svn commit: r664483 - in /tomcat/trunk/java/org/apache/jasper: security/SecurityUtil.java servlet/JspServlet.java

Author: markt Date: Sun Jun 8 04:30:44 2008 New Revision: 664483 URL: http://svn.apache.org/viewvc?rev=664483&view=rev Log: Add an additional layer of protection in case app fails to protect against an XSS. Copied filter code to jasper module so no new dependency is created. Modified: tomca

svn commit: r664485 - /tomcat/tc6.0.x/trunk/STATUS.txt

Author: markt Date: Sun Jun 8 04:37:18 2008 New Revision: 664485 URL: http://svn.apache.org/viewvc?rev=664485&view=rev Log: Propose enhancement for XSS protection Modified: tomcat/tc6.0.x/trunk/STATUS.txt Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc

svn commit: r664486 - in /tomcat/tc6.0.x/trunk: STATUS.txt java/org/apache/catalina/core/StandardContextValve.java

Author: markt Date: Sun Jun 8 04:45:24 2008 New Revision: 664486 URL: http://svn.apache.org/viewvc?rev=664486&view=rev Log: Further fix for 43683 - use the new class loader after a context reload Modified: tomcat/tc6.0.x/trunk/STATUS.txt tomcat/tc6.0.x/trunk/java/org/apache/catalina/core

DO NOT REPLY [Bug 43683] Accessing Servlet while Reloading context gives 404 error

https://issues.apache.org/bugzilla/show_bug.cgi?id=43683 --- Comment #12 from Mark Thomas <[EMAIL PROTECTED]> 2008-06-08 04:51:26 PST --- The classloader fix has been applied to 6.0.x and will be in 6.0.17. I'll take a look at the remaining issues. -- Configure bugmail: https://issues.apa

svn commit: r664494 - in /tomcat/tc6.0.x/trunk: STATUS.txt java/org/apache/catalina/core/StandardContext.java webapps/docs/changelog.xml

Author: markt Date: Sun Jun 8 05:49:50 2008 New Revision: 664494 URL: http://svn.apache.org/viewvc?rev=664494&view=rev Log: Fix 42934. Change the order of events on context start so contextInitialized() event is fired before sessionDidActivate(). The spec isn't 100% clear on the required orde

DO NOT REPLY [Bug 42934] sessionDidActivate() called before contextInitialized()

https://issues.apache.org/bugzilla/show_bug.cgi?id=42934 Mark Thomas <[EMAIL PROTECTED]> changed: What|Removed |Added Status|NEW |RESOLVED

DO NOT REPLY [Bug 45156] Symbol not found: _open$UNIX2003

https://issues.apache.org/bugzilla/show_bug.cgi?id=45156 --- Comment #2 from Holger Thurow <[EMAIL PROTECTED]> 2008-06-08 21:54:22 PST --- (In reply to comment #1) > Have you tried building this from the source? > Yes, after I tried installing it from the binary. Installing it from source

Bug report for Tomcat 3 [2008/06/08]

+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned

Bug report for Watchdog [2008/06/08]

+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned

Bug report for Tomcat 4 [2008/06/08]

+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned

Bug report for Tomcat 5 [2008/06/08]

+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned