Re: Default Servlet and POST
On 12/03/2025 13:18, Rémy Maucherat wrote: On Wed, Mar 12, 2025 at 1:23 PM Mark Thomas wrote: All, I have been working through the some specification compliance questions raised by some research into HTTP conformance [1]. That paper's focus is security but I don't see any security concerns for Tomcat. I do see a number of false positive results and I have raised issues for those. One of the results relates to how Tomcat responds to a POST request. I am assuming it is the default servlet that responds as I don't see any Servlet or JSP code in the test. Looking at this got me thinking. Why is the default Servlet responding to a POST request as if it is a GET request? I can see a case for doing this for include/forwards but not for direct requests. Because whatever back then seemed better that way if I did it that way. Allowing the current behavior for request dispatcher use would be good, yes, otherwise breakage seems quite likely (when doing that, you may not care about whatever the original HTTP method was unless it didn't work). Should we be returning 405 for direct requests using POST? It seems possible. I'll add this to my TODO list (or open a BZ issue if I need to spend time elsewhere). What are the thoughts on: - versions this change should apply to? - whether it is configurable? - if configurable, what the default should be? Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Additional Java language features
Hi, Would it be ok to use records and pattern variables (which replace the instanceof then cast code) in Tomcat ? I think they would improve the code overall, esp records. Although it would make the branches a bit more different, this is "boilerplate" (as they say ;) ) code so unlikely to cause real merge problems. Rémy - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Additional Java language features
On 17/03/2025 12:08, Rémy Maucherat wrote: Hi, Would it be ok to use records and pattern variables (which replace the instanceof then cast code) in Tomcat ? +1 I think they would improve the code overall, esp records. Although it would make the branches a bit more different, this is "boilerplate" (as they say ;) ) code so unlikely to cause real merge problems. Agreed. I suspect a little refactoring may be required to use Records in some cases. That is probably a good thing if it helps clarify what data is static and what might be changing. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) branch 10.1.x updated: Not strictly necessary but stops Eclipse from complaining
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new 6cf264890d Not strictly necessary but stops Eclipse from complaining
6cf264890d is described below
commit 6cf264890d09e0591ee9feb0dbf3707d5518f85b
Author: Mark Thomas
AuthorDate: Mon Mar 17 14:39:29 2025 +
Not strictly necessary but stops Eclipse from complaining
---
java/org/apache/catalina/startup/Bootstrap.java | 1 +
1 file changed, 1 insertion(+)
diff --git a/java/org/apache/catalina/startup/Bootstrap.java
b/java/org/apache/catalina/startup/Bootstrap.java
index cf02c102a2..4155285766 100644
--- a/java/org/apache/catalina/startup/Bootstrap.java
+++ b/java/org/apache/catalina/startup/Bootstrap.java
@@ -487,6 +487,7 @@ public final class Bootstrap {
System.exit(1);
}
System.exit(0);
+break;
default:
log.warn("Bootstrap: command \"" + command + "\" does not
exist.");
break;
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: (tomcat) branch main updated: Not strictly necessary but stops Eclipse from complaining
Mark,
On 3/17/25 10:39 AM, ma...@apache.org wrote:
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 933f964fb1 Not strictly necessary but stops Eclipse from complaining
933f964fb1 is described below
commit 933f964fb151dda3d53fd28ee94f8e71803e3200
Author: Mark Thomas
AuthorDate: Mon Mar 17 14:39:29 2025 +
Not strictly necessary but stops Eclipse from complaining
---
java/org/apache/catalina/startup/Bootstrap.java | 1 +
1 file changed, 1 insertion(+)
diff --git a/java/org/apache/catalina/startup/Bootstrap.java
b/java/org/apache/catalina/startup/Bootstrap.java
index c5b35bd829..adfa9eaf95 100644
--- a/java/org/apache/catalina/startup/Bootstrap.java
+++ b/java/org/apache/catalina/startup/Bootstrap.java
@@ -484,6 +484,7 @@ public final class Bootstrap {
System.exit(1);
}
System.exit(0);
+break;
LOL I seem to recall some compilers that were "smart" and would flag the
"break" as "dead code".
You can't please all of the compilers all of the time.
-chris
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 69608] JSP Servlet engine is garbage collected leading to Denial of service
https://bz.apache.org/bugzilla/show_bug.cgi?id=69608 --- Comment #7 from John Engebretson --- I agree with others that this probably isn't caused by an error in Tomcat - Tomcat directly allocates a relatively small amount of memory, so whatever is creating the GC demand is most likely application code. The best way to investigate that is to collect a heap dump (look up "jmap" in the JDK) and look to see what objects or classes are using up the heap. Eclipse MAT is a good tool here. If you find that Tomcat code is at fault, please add that info to this ticket. Otherwise you may find better information from general Java resources about memory and GC optimization. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Default Servlet and POST
Mark, On 3/17/25 8:49 AM, Mark Thomas wrote: On 12/03/2025 13:18, Rémy Maucherat wrote: On Wed, Mar 12, 2025 at 1:23 PM Mark Thomas wrote: All, I have been working through the some specification compliance questions raised by some research into HTTP conformance [1]. That paper's focus is security but I don't see any security concerns for Tomcat. I do see a number of false positive results and I have raised issues for those. One of the results relates to how Tomcat responds to a POST request. I am assuming it is the default servlet that responds as I don't see any Servlet or JSP code in the test. Looking at this got me thinking. Why is the default Servlet responding to a POST request as if it is a GET request? I can see a case for doing this for include/forwards but not for direct requests. Because whatever back then seemed better that way if I did it that way. Allowing the current behavior for request dispatcher use would be good, yes, otherwise breakage seems quite likely (when doing that, you may not care about whatever the original HTTP method was unless it didn't work). Should we be returning 405 for direct requests using POST? It seems possible. I'll add this to my TODO list (or open a BZ issue if I need to spend time elsewhere). What are the thoughts on: - versions this change should apply to? I wouldn't go back as far as Tomcat 9.0.x, at least not by default. I would guess that not many users are using Tomcat 10.1.x yet, and those who do use it are more likely to be agile enough to make any changes required due to this change. - whether it is configurable? If you make it configurable, then the only difference between 9 vs 10+ (in my proposal) would be the default value. - if configurable, what the default should be? See above. -chris - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) branch 10.1.x updated: Remove unnecessary casts
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new 1ef921ceec Remove unnecessary casts
1ef921ceec is described below
commit 1ef921ceeccb5daecc6d4658a9abe6ff5f212ccf
Author: Mark Thomas
AuthorDate: Mon Mar 17 16:21:04 2025 +
Remove unnecessary casts
---
java/org/apache/catalina/core/DefaultInstanceManager.java | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/java/org/apache/catalina/core/DefaultInstanceManager.java
b/java/org/apache/catalina/core/DefaultInstanceManager.java
index 9f23949951..e89f8bf95b 100644
--- a/java/org/apache/catalina/core/DefaultInstanceManager.java
+++ b/java/org/apache/catalina/core/DefaultInstanceManager.java
@@ -377,21 +377,21 @@ public class DefaultInstanceManager implements
InstanceManager {
annotations.add(new
AnnotationCacheEntry(fieldName, null, resourceAnnotation.name(),
AnnotationCacheEntryType.FIELD));
} else if (EJB_PRESENT && (ejbAnnotation =
field.getAnnotation(EJB.class)) != null) {
-annotations.add(new
AnnotationCacheEntry(fieldName, null, ((EJB) ejbAnnotation).name(),
+annotations.add(new
AnnotationCacheEntry(fieldName, null, ejbAnnotation.name(),
AnnotationCacheEntryType.FIELD));
} else if (WS_PRESENT &&
(webServiceRefAnnotation =
field.getAnnotation(WebServiceRef.class)) != null) {
annotations.add(new
AnnotationCacheEntry(fieldName, null,
-((WebServiceRef)
webServiceRefAnnotation).name(), AnnotationCacheEntryType.FIELD));
+webServiceRefAnnotation.name(),
AnnotationCacheEntryType.FIELD));
} else if (JPA_PRESENT &&
(persistenceContextAnnotation =
field.getAnnotation(PersistenceContext.class))
!= null) {
annotations.add(new
AnnotationCacheEntry(fieldName, null,
-((PersistenceContext)
persistenceContextAnnotation).name(),
+persistenceContextAnnotation.name(),
AnnotationCacheEntryType.FIELD));
} else if (JPA_PRESENT &&
(persistenceUnitAnnotation =
field.getAnnotation(PersistenceUnit.class)) != null) {
annotations.add(new
AnnotationCacheEntry(fieldName, null,
-((PersistenceUnit)
persistenceUnitAnnotation).name(),
+persistenceUnitAnnotation.name(),
AnnotationCacheEntryType.FIELD));
}
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) branch main updated: Code clean-up - formatting. No functional change.
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 7443c353cc Code clean-up - formatting. No functional change.
7443c353cc is described below
commit 7443c353cc937943e3834780bed5e8df97c22b94
Author: Mark Thomas
AuthorDate: Mon Mar 17 16:26:09 2025 +
Code clean-up - formatting. No functional change.
---
.../apache/jasper/servlet/JasperInitializer.java | 19 ++-
java/org/apache/jasper/servlet/JasperLoader.java | 44 +++
.../apache/jasper/servlet/JspCServletContext.java | 73 +--
java/org/apache/jasper/servlet/JspServlet.java | 123 ---
.../apache/jasper/servlet/JspServletWrapper.java | 134 +
java/org/apache/jasper/servlet/TldPreScanned.java | 8 +-
java/org/apache/jasper/servlet/TldScanner.java | 87 +
7 files changed, 194 insertions(+), 294 deletions(-)
diff --git a/java/org/apache/jasper/servlet/JasperInitializer.java
b/java/org/apache/jasper/servlet/JasperInitializer.java
index a39f015348..9d41424d8e 100644
--- a/java/org/apache/jasper/servlet/JasperInitializer.java
+++ b/java/org/apache/jasper/servlet/JasperInitializer.java
@@ -43,8 +43,8 @@ public class JasperInitializer implements
ServletContainerInitializer {
private final Log log = LogFactory.getLog(JasperInitializer.class); //
must not be static
/*
- * Preload classes required at runtime by a JSP servlet so that
- * we don't get a defineClassInPackage security exception.
+ * Preload classes required at runtime by a JSP servlet so that we don't
get a defineClassInPackage security
+ * exception.
*/
static {
JspFactoryImpl factory = new JspFactoryImpl();
@@ -60,14 +60,12 @@ public class JasperInitializer implements
ServletContainerInitializer {
}
// Setup a simple default Instance Manager
-if (context.getAttribute(InstanceManager.class.getName())==null) {
+if (context.getAttribute(InstanceManager.class.getName()) == null) {
context.setAttribute(InstanceManager.class.getName(), new
SimpleInstanceManager());
}
-boolean validate = Boolean.parseBoolean(
-
context.getInitParameter(Constants.XML_VALIDATION_TLD_INIT_PARAM));
-String blockExternalString = context.getInitParameter(
-Constants.XML_BLOCK_EXTERNAL_INIT_PARAM);
+boolean validate =
Boolean.parseBoolean(context.getInitParameter(Constants.XML_VALIDATION_TLD_INIT_PARAM));
+String blockExternalString =
context.getInitParameter(Constants.XML_BLOCK_EXTERNAL_INIT_PARAM);
boolean blockExternal;
if (blockExternalString == null) {
blockExternal = true;
@@ -89,8 +87,7 @@ public class JasperInitializer implements
ServletContainerInitializer {
}
context.setAttribute(TldCache.SERVLET_CONTEXT_ATTRIBUTE_NAME,
-new TldCache(context, scanner.getUriTldResourcePathMap(),
-scanner.getTldResourcePathTaglibXmlMap()));
+new TldCache(context, scanner.getUriTldResourcePathMap(),
scanner.getTldResourcePathTaglibXmlMap()));
String poolSizeValue =
context.getInitParameter(Constants.JSP_FACTORY_POOL_SIZE_INIT_PARAM);
int poolSize = 8;
@@ -108,8 +105,8 @@ public class JasperInitializer implements
ServletContainerInitializer {
}
-protected TldScanner newTldScanner(ServletContext context, boolean
namespaceAware,
-boolean validate, boolean blockExternal) {
+protected TldScanner newTldScanner(ServletContext context, boolean
namespaceAware, boolean validate,
+boolean blockExternal) {
return new TldScanner(context, namespaceAware, validate,
blockExternal);
}
}
diff --git a/java/org/apache/jasper/servlet/JasperLoader.java
b/java/org/apache/jasper/servlet/JasperLoader.java
index d500c0aeca..2bf30b82e7 100644
--- a/java/org/apache/jasper/servlet/JasperLoader.java
+++ b/java/org/apache/jasper/servlet/JasperLoader.java
@@ -22,8 +22,8 @@ import java.net.URL;
import java.net.URLClassLoader;
/**
- * Class loader for loading servlet class files (corresponding to JSP files)
- * and tag handler class files (corresponding to tag files).
+ * Class loader for loading servlet class files (corresponding to JSP files)
and tag handler class files (corresponding
+ * to tag files).
*
* @author Anil K. Vijendran
* @author Harish Prabandham
@@ -38,9 +38,8 @@ public class JasperLoader extends URLClassLoader {
}
/**
- * Load the class with the specified name. This method searches for
- * classes in the same manner as loadClass(String, boolean)
- * with false as the second argument.
+ * Load the class with the specified name. This method searches for
classes in the same m
(tomcat) branch 9.0.x updated: Code clean-up - formatting. No functional change.
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 3146888d35 Code clean-up - formatting. No functional change.
3146888d35 is described below
commit 3146888d35cd3a1c718d5e147e4acd983bbe767c
Author: Mark Thomas
AuthorDate: Mon Mar 17 16:27:29 2025 +
Code clean-up - formatting. No functional change.
---
.../apache/jasper/servlet/JasperInitializer.java | 19 ++-
java/org/apache/jasper/servlet/JasperLoader.java | 62 -
.../apache/jasper/servlet/JspCServletContext.java | 73 ---
java/org/apache/jasper/servlet/JspServlet.java | 138 +---
.../apache/jasper/servlet/JspServletWrapper.java | 142 +
java/org/apache/jasper/servlet/TldPreScanned.java | 8 +-
java/org/apache/jasper/servlet/TldScanner.java | 87 +
7 files changed, 212 insertions(+), 317 deletions(-)
diff --git a/java/org/apache/jasper/servlet/JasperInitializer.java
b/java/org/apache/jasper/servlet/JasperInitializer.java
index 8324bdcdb4..08999433bb 100644
--- a/java/org/apache/jasper/servlet/JasperInitializer.java
+++ b/java/org/apache/jasper/servlet/JasperInitializer.java
@@ -44,8 +44,8 @@ public class JasperInitializer implements
ServletContainerInitializer {
private final Log log = LogFactory.getLog(JasperInitializer.class); //
must not be static
/*
- * Preload classes required at runtime by a JSP servlet so that
- * we don't get a defineClassInPackage security exception.
+ * Preload classes required at runtime by a JSP servlet so that we don't
get a defineClassInPackage security
+ * exception.
*/
static {
JspFactoryImpl factory = new JspFactoryImpl();
@@ -62,14 +62,12 @@ public class JasperInitializer implements
ServletContainerInitializer {
}
// Setup a simple default Instance Manager
-if (context.getAttribute(InstanceManager.class.getName())==null) {
+if (context.getAttribute(InstanceManager.class.getName()) == null) {
context.setAttribute(InstanceManager.class.getName(), new
SimpleInstanceManager());
}
-boolean validate = Boolean.parseBoolean(
-
context.getInitParameter(Constants.XML_VALIDATION_TLD_INIT_PARAM));
-String blockExternalString = context.getInitParameter(
-Constants.XML_BLOCK_EXTERNAL_INIT_PARAM);
+boolean validate =
Boolean.parseBoolean(context.getInitParameter(Constants.XML_VALIDATION_TLD_INIT_PARAM));
+String blockExternalString =
context.getInitParameter(Constants.XML_BLOCK_EXTERNAL_INIT_PARAM);
boolean blockExternal;
if (blockExternalString == null) {
blockExternal = true;
@@ -91,12 +89,11 @@ public class JasperInitializer implements
ServletContainerInitializer {
}
context.setAttribute(TldCache.SERVLET_CONTEXT_ATTRIBUTE_NAME,
-new TldCache(context, scanner.getUriTldResourcePathMap(),
-scanner.getTldResourcePathTaglibXmlMap()));
+new TldCache(context, scanner.getUriTldResourcePathMap(),
scanner.getTldResourcePathTaglibXmlMap()));
}
-protected TldScanner newTldScanner(ServletContext context, boolean
namespaceAware,
-boolean validate, boolean blockExternal) {
+protected TldScanner newTldScanner(ServletContext context, boolean
namespaceAware, boolean validate,
+boolean blockExternal) {
return new TldScanner(context, namespaceAware, validate,
blockExternal);
}
}
diff --git a/java/org/apache/jasper/servlet/JasperLoader.java
b/java/org/apache/jasper/servlet/JasperLoader.java
index 670ab8ae5d..ec7e84d621 100644
--- a/java/org/apache/jasper/servlet/JasperLoader.java
+++ b/java/org/apache/jasper/servlet/JasperLoader.java
@@ -26,8 +26,8 @@ import java.security.PermissionCollection;
import org.apache.jasper.Constants;
/**
- * Class loader for loading servlet class files (corresponding to JSP files)
- * and tag handler class files (corresponding to tag files).
+ * Class loader for loading servlet class files (corresponding to JSP files)
and tag handler class files (corresponding
+ * to tag files).
*
* @author Anil K. Vijendran
* @author Harish Prabandham
@@ -37,17 +37,15 @@ public class JasperLoader extends URLClassLoader {
private final PermissionCollection permissionCollection;
private final SecurityManager securityManager;
-public JasperLoader(URL[] urls, ClassLoader parent,
-PermissionCollection permissionCollection) {
+public JasperLoader(URL[] urls, ClassLoader parent, PermissionCollection
permissionCollection) {
super(urls, parent);
this.permissionCollection = permissionCollection;
this.securityManager = System.getSecurityMa
(tomcat) branch 10.1.x updated: Code clean-up - formatting. No functional change.
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new 23dccee230 Code clean-up - formatting. No functional change.
23dccee230 is described below
commit 23dccee2309664e587375de6369abf7fd3fc73fb
Author: Mark Thomas
AuthorDate: Mon Mar 17 16:27:03 2025 +
Code clean-up - formatting. No functional change.
---
.../apache/jasper/servlet/JasperInitializer.java | 19 ++-
java/org/apache/jasper/servlet/JasperLoader.java | 62 -
.../apache/jasper/servlet/JspCServletContext.java | 73 +--
java/org/apache/jasper/servlet/JspServlet.java | 138 +
.../apache/jasper/servlet/JspServletWrapper.java | 134
java/org/apache/jasper/servlet/TldPreScanned.java | 8 +-
java/org/apache/jasper/servlet/TldScanner.java | 87 +
7 files changed, 208 insertions(+), 313 deletions(-)
diff --git a/java/org/apache/jasper/servlet/JasperInitializer.java
b/java/org/apache/jasper/servlet/JasperInitializer.java
index f444040ffa..d4b7331f15 100644
--- a/java/org/apache/jasper/servlet/JasperInitializer.java
+++ b/java/org/apache/jasper/servlet/JasperInitializer.java
@@ -44,8 +44,8 @@ public class JasperInitializer implements
ServletContainerInitializer {
private final Log log = LogFactory.getLog(JasperInitializer.class); //
must not be static
/*
- * Preload classes required at runtime by a JSP servlet so that
- * we don't get a defineClassInPackage security exception.
+ * Preload classes required at runtime by a JSP servlet so that we don't
get a defineClassInPackage security
+ * exception.
*/
static {
JspFactoryImpl factory = new JspFactoryImpl();
@@ -62,14 +62,12 @@ public class JasperInitializer implements
ServletContainerInitializer {
}
// Setup a simple default Instance Manager
-if (context.getAttribute(InstanceManager.class.getName())==null) {
+if (context.getAttribute(InstanceManager.class.getName()) == null) {
context.setAttribute(InstanceManager.class.getName(), new
SimpleInstanceManager());
}
-boolean validate = Boolean.parseBoolean(
-
context.getInitParameter(Constants.XML_VALIDATION_TLD_INIT_PARAM));
-String blockExternalString = context.getInitParameter(
-Constants.XML_BLOCK_EXTERNAL_INIT_PARAM);
+boolean validate =
Boolean.parseBoolean(context.getInitParameter(Constants.XML_VALIDATION_TLD_INIT_PARAM));
+String blockExternalString =
context.getInitParameter(Constants.XML_BLOCK_EXTERNAL_INIT_PARAM);
boolean blockExternal;
if (blockExternalString == null) {
blockExternal = true;
@@ -91,8 +89,7 @@ public class JasperInitializer implements
ServletContainerInitializer {
}
context.setAttribute(TldCache.SERVLET_CONTEXT_ATTRIBUTE_NAME,
-new TldCache(context, scanner.getUriTldResourcePathMap(),
-scanner.getTldResourcePathTaglibXmlMap()));
+new TldCache(context, scanner.getUriTldResourcePathMap(),
scanner.getTldResourcePathTaglibXmlMap()));
String poolSizeValue =
context.getInitParameter(Constants.JSP_FACTORY_POOL_SIZE_INIT_PARAM);
int poolSize = 8;
@@ -110,8 +107,8 @@ public class JasperInitializer implements
ServletContainerInitializer {
}
-protected TldScanner newTldScanner(ServletContext context, boolean
namespaceAware,
-boolean validate, boolean blockExternal) {
+protected TldScanner newTldScanner(ServletContext context, boolean
namespaceAware, boolean validate,
+boolean blockExternal) {
return new TldScanner(context, namespaceAware, validate,
blockExternal);
}
}
diff --git a/java/org/apache/jasper/servlet/JasperLoader.java
b/java/org/apache/jasper/servlet/JasperLoader.java
index fa3e4b5de0..91848735a3 100644
--- a/java/org/apache/jasper/servlet/JasperLoader.java
+++ b/java/org/apache/jasper/servlet/JasperLoader.java
@@ -24,8 +24,8 @@ import java.security.CodeSource;
import java.security.PermissionCollection;
/**
- * Class loader for loading servlet class files (corresponding to JSP files)
- * and tag handler class files (corresponding to tag files).
+ * Class loader for loading servlet class files (corresponding to JSP files)
and tag handler class files (corresponding
+ * to tag files).
*
* @author Anil K. Vijendran
* @author Harish Prabandham
@@ -36,8 +36,7 @@ public class JasperLoader extends URLClassLoader {
private final SecurityManager securityManager;
private final String packageName;
-public JasperLoader(URL[] urls, ClassLoader parent,
-String packageName, PermissionCollection permissionCollection) {
+public JasperLoader(URL[] urls,
(tomcat) branch 11.0.x updated: Code clean-up - formatting. No functional change.
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 11.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/11.0.x by this push:
new 32d3320efd Code clean-up - formatting. No functional change.
32d3320efd is described below
commit 32d3320efd9b1e244d6e0e9cec86d4b8a50a75cd
Author: Mark Thomas
AuthorDate: Mon Mar 17 16:26:29 2025 +
Code clean-up - formatting. No functional change.
---
.../apache/jasper/servlet/JasperInitializer.java | 19 ++-
java/org/apache/jasper/servlet/JasperLoader.java | 44 +++
.../apache/jasper/servlet/JspCServletContext.java | 73 +--
java/org/apache/jasper/servlet/JspServlet.java | 123 ---
.../apache/jasper/servlet/JspServletWrapper.java | 134 +
java/org/apache/jasper/servlet/TldPreScanned.java | 8 +-
java/org/apache/jasper/servlet/TldScanner.java | 87 +
7 files changed, 194 insertions(+), 294 deletions(-)
diff --git a/java/org/apache/jasper/servlet/JasperInitializer.java
b/java/org/apache/jasper/servlet/JasperInitializer.java
index a39f015348..9d41424d8e 100644
--- a/java/org/apache/jasper/servlet/JasperInitializer.java
+++ b/java/org/apache/jasper/servlet/JasperInitializer.java
@@ -43,8 +43,8 @@ public class JasperInitializer implements
ServletContainerInitializer {
private final Log log = LogFactory.getLog(JasperInitializer.class); //
must not be static
/*
- * Preload classes required at runtime by a JSP servlet so that
- * we don't get a defineClassInPackage security exception.
+ * Preload classes required at runtime by a JSP servlet so that we don't
get a defineClassInPackage security
+ * exception.
*/
static {
JspFactoryImpl factory = new JspFactoryImpl();
@@ -60,14 +60,12 @@ public class JasperInitializer implements
ServletContainerInitializer {
}
// Setup a simple default Instance Manager
-if (context.getAttribute(InstanceManager.class.getName())==null) {
+if (context.getAttribute(InstanceManager.class.getName()) == null) {
context.setAttribute(InstanceManager.class.getName(), new
SimpleInstanceManager());
}
-boolean validate = Boolean.parseBoolean(
-
context.getInitParameter(Constants.XML_VALIDATION_TLD_INIT_PARAM));
-String blockExternalString = context.getInitParameter(
-Constants.XML_BLOCK_EXTERNAL_INIT_PARAM);
+boolean validate =
Boolean.parseBoolean(context.getInitParameter(Constants.XML_VALIDATION_TLD_INIT_PARAM));
+String blockExternalString =
context.getInitParameter(Constants.XML_BLOCK_EXTERNAL_INIT_PARAM);
boolean blockExternal;
if (blockExternalString == null) {
blockExternal = true;
@@ -89,8 +87,7 @@ public class JasperInitializer implements
ServletContainerInitializer {
}
context.setAttribute(TldCache.SERVLET_CONTEXT_ATTRIBUTE_NAME,
-new TldCache(context, scanner.getUriTldResourcePathMap(),
-scanner.getTldResourcePathTaglibXmlMap()));
+new TldCache(context, scanner.getUriTldResourcePathMap(),
scanner.getTldResourcePathTaglibXmlMap()));
String poolSizeValue =
context.getInitParameter(Constants.JSP_FACTORY_POOL_SIZE_INIT_PARAM);
int poolSize = 8;
@@ -108,8 +105,8 @@ public class JasperInitializer implements
ServletContainerInitializer {
}
-protected TldScanner newTldScanner(ServletContext context, boolean
namespaceAware,
-boolean validate, boolean blockExternal) {
+protected TldScanner newTldScanner(ServletContext context, boolean
namespaceAware, boolean validate,
+boolean blockExternal) {
return new TldScanner(context, namespaceAware, validate,
blockExternal);
}
}
diff --git a/java/org/apache/jasper/servlet/JasperLoader.java
b/java/org/apache/jasper/servlet/JasperLoader.java
index d500c0aeca..2bf30b82e7 100644
--- a/java/org/apache/jasper/servlet/JasperLoader.java
+++ b/java/org/apache/jasper/servlet/JasperLoader.java
@@ -22,8 +22,8 @@ import java.net.URL;
import java.net.URLClassLoader;
/**
- * Class loader for loading servlet class files (corresponding to JSP files)
- * and tag handler class files (corresponding to tag files).
+ * Class loader for loading servlet class files (corresponding to JSP files)
and tag handler class files (corresponding
+ * to tag files).
*
* @author Anil K. Vijendran
* @author Harish Prabandham
@@ -38,9 +38,8 @@ public class JasperLoader extends URLClassLoader {
}
/**
- * Load the class with the specified name. This method searches for
- * classes in the same manner as loadClass(String, boolean)
- * with false as the second argument.
+ * Load the class with the specified name. This method searches for
classes in the sa
(tomcat) branch 10.1.x updated: Code clean-up - formatting. No functional change.
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new 7c3dfabf1f Code clean-up - formatting. No functional change.
7c3dfabf1f is described below
commit 7c3dfabf1f9a3c62393b567e4cf573f5c6182c90
Author: Mark Thomas
AuthorDate: Mon Mar 17 16:28:17 2025 +
Code clean-up - formatting. No functional change.
---
java/org/apache/jasper/security/SecurityClassLoad.java | 3 +--
java/org/apache/jasper/security/SecurityUtil.java | 12 ++--
2 files changed, 7 insertions(+), 8 deletions(-)
diff --git a/java/org/apache/jasper/security/SecurityClassLoad.java
b/java/org/apache/jasper/security/SecurityClassLoad.java
index 3642847fdc..3faf2aa9d1 100644
--- a/java/org/apache/jasper/security/SecurityClassLoad.java
+++ b/java/org/apache/jasper/security/SecurityClassLoad.java
@@ -21,8 +21,7 @@ import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
/**
- * Static class used to preload java classes when using the
- * Java SecurityManager so that the defineClassInPackage
+ * Static class used to preload java classes when using the Java
SecurityManager so that the defineClassInPackage
* RuntimePermission does not trigger an AccessControlException.
*/
public final class SecurityClassLoad {
diff --git a/java/org/apache/jasper/security/SecurityUtil.java
b/java/org/apache/jasper/security/SecurityUtil.java
index 5b6f69de64..faddb89e4f 100644
--- a/java/org/apache/jasper/security/SecurityUtil.java
+++ b/java/org/apache/jasper/security/SecurityUtil.java
@@ -22,18 +22,18 @@ import org.apache.jasper.Constants;
* Util class for Security related operations.
*/
-public final class SecurityUtil{
+public final class SecurityUtil {
private static final boolean packageDefinitionEnabled =
- System.getProperty("package.definition") == null ? false : true;
+System.getProperty("package.definition") == null ? false : true;
/**
- * Return the SecurityManager only if Security is enabled AND
- * package protection mechanism is enabled.
+ * Return the SecurityManager only if Security is enabled AND
package protection mechanism is enabled.
+ *
* @return true if package protection is enabled
*/
-public static boolean isPackageProtectionEnabled(){
-if (packageDefinitionEnabled && Constants.IS_SECURITY_ENABLED){
+public static boolean isPackageProtectionEnabled() {
+if (packageDefinitionEnabled && Constants.IS_SECURITY_ENABLED) {
return true;
}
return false;
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) branch 9.0.x updated: Code clean-up - formatting. No functional change.
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 5ed13c8833 Code clean-up - formatting. No functional change.
5ed13c8833 is described below
commit 5ed13c88339f2f91dff88db1a4224c19e0ea5d26
Author: Mark Thomas
AuthorDate: Mon Mar 17 16:28:34 2025 +
Code clean-up - formatting. No functional change.
---
java/org/apache/jasper/security/SecurityClassLoad.java | 3 +--
java/org/apache/jasper/security/SecurityUtil.java | 12 ++--
2 files changed, 7 insertions(+), 8 deletions(-)
diff --git a/java/org/apache/jasper/security/SecurityClassLoad.java
b/java/org/apache/jasper/security/SecurityClassLoad.java
index 3642847fdc..3faf2aa9d1 100644
--- a/java/org/apache/jasper/security/SecurityClassLoad.java
+++ b/java/org/apache/jasper/security/SecurityClassLoad.java
@@ -21,8 +21,7 @@ import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
/**
- * Static class used to preload java classes when using the
- * Java SecurityManager so that the defineClassInPackage
+ * Static class used to preload java classes when using the Java
SecurityManager so that the defineClassInPackage
* RuntimePermission does not trigger an AccessControlException.
*/
public final class SecurityClassLoad {
diff --git a/java/org/apache/jasper/security/SecurityUtil.java
b/java/org/apache/jasper/security/SecurityUtil.java
index 5b6f69de64..faddb89e4f 100644
--- a/java/org/apache/jasper/security/SecurityUtil.java
+++ b/java/org/apache/jasper/security/SecurityUtil.java
@@ -22,18 +22,18 @@ import org.apache.jasper.Constants;
* Util class for Security related operations.
*/
-public final class SecurityUtil{
+public final class SecurityUtil {
private static final boolean packageDefinitionEnabled =
- System.getProperty("package.definition") == null ? false : true;
+System.getProperty("package.definition") == null ? false : true;
/**
- * Return the SecurityManager only if Security is enabled AND
- * package protection mechanism is enabled.
+ * Return the SecurityManager only if Security is enabled AND
package protection mechanism is enabled.
+ *
* @return true if package protection is enabled
*/
-public static boolean isPackageProtectionEnabled(){
-if (packageDefinitionEnabled && Constants.IS_SECURITY_ENABLED){
+public static boolean isPackageProtectionEnabled() {
+if (packageDefinitionEnabled && Constants.IS_SECURITY_ENABLED) {
return true;
}
return false;
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) branch 9.0.x updated: Not strictly necessary but stops Eclipse from complaining
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new c6ec77fe62 Not strictly necessary but stops Eclipse from complaining
c6ec77fe62 is described below
commit c6ec77fe622c8f40c43c00307ae512669eccdaf5
Author: Mark Thomas
AuthorDate: Mon Mar 17 14:39:29 2025 +
Not strictly necessary but stops Eclipse from complaining
---
java/org/apache/catalina/startup/Bootstrap.java | 1 +
1 file changed, 1 insertion(+)
diff --git a/java/org/apache/catalina/startup/Bootstrap.java
b/java/org/apache/catalina/startup/Bootstrap.java
index cf02c102a2..4155285766 100644
--- a/java/org/apache/catalina/startup/Bootstrap.java
+++ b/java/org/apache/catalina/startup/Bootstrap.java
@@ -487,6 +487,7 @@ public final class Bootstrap {
System.exit(1);
}
System.exit(0);
+break;
default:
log.warn("Bootstrap: command \"" + command + "\" does not
exist.");
break;
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) branch main updated: Not strictly necessary but stops Eclipse from complaining
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 933f964fb1 Not strictly necessary but stops Eclipse from complaining
933f964fb1 is described below
commit 933f964fb151dda3d53fd28ee94f8e71803e3200
Author: Mark Thomas
AuthorDate: Mon Mar 17 14:39:29 2025 +
Not strictly necessary but stops Eclipse from complaining
---
java/org/apache/catalina/startup/Bootstrap.java | 1 +
1 file changed, 1 insertion(+)
diff --git a/java/org/apache/catalina/startup/Bootstrap.java
b/java/org/apache/catalina/startup/Bootstrap.java
index c5b35bd829..adfa9eaf95 100644
--- a/java/org/apache/catalina/startup/Bootstrap.java
+++ b/java/org/apache/catalina/startup/Bootstrap.java
@@ -484,6 +484,7 @@ public final class Bootstrap {
System.exit(1);
}
System.exit(0);
+break;
default:
log.warn("Bootstrap: command \"" + command + "\" does not
exist.");
break;
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) branch 11.0.x updated: Not strictly necessary but stops Eclipse from complaining
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 11.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/11.0.x by this push:
new 2644f6d994 Not strictly necessary but stops Eclipse from complaining
2644f6d994 is described below
commit 2644f6d994d3501fb2ff9fdb57ccc3d6d389508e
Author: Mark Thomas
AuthorDate: Mon Mar 17 14:39:29 2025 +
Not strictly necessary but stops Eclipse from complaining
---
java/org/apache/catalina/startup/Bootstrap.java | 1 +
1 file changed, 1 insertion(+)
diff --git a/java/org/apache/catalina/startup/Bootstrap.java
b/java/org/apache/catalina/startup/Bootstrap.java
index c5b35bd829..adfa9eaf95 100644
--- a/java/org/apache/catalina/startup/Bootstrap.java
+++ b/java/org/apache/catalina/startup/Bootstrap.java
@@ -484,6 +484,7 @@ public final class Bootstrap {
System.exit(1);
}
System.exit(0);
+break;
default:
log.warn("Bootstrap: command \"" + command + "\" does not
exist.");
break;
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
