svn commit: r1084103 - in /tomcat/trunk/webapps: host-manager/401.jsp host-manager/403.jsp manager/401.jsp manager/403.jsp
Author: markt
Date: Tue Mar 22 08:46:00 2011
New Revision: 1084103
URL: http://svn.apache.org/viewvc?rev=1084103&view=rev
Log:
Remove unnecessary code that makes switching to other authentication methods
difficult.
Modified:
tomcat/trunk/webapps/host-manager/401.jsp
tomcat/trunk/webapps/host-manager/403.jsp
tomcat/trunk/webapps/manager/401.jsp
tomcat/trunk/webapps/manager/403.jsp
Modified: tomcat/trunk/webapps/host-manager/401.jsp
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/host-manager/401.jsp?rev=1084103&r1=1084102&r2=1084103&view=diff
==
--- tomcat/trunk/webapps/host-manager/401.jsp (original)
+++ tomcat/trunk/webapps/host-manager/401.jsp Tue Mar 22 08:46:00 2011
@@ -14,9 +14,6 @@
See the License for the specific language governing permissions and
limitations under the License.
--%>
-<%
- response.setHeader("WWW-Authenticate", "Basic realm=\"Tomcat Host Manager
Application\"");
-%>
http://www.w3.org/TR/html4/strict.dtd";>
Modified: tomcat/trunk/webapps/host-manager/403.jsp
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/host-manager/403.jsp?rev=1084103&r1=1084102&r2=1084103&view=diff
==
--- tomcat/trunk/webapps/host-manager/403.jsp (original)
+++ tomcat/trunk/webapps/host-manager/403.jsp Tue Mar 22 08:46:00 2011
@@ -14,9 +14,6 @@
See the License for the specific language governing permissions and
limitations under the License.
--%>
-<%
- response.setHeader("WWW-Authenticate", "Basic realm=\"Tomcat Host Manager
Application\"");
-%>
http://www.w3.org/TR/html4/strict.dtd";>
Modified: tomcat/trunk/webapps/manager/401.jsp
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/manager/401.jsp?rev=1084103&r1=1084102&r2=1084103&view=diff
==
--- tomcat/trunk/webapps/manager/401.jsp (original)
+++ tomcat/trunk/webapps/manager/401.jsp Tue Mar 22 08:46:00 2011
@@ -14,9 +14,6 @@
See the License for the specific language governing permissions and
limitations under the License.
--%>
-<%
- response.setHeader("WWW-Authenticate", "Basic realm=\"Tomcat Manager
Application\"");
-%>
http://www.w3.org/TR/html4/strict.dtd";>
Modified: tomcat/trunk/webapps/manager/403.jsp
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/manager/403.jsp?rev=1084103&r1=1084102&r2=1084103&view=diff
==
--- tomcat/trunk/webapps/manager/403.jsp (original)
+++ tomcat/trunk/webapps/manager/403.jsp Tue Mar 22 08:46:00 2011
@@ -14,9 +14,6 @@
See the License for the specific language governing permissions and
limitations under the License.
--%>
-<%
- response.setHeader("WWW-Authenticate", "Basic realm=\"Tomcat Manager
Application\"");
-%>
http://www.w3.org/TR/html4/strict.dtd";>
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1084107 - /tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
Author: markt Date: Tue Mar 22 08:53:40 2011 New Revision: 1084107 URL: http://svn.apache.org/viewvc?rev=1084107&view=rev Log: Typo Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=1084107&r1=1084106&r2=1084107&view=diff == --- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Tue Mar 22 08:53:40 2011 @@ -203,7 +203,7 @@ -filter input of manager app servlets. (kkolinko) +Filter input of manager app servlets. (kkolinko) 43960: Expose available property of StandardWrapper via JMX. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1084109 - in /tomcat/trunk/webapps: docs/ host-manager/ host-manager/WEB-INF/ host-manager/WEB-INF/jsp/ manager/ manager/WEB-INF/ manager/WEB-INF/jsp/
Author: markt Date: Tue Mar 22 08:57:12 2011 New Revision: 1084109 URL: http://svn.apache.org/viewvc?rev=1084109&view=rev Log: Prevent the custom error pages for the Manager and Host Manager applications from being accessed directly. Added: tomcat/trunk/webapps/host-manager/WEB-INF/jsp/ tomcat/trunk/webapps/host-manager/WEB-INF/jsp/401.jsp - copied unchanged from r1084103, tomcat/trunk/webapps/host-manager/401.jsp tomcat/trunk/webapps/host-manager/WEB-INF/jsp/403.jsp - copied unchanged from r1084103, tomcat/trunk/webapps/host-manager/403.jsp tomcat/trunk/webapps/host-manager/WEB-INF/jsp/404.jsp - copied unchanged from r1083892, tomcat/trunk/webapps/host-manager/404.jsp tomcat/trunk/webapps/manager/WEB-INF/jsp/401.jsp - copied unchanged from r1084103, tomcat/trunk/webapps/manager/401.jsp tomcat/trunk/webapps/manager/WEB-INF/jsp/403.jsp - copied unchanged from r1084103, tomcat/trunk/webapps/manager/403.jsp tomcat/trunk/webapps/manager/WEB-INF/jsp/404.jsp - copied unchanged from r1083892, tomcat/trunk/webapps/manager/404.jsp Removed: tomcat/trunk/webapps/host-manager/401.jsp tomcat/trunk/webapps/host-manager/403.jsp tomcat/trunk/webapps/host-manager/404.jsp tomcat/trunk/webapps/manager/401.jsp tomcat/trunk/webapps/manager/403.jsp tomcat/trunk/webapps/manager/404.jsp Modified: tomcat/trunk/webapps/docs/changelog.xml tomcat/trunk/webapps/host-manager/WEB-INF/web.xml tomcat/trunk/webapps/manager/WEB-INF/web.xml Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1084109&r1=1084108&r2=1084109&view=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Tue Mar 22 08:57:12 2011 @@ -126,6 +126,10 @@ Align the authenticator documentation and MBean descriptors with the implementation. (markt) + +Prevent the custom error pages for the Manager and Host Manager +applications from being accessed directly. (markt) + Modified: tomcat/trunk/webapps/host-manager/WEB-INF/web.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/host-manager/WEB-INF/web.xml?rev=1084109&r1=1084108&r2=1084109&view=diff == --- tomcat/trunk/webapps/host-manager/WEB-INF/web.xml (original) +++ tomcat/trunk/webapps/host-manager/WEB-INF/web.xml Tue Mar 22 08:57:12 2011 @@ -116,15 +116,15 @@ 401 -/401.jsp +/WEB-INF/jsp/401.jsp 403 -/403.jsp +/WEB-INF/jsp/403.jsp 404 -/404.jsp +/WEB-INF/jsp/404.jsp Modified: tomcat/trunk/webapps/manager/WEB-INF/web.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/manager/WEB-INF/web.xml?rev=1084109&r1=1084108&r2=1084109&view=diff == --- tomcat/trunk/webapps/manager/WEB-INF/web.xml (original) +++ tomcat/trunk/webapps/manager/WEB-INF/web.xml Tue Mar 22 08:57:12 2011 @@ -181,15 +181,15 @@ 401 -/401.jsp +/WEB-INF/jsp/401.jsp 403 -/403.jsp +/WEB-INF/jsp/403.jsp 404 -/404.jsp +/WEB-INF/jsp/404.jsp - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1084115 - in /tomcat/trunk/java/org/apache/catalina: connector/Request.java security/SecurityClassLoad.java
Author: markt
Date: Tue Mar 22 09:42:29 2011
New Revision: 1084115
URL: http://svn.apache.org/viewvc?rev=1084115&view=rev
Log:
Use standard approach for pre-loading classes
Modified:
tomcat/trunk/java/org/apache/catalina/connector/Request.java
tomcat/trunk/java/org/apache/catalina/security/SecurityClassLoad.java
Modified: tomcat/trunk/java/org/apache/catalina/connector/Request.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/connector/Request.java?rev=1084115&r1=1084114&r2=1084115&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/connector/Request.java (original)
+++ tomcat/trunk/java/org/apache/catalina/connector/Request.java Tue Mar 22
09:42:29 2011
@@ -81,7 +81,6 @@ import org.apache.tomcat.util.ExceptionU
import org.apache.tomcat.util.buf.B2CConverter;
import org.apache.tomcat.util.buf.ByteChunk;
import org.apache.tomcat.util.buf.MessageBytes;
-import org.apache.tomcat.util.buf.StringCache;
import org.apache.tomcat.util.http.Cookies;
import org.apache.tomcat.util.http.FastHttpDateFormat;
import org.apache.tomcat.util.http.Parameters;
@@ -112,12 +111,6 @@ public class Request
// --- Constructors
-static {
-// Ensure that classes are loaded for SM
-new StringCache.ByteEntry();
-new StringCache.CharEntry();
-}
-
public Request() {
formats[0].setTimeZone(GMT_ZONE);
Modified: tomcat/trunk/java/org/apache/catalina/security/SecurityClassLoad.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/security/SecurityClassLoad.java?rev=1084115&r1=1084114&r2=1084115&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/security/SecurityClassLoad.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/security/SecurityClassLoad.java Tue
Mar 22 09:42:29 2011
@@ -238,6 +238,10 @@ public final class SecurityClassLoad {
private static final void loadTomcatPackage(ClassLoader loader)
throws Exception {
final String basePackage = "org.apache.tomcat.";
+loader.loadClass(basePackage + "util.buf.StringCache");
+loader.loadClass(basePackage + "util.buf.StringCache$ByteEntry");
+loader.loadClass(basePackage + "util.buf.StringCache$CharEntry");
+loader.loadClass(basePackage + "util.http.HttpMessages");
// Make sure system property is read at this point
Class clazz = loader.loadClass(
basePackage + "util.http.FastHttpDateFormat");
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1084116 - /tomcat/trunk/java/org/apache/catalina/connector/Request.java
Author: markt
Date: Tue Mar 22 09:49:50 2011
New Revision: 1084116
URL: http://svn.apache.org/viewvc?rev=1084116&view=rev
Log:
Fix an Eclipse warning
Modified:
tomcat/trunk/java/org/apache/catalina/connector/Request.java
Modified: tomcat/trunk/java/org/apache/catalina/connector/Request.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/connector/Request.java?rev=1084116&r1=1084115&r2=1084116&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/connector/Request.java (original)
+++ tomcat/trunk/java/org/apache/catalina/connector/Request.java Tue Mar 22
09:49:50 2011
@@ -1573,7 +1573,8 @@ public class Request
// Ensure that the specified encoding is valid
byte buffer[] = new byte[1];
buffer[0] = (byte) 'a';
-new String(buffer, enc);
+@SuppressWarnings("unused")
+String s = new String(buffer, enc);
// Save the validated encoding
coyoteRequest.setCharacterEncoding(enc);
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1084117 - /tomcat/trunk/res/findbugs/filter-false-positives.xml
Author: markt Date: Tue Mar 22 09:50:04 2011 New Revision: 1084117 URL: http://svn.apache.org/viewvc?rev=1084117&view=rev Log: Add another false positive Modified: tomcat/trunk/res/findbugs/filter-false-positives.xml Modified: tomcat/trunk/res/findbugs/filter-false-positives.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/res/findbugs/filter-false-positives.xml?rev=1084117&r1=1084116&r2=1084117&view=diff == --- tomcat/trunk/res/findbugs/filter-false-positives.xml (original) +++ tomcat/trunk/res/findbugs/filter-false-positives.xml Tue Mar 22 09:50:04 2011 @@ -52,6 +52,11 @@ + + + + + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1084120 - /tomcat/trunk/java/org/apache/catalina/filters/ExpiresFilter.java
Author: markt
Date: Tue Mar 22 09:55:10 2011
New Revision: 1084120
URL: http://svn.apache.org/viewvc?rev=1084120&view=rev
Log:
Remove unused code
Modified:
tomcat/trunk/java/org/apache/catalina/filters/ExpiresFilter.java
Modified: tomcat/trunk/java/org/apache/catalina/filters/ExpiresFilter.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/filters/ExpiresFilter.java?rev=1084120&r1=1084119&r2=1084120&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/filters/ExpiresFilter.java (original)
+++ tomcat/trunk/java/org/apache/catalina/filters/ExpiresFilter.java Tue Mar 22
09:55:10 2011
@@ -19,7 +19,6 @@ package org.apache.catalina.filters;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.ArrayList;
-import java.util.Arrays;
import java.util.Calendar;
import java.util.Date;
import java.util.Enumeration;
@@ -410,14 +409,6 @@ public class ExpiresFilter extends Filte
*/
protected static class Duration {
-public static Duration minutes(int amount) {
-return new Duration(amount, DurationUnit.MINUTE);
-}
-
-public static Duration seconds(int amount) {
-return new Duration(amount, DurationUnit.SECOND);
-}
-
protected final int amount;
protected final DurationUnit unit;
@@ -481,11 +472,6 @@ public class ExpiresFilter extends Filte
private StartingPoint startingPoint;
public ExpiresConfiguration(StartingPoint startingPoint,
-Duration... durations) {
-this(startingPoint, Arrays.asList(durations));
-}
-
-public ExpiresConfiguration(StartingPoint startingPoint,
List durations) {
super();
this.startingPoint = startingPoint;
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1084158 - /tomcat/tc6.0.x/trunk/conf/web.xml
Author: markt Date: Tue Mar 22 13:08:03 2011 New Revision: 1084158 URL: http://svn.apache.org/viewvc?rev=1084158&view=rev Log: CTR. Fix comment typo. Modified: tomcat/tc6.0.x/trunk/conf/web.xml Modified: tomcat/tc6.0.x/trunk/conf/web.xml URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/conf/web.xml?rev=1084158&r1=1084157&r2=1084158&view=diff == --- tomcat/tc6.0.x/trunk/conf/web.xml (original) +++ tomcat/tc6.0.x/trunk/conf/web.xml Tue Mar 22 13:08:03 2011 @@ -37,7 +37,7 @@ - + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1084171 - /tomcat/trunk/conf/catalina.policy
Author: markt Date: Tue Mar 22 13:32:12 2011 New Revision: 1084171 URL: http://svn.apache.org/viewvc?rev=1084171&view=rev Log: Tweak wording, try to make clearer Modified: tomcat/trunk/conf/catalina.policy Modified: tomcat/trunk/conf/catalina.policy URL: http://svn.apache.org/viewvc/tomcat/trunk/conf/catalina.policy?rev=1084171&r1=1084170&r2=1084171&view=diff == --- tomcat/trunk/conf/catalina.policy (original) +++ tomcat/trunk/conf/catalina.policy Tue Mar 22 13:32:12 2011 @@ -19,10 +19,10 @@ // This file contains a default set of security policies to be enforced (by the // JVM) when Catalina is executed with the "-security" option. In addition // to the permissions granted here, the following additional permissions are -// granted specific to each web application: +// granted to each web application: // -// * Read access to its document root directory -// * Read, write and delete access to its working directory +// * Read access to the web application's document root directory +// * Read, write and delete access to the web application's working directory // // $Id$ // - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1084271 - /tomcat/trunk/modules/jdbc-pool/test/org/apache/tomcat/jdbc/test/CheckOutThreadTest.java
Author: markt
Date: Tue Mar 22 17:58:15 2011
New Revision: 1084271
URL: http://svn.apache.org/viewvc?rev=1084271&view=rev
Log:
Remove unnecessary casts
Modified:
tomcat/trunk/modules/jdbc-pool/test/org/apache/tomcat/jdbc/test/CheckOutThreadTest.java
Modified:
tomcat/trunk/modules/jdbc-pool/test/org/apache/tomcat/jdbc/test/CheckOutThreadTest.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/modules/jdbc-pool/test/org/apache/tomcat/jdbc/test/CheckOutThreadTest.java?rev=1084271&r1=1084270&r2=1084271&view=diff
==
---
tomcat/trunk/modules/jdbc-pool/test/org/apache/tomcat/jdbc/test/CheckOutThreadTest.java
(original)
+++
tomcat/trunk/modules/jdbc-pool/test/org/apache/tomcat/jdbc/test/CheckOutThreadTest.java
Tue Mar 22 17:58:15 2011
@@ -412,13 +412,13 @@ public class CheckOutThreadTest extends
}
if (System.getProperty("print-thread-stats")!=null) {
System.out.println("["+getName()+"] "+
-"\n\tMax time to retrieve
connection:"+(((float)max)/1000f/1000f)+" ms."+
-"\n\tTotal time to retrieve
connection:"+(((float)totalmax)/1000f/1000f)+" ms."+
-"\n\tAverage time to retrieve
connection:"+(((float)totalmax)/1000f/1000f)/(float)nroffetch+" ms."+
-"\n\tMax time to close
connection:"+(((float)cmax)/1000f/1000f)+" ms."+
-"\n\tTotal time to close
connection:"+(((float)totalcmax)/1000f/1000f)+" ms."+
-"\n\tAverage time to close
connection:"+(((float)totalcmax)/1000f/1000f)/(float)nroffetch+" ms."+
-"\n\tRun time:"+(((float)totalruntime)/1000f/1000f)+" ms."+
+"\n\tMax time to retrieve connection:"+(max/1000f/1000f)+"
ms."+
+"\n\tTotal time to retrieve
connection:"+(totalmax/1000f/1000f)+" ms."+
+"\n\tAverage time to retrieve
connection:"+(totalmax/1000f/1000f)/nroffetch+" ms."+
+"\n\tMax time to close connection:"+(cmax/1000f/1000f)+"
ms."+
+"\n\tTotal time to close
connection:"+(totalcmax/1000f/1000f)+" ms."+
+"\n\tAverage time to close
connection:"+(totalcmax/1000f/1000f)/nroffetch+" ms."+
+"\n\tRun time:"+(totalruntime/1000f/1000f)+" ms."+
"\n\tNr of fetch:"+nroffetch);
}
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 50957] New: Blocking IO can serve wrong response data
https://issues.apache.org/bugzilla/show_bug.cgi?id=50957 Summary: Blocking IO can serve wrong response data Product: Tomcat 7 Version: 7.0.8 Platform: PC OS/Version: Windows XP Status: NEW Severity: critical Priority: P2 Component: Catalina AssignedTo: dev@tomcat.apache.org ReportedBy: bpl...@bulliondirect.com Tomcat: 7.0.8 OS: Windows 2008 Server (x64) Compression enabled on both HTTP and HTTPS connectors. When using standard blocking IO HTTP/1.1 over a period of 2+ days under moderate traffic, Tomcat 7 will begin to occasionally serve the incorrect responses for a request. Incorrect responses span a variety behaviors * Serving a javascript (.js) file instead of HTML or Image * Serving the wrong image * Serving a .css file instead of HTML, javascript file, or Image This behavior has been observed in both HTTP & HTTPS. Another observation is that if the wrong response is served, the response is at least for something that was also requested and not something random. Once the behavior was detected, I used WebScarab as a proxy to monitor the entire Browser <--> Tomcat conversation. I was able to confirm a scenario like the following: ImageA.gif ImageB.gif Each has different file size, ETAG, etc. GET ImageB.gif returned ImageA.gif (with ImageA.gif's ETAG, headers, binary content, and content size) --- This report corroborates another report discovered in the wild: http://www.apacheserver.net/q11460/Tomcat-serving-wrong-content In the above report, the person requested a page and received an image. No reproduction steps have been identified to trigger this condition. The only thing the above reporter & I noticed is that Tomcat needs to be up for a while and serve traffic throughout that period. Once the condition has been established it is still seemingly random when it occurs. Whenever it begins to happen, however, disable caching & keep reloading an image-heavy page until you see obvious misplaced images or other things. Using a debugging proxy will allow you to verify that incorrect content is served. Switching to NIO appears to bypass the problem or at least NIO does not exhibit the same behavior. As the other reporter had noted, restarting Tomcat will clear the condition. My hypothesis is that there is some condition within Tomcat & Blocking IO where a series of (pipelined?) requests (images, css, js) spawned from a page can become confused resulting in swapped responses (A <--> B) or duplicated responses (A & A). Maybe some output buffer is getting clobbered. Based upon Http11Processor, pipelined requests are constrained to the same Socket so I do not believe there is a risk of swapping responses across users. It is unknown if this bug could be deliberately exploited in some way. Needless to say, a server that is serving incorrect content justifies a very serious severity rating. I would not recommend using BIO in any Production environment for the time being. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 50957] Blocking IO can serve wrong response data
https://issues.apache.org/bugzilla/show_bug.cgi?id=50957 Brad Plies changed: What|Removed |Added CC||bpl...@bulliondirect.com OS/Version|Windows XP |Windows Server 2008 -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 50957] Blocking IO can serve wrong response data
https://issues.apache.org/bugzilla/show_bug.cgi?id=50957 Mark Thomas changed: What|Removed |Added OS/Version||All --- Comment #1 from Mark Thomas 2011-03-22 18:45:08 EDT --- Experience has shown that most instances of this type of error are triggered by application bugs rather than Tomcat bugs - usually in the form of retaining and re-using a reference to the request or response object. One way to test this is to set the system property org.apache.catalina.connector.RECYCLE_FACADES to true. If you see NPEs then that is indicative of an application bug. Something else that would be very useful since you are able to reproduce this (albeit rarely) is a Wireshark trace of a connection where this occurred. If it is a Tomcat bug it is likely to be triggered by an error condition in a previous request on the connection. It is worth updating to the latest 7.0.x in case you are seeing a variation of bug 50189. Ultimately, without more information that points to a Tomcat bug this is going to get resolved as WORKSFORME. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 50957] Blocking IO can serve wrong response data
https://issues.apache.org/bugzilla/show_bug.cgi?id=50957 --- Comment #2 from Brad Plies 2011-03-22 18:51:58 EDT --- Found a few other somewhat related threads "Response Swapping" http://marc.info/?l=tomcat-user&m=130048233431588&w=2 mod_jk & Tomcat 5.5.30 http://marc.info/?l=tomcat-user&m=129796706820107&w=4 Tomcat 7 BIO Connector sockets are queued Implies a difference in BIO between Tomcat 6 & 7 and may explain why I've never seen this bug in Tomcat 6. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 50957] Blocking IO can serve wrong response data
https://issues.apache.org/bugzilla/show_bug.cgi?id=50957 --- Comment #3 from Brad Plies 2011-03-22 19:17:07 EDT --- (In reply to comment #1) > Experience has shown that most instances of this type of error are triggered > by > application bugs rather than Tomcat bugs - usually in the form of retaining > and > re-using a reference to the request or response object. One way to test this > is > to set the system property org.apache.catalina.connector.RECYCLE_FACADES to > true. If you see NPEs then that is indicative of an application bug. If it were true that this could be caused by application references to request & response objects, that may not explain why changing to NIO would have any different behavior. Also, why would it take an amount of time before exhibiting the behavior? If an application did in fact do this, one would expect a higher occurance rate. In case I am unable to locate examples of these past instances you describe, could you provide a few that you know of? That way I can do a better job matching characteristics and symptoms. I will have to evaluate some code to see if any references to request or response object are being held anywhere. I would like to try the RECYCLE_FACADES recommendation but will not be able to put BIO back into the environment where it was detected. > It is worth updating to the latest 7.0.x in case you are seeing a variation of > bug 50189. 50189 differs from this submission in that it relied on AJP and possessed zero-length messages as symptoms. By contrast, this submission is using BIO and not using AJP and positive-length messages are delivered just with the wrong payloads. I cannot yet say at this point if application code is reading from a request after the response outputstream is closed. I really doubt it but I'll look anyway. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 50957] Blocking IO can serve wrong response data
https://issues.apache.org/bugzilla/show_bug.cgi?id=50957 --- Comment #4 from Brad Plies 2011-03-22 19:25:29 EDT --- (In reply to comment #1) > Experience has shown that most instances of this type of error are triggered > by > application bugs rather than Tomcat bugs - usually in the form of retaining > and > re-using a reference to the request or response object. One way to test this > is > to set the system property org.apache.catalina.connector.RECYCLE_FACADES to > true. If you see NPEs then that is indicative of an application bug. I forgot to mention that this same application has run on Tomcat 6 BIO for years without this problem. It only surfaced once we ran the app in Tomcat 7 BIO. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 50957] Blocking IO can serve wrong response data
https://issues.apache.org/bugzilla/show_bug.cgi?id=50957 --- Comment #5 from Mark Thomas 2011-03-22 19:31:20 EDT --- That BIO worked in 6 but has the error in 7 does point to this being a Tomcat bug. I've checked the request queuing code and that looks OK. However, a larger change was the async support. I have found one area where I have some suspicions but I need to do more research to see if there is a bug there or not. While bug 50189 was reported against AJP, the fix was made for all connectors. There may also have been issues with HTTP although I don't recall any reports. However, the code was the same in 6.0.x so that tends to rule that out as a possibility. Getting ahead of myself I know, but if my suspicions prove to be correct, are you able to test BIO and a potentially fixed 7.0.x in the environment where you saw this error? -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1084422 - /tomcat/trunk/java/org/apache/coyote/http11/Http11NioProtocol.java
Author: markt
Date: Wed Mar 23 00:17:33 2011
New Revision: 1084422
URL: http://svn.apache.org/viewvc?rev=1084422&view=rev
Log:
Rename, no functional change
Modified:
tomcat/trunk/java/org/apache/coyote/http11/Http11NioProtocol.java
Modified: tomcat/trunk/java/org/apache/coyote/http11/Http11NioProtocol.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/Http11NioProtocol.java?rev=1084422&r1=1084421&r2=1084422&view=diff
==
--- tomcat/trunk/java/org/apache/coyote/http11/Http11NioProtocol.java (original)
+++ tomcat/trunk/java/org/apache/coyote/http11/Http11NioProtocol.java Wed Mar
23 00:17:33 2011
@@ -252,10 +252,10 @@ public class Http11NioProtocol extends A
*/
@Override
public void release(NioChannel socket) {
-Http11NioProcessor result = connections.remove(socket);
-if ( result != null ) {
-result.recycle();
-recycledProcessors.offer(result);
+Http11NioProcessor processor = connections.remove(socket);
+if (processor != null) {
+processor.recycle();
+recycledProcessors.offer(processor);
}
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 50957] Blocking IO can serve wrong response data
https://issues.apache.org/bugzilla/show_bug.cgi?id=50957 --- Comment #6 from Brad Plies 2011-03-22 20:19:48 EDT --- (In reply to comment #5) > Getting ahead of myself I know, but if my suspicions prove to be correct, are > you able to test BIO and a potentially fixed 7.0.x in the environment where > you > saw this error? Thanks for the reply. As much as I'd love to continue to help the ASF & everyone else with this I will unfortunately be unable to test the potential fix on that environment. We appear to have a functioning workaround (NIO) and it must remain that way. The best I can offer is to try some simulations of the potential fix using the same application in another environment which will not match the same uptime or traffic levels - and may not trigger the condition at all. As for resolution of this issue either you or someone else will manage to find more suspicious code, other users will report "me too", or it will be fixed in relation to some other issue. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1084424 - /tomcat/trunk/java/org/apache/coyote/http11/Http11AprProtocol.java
Author: markt
Date: Wed Mar 23 00:27:00 2011
New Revision: 1084424
URL: http://svn.apache.org/viewvc?rev=1084424&view=rev
Log:
Rename, no functional change
Modified:
tomcat/trunk/java/org/apache/coyote/http11/Http11AprProtocol.java
Modified: tomcat/trunk/java/org/apache/coyote/http11/Http11AprProtocol.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/Http11AprProtocol.java?rev=1084424&r1=1084423&r2=1084424&view=diff
==
--- tomcat/trunk/java/org/apache/coyote/http11/Http11AprProtocol.java (original)
+++ tomcat/trunk/java/org/apache/coyote/http11/Http11AprProtocol.java Wed Mar
23 00:27:00 2011
@@ -367,13 +367,13 @@ public class Http11AprProtocol extends A
@Override
public SocketState asyncDispatch(SocketWrapper socket,
SocketStatus status) {
-Http11AprProcessor result = connections.get(socket.getSocket());
+Http11AprProcessor processor = connections.get(socket.getSocket());
SocketState state = SocketState.CLOSED;
-if (result != null) {
+if (processor != null) {
// Call the appropriate event
try {
-state = result.asyncDispatch(socket, status);
+state = processor.asyncDispatch(socket, status);
// Future developers: if you discover any rare-but-nonfatal
// exceptions, catch them here, and log as per {@link #event()}
// above.
@@ -385,13 +385,13 @@ public class Http11AprProtocol extends A
Http11AprProtocol.log.error
(sm.getString("http11protocol.proto.error"), e);
} finally {
-if (state == SocketState.LONG && result.isAsync()) {
-state = result.asyncPostProcess();
+if (state == SocketState.LONG && processor.isAsync()) {
+state = processor.asyncPostProcess();
}
if (state != SocketState.LONG && state !=
SocketState.ASYNC_END) {
connections.remove(socket.getSocket());
socket.setAsync(false);
-recycledProcessors.offer(result);
+recycledProcessors.offer(processor);
if (state == SocketState.OPEN) {
((AprEndpoint)proto.endpoint).getPoller().add(socket.getSocket().longValue());
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1084427 - /tomcat/trunk/java/org/apache/coyote/ajp/AjpAprProtocol.java
Author: markt
Date: Wed Mar 23 00:36:16 2011
New Revision: 1084427
URL: http://svn.apache.org/viewvc?rev=1084427&view=rev
Log:
Rename, no functional change
Modified:
tomcat/trunk/java/org/apache/coyote/ajp/AjpAprProtocol.java
Modified: tomcat/trunk/java/org/apache/coyote/ajp/AjpAprProtocol.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/ajp/AjpAprProtocol.java?rev=1084427&r1=1084426&r2=1084427&view=diff
==
--- tomcat/trunk/java/org/apache/coyote/ajp/AjpAprProtocol.java (original)
+++ tomcat/trunk/java/org/apache/coyote/ajp/AjpAprProtocol.java Wed Mar 23
00:36:16 2011
@@ -227,13 +227,13 @@ public class AjpAprProtocol extends Abst
@Override
public SocketState asyncDispatch(SocketWrapper socket,
SocketStatus status) {
-AjpAprProcessor result = connections.get(socket);
+AjpAprProcessor processor = connections.get(socket);
SocketState state = SocketState.CLOSED;
-if (result != null) {
+if (processor != null) {
// Call the appropriate event
try {
-state = result.asyncDispatch(socket, status);
+state = processor.asyncDispatch(socket, status);
}
// Future developers: if you discover any other
// rare-but-nonfatal exceptions, catch them here, and log as
@@ -246,12 +246,12 @@ public class AjpAprProtocol extends Abst
AjpAprProtocol.log.error
(sm.getString("ajpprotocol.proto.error"), e);
} finally {
-if (state == SocketState.LONG && result.isAsync()) {
-state = result.asyncPostProcess();
+if (state == SocketState.LONG && processor.isAsync()) {
+state = processor.asyncPostProcess();
}
if (state != SocketState.LONG && state !=
SocketState.ASYNC_END) {
connections.remove(socket);
-recycledProcessors.offer(result);
+recycledProcessors.offer(processor);
if (state == SocketState.OPEN) {
((AprEndpoint)proto.endpoint).getPoller().add(socket.getSocket().longValue());
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 50957] Blocking IO can serve wrong response data
https://issues.apache.org/bugzilla/show_bug.cgi?id=50957 --- Comment #7 from Konstantin Kolinko 2011-03-22 20:55:21 EDT --- (In reply to comment #0) > Tomcat: 7.0.8 > OS: Windows 2008 Server (x64) > > Compression enabled on both HTTP and HTTPS connectors. > > (...) > Once the behavior was detected, I used WebScarab as a proxy to monitor the > entire Browser <--> Tomcat conversation. I was able to confirm a scenario > like > the following: > > ImageA.gif > ImageB.gif > > Each has different file size, ETAG, etc. > > GET ImageB.gif returned ImageA.gif (with ImageA.gif's ETAG, headers, binary > content, and content size) > --- Do you know/remember whether GET ImageA.gif returned ImageA.gif as well, whether either of them was compressed, and whether the requests were from the same client? Do you know the size of those files? (gif files are not in AbstractHttp11Processor .compressableMimeTypes by default, so I think that they should have not be compressed) What were your compression settings? Just compression="on"? -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 50957] Blocking IO can serve wrong response data
https://issues.apache.org/bugzilla/show_bug.cgi?id=50957 --- Comment #8 from Brad Plies 2011-03-23 01:01:58 EDT --- (In reply to comment #7) > (In reply to comment #0) > > Tomcat: 7.0.8 > > OS: Windows 2008 Server (x64) > > > > Compression enabled on both HTTP and HTTPS connectors. > > > > (...) > > Once the behavior was detected, I used WebScarab as a proxy to monitor the > > entire Browser <--> Tomcat conversation. I was able to confirm a scenario > > like > > the following: > > > > ImageA.gif > > ImageB.gif > > > > Each has different file size, ETAG, etc. > > > > GET ImageB.gif returned ImageA.gif (with ImageA.gif's ETAG, headers, binary > > content, and content size) > > --- > > Do you know/remember whether GET ImageA.gif returned ImageA.gif as well, > whether either of them was compressed, and whether the requests were from the > same client? Do you know the size of those files? > > (gif files are not in AbstractHttp11Processor .compressableMimeTypes by > default, so I think that they should have not be compressed) > > What were your compression settings? Just compression="on"? I recall a case where ImageA and ImageB were swapped and because the images were very different dimensions, the page looked really awkward. I'm fairly sure I had also witnessed ImageA as both ImageA and ImageB. Yes all observations were performed as the same client. Even though compression was enabled on the connectors the image MIME types are not included (as you suspected). Other scenarios occurred where compressable text resources (.js, .css, .xml, .html) were also served with the incorrect response: HTML -> IMG, HTML -> JS, HTML -> CSS, and so on. I had only mentioned compression="on" just in case it happens to be a contributory factory. I would not suspect that it would be related... I have not and will not have the opportunity to try BIO with compression="off" -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
