, and thus makes no sense here.
In the docs, and in your implementation below, the usual default is
false, and the compliance mode default is true, and the above JavaDoc
says the opposite.
> +
> +
> + static {
> + STRICT_SERVLET_COMPLIANCE = Boolean.valueOf(System.getProperty(
> + "org.apache.catalina.STRICT_SERVLET_COMPLIANCE",
> + "false")).booleanValue();
> +
> + String fwdSlashIsSeparator = System.getProperty(
> +
> "org.apache.tomcat.util.http.ServerCookie.FWD_SLASH_IS_SEPARATOR");
> + if (fwdSlashIsSeparator == null) {
> + FWD_SLASH_IS_SEPARATOR = STRICT_SERVLET_COMPLIANCE;
> + } else {
> + FWD_SLASH_IS_SEPARATOR =
> + Boolean.valueOf(fwdSlashIsSeparator).booleanValue();
> + }
> +
> + String strictNaming = System.getProperty(
> + "javax.servlet.http.Cookie.STRICT_NAMING");
> + if (strictNaming == null) {
> + STRICT_NAMING = STRICT_SERVLET_COMPLIANCE;
> + } else {
> + STRICT_NAMING =
> + Boolean.valueOf(strictNaming).booleanValue();
> + }
> +
> + }
> +
> +
>
(skipped)
Also,
"javax.servlet.http.Cookie. STRICT_NAMING"
It would be better to name that "org.apache.tomcat.util.http.
ServerCookie.STRICT_NAMING"
as I think java(x)* property names are reserved by Sun.
+org.apache.tomcat.util.http.ServerCookie.STRICT_NAMING.
Note that the above line of the doc already uses the *.tomcat.*
property name, but everywhere else in the patch the javax.servlet.*
name was used.
Best regards,
Konstantin Kolinko
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r831106 - in /tomcat/trunk/java/org/apache/coyote/http11: Http11NioProtocol.java Http11Protocol.java
Author: fhanik
Date: Thu Oct 29 21:48:04 2009
New Revision: 831106
URL: http://svn.apache.org/viewvc?rev=831106&view=rev
Log:
SSL should be based on SSLEnabled, not secure flag
Modified:
tomcat/trunk/java/org/apache/coyote/http11/Http11NioProtocol.java
tomcat/trunk/java/org/apache/coyote/http11/Http11Protocol.java
Modified: tomcat/trunk/java/org/apache/coyote/http11/Http11NioProtocol.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/Http11NioProtocol.java?rev=831106&r1=831105&r2=831106&view=diff
==
--- tomcat/trunk/java/org/apache/coyote/http11/Http11NioProtocol.java (original)
+++ tomcat/trunk/java/org/apache/coyote/http11/Http11NioProtocol.java Thu Oct
29 21:48:04 2009
@@ -734,7 +734,7 @@
processor.action(ActionCode.ACTION_START, null);
-if (proto.ep.getSecure() && (proto.sslImplementation != null))
{
+if (proto.ep.isSSLEnabled() && (proto.sslImplementation !=
null)) {
if (socket instanceof SecureNioChannel) {
SecureNioChannel ch = (SecureNioChannel)socket;
processor.setSslSupport(proto.sslImplementation.getSSLSupport(ch.getSslEngine().getSession()));
Modified: tomcat/trunk/java/org/apache/coyote/http11/Http11Protocol.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/Http11Protocol.java?rev=831106&r1=831105&r2=831106&view=diff
==
--- tomcat/trunk/java/org/apache/coyote/http11/Http11Protocol.java (original)
+++ tomcat/trunk/java/org/apache/coyote/http11/Http11Protocol.java Thu Oct 29
21:48:04 2009
@@ -578,7 +578,7 @@
processor.action(ActionCode.ACTION_START, null);
-if (proto.secure && (proto.sslImplementation != null)) {
+if (proto.isSSLEnabled() && (proto.sslImplementation != null))
{
processor.setSSLSupport
(proto.sslImplementation.getSSLSupport(socket.getSocket()));
} else {
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r831108 - /tomcat/tc6.0.x/trunk/STATUS.txt
Author: fhanik Date: Thu Oct 29 21:49:03 2009 New Revision: 831108 URL: http://svn.apache.org/viewvc?rev=831108&view=rev Log: proposal Modified: tomcat/tc6.0.x/trunk/STATUS.txt Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=831108&r1=831107&r2=831108&view=diff == --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Thu Oct 29 21:49:03 2009 @@ -353,3 +353,8 @@ http://svn.apache.org/viewvc?rev=828225&view=rev +1: markt, kkolinko -1: + +* Use correct flag for SSL + http://svn.apache.org/viewvc?rev=831106&view=rev + +1: fhanik + -1: - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 48083] IIS7 with Tomcat-Connector
https://issues.apache.org/bugzilla/show_bug.cgi?id=48083 --- Comment #1 from gre...@familyfischer.net 2009-10-29 14:52:39 UTC --- Had support from Microsoft and it seems to be, that the error code above is ERROR_INVALID_FUNCTION being generated by the ISAPI filter. So, seems to be a bug, less a config error. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r831069 - in /tomcat/trunk: java/javax/servlet/http/Cookie.java webapps/docs/config/systemprops.xml
Konstantin Kolinko wrote: Thanks for the review. Way too much cut and paste on my part there. > Also, > "javax.servlet.http.Cookie. STRICT_NAMING" > > It would be better to name that "org.apache.tomcat.util.http. > ServerCookie.STRICT_NAMING" > as I think java(x)* property names are reserved by Sun. > > +org.apache.tomcat.util.http.ServerCookie.STRICT_NAMING. I'm torn on this one. I was 50/50 on which name to choose and since you seem to be leaning towards the none javax one I'm happy to change it. Cheers, Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r831116 - in /tomcat/trunk: java/javax/servlet/http/Cookie.java webapps/docs/config/systemprops.xml
Author: markt
Date: Thu Oct 29 22:14:26 2009
New Revision: 831116
URL: http://svn.apache.org/viewvc?rev=831116&view=rev
Log:
Apply Konstantin's review comments
Modified:
tomcat/trunk/java/javax/servlet/http/Cookie.java
tomcat/trunk/webapps/docs/config/systemprops.xml
Modified: tomcat/trunk/java/javax/servlet/http/Cookie.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/javax/servlet/http/Cookie.java?rev=831116&r1=831115&r2=831116&view=diff
==
--- tomcat/trunk/java/javax/servlet/http/Cookie.java (original)
+++ tomcat/trunk/java/javax/servlet/http/Cookie.java Thu Oct 29 22:14:26 2009
@@ -487,8 +487,9 @@
// private static final String tspecials = "()<>@,;:\\\"/[]?={} \t";
private static final String tspecials = ",; ";
-private static final String tspecials2 = "()<>@,;:\\\"/[]?={} \t";
-private static final String tspecials2NoSlash = "()<>@,;:\\\"/[]?={} \t";
+private static final String tspecials2NoSlash = "()<>@,;:\\\"[]?={} \t";
+private static final String tspecials2WithSlash = tspecials2NoSlash + "/";
+private static final String tspecials2;
/**
* If set to true, we parse cookies strictly according to the servlet,
@@ -504,9 +505,10 @@
private static final boolean FWD_SLASH_IS_SEPARATOR;
/**
- * If set to false, we don't use the IE6/7 Max-Age/Expires work around.
- * Default is usually true. If STRICT_SERVLET_COMPLIANCE==true then default
- * is false. Explicitly setting always takes priority.
+ * If set to true, enforce the cookie naming rules in the spec that require
+ * no separators in the cookie name. Default is usually false. If
+ * STRICT_SERVLET_COMPLIANCE==true then default is true. Explicitly setting
+ * always takes priority.
*/
private static final boolean STRICT_NAMING;
@@ -525,8 +527,14 @@
Boolean.valueOf(fwdSlashIsSeparator).booleanValue();
}
+if (FWD_SLASH_IS_SEPARATOR) {
+tspecials2 = tspecials2WithSlash;
+} else {
+tspecials2 = tspecials2NoSlash;
+}
+
String strictNaming = System.getProperty(
-"javax.servlet.http.Cookie.STRICT_NAMING");
+"org.apache.tomcat.util.http.ServerCookie.STRICT_NAMING");
if (strictNaming == null) {
STRICT_NAMING = STRICT_SERVLET_COMPLIANCE;
} else {
@@ -555,13 +563,8 @@
for (int i = 0; i < len; i++) {
char c = value.charAt(i);
-if (c < 0x20 ||
-c >= 0x7f ||
-(!STRICT_NAMING && tspecials.indexOf(c) != -1) ||
-(STRICT_NAMING && !FWD_SLASH_IS_SEPARATOR &&
-tspecials2NoSlash.indexOf(c) != -1) ||
-(STRICT_NAMING && FWD_SLASH_IS_SEPARATOR &&
-tspecials2.indexOf(c) != -1)) {
+if (c < 0x20 || c >= 0x7f ||
+(STRICT_NAMING && tspecials2.indexOf(c) != -1)) {
return false;
}
}
Modified: tomcat/trunk/webapps/docs/config/systemprops.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/systemprops.xml?rev=831116&r1=831115&r2=831116&view=diff
==
--- tomcat/trunk/webapps/docs/config/systemprops.xml (original)
+++ tomcat/trunk/webapps/docs/config/systemprops.xml Thu Oct 29 22:14:26 2009
@@ -296,7 +296,7 @@
+name="org.apache.tomcat.util.http. ServerCookie.STRICT_NAMING">
If this is true then the requirements of the Servlet specification
that Cookie names must adhere to RFC2109 (no use of separators) will be
enforced. If not specified, the default value will be used. If
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r831116 - in /tomcat/trunk: java/javax/servlet/http/Cookie.java webapps/docs/config/systemprops.xml
2009/10/30 : > Author: markt > Date: Thu Oct 29 22:14:26 2009 > New Revision: 831116 > > URL: http://svn.apache.org/viewvc?rev=831116&view=rev > Log: > Apply Konstantin's review comments > > Modified: > tomcat/trunk/java/javax/servlet/http/Cookie.java > tomcat/trunk/webapps/docs/config/systemprops.xml > Now it is OK for me. Thank you. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r831177 - /tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11Processor.java
Author: kkolinko
Date: Fri Oct 30 01:14:22 2009
New Revision: 831177
URL: http://svn.apache.org/viewvc?rev=831177&view=rev
Log:
Followup for rev.830980 changes:
Add brackets for better clarity, as we had them before. No functional change.
Modified:
tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11Processor.java
Modified:
tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11Processor.java
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11Processor.java?rev=831177&r1=831176&r2=831177&view=diff
==
--- tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11Processor.java
(original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11Processor.java Fri
Oct 30 01:14:22 2009
@@ -777,10 +777,10 @@
// When using an executor, these values may return non-positive values
int curThreads = endpoint.getCurrentThreadsBusy();
int maxThreads = endpoint.getMaxThreads();
-if (curThreads > 0 && maxThreads >0) {
+if (curThreads > 0 && maxThreads > 0) {
// Only auto-disable keep-alive if the current thread usage % can
be
// calculated correctly
-if (curThreads*100/maxThreads > 75) {
+if ((curThreads*100)/maxThreads > 75) {
keepAliveLeft = 1;
}
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r831201 - /tomcat/tc6.0.x/trunk/STATUS.txt
Author: kkolinko Date: Fri Oct 30 04:49:35 2009 New Revision: 831201 URL: http://svn.apache.org/viewvc?rev=831201&view=rev Log: vote Modified: tomcat/tc6.0.x/trunk/STATUS.txt Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=831201&r1=831200&r2=831201&view=diff == --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Fri Oct 30 04:49:35 2009 @@ -215,6 +215,7 @@ http://people.apache.org/~markt/patches/2009-08-15-AccessLogValve-tc6.patch +1: markt, kkolinko -1: + kkolinko: Also +1 to use StringBuilder everywhere in those classes, with exception of those places where it is passed as the argument to AccessLogValve.AccessLogElement#addElement(). @@ -309,6 +310,7 @@ that file (because part of a webapp), but maybe it would be cleaner to do this for the installer target only, e.g. saving the file, fixcrlf, run nsi, restoring file. + kkolinko: Another way to fix it would be to place a copy of that file into %CATALINA_HOME% (with proper CRLF endings) and display that one in the installer, leaving the one in the ROOT webapp as is. Note, that we @@ -356,5 +358,5 @@ * Use correct flag for SSL http://svn.apache.org/viewvc?rev=831106&view=rev - +1: fhanik + +1: fhanik, kkolinko -1: - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r831212 - in /tomcat: tc6.0.x/trunk/webapps/docs/config/http.xml trunk/webapps/docs/config/http.xml
Author: kkolinko Date: Fri Oct 30 06:37:47 2009 New Revision: 831212 URL: http://svn.apache.org/viewvc?rev=831212&view=rev Log: Fix a documentation bug: To enable SSL in TC 6.0 and later you set SSLEnabled=true, not secure=true as it was in TC 5.5. Also added a phrase about secure and schema attributes. The text is nearly identical to the one in the SSLEnabled attribute description above on the same page. If anyone has a better phrase, you are welcome. Modified: tomcat/tc6.0.x/trunk/webapps/docs/config/http.xml tomcat/trunk/webapps/docs/config/http.xml Modified: tomcat/tc6.0.x/trunk/webapps/docs/config/http.xml URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/config/http.xml?rev=831212&r1=831211&r2=831212&view=diff == --- tomcat/tc6.0.x/trunk/webapps/docs/config/http.xml (original) +++ tomcat/tc6.0.x/trunk/webapps/docs/config/http.xml Fri Oct 30 06:37:47 2009 @@ -640,8 +640,14 @@ You can enable SSL support for a particular instance of this - Connector by setting the secure attribute to - true. In addition, you may need to configure the following + Connector by setting the SSLEnabled attribute to + true. + + You will also need to set the scheme and secure attributes + to the values https and true respectively, + to pass correct information to the servlets. + + In addition, you may need to configure the following attributes: Modified: tomcat/trunk/webapps/docs/config/http.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/http.xml?rev=831212&r1=831211&r2=831212&view=diff == --- tomcat/trunk/webapps/docs/config/http.xml (original) +++ tomcat/trunk/webapps/docs/config/http.xml Fri Oct 30 06:37:47 2009 @@ -675,8 +675,14 @@ You can enable SSL support for a particular instance of this - Connector by setting the secure attribute to - true. In addition, you may need to configure the following + Connector by setting the SSLEnabled attribute to + true. + + You will also need to set the scheme and secure attributes + to the values https and true respectively, + to pass correct information to the servlets. + + In addition, you may need to configure the following attributes: - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
