Failing Travis CI build and Smoke Test / JDK8 ubuntu-latest

Hi, The Travis CI build seems to fail on timout regularly should we increase the timeout? Or investigate the problem? Smoke Test / JDK8 ubuntu-latest fails on tls3 tests should we make the test conditional? -- Cheers Jean-Frederic --

[Bug 64645] bin/service.bat doesn't handle wrongly configured JAVA_HOME

https://bz.apache.org/bugzilla/show_bug.cgi?id=64645 --- Comment #2 from Jakub Moravec --- Thanks for the response Christopher. I dug a bit deeper... (In reply to Christopher Schultz from comment #1) > (In reply to Jakub Moravec from comment #0) > > We found out, that if JAVA_HOME is wrongly c

Re: Failing Travis CI build and Smoke Test / JDK8 ubuntu-latest

Hi, On Wed, Aug 5, 2020 at 10:22 AM jean-frederic clere wrote: > Hi, > > The Travis CI build seems to fail on timout regularly should we increase > the timeout? Or investigate the problem? > > Smoke Test / JDK8 ubuntu-latest fails on tls3 tests should we make the > test conditional? > TravisCI

Need reviews for PR for bug 64644

Hi, I need reviews for PR https://github.com/apache/tomcat/pull/330#issue-462890625 It corresponds to the bug : https://bz.apache.org/bugzilla/show_bug.cgi?id=64644 I can provide a video for the demo of the issue and how it is affecting my product in real world. Thanks in advance. Regards, Sak

[Bug 60030] Run away CPU with JSSE / OpenSSL with IE8

https://bz.apache.org/bugzilla/show_bug.cgi?id=60030 ulerkeket21 changed: What|Removed |Added URL||https://www.ayobisnis.info/ -- You are

[Bug 60030] Run away CPU with JSSE / OpenSSL with IE8

https://bz.apache.org/bugzilla/show_bug.cgi?id=60030 Coty Sutherland changed: What|Removed |Added URL|https://www.ayobisnis.info/ | -- You are receiving this mail bec

Discouraging Rogue Users In Tomcat

> > Alan, > > > What kind of protections does this module provide? How does it > integrate into Tomcat (e.g. custom > Filter/Valve/ServletContextListener, patches to arbitrary places in > Tomcat internals, etc.)? > The point of this code is to prevent malicious users from probing Tomcat hosted app

Re: Discouraging Rogue Users In Tomcat

Hi - In my experience the scans you are reporting may be from a white hat security scan of your website that is contracted by your security team. These tend to try every exploit that is known for any web server to make sure that your web apps is secure. I’m not sure how the Tomcat team will re

[GitHub] [tomcat] malaysf opened a new pull request #332: Support sending the 100 continue response when the servlet reads the …

malaysf opened a new pull request #332: URL: https://github.com/apache/tomcat/pull/332 …request body This allows servlets to respond to the request (if possible) by only examining the headers. Only when the request body is read from will the 100 continue intermediate response be sen

[Bug 57661] Delay sending of 100 continue response until application tries to read request body

https://bz.apache.org/bugzilla/show_bug.cgi?id=57661 --- Comment #13 from Malay --- I posted PR 332 https://github.com/apache/tomcat/pull/332 with my implementation. Please let me know if this is the right approach, I thought of several ways to implement this and decided on this approach because

[GitHub] [tomcat] michael-o commented on a change in pull request #332: Support sending the 100 continue response when the servlet reads the …

michael-o commented on a change in pull request #332: URL: https://github.com/apache/tomcat/pull/332#discussion_r466167274 ## File path: java/org/apache/coyote/ContinueHandlingResponsePolicy.java ## @@ -0,0 +1,37 @@ +/* + * Licensed to the Apache Software Foundation (ASF) unde

[GitHub] [tomcat] malaysf commented on a change in pull request #332: Support sending the 100 continue response when the servlet reads the …

malaysf commented on a change in pull request #332: URL: https://github.com/apache/tomcat/pull/332#discussion_r466173546 ## File path: java/org/apache/coyote/AbstractProtocol.java ## @@ -262,6 +267,18 @@ public void setConnectionLinger(int connectionLinger) { endpoint.

[GitHub] [tomcat] malaysf commented on a change in pull request #332: Support sending the 100 continue response when the servlet reads the …

malaysf commented on a change in pull request #332: URL: https://github.com/apache/tomcat/pull/332#discussion_r466173884 ## File path: java/org/apache/coyote/Request.java ## @@ -709,4 +718,13 @@ private static String getCharsetFromContentType(String contentType) { r

[GitHub] [tomcat] malaysf commented on a change in pull request #332: Support sending the 100 continue response when the servlet reads the …

malaysf commented on a change in pull request #332: URL: https://github.com/apache/tomcat/pull/332#discussion_r466174698 ## File path: java/org/apache/catalina/connector/Response.java ## @@ -1197,16 +1197,12 @@ public String encodeUrl(String url) { public void sendAcknowle

[GitHub] [tomcat] malaysf commented on a change in pull request #332: Support sending the 100 continue response when the servlet reads the …

malaysf commented on a change in pull request #332: URL: https://github.com/apache/tomcat/pull/332#discussion_r466178352 ## File path: java/org/apache/coyote/ContinueHandlingResponsePolicy.java ## @@ -0,0 +1,37 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under

[GitHub] [tomcat] malaysf commented on a change in pull request #332: Support sending the 100 continue response when the servlet reads the …

malaysf commented on a change in pull request #332: URL: https://github.com/apache/tomcat/pull/332#discussion_r466179556 ## File path: test/org/apache/catalina/core/TestStandardContextValve.java ## @@ -182,4 +184,66 @@ public void requestDestroyed(ServletRequestEvent sre) {