Author: markt
Date: Mon May 14 15:17:39 2018
New Revision: 1831581
URL: http://svn.apache.org/viewvc?rev=1831581&view=rev
Log:
Fix some false positives
Modified:
tomcat/trunk/res/findbugs/filter-false-positives.xml
Modified: tomcat/trunk/res/findbugs/filter-false-positives.xml
URL:
http://s
https://bz.apache.org/bugzilla/show_bug.cgi?id=62366
Mark Thomas changed:
What|Removed |Added
Status|NEW |RESOLVED
Resolution|---
https://bz.apache.org/bugzilla/show_bug.cgi?id=62366
--- Comment #2 from Mark Thomas ---
Since TrimSpaces is the only API change between 8.5.x and 9.0.x (and the old
version isn't deprectaed in 8.5.x) I can see the merit in this proposal.
Patch applied as suggested to 9.0.x for 9.0.9 onwards.
Author: markt
Date: Mon May 14 15:03:33 2018
New Revision: 1831579
URL: http://svn.apache.org/viewvc?rev=1831579&view=rev
Log:
Enable JspC from Tomcat 9 to work with Maven JspC compiler plug-ins written for
Tomcat 8.5.x.
Patch provided by Pavel Cibulka.
Modified:
tomcat/trunk/java/org/apache
On 14/05/18 09:58, Rainer Jung wrote:
> Am 11.05.2018 um 15:23 schrieb Mark Thomas:
>> On 11/05/18 10:17, Rainer Jung wrote:
>>> Running the unit tests for trunk on my relatively slow Solaris machine,
>>> two of the performance tests run especially long:
>>>
>>> javax.websocket.TestContainerProvide
Author: markt
Date: Mon May 14 14:34:24 2018
New Revision: 1831576
URL: http://svn.apache.org/viewvc?rev=1831576&view=rev
Log:
Add invalid host names to the error logged by UserDataHelper
Modified:
tomcat/tc7.0.x/trunk/ (props changed)
tomcat/tc7.0.x/trunk/webapps/docs/config/systemprop
Author: markt
Date: Mon May 14 14:33:53 2018
New Revision: 1831574
URL: http://svn.apache.org/viewvc?rev=1831574&view=rev
Log:
Add invalid host names to the error logged by UserDataHelper
Modified:
tomcat/tc8.5.x/trunk/ (props changed)
tomcat/tc8.5.x/trunk/webapps/docs/config/systemprop
Author: markt
Date: Mon May 14 14:34:03 2018
New Revision: 1831575
URL: http://svn.apache.org/viewvc?rev=1831575&view=rev
Log:
Add invalid host names to the error logged by UserDataHelper
Modified:
tomcat/tc8.0.x/trunk/ (props changed)
tomcat/tc8.0.x/trunk/webapps/docs/config/systemprop
Author: markt
Date: Mon May 14 14:33:12 2018
New Revision: 1831573
URL: http://svn.apache.org/viewvc?rev=1831573&view=rev
Log:
Add invalid host names to the error logged by UserDataHelper
Modified:
tomcat/trunk/webapps/docs/config/systemprops.xml
Modified: tomcat/trunk/webapps/docs/config/sy
On 14/05/18 15:18, Konstantin Kolinko wrote:
> 2018-05-14 16:45 GMT+03:00 :
>> Author: markt
>> Date: Mon May 14 13:45:05 2018
>> New Revision: 1831568
>>
>> URL: http://svn.apache.org/viewvc?rev=1831568&view=rev
>> Log:
>> Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62371
>> Improve loggin
2018-05-14 16:45 GMT+03:00 :
> Author: markt
> Date: Mon May 14 13:45:05 2018
> New Revision: 1831568
>
> URL: http://svn.apache.org/viewvc?rev=1831568&view=rev
> Log:
> Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62371
> Improve logging of Host validation failures.
>
> Modified:
> tomc
https://bz.apache.org/bugzilla/show_bug.cgi?id=62371
Mark Thomas changed:
What|Removed |Added
Status|NEW |RESOLVED
Resolution|---
Author: markt
Date: Mon May 14 14:11:08 2018
New Revision: 1831571
URL: http://svn.apache.org/viewvc?rev=1831571&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62371
Improve logging of Host validation failures.
Modified:
tomcat/tc7.0.x/trunk/ (props changed)
tomcat/tc7
Author: markt
Date: Mon May 14 14:06:07 2018
New Revision: 1831570
URL: http://svn.apache.org/viewvc?rev=1831570&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62371
Improve logging of Host validation failures.
Modified:
tomcat/tc8.0.x/trunk/ (props changed)
tomcat/tc8
Author: markt
Date: Mon May 14 14:01:42 2018
New Revision: 1831569
URL: http://svn.apache.org/viewvc?rev=1831569&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62371
Improve logging of Host validation failures.
Modified:
tomcat/tc8.5.x/trunk/ (props changed)
tomcat/tc8
2018-05-14 14:41 GMT+03:00 Rainer Jung :
> Am 30.04.2018 um 10:28 schrieb Mark Thomas:
>>
>> On 29/04/18 23:14, Violeta Georgieva wrote:
>>>
>>> On Sun, 29 Apr 2018 at 17:10, Violeta Georgieva
>>> wrote:
On Sun, 29 Apr 2018 at 6:54, Mark Thomas wrote:
>
> On 28/04/18 17:50, Viol
Author: markt
Date: Mon May 14 13:45:05 2018
New Revision: 1831568
URL: http://svn.apache.org/viewvc?rev=1831568&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62371
Improve logging of Host validation failures.
Modified:
tomcat/trunk/java/org/apache/coyote/AbstractProcessor.
Am 30.04.2018 um 10:28 schrieb Mark Thomas:
On 29/04/18 23:14, Violeta Georgieva wrote:
On Sun, 29 Apr 2018 at 17:10, Violeta Georgieva
wrote:
On Sun, 29 Apr 2018 at 6:54, Mark Thomas wrote:
On 28/04/18 17:50, Violeta Georgieva wrote:
Is this file really part of that change?
No. I thi
https://bz.apache.org/bugzilla/show_bug.cgi?id=62371
--- Comment #16 from Alex ---
> This issue highlights that Tomcat can always use more real-world testing and
> I would encourage folks to download the release candidates as the votes are
> announced and test them in their environments. The mo
Author: markt
Date: Mon May 14 10:56:59 2018
New Revision: 1831559
URL: http://svn.apache.org/viewvc?rev=1831559&view=rev
Log:
Relax Host validation by removing the requirement that the final component of a
FQDN must be alphabetic.
Modified:
tomcat/tc7.0.x/trunk/ (props changed)
tomcat
Author: markt
Date: Mon May 14 10:56:13 2018
New Revision: 1831558
URL: http://svn.apache.org/viewvc?rev=1831558&view=rev
Log:
Relax Host validation by removing the requirement that the final component of a
FQDN must be alphabetic.
Modified:
tomcat/tc8.0.x/trunk/ (props changed)
tomcat
Author: markt
Date: Mon May 14 10:55:25 2018
New Revision: 1831557
URL: http://svn.apache.org/viewvc?rev=1831557&view=rev
Log:
Relax Host validation by removing the requirement that the final component of a
FQDN must be alphabetic.
Modified:
tomcat/tc8.5.x/trunk/ (props changed)
tomcat
Author: markt
Date: Mon May 14 10:50:22 2018
New Revision: 1831556
URL: http://svn.apache.org/viewvc?rev=1831556&view=rev
Log:
Relax Host validation by removing the requirement that the final component of a
FQDN must be alphabetic.
Modified:
tomcat/trunk/java/org/apache/tomcat/util/http/pars
https://bz.apache.org/bugzilla/show_bug.cgi?id=62371
--- Comment #15 from Mark Thomas ---
Ah. Found the reference for the final segment being alphabetic:
>From RFC 1123
However, a valid host name can never have the dotted-decimal form #.#.#.#,
since at least the highest-level component label wi
https://bz.apache.org/bugzilla/show_bug.cgi?id=62371
--- Comment #14 from Mark Thomas ---
Generally, the tightening up of validation like this stems from a security
vulnerability report where mal-formed input results in unintended consequences.
Usually information disclosure of some form. In this
Am 11.05.2018 um 15:23 schrieb Mark Thomas:
On 11/05/18 10:17, Rainer Jung wrote:
Running the unit tests for trunk on my relatively slow Solaris machine,
two of the performance tests run especially long:
javax.websocket.TestContainerProviderPerformance: about 25 minutes per
connector.
org.apac
https://bz.apache.org/bugzilla/show_bug.cgi?id=62371
--- Comment #13 from Alex ---
> While Tomcat doesn't have a formal policy, the general expectation is that
> clients confirm to the relevant RFCs. Therefore, Tomcat does, from time to
> time, tighten up the validation of input data when gaps
27 matches
Mail list logo
