[GitHub] [tomcat] michael-o commented on pull request #428: Enhancement: Additional user attributes queried by (some) realms
michael-o commented on pull request #428: URL: https://github.com/apache/tomcat/pull/428#issuecomment-1007732098 @cklein05 Can you rebase? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 65785] HTTP/2.0 non US-ASCII header names should be rejected
https://bz.apache.org/bugzilla/show_bug.cgi?id=65785 --- Comment #2 from Nils R --- Thanks a lot for this quick answer (and fix !) Since I had hard time to find the changes in github an in case someone is interested in reading it, here is the associated commit : https://github.com/apache/tomcat/commit/d909c709b639e9670edce2581293afb9626d7b5e -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] cklein05 commented on pull request #428: Enhancement: Additional user attributes queried by (some) realms
cklein05 commented on pull request #428: URL: https://github.com/apache/tomcat/pull/428#issuecomment-1008002451 @michael-o I will do so. However, that's no fun and it will take some time. Since @rmaucher changed lots of the UserDatabase and UserDatabaseRealm stuff, some more adjustments are required. After having rebased, I should re-test most of my enhanced features. Wouldn't it be a good idea to merge that PR after that rebase (finally, once and for all)? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] rmaucher commented on pull request #428: Enhancement: Additional user attributes queried by (some) realms
rmaucher commented on pull request #428: URL: https://github.com/apache/tomcat/pull/428#issuecomment-1008003775 I think you should save some time and limit this to JNDIRealm. To be perfectly honest I'm -1 to adding it to anything else since it's only lower performance and no actual feature benefit. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] cklein05 commented on pull request #428: Enhancement: Additional user attributes queried by (some) realms
cklein05 commented on pull request #428: URL: https://github.com/apache/tomcat/pull/428#issuecomment-1008005127 I really need this with JDBCRealm. We have a bunch of customers, that do not want to use LDAP/AD but only JDBC based user database. Why should there be no benefit from having extra attribute fields from a _user_ database table/view? Also, wasn't it kind of your recommendation to have _arbitrary_ user attributes from `tomcat-users.xml`? You were wondering why there's no support for such _arbitrary_ attributes. Now, after I've implemented these, you don't want it anymore? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] rmaucher commented on pull request #428: Enhancement: Additional user attributes queried by (some) realms
rmaucher commented on pull request #428: URL: https://github.com/apache/tomcat/pull/428#issuecomment-1008019368 If you really want to do this, then let's focus on adding this to JNDIRealm for now, since this is where this has obvious usefulness. If everything is merged ok, then maybe we can move on to DataSourceRealm. But there, it only seems to be adding a lot of code which will have lower performance. Your customer can live with a custom extended realm for now IMO. I obviously never wanted any arbitrary user attributes in tomcat-users.xml. I said adding the feature to the other realms is pointless with a fixed list of attribute. Somehow, you seem to understand it as: let's add more. That was the opposite: I requested to avoid changing the other realms (except JNDIRealm). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] michael-o commented on pull request #428: Enhancement: Additional user attributes queried by (some) realms
michael-o commented on pull request #428: URL: https://github.com/apache/tomcat/pull/428#issuecomment-1008022559 > Why? I don't understand your position. This makes sense on any realm since the principal source shouldn't really matter. I have been using a similiar approach for the last 10 years with my own `ActiveDirectoryRealm`. We should at least provide the optional on an interface level. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] michael-o commented on pull request #428: Enhancement: Additional user attributes queried by (some) realms
michael-o commented on pull request #428: URL: https://github.com/apache/tomcat/pull/428#issuecomment-1008022657 @rmaucher Why? I don't understand your position. This makes sense on any realm since the principal source shouldn't really matter. I have been using a similiar approach for the last 10 years with my own `ActiveDirectoryRealm`. We should at least provide the option on an interface level. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] cklein05 commented on pull request #428: Enhancement: Additional user attributes queried by (some) realms
cklein05 commented on pull request #428: URL: https://github.com/apache/tomcat/pull/428#issuecomment-1008024542 @rmaucher have a look at you comment https://github.com/apache/tomcat/pull/428#issuecomment-865007741 However, maybe I just got you wrong :( -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] rmaucher commented on pull request #428: Enhancement: Additional user attributes queried by (some) realms
rmaucher commented on pull request #428: URL: https://github.com/apache/tomcat/pull/428#issuecomment-1008025711 It seems by September I had already changed my mind on this after seeing some actual code. Anyway, the focus should be on JNDIRealm and then later DataSourceRealm. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] michael-o commented on pull request #428: Enhancement: Additional user attributes queried by (some) realms
michael-o commented on pull request #428: URL: https://github.com/apache/tomcat/pull/428#issuecomment-1008027903 Maybe this should be done in stages (PRs)? 1. Principals 2. RealmBase groundwork 3. Each Realm impl seperately? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Fix backport
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 2a18ae3 Fix backport 2a18ae3 is described below commit 2a18ae36c926510fa919b110d78006f005cb1269 Author: Mark Thomas AuthorDate: Sat Jan 8 16:19:47 2022 + Fix backport --- java/org/apache/coyote/http2/StreamProcessor.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/org/apache/coyote/http2/StreamProcessor.java b/java/org/apache/coyote/http2/StreamProcessor.java index df0eb7f..ae2b7b5 100644 --- a/java/org/apache/coyote/http2/StreamProcessor.java +++ b/java/org/apache/coyote/http2/StreamProcessor.java @@ -21,7 +21,7 @@ import java.io.IOException; import java.util.Enumeration; import java.util.Iterator; -import jakarta.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpServletResponse; import org.apache.coyote.AbstractProcessor; import org.apache.coyote.ActionCode; - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Fix backport
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new 7a0f1ae Fix backport 7a0f1ae is described below commit 7a0f1ae69fcf6f9b8214b7c9ad68f0601721bae0 Author: Mark Thomas AuthorDate: Sat Jan 8 16:19:47 2022 + Fix backport --- java/org/apache/coyote/http2/StreamProcessor.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/org/apache/coyote/http2/StreamProcessor.java b/java/org/apache/coyote/http2/StreamProcessor.java index 4d1e41c..11a7196 100644 --- a/java/org/apache/coyote/http2/StreamProcessor.java +++ b/java/org/apache/coyote/http2/StreamProcessor.java @@ -20,7 +20,7 @@ import java.io.IOException; import java.util.Enumeration; import java.util.Iterator; -import jakarta.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpServletResponse; import org.apache.coyote.AbstractProcessor; import org.apache.coyote.ActionCode; - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Allow for relaxed validation of path and query characters in HTTP/2
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 3ce7bcc Allow for relaxed validation of path and query characters in
HTTP/2
3ce7bcc is described below
commit 3ce7bccc8c5ec555b3301bcdac01298ecd971605
Author: Mark Thomas
AuthorDate: Sat Jan 8 16:37:52 2022 +
Allow for relaxed validation of path and query characters in HTTP/2
Follow-up to https://bz.apache.org/bugzilla/show_bug.cgi?id=65785
---
java/org/apache/coyote/http2/Http2Protocol.java| 3 +-
java/org/apache/coyote/http2/StreamProcessor.java | 7 +++-
.../apache/coyote/http2/TestStreamProcessor.java | 45 ++
3 files changed, 51 insertions(+), 4 deletions(-)
diff --git a/java/org/apache/coyote/http2/Http2Protocol.java
b/java/org/apache/coyote/http2/Http2Protocol.java
index 8b7718d..7bdc6cb 100644
--- a/java/org/apache/coyote/http2/Http2Protocol.java
+++ b/java/org/apache/coyote/http2/Http2Protocol.java
@@ -21,7 +21,6 @@ import java.util.Enumeration;
import javax.management.ObjectName;
-import org.apache.coyote.AbstractProtocol;
import org.apache.coyote.Adapter;
import org.apache.coyote.ContinueResponseTiming;
import org.apache.coyote.Processor;
@@ -342,7 +341,7 @@ public class Http2Protocol implements UpgradeProtocol {
}
-public AbstractProtocol getHttp11Protocol() {
+public AbstractHttp11Protocol getHttp11Protocol() {
return this.http11Protocol;
}
diff --git a/java/org/apache/coyote/http2/StreamProcessor.java
b/java/org/apache/coyote/http2/StreamProcessor.java
index c1a943a..68621cb 100644
--- a/java/org/apache/coyote/http2/StreamProcessor.java
+++ b/java/org/apache/coyote/http2/StreamProcessor.java
@@ -466,6 +466,9 @@ class StreamProcessor extends AbstractProcessor {
* The checks performed below are based on the checks in Http11InputBuffer.
*/
private boolean validateRequest() {
+HttpParser httpParser = new
HttpParser(handler.getProtocol().getHttp11Protocol().getRelaxedPathChars(),
+
handler.getProtocol().getHttp11Protocol().getRelaxedQueryChars());
+
// Method name must be a token
String method = request.method().toString();
if (!HttpParser.isToken(method)) {
@@ -476,7 +479,7 @@ class StreamProcessor extends AbstractProcessor {
// (other checks such as valid %nn happen later)
ByteChunk bc = request.requestURI().getByteChunk();
for (int i = bc.getStart(); i < bc.getEnd(); i++) {
-if (HttpParser.isNotRequestTarget(bc.getBuffer()[i])) {
+if (httpParser.isNotRequestTargetRelaxed(bc.getBuffer()[i])) {
return false;
}
}
@@ -486,7 +489,7 @@ class StreamProcessor extends AbstractProcessor {
String qs = request.queryString().toString();
if (qs != null) {
for (char c : qs.toCharArray()) {
-if (!HttpParser.isQuery(c)) {
+if (!httpParser.isQueryRelaxed(c)) {
return false;
}
}
diff --git a/test/org/apache/coyote/http2/TestStreamProcessor.java
b/test/org/apache/coyote/http2/TestStreamProcessor.java
index 2fd8c94..b7480ed 100644
--- a/test/org/apache/coyote/http2/TestStreamProcessor.java
+++ b/test/org/apache/coyote/http2/TestStreamProcessor.java
@@ -346,6 +346,51 @@ public class TestStreamProcessor extends Http2TestBase {
}
+@Test
+public void testValidateRequestQueryStringRelaxed() throws Exception {
+enableHttp2();
+
+Tomcat tomcat = getTomcatInstance();
+
+File appDir = new File("test/webapp");
+Context ctxt = tomcat.addWebapp(null, "", appDir.getAbsolutePath());
+
+Tomcat.addServlet(ctxt, "simple", new SimpleServlet());
+ctxt.addServletMappingDecoded("/simple", "simple");
+
+tomcat.getConnector().setProperty("relaxedQueryChars", "[]");
+
+tomcat.start();
+
+openClientConnection();
+doHttpUpgrade();
+sendClientPreface();
+validateHttp2InitialResponse();
+
+byte[] frameHeader = new byte[9];
+ByteBuffer headersPayload = ByteBuffer.allocate(128);
+
+List headers = new ArrayList<>(4);
+headers.add(new Header(":method", "GET"));
+headers.add(new Header(":scheme", "http"));
+headers.add(new Header(":path", "/index.html?foo=[]"));
+headers.add(new Header(":authority", "localhost:" + getPort()));
+
+buildGetRequest(frameHeader, headersPayload, null, headers, 3);
+
+writeFrame(frameHeader, headersPayload);
+
+parser.readFrame(true);
+
+StringBuilder expected = new StringBuilder();
+expected.append("3-HeadersStart\n");
+expected.append("3-Header-[:status]-[200]\n");
+
+// The status code is the
[tomcat] branch 9.0.x updated: Allow for relaxed validation of path and query characters in HTTP/2
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 58fd47f Allow for relaxed validation of path and query characters in
HTTP/2
58fd47f is described below
commit 58fd47f3c7488865c2185dc75b4ab4469b5f70c1
Author: Mark Thomas
AuthorDate: Sat Jan 8 16:37:52 2022 +
Allow for relaxed validation of path and query characters in HTTP/2
Follow-up to https://bz.apache.org/bugzilla/show_bug.cgi?id=65785
---
java/org/apache/coyote/http2/StreamProcessor.java | 9 -
.../apache/coyote/http2/TestStreamProcessor.java | 45 ++
2 files changed, 52 insertions(+), 2 deletions(-)
diff --git a/java/org/apache/coyote/http2/StreamProcessor.java
b/java/org/apache/coyote/http2/StreamProcessor.java
index ae2b7b5..9b4b62f 100644
--- a/java/org/apache/coyote/http2/StreamProcessor.java
+++ b/java/org/apache/coyote/http2/StreamProcessor.java
@@ -32,6 +32,7 @@ import org.apache.coyote.ErrorState;
import org.apache.coyote.Request;
import org.apache.coyote.RequestGroupInfo;
import org.apache.coyote.Response;
+import org.apache.coyote.http11.AbstractHttp11Protocol;
import org.apache.coyote.http11.filters.GzipOutputFilter;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
@@ -465,6 +466,10 @@ class StreamProcessor extends AbstractProcessor {
* The checks performed below are based on the checks in Http11InputBuffer.
*/
private boolean validateRequest() {
+HttpParser httpParser = new HttpParser(
+((AbstractHttp11Protocol)
handler.getProtocol().getHttp11Protocol()).getRelaxedPathChars(),
+((AbstractHttp11Protocol)
handler.getProtocol().getHttp11Protocol()).getRelaxedQueryChars());
+
// Method name must be a token
String method = request.method().toString();
if (!HttpParser.isToken(method)) {
@@ -475,7 +480,7 @@ class StreamProcessor extends AbstractProcessor {
// (other checks such as valid %nn happen later)
ByteChunk bc = request.requestURI().getByteChunk();
for (int i = bc.getStart(); i < bc.getEnd(); i++) {
-if (HttpParser.isNotRequestTarget(bc.getBuffer()[i])) {
+if (httpParser.isNotRequestTargetRelaxed(bc.getBuffer()[i])) {
return false;
}
}
@@ -485,7 +490,7 @@ class StreamProcessor extends AbstractProcessor {
String qs = request.queryString().toString();
if (qs != null) {
for (char c : qs.toCharArray()) {
-if (!HttpParser.isQuery(c)) {
+if (!httpParser.isQueryRelaxed(c)) {
return false;
}
}
diff --git a/test/org/apache/coyote/http2/TestStreamProcessor.java
b/test/org/apache/coyote/http2/TestStreamProcessor.java
index 997b99c..97bf548 100644
--- a/test/org/apache/coyote/http2/TestStreamProcessor.java
+++ b/test/org/apache/coyote/http2/TestStreamProcessor.java
@@ -347,6 +347,51 @@ public class TestStreamProcessor extends Http2TestBase {
}
+@Test
+public void testValidateRequestQueryStringRelaxed() throws Exception {
+enableHttp2();
+
+Tomcat tomcat = getTomcatInstance();
+
+File appDir = new File("test/webapp");
+Context ctxt = tomcat.addWebapp(null, "", appDir.getAbsolutePath());
+
+Tomcat.addServlet(ctxt, "simple", new SimpleServlet());
+ctxt.addServletMappingDecoded("/simple", "simple");
+
+tomcat.getConnector().setProperty("relaxedQueryChars", "[]");
+
+tomcat.start();
+
+openClientConnection();
+doHttpUpgrade();
+sendClientPreface();
+validateHttp2InitialResponse();
+
+byte[] frameHeader = new byte[9];
+ByteBuffer headersPayload = ByteBuffer.allocate(128);
+
+List headers = new ArrayList<>(4);
+headers.add(new Header(":method", "GET"));
+headers.add(new Header(":scheme", "http"));
+headers.add(new Header(":path", "/index.html?foo=[]"));
+headers.add(new Header(":authority", "localhost:" + getPort()));
+
+buildGetRequest(frameHeader, headersPayload, null, headers, 3);
+
+writeFrame(frameHeader, headersPayload);
+
+parser.readFrame(true);
+
+StringBuilder expected = new StringBuilder();
+expected.append("3-HeadersStart\n");
+expected.append("3-Header-[:status]-[200]\n");
+
+// The status code is the most important thing to test
+Assert.assertTrue(output.getTrace().startsWith(expected.toString()));
+}
+
+
private static final class AsyncComplete extends HttpServlet {
private static final long serialVersionUID = 1L;
-
To unsubscribe, e-mail: dev-unsubscr...@tomc
[tomcat] branch 10.0.x updated: Allow for relaxed validation of path and query characters in HTTP/2
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.0.x by this push:
new f6a476d Allow for relaxed validation of path and query characters in
HTTP/2
f6a476d is described below
commit f6a476d600fb0a3d710ac6a9123ad96fc3c2f541
Author: Mark Thomas
AuthorDate: Sat Jan 8 16:37:52 2022 +
Allow for relaxed validation of path and query characters in HTTP/2
Follow-up to https://bz.apache.org/bugzilla/show_bug.cgi?id=65785
---
java/org/apache/coyote/http2/StreamProcessor.java | 9 -
.../apache/coyote/http2/TestStreamProcessor.java | 45 ++
2 files changed, 52 insertions(+), 2 deletions(-)
diff --git a/java/org/apache/coyote/http2/StreamProcessor.java
b/java/org/apache/coyote/http2/StreamProcessor.java
index df0eb7f..8744999 100644
--- a/java/org/apache/coyote/http2/StreamProcessor.java
+++ b/java/org/apache/coyote/http2/StreamProcessor.java
@@ -32,6 +32,7 @@ import org.apache.coyote.ErrorState;
import org.apache.coyote.Request;
import org.apache.coyote.RequestGroupInfo;
import org.apache.coyote.Response;
+import org.apache.coyote.http11.AbstractHttp11Protocol;
import org.apache.coyote.http11.filters.GzipOutputFilter;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
@@ -465,6 +466,10 @@ class StreamProcessor extends AbstractProcessor {
* The checks performed below are based on the checks in Http11InputBuffer.
*/
private boolean validateRequest() {
+HttpParser httpParser = new HttpParser(
+((AbstractHttp11Protocol)
handler.getProtocol().getHttp11Protocol()).getRelaxedPathChars(),
+((AbstractHttp11Protocol)
handler.getProtocol().getHttp11Protocol()).getRelaxedQueryChars());
+
// Method name must be a token
String method = request.method().toString();
if (!HttpParser.isToken(method)) {
@@ -475,7 +480,7 @@ class StreamProcessor extends AbstractProcessor {
// (other checks such as valid %nn happen later)
ByteChunk bc = request.requestURI().getByteChunk();
for (int i = bc.getStart(); i < bc.getEnd(); i++) {
-if (HttpParser.isNotRequestTarget(bc.getBuffer()[i])) {
+if (httpParser.isNotRequestTargetRelaxed(bc.getBuffer()[i])) {
return false;
}
}
@@ -485,7 +490,7 @@ class StreamProcessor extends AbstractProcessor {
String qs = request.queryString().toString();
if (qs != null) {
for (char c : qs.toCharArray()) {
-if (!HttpParser.isQuery(c)) {
+if (!httpParser.isQueryRelaxed(c)) {
return false;
}
}
diff --git a/test/org/apache/coyote/http2/TestStreamProcessor.java
b/test/org/apache/coyote/http2/TestStreamProcessor.java
index 2fd8c94..b7480ed 100644
--- a/test/org/apache/coyote/http2/TestStreamProcessor.java
+++ b/test/org/apache/coyote/http2/TestStreamProcessor.java
@@ -346,6 +346,51 @@ public class TestStreamProcessor extends Http2TestBase {
}
+@Test
+public void testValidateRequestQueryStringRelaxed() throws Exception {
+enableHttp2();
+
+Tomcat tomcat = getTomcatInstance();
+
+File appDir = new File("test/webapp");
+Context ctxt = tomcat.addWebapp(null, "", appDir.getAbsolutePath());
+
+Tomcat.addServlet(ctxt, "simple", new SimpleServlet());
+ctxt.addServletMappingDecoded("/simple", "simple");
+
+tomcat.getConnector().setProperty("relaxedQueryChars", "[]");
+
+tomcat.start();
+
+openClientConnection();
+doHttpUpgrade();
+sendClientPreface();
+validateHttp2InitialResponse();
+
+byte[] frameHeader = new byte[9];
+ByteBuffer headersPayload = ByteBuffer.allocate(128);
+
+List headers = new ArrayList<>(4);
+headers.add(new Header(":method", "GET"));
+headers.add(new Header(":scheme", "http"));
+headers.add(new Header(":path", "/index.html?foo=[]"));
+headers.add(new Header(":authority", "localhost:" + getPort()));
+
+buildGetRequest(frameHeader, headersPayload, null, headers, 3);
+
+writeFrame(frameHeader, headersPayload);
+
+parser.readFrame(true);
+
+StringBuilder expected = new StringBuilder();
+expected.append("3-HeadersStart\n");
+expected.append("3-Header-[:status]-[200]\n");
+
+// The status code is the most important thing to test
+Assert.assertTrue(output.getTrace().startsWith(expected.toString()));
+}
+
+
private static final class AsyncComplete extends HttpServlet {
private static final long serialVersionUID = 1L;
-
To unsubscribe, e-mail: dev-unsubscr...@to
[tomcat] branch 8.5.x updated: Allow for relaxed validation of path and query characters in HTTP/2
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 2f94cc4 Allow for relaxed validation of path and query characters in
HTTP/2
2f94cc4 is described below
commit 2f94cc4dab70cea1f161bd97657031b48b695bcb
Author: Mark Thomas
AuthorDate: Sat Jan 8 16:37:52 2022 +
Allow for relaxed validation of path and query characters in HTTP/2
Follow-up to https://bz.apache.org/bugzilla/show_bug.cgi?id=65785
---
java/org/apache/coyote/http2/StreamProcessor.java | 9 -
.../apache/coyote/http2/TestStreamProcessor.java | 45 ++
2 files changed, 52 insertions(+), 2 deletions(-)
diff --git a/java/org/apache/coyote/http2/StreamProcessor.java
b/java/org/apache/coyote/http2/StreamProcessor.java
index 11a7196..5f84524 100644
--- a/java/org/apache/coyote/http2/StreamProcessor.java
+++ b/java/org/apache/coyote/http2/StreamProcessor.java
@@ -31,6 +31,7 @@ import org.apache.coyote.ErrorState;
import org.apache.coyote.Request;
import org.apache.coyote.RequestGroupInfo;
import org.apache.coyote.Response;
+import org.apache.coyote.http11.AbstractHttp11Protocol;
import org.apache.coyote.http11.filters.GzipOutputFilter;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
@@ -426,6 +427,10 @@ class StreamProcessor extends AbstractProcessor {
* The checks performed below are based on the checks in Http11InputBuffer.
*/
private boolean validateRequest() {
+HttpParser httpParser = new HttpParser(
+((AbstractHttp11Protocol)
handler.getProtocol().getHttp11Protocol()).getRelaxedPathChars(),
+((AbstractHttp11Protocol)
handler.getProtocol().getHttp11Protocol()).getRelaxedQueryChars());
+
// Method name must be a token
String method = request.method().toString();
if (!HttpParser.isToken(method)) {
@@ -436,7 +441,7 @@ class StreamProcessor extends AbstractProcessor {
// (other checks such as valid %nn happen later)
ByteChunk bc = request.requestURI().getByteChunk();
for (int i = bc.getStart(); i < bc.getEnd(); i++) {
-if (HttpParser.isNotRequestTarget(bc.getBuffer()[i])) {
+if (httpParser.isNotRequestTargetRelaxed(bc.getBuffer()[i])) {
return false;
}
}
@@ -446,7 +451,7 @@ class StreamProcessor extends AbstractProcessor {
String qs = request.queryString().toString();
if (qs != null) {
for (char c : qs.toCharArray()) {
-if (!HttpParser.isQuery(c)) {
+if (!httpParser.isQueryRelaxed(c)) {
return false;
}
}
diff --git a/test/org/apache/coyote/http2/TestStreamProcessor.java
b/test/org/apache/coyote/http2/TestStreamProcessor.java
index 997b99c..97bf548 100644
--- a/test/org/apache/coyote/http2/TestStreamProcessor.java
+++ b/test/org/apache/coyote/http2/TestStreamProcessor.java
@@ -347,6 +347,51 @@ public class TestStreamProcessor extends Http2TestBase {
}
+@Test
+public void testValidateRequestQueryStringRelaxed() throws Exception {
+enableHttp2();
+
+Tomcat tomcat = getTomcatInstance();
+
+File appDir = new File("test/webapp");
+Context ctxt = tomcat.addWebapp(null, "", appDir.getAbsolutePath());
+
+Tomcat.addServlet(ctxt, "simple", new SimpleServlet());
+ctxt.addServletMappingDecoded("/simple", "simple");
+
+tomcat.getConnector().setProperty("relaxedQueryChars", "[]");
+
+tomcat.start();
+
+openClientConnection();
+doHttpUpgrade();
+sendClientPreface();
+validateHttp2InitialResponse();
+
+byte[] frameHeader = new byte[9];
+ByteBuffer headersPayload = ByteBuffer.allocate(128);
+
+List headers = new ArrayList<>(4);
+headers.add(new Header(":method", "GET"));
+headers.add(new Header(":scheme", "http"));
+headers.add(new Header(":path", "/index.html?foo=[]"));
+headers.add(new Header(":authority", "localhost:" + getPort()));
+
+buildGetRequest(frameHeader, headersPayload, null, headers, 3);
+
+writeFrame(frameHeader, headersPayload);
+
+parser.readFrame(true);
+
+StringBuilder expected = new StringBuilder();
+expected.append("3-HeadersStart\n");
+expected.append("3-Header-[:status]-[200]\n");
+
+// The status code is the most important thing to test
+Assert.assertTrue(output.getTrace().startsWith(expected.toString()));
+}
+
+
private static final class AsyncComplete extends HttpServlet {
private static final long serialVersionUID = 1L;
-
To unsubscribe, e-mail: dev-unsubscr...@tomc
Bug report for Taglibs [2022/01/09]
+---+
| Bugzilla Bug ID |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) |
| | +-+
| | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major |
| | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial |
| | | +-+
| | | | Date Posted |
| | | | +--+
| | | | | Description |
| | | | | |
|38193|Ass|Enh|2006-01-09|[RDC] BuiltIn Grammar support for Field |
|38600|Ass|Enh|2006-02-10|[RDC] Enable RDCs to be used in X+V markup (X+RDC)|
|42413|New|Enh|2007-05-14|[PATCH] Log Taglib enhancements |
|46052|New|Nor|2008-10-21|SetLocaleSupport is slow to initialize when many l|
|48333|New|Enh|2009-12-02|TLD generator |
|57548|New|Min|2015-02-08|Auto-generate the value for org.apache.taglibs.sta|
|57684|New|Min|2015-03-10|Version info should be taken from project version |
|59359|New|Enh|2016-04-20|(Task) Extend validity period for signing KEY - be|
|59668|New|Nor|2016-06-06|x:forEach retains the incorrect scope when used in|
|61875|New|Nor|2017-12-08|Investigate whether Xalan can be removed |
|64649|New|Nor|2020-08-06|XSLT transformation - document('') doesn't return |
|65491|New|Nor|2021-08-09|Behavior differences with c:import when flushing o|
+-+---+---+--+--+
| Total 12 bugs |
+---+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Bug report for Tomcat 9 [2022/01/09]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |53602|Ver|Enh|2012-07-25|Support for HTTP status code 451 | |57505|New|Enh|2015-01-27|Add integration tests for JspC| |58530|New|Enh|2015-10-23|Proposal for new Manager HTML GUI | |58548|Inf|Enh|2015-10-26|support certifcate transparency | |58859|New|Enh|2016-01-14|Allow to limit charsets / encodings supported by T| |59750|New|Enh|2016-06-24|Amend "authenticate" method with context by means | |60997|New|Enh|2017-04-17|Enhance SemaphoreValve to support denied status an| |61971|New|Enh|2018-01-06|documentation for using tomcat with systemd | |62048|New|Enh|2018-01-25|Missing logout function in Manager and Host-Manage| |62072|New|Enh|2018-02-01|Add support for request compression | |62312|New|Enh|2018-04-18|Add Proxy Authentication support to websocket clie| |62405|New|Enh|2018-05-23|Add Rereadable Request Filter | |62488|New|Enh|2018-06-25|Obtain dependencies from Maven Central where possi| |62611|Inf|Enh|2018-08-09|Compress log files after rotation | |62723|New|Enh|2018-09-14|Clarify "channelSendOptions" value in cluster docu| |62773|New|Enh|2018-09-28|Change DeltaManager to handle session deserializat| |62814|New|Enh|2018-10-10|Use readable names for cluster channel/map options| |62843|New|Enh|2018-10-22|Tomcat Russian localization | |62964|Inf|Enh|2018-11-29|Add RFC7807 conformant Problem Details for HTTP st| |63023|New|Enh|2018-12-20|Provide a way to load SecurityProviders into the s| |63049|New|Enh|2018-12-31|Add support in system properties override from com| |63237|New|Enh|2019-03-06|Consider processing mbeans-descriptors.xml at comp| |63389|New|Enh|2019-04-27|Enable Servlet Warmup for Containerization| |63493|New|Enh|2019-06-10|enhancement - add JMX counters to monitor authenti| |63505|New|Enh|2019-06-14|enhancement - support of stored procedures for Dat| |63545|New|Enh|2019-07-06|enhancement - add a new pattern attribute for logg| |63943|Opn|Enh|2019-11-20|Add possibility to overwrite remote port with info| |63983|Ver|Cri|2019-12-03|Jasper builds-up open files until garbage collecti| |64144|New|Enh|2020-02-14|Add an option for rejecting requests that have bot| |64230|New|Enh|2020-03-15|Allow to configure session manager to skip expirin| |64395|New|Enh|2020-04-30|Windows Installer should offer an option to select| |65208|New|Enh|2021-03-29|Multi-threaded loading of servlets| |65302|New|Enh|2021-05-12|Add support for setting com.sun.jndi.ldap.tls.cbty| |65401|New|Enh|2021-06-28|do no silently fail on javax.net.ssl.SSLHandshakeE| |65571|Inf|Nor|2021-09-14|ClientAbortException in Tomcat 9.0.50 and 9.0.52 | |65736|New|Enh|2021-12-10|Improve org.apache.naming.factory.BeanFactory to m| |65776|Inf|Nor|2021-12-31|"Duplicate accept detected" error from a subsequen| |65777|New|Enh|2022-01-01|Replace java.util.jar.JarFile by org.apache.tomcat| |65778|New|Enh|2022-01-01|Don't create URL from string | |65779|New|Enh|2022-01-01|Introduce CATALINA_BASE_DATA | +-+---+---+--+--+ | Total 40 bugs | +---+ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Bug report for Tomcat Connectors [2022/01/09]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |46767|New|Enh|2009-02-25|mod_jk to send DECLINED in case no fail-over tomca| |47327|New|Enh|2009-06-07|Return tomcat authenticated user back to mod_jk (A| |47750|New|Maj|2009-08-27|ISAPI: Loss of worker settings when changing via j| |48830|New|Nor|2010-03-01|IIS shutdown blocked in endpoint service when serv| |49822|New|Enh|2010-08-25|Add hash lb worker method | |49903|New|Enh|2010-09-09|Make workers file reloadable | |52483|New|Enh|2012-01-18|Print JkOptions's options in log file and jkstatus| |54621|New|Enh|2013-02-28|[PATCH] custom mod_jk availability checks | |56489|New|Enh|2014-05-05|Include a directory for configuration files | |56576|New|Enh|2014-05-29|Websocket support | |57402|New|Enh|2014-12-30|Provide correlation ID between mod_jk log and acce| |57403|New|Enh|2014-12-30|Persist configuration changes made via status work| |57407|New|Enh|2014-12-31|Make session_cookie, session_path and session_cook| |57790|New|Enh|2015-04-03|Check worker names for typos | |61476|New|Enh|2017-09-01|Allow reset of an individual worker stat value| |61621|New|Enh|2017-10-15|Content-Type is forced to lowercase when it goes t| |62093|New|Enh|2018-02-09|Allow use_server_errors to apply to specific statu| |63808|Opn|Enh|2019-10-05|the fact that JkMount makes other directives ineff| |64775|Inf|Nor|2020-09-28|mod_jk is sending both Content-Length and Transfer| |65488|New|Nor|2021-08-08|Destroy method is not being called during Failover| |65770|New|Enh|2021-12-28|Make keys reload automatically| +-+---+---+--+--+ | Total 21 bugs | +---+ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Bug report for Tomcat 10 [2022/01/09]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |64353|New|Enh|2020-04-15|Add support for accessing server certificate from | |64549|New|Enh|2020-06-23|create a project module to launch Tomcat in OSGi | |64550|New|Enh|2020-06-23|create a project module to launch Tomcat in JPMS | |64943|New|Enh|2020-11-29|[Patch] Add support for Unix Domain Sockets to org| |65124|New|Enh|2021-02-03|Inefficient generated JSP code| |65267|New|Enh|2021-04-27|Implement mod_headers like filter | |65391|New|Enh|2021-06-19|Additional user attributes queried by (some) realm| |65635|New|Enh|2021-10-15|Methods to return auth errors | +-+---+---+--+--+ | Total8 bugs | +---+ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Bug report for Tomcat 8 [2022/01/09]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |55243|New|Enh|2013-07-11|Add special search string for nested roles| |55470|New|Enh|2013-08-23|Help users for ClassNotFoundExceptions during star| |55477|New|Enh|2013-08-23|Add a solution to map a realm name to a security r| |55675|New|Enh|2013-10-18|Checking and handling invalid configuration option| |55788|New|Enh|2013-11-16|TagPlugins should key on tag QName rather than imp| |56148|New|Enh|2014-02-17|support (multiple) ocsp stapling | |56166|New|Enh|2014-02-20|Suggestions for exception handling (avoid potentia| |56300|New|Enh|2014-03-22|[Tribes] No useful examples, lack of documentation| |56398|New|Enh|2014-04-11|Support Arquillian-based unit testing | |56402|New|Enh|2014-04-11|Add support for HTTP Upgrade to AJP components| |56438|New|Enh|2014-04-21|If jar scan does not find context config or TLD co| |56448|New|Enh|2014-04-23|Implement a robust solution for client initiated S| |56522|Opn|Enh|2014-05-14|jasper-el 8 does not comply to EL Spec 3.0 regardi| |56546|New|Enh|2014-05-19|Improve thread trace logging in WebappClassLoader.| |56614|New|Enh|2014-06-12|Add a switch to ignore annotations detection on ta| |56713|New|Enh|2014-07-12|Limit time that incoming request waits while webap| |56787|New|Enh|2014-07-29|Simplified jndi name parsing | |57130|New|Enh|2014-10-22|Allow digest.sh to accept password from a file or | |57367|New|Enh|2014-12-18|If JAR scan experiences a stack overflow, give the| |57421|New|Enh|2015-01-07|Farming default directories | |57486|New|Enh|2015-01-23|Improve reuse of ProtectedFunctionMapper instances| |57701|New|Enh|2015-03-13|Implement "[Redeploy]" button for a web applicatio| |57827|New|Enh|2015-04-17|Enable adding/removing of members via jmx in a sta| |57830|New|Enh|2015-04-18|Add support for ProxyProtocol | |57872|New|Enh|2015-04-29|Do not auto-switch session cookie to version=1 due| |58052|Opn|Enh|2015-06-19|RewriteValve: Implement additional RewriteRule dir| |58072|New|Enh|2015-06-23|ECDH curve selection | |58935|Opn|Enh|2016-01-29|Re-deploy from war without deleting context | |59232|New|Enh|2016-03-24|Make the context name of an app available via JNDI| |59758|New|Enh|2016-06-27|Add http proxy username-password credentials suppo| |60597|New|Enh|2017-01-17|Add ability to set cipher suites for websocket cli| |60849|New|Enh|2017-03-13|Tomcat NIO Connector not able to handle SSL renego| |61877|New|Enh|2017-12-08|use web.xml from CATALINA_HOME by default | |62214|New|Enh|2018-03-22|The "userSubtree=true" and "roleSubtree=true" in J| |62245|New|Enh|2018-04-02|[Documentation] Mention contextXsltFile in Default| |63080|New|Enh|2019-01-16|Support rfc7239 Forwarded header | |63167|New|Enh|2019-02-12|Network Requirements To Resolve No Members Active | |63195|Inf|Enh|2019-02-21|Add easy way to test RemoteIpValve works properly | |65755|Inf|Cri|2021-12-20|Users sporadically receive responses intended for | +-+---+---+--+--+ | Total 39 bugs | +---+ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Bug report for Tomcat Native [2022/01/09]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |62911|New|Enh|2018-11-15|Add support for proxying ocsp requests via ProxyH| |64826|New|Maj|2020-10-19|libtcnative prompts for private key password in so| |64862|New|Enh|2020-10-30|Improve LibreSSL support | |65344|New|Enh|2021-05-31|OpenSSL configuration | +-+---+---+--+--+ | Total4 bugs | +---+ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Bug report for Tomcat Modules [2022/01/09]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |50571|Inf|Nor|2011-01-11|Tomcat 7 JDBC connection pool exception enhancemen| |51595|Inf|Nor|2011-08-01|org.apache.tomcat.jdbc.pool.jmx.ConnectionPool sho| |51879|Inf|Enh|2011-09-22|Improve access to Native Connection Methods | |52024|Inf|Enh|2011-10-13|Custom interceptor to support automatic failover o| |53199|Inf|Enh|2012-05-07|Refactor ConnectionPool to use ScheduledExecutorSe| |54437|New|Enh|2013-01-16|Update PoolProperties javadoc for ConnectState int| |54929|Inf|Nor|2013-05-05|jdbc-pool cannot be used with Java 1.5, "java.lang| |55078|New|Nor|2013-06-07|Configuring a DataSource Resource with dataSourceJ| |55662|New|Enh|2013-10-17|Add a way to set an instance of java.sql.Driver di| |56046|New|Enh|2014-01-21|org.apache.tomcat.jdbc.pool.XADataSource InitSQL p| |56088|New|Maj|2014-01-29|AbstractQueryReport$StatementProxy throws exceptio| |56310|Inf|Maj|2014-03-25|PooledConnection and XAConnection not handled corr| |56586|New|Nor|2014-06-02|initSQL should be committed if defaultAutoCommit =| |56775|New|Nor|2014-07-28|PoolCleanerTime schedule issue| |56779|New|Nor|2014-07-28|Allow multiple connection initialization statement| |56790|New|Nor|2014-07-29|Resizing pool.maxActive to a higher value at runti| |56798|New|Nor|2014-07-31|Idle eviction strategy could perform better (and i| |56804|New|Nor|2014-08-02|Use a default validationQueryTimeout other than "f| |56805|New|Nor|2014-08-02|datasource.getConnection() may be unnecessarily bl| |56837|New|Nor|2014-08-11|if validationQuery have error with timeBetweenEvic| |56970|New|Nor|2014-09-11|MaxActive vs. MaxTotal for commons-dbcp and tomcat| |57460|New|Nor|2015-01-19|[DB2]Connection broken after few hours but not rem| |57729|New|Enh|2015-03-20|Add QueryExecutionReportInterceptor to log query e| |58489|Opn|Maj|2015-10-08|QueryStatsComparator throws IllegalArgumentExcepti| |59077|New|Nor|2016-02-26|DataSourceFactory creates a neutered data source | |59569|New|Nor|2016-05-18|isWrapperFor/unwrap implementations incorrect | |59879|New|Nor|2016-07-18|StatementCache interceptor returns ResultSet objec| |60195|New|Nor|2016-10-02|No javadoc in Maven Central | |60522|New|Nor|2016-12-27|An option for setting if the transaction should be| |60524|Inf|Nor|2016-12-28|NPE in SlowQueryReport in tomcat-jdbc-7.0.68 | |60645|New|Nor|2017-01-25|StatementFinalizer is not thread-safe | |61032|New|Nor|2017-04-24|min pool size is not being respected | |61103|New|Nor|2017-05-18|StatementCache potentially caching non-functional | |61302|New|Enh|2017-07-15|Refactoring of DataSourceProxy| |61303|New|Enh|2017-07-15|Refactoring of ConnectionPool | |62432|New|Nor|2018-06-06|Memory Leak in Statement Finalizer? | |62598|New|Enh|2018-08-04|support pool with multiple JDBC data sources | |62910|Inf|Nor|2018-11-15|tomcat-jdbc global pool transaction problem | |63612|Inf|Cri|2019-07-26|PooledConnection#connectUsingDriver, Thread.curren| |63705|New|Nor|2019-08-29|The tomcat pool doesn't register all connection th| |64083|New|Nor|2020-01-17|JDBC pool keeps closed connection as available| |64107|New|Maj|2020-01-30|PreparedStatements correctly closed are not return| |64231|New|Nor|2020-03-16|Tomcat jdbc pool behaviour| |64570|New|Nor|2020-07-01|Transaction not rollbacked if autocommit is false | |64809|New|Nor|2020-10-13|Connection properties not reset to defaults when C| |65347|New|Nor|2021-06-02|The equals method from statements generated by the| +-+---+---+--+--+ | Total 46 bugs | +---+ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: d
