Re: [jira] [Deleted] (MTOMCAT-251) User is not logged in as current user
On 22/12/2013 02:20, Olivier Lamy (*$^¨%`£) (JIRA) wrote: > > [ > https://issues.apache.org/jira/browse/MTOMCAT-251?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel > ] > > Olivier Lamy (*$^¨%`£) deleted MTOMCAT-251: > --- > > >> User is not logged in as current user >> - >> >> Key: MTOMCAT-251 >> URL: https://issues.apache.org/jira/browse/MTOMCAT-251 >> Project: Apache Tomcat Maven Plugin >> Issue Type: Bug >>Reporter: ram >>Assignee: Olivier Lamy (*$^¨%`£) >>Priority: Minor I'll disable this idiot's Jira account and clean up any more spam they have created in Jira. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 55920] New: Quotes should not be removed from quoted cookie values
https://issues.apache.org/bugzilla/show_bug.cgi?id=55920 Bug ID: 55920 Summary: Quotes should not be removed from quoted cookie values Product: Tomcat 8 Version: trunk Hardware: All OS: All Status: NEW Severity: enhancement Priority: P2 Component: Connectors Assignee: dev@tomcat.apache.org Reporter: jboy...@apache.org When a Cookie header is passed in "Netscape" format (with no RFC2109 $Version specified), quotation marks around the cookie value are stripped by Cookies#processCookieHeader. As I read RFC2109, the user-agent is required to send a "cookie-version" at the start of the header. The "value" is defined by what was received in the SetCookie header from the server: The value of the cookie-version attribute must be the value from the Version attribute, if any, of the corresponding Set-Cookie response header. Otherwise the value for cookie-version is 0. RFC2965 has equivalent language. RFC6265 (proposed) and Netscape do not require a "cookie-version" to be sent. RFC6265 defines "cookie-value" as including the DQUOTE characters and such a interpretation is consistent with Netscape. User-agent support for RC2109/2965 seems limited. Initial testing with Chrome shows that it appears to retains quotation marks around cookie values even when RFC2109 Version=1 cookies are set. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 55921] New: Cookie values in JSON format are not skipped correctly when parsing fails
https://issues.apache.org/bugzilla/show_bug.cgi?id=55921
Bug ID: 55921
Summary: Cookie values in JSON format are not skipped correctly
when parsing fails
Product: Tomcat 8
Version: trunk
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P2
Component: Connectors
Assignee: dev@tomcat.apache.org
Reporter: jboy...@apache.org
Some 3P websites appear to set cookie values using unencoded JSON data; as an
example, the fsr.s cookie set by a certain tracking site. This is invalid per
all cookie specifications due to the use of unescaped "," characters in the
data.
When parsing these values, Tomcat treats the data as a token, determines it is
invalid due to the presence of a "{" character, and attempts to skip to the
next token. However, it determines this boundary by the presence of the ","
character in the middle of the JSON blob and then proceeds to parse the next
cookie starting in the middle of this data. This may result in erroneous
cookies being added.
RFC6265 requires and Netscape suggests that cookie-pairs be separated by the
sequence ";" SP so rather than looking for a single separator character the
recovery mechanism could look for one followed by a SP. However, this would not
recover if the JSON data contained SP characters as JSON permits.
Alternatively, we could assume that a value starting with "{" was JSON encoded
data and parse the value as such. This would be gated by a configuration
option.
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 8.0.0-RC10
Wine not found?? im on a headless server, what did i do wrong? See error below... Clean setup to test: Fresh VM with Ubuntu 13.10 64 bit server Apache Ant(TM) version 1.9.2 compiled on July 14 2013 OpenJDK Runtime Environment (IcedTea 2.3.12) (7u25-2.3.12-4ubuntu3) fresh checkout of 8_0_0RC10 > [X] Broken - do not release > [] Alpha - go ahead and release as 8.0.0-RC10 alpha BUILD FAILED /home/support/TOMCAT_8_0_0_RC10/build.xml:2011: Execute failed: java.io.IOException: Cannot run program "wine" (in directory "/home/support/TOMCAT_8_0_0_RC10/output/dist"): error=2, No such file or directory at java.lang.ProcessBuilder.start(ProcessBuilder.java:1041) at java.lang.Runtime.exec(Runtime.java:617) at org.apache.tools.ant.taskdefs.launcher.Java13CommandLauncher.exec(Java13CommandLauncher.java:41) at org.apache.tools.ant.taskdefs.Execute.launch(Execute.java:428) at org.apache.tools.ant.taskdefs.Execute.execute(Execute.java:442) at org.apache.tools.ant.taskdefs.ExecTask.runExecute(ExecTask.java:628) at org.apache.tools.ant.taskdefs.ExecTask.runExec(ExecTask.java:669) at org.apache.tools.ant.taskdefs.ExecTask.execute(ExecTask.java:495) at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:292) at sun.reflect.GeneratedMethodAccessor4.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.apache.tools.ant.dispatch.DispatchUtils.execute(DispatchUtils.java:106) at org.apache.tools.ant.Task.perform(Task.java:348) at org.apache.tools.ant.Target.execute(Target.java:435) at org.apache.tools.ant.Target.performTasks(Target.java:456) at org.apache.tools.ant.Project.executeSortedTargets(Project.java:1393) at org.apache.tools.ant.Project.executeTarget(Project.java:1364) at org.apache.tools.ant.helper.DefaultExecutor.executeTargets(DefaultExecutor.java:41) at org.apache.tools.ant.Project.executeTargets(Project.java:1248) at org.apache.tools.ant.Main.runBuild(Main.java:851) at org.apache.tools.ant.Main.startAnt(Main.java:235) at org.apache.tools.ant.launch.Launcher.run(Launcher.java:280) at org.apache.tools.ant.launch.Launcher.main(Launcher.java:109) Caused by: java.io.IOException: error=2, No such file or directory at java.lang.UNIXProcess.forkAndExec(Native Method) at java.lang.UNIXProcess.(UNIXProcess.java:135) at java.lang.ProcessImpl.start(ProcessImpl.java:130) at java.lang.ProcessBuilder.start(ProcessBuilder.java:1022) ... 23 more On Sat, Dec 21, 2013 at 2:21 PM, Violeta Georgieva wrote: > 2013/12/19 Mark Thomas >> >> The proposed Apache Tomcat 8.0.0 release candidate 10 is now available >> for voting. >> >> Given this is a release candidate I am working on the basis that it is >> equivalent to an alpha. The main changes since RC5 are: >> - Better handling of generic types in the WebSocket 1.0 implementation >> - Refactor resource handling for the class loader >> - Add Cobertura support to the unit tests >> - Remove anti-Jar locking feature and replace it with open stream >> tracking >> - Update to a post Commons Pool 2.0 release snapshot >> - Complete refactoring of TLD handling including caching of parsed TLDs >> - More consistent handling of XML validation options >> - Much more detailed visibility of DBCP connections pools in JMX >> - Better organisation of JMX beans in the default JConsole view >> - Performance improvements >> - Numerous bug fixes >> >> It can be obtained from: >> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.0-RC10/ >> The Maven staging repo is: >> https://repository.apache.org/content/repositories/orgapachetomcat-002/ >> The svn tag is: >> http://svn.apache.org/repos/asf/tomcat/tags/TOMCAT_8_0_0_RC10/ >> >> The proposed 8.0.0-RC10 release is: >> [ ] Broken - do not release >> [X] Alpha - go ahead and release as 8.0.0-RC10 alpha > > > Checked with applications that use the new specifications features. > Regards > Violeta > > >> Cheers, >> >> Mark >> >> - >> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: dev-h...@tomcat.apache.org >> -- With Regards, Andrew Carr e. andrewlanec...@gmail.com w. andrew.c...@openlogic.com h. 4235255668 c. 4239489852 a. 101 Francis Drive, Greeneville, TN, 37743 - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 8.0.0-RC10
My aPologIzes, While ThE build floundered with a fail message, the output folder dist was intact. Ran some tests and all appears good. Still the build failure thingy threw me off. Flip flopping on my vote =) > [] Broken - do not release > [X] Alpha - go ahead and release as 8.0.0-RC10 alpha On Mon, Dec 23, 2013 at 2:35 AM, Andrew Carr wrote: > Wine not found?? im on a headless server, what did i do wrong? See > error below... > > Clean setup to test: > > Fresh VM with Ubuntu 13.10 64 bit server > Apache Ant(TM) version 1.9.2 compiled on July 14 2013 > OpenJDK Runtime Environment (IcedTea 2.3.12) (7u25-2.3.12-4ubuntu3) > fresh checkout of 8_0_0RC10 > >> [X] Broken - do not release >> [] Alpha - go ahead and release as 8.0.0-RC10 alpha > > > > BUILD FAILED > /home/support/TOMCAT_8_0_0_RC10/build.xml:2011: Execute failed: > java.io.IOException: Cannot run program "wine" (in directory > "/home/support/TOMCAT_8_0_0_RC10/output/dist"): error=2, No such file > or directory > at java.lang.ProcessBuilder.start(ProcessBuilder.java:1041) > at java.lang.Runtime.exec(Runtime.java:617) > at > org.apache.tools.ant.taskdefs.launcher.Java13CommandLauncher.exec(Java13CommandLauncher.java:41) > at org.apache.tools.ant.taskdefs.Execute.launch(Execute.java:428) > at org.apache.tools.ant.taskdefs.Execute.execute(Execute.java:442) > at org.apache.tools.ant.taskdefs.ExecTask.runExecute(ExecTask.java:628) > at org.apache.tools.ant.taskdefs.ExecTask.runExec(ExecTask.java:669) > at org.apache.tools.ant.taskdefs.ExecTask.execute(ExecTask.java:495) > at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:292) > at sun.reflect.GeneratedMethodAccessor4.invoke(Unknown Source) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:606) > at org.apache.tools.ant.dispatch.DispatchUtils.execute(DispatchUtils.java:106) > at org.apache.tools.ant.Task.perform(Task.java:348) > at org.apache.tools.ant.Target.execute(Target.java:435) > at org.apache.tools.ant.Target.performTasks(Target.java:456) > at org.apache.tools.ant.Project.executeSortedTargets(Project.java:1393) > at org.apache.tools.ant.Project.executeTarget(Project.java:1364) > at > org.apache.tools.ant.helper.DefaultExecutor.executeTargets(DefaultExecutor.java:41) > at org.apache.tools.ant.Project.executeTargets(Project.java:1248) > at org.apache.tools.ant.Main.runBuild(Main.java:851) > at org.apache.tools.ant.Main.startAnt(Main.java:235) > at org.apache.tools.ant.launch.Launcher.run(Launcher.java:280) > at org.apache.tools.ant.launch.Launcher.main(Launcher.java:109) > Caused by: java.io.IOException: error=2, No such file or directory > at java.lang.UNIXProcess.forkAndExec(Native Method) > at java.lang.UNIXProcess.(UNIXProcess.java:135) > at java.lang.ProcessImpl.start(ProcessImpl.java:130) > at java.lang.ProcessBuilder.start(ProcessBuilder.java:1022) > ... 23 more > > On Sat, Dec 21, 2013 at 2:21 PM, Violeta Georgieva wrote: >> 2013/12/19 Mark Thomas >>> >>> The proposed Apache Tomcat 8.0.0 release candidate 10 is now available >>> for voting. >>> >>> Given this is a release candidate I am working on the basis that it is >>> equivalent to an alpha. The main changes since RC5 are: >>> - Better handling of generic types in the WebSocket 1.0 implementation >>> - Refactor resource handling for the class loader >>> - Add Cobertura support to the unit tests >>> - Remove anti-Jar locking feature and replace it with open stream >>> tracking >>> - Update to a post Commons Pool 2.0 release snapshot >>> - Complete refactoring of TLD handling including caching of parsed TLDs >>> - More consistent handling of XML validation options >>> - Much more detailed visibility of DBCP connections pools in JMX >>> - Better organisation of JMX beans in the default JConsole view >>> - Performance improvements >>> - Numerous bug fixes >>> >>> It can be obtained from: >>> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.0-RC10/ >>> The Maven staging repo is: >>> https://repository.apache.org/content/repositories/orgapachetomcat-002/ >>> The svn tag is: >>> http://svn.apache.org/repos/asf/tomcat/tags/TOMCAT_8_0_0_RC10/ >>> >>> The proposed 8.0.0-RC10 release is: >>> [ ] Broken - do not release >>> [X] Alpha - go ahead and release as 8.0.0-RC10 alpha >> >> >> Checked with applications that use the new specifications features. >> Regards >> Violeta >> >> >>> Cheers, >>> >>> Mark >>> >>> - >>> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org >>> For additional commands, e-mail: dev-h...@tomcat.apache.org >>> > > > > -- > With Regards, > Andrew Carr > > e. andrewlanec...@gmail.com > w. andrew.c...@openlogic.com > h. 4235255668 > c. 4239489852 > a. 101 Francis Drive, Greeneville, TN, 37743 -- With Regards, Andrew Carr e. andrewlanec...@gmail.com w. andrew.c...@openlogic.com h. 4235255668 c. 4239489852 a. 101 Francis
