Sign in
apache
/
tomcat80
/
HEAD
36e4312
Use http URL in ASF closer script.
by Rainer Jung
· 6 years ago
trunk
3672343
Ensures that the specified rxBufSize is correctly set to receiver buffer size.
by Keiichi Fujino
· 6 years ago
4a2e3d9
Fix the maven release deploy task: signing fails
by Rainer Jung
· 6 years ago
e97d800
62527: Revert restriction of JNDI to the java: namespace.
by Remy Maucherat
· 6 years ago
436722d
Update the release date for 8.0.53
by Violeta Georgieva Georgieva
· 6 years ago
0dd4d9c
Increment version for next dev cycle
by Violeta Georgieva Georgieva
· 6 years ago
2855cdf
Fix typo
by Mark Thomas
· 6 years ago
6a16fac
Implement checksum checks when downloading dependencies that are used to build Tomcat.
by Konstantin Kolinko
· 6 years ago
42a7487
Fixed a broken perldoc link
by Emmanuel Bourg
· 6 years ago
07c259a
Fixed several links pointing to the documentation of older Tomcat releases
by Emmanuel Bourg
· 6 years ago
93b4203
Added the new javac release attribute to be able to build Tomcat with recent JDKs without compromising the compatibility with older versions (requires Ant 1.9.8 or later)
by Emmanuel Bourg
· 6 years ago
06fa776
Use https URLs in the documentation when possible
by Emmanuel Bourg
· 6 years ago
23d0d83
Updated the Cobertura URL
by Emmanuel Bourg
· 6 years ago
0427af5
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62476
by Mark Thomas
· 6 years ago
edb4cd7
Minor updates after comparing 8.0.x with 9.0.x
by Mark Thomas
· 6 years ago
7d6b6be
Java 7 isn't quite as good as Java 8 at inferring generic types.
by Mark Thomas
· 6 years ago
ce522fb
Fill in the gaps in the Javadoc
by Mark Thomas
· 6 years ago
847a9f6
Better super constructor to avoid unused parameter
by Mark Thomas
· 6 years ago
1efd3f5
Fix Javadoc warnings
by Mark Thomas
· 6 years ago
6198ee8
Fix generics warnings
by Mark Thomas
· 6 years ago
4aa3bde
Update the internal fork of Commons DBCP 2 to 2.4.0.
by Mark Thomas
· 6 years ago
a7d5dfc
Update merge info
by Mark Thomas
· 6 years ago
b731851
Fix IDE warnings after Pool updates
by Mark Thomas
· 6 years ago
6d5aa81
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62458
by Mark Thomas
· 6 years ago
7ddf2a4
Enable host name verification for secure WebSocket client connections by default.
by Mark Thomas
· 6 years ago
50ff51f
Update Tomcat Native to 1.2.17
by Mark Thomas
· 6 years ago
286949f
When logValidationErrors is set to true, the connection validation error is logged as SEVERE instead of WARNING.
by Keiichi Fujino
· 6 years ago
7f8869c
Fix possible NPE
by Mark Thomas
· 6 years ago
2933c63
Make JAASRealm mis-configuration more obvious by requiring the authenticated Subject to include at least one Principal of a type specified by userClassNames
by Mark Thomas
· 6 years ago
ce55a53
Correct the logic in MBeanFactory.removeConnector() to ensure that the correct Connector is removed when there are multiple Connectors using different addresses but the same port.
by Mark Thomas
· 6 years ago
352d845
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62080
by Mark Thomas
· 6 years ago
3fbc848
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62391
by Mark Thomas
· 6 years ago
bf805bd
Include ::1 as well as 0:0:0:0:0:0:0:1 in the internal proxy list as APR returns ::1 rather than 0:0:0:0:0:0:0:1.
by Mark Thomas
· 6 years ago
ba52224
Correctly handle the case when the request passes through one or more trustedProxies but no internalProxies.
by Mark Thomas
· 6 years ago
f7069c2
Improve IPv6 validation by ensuring that IPv4-Mapped IPv6 addresses do not contain leading zeros in the IPv4 part.
by Mark Thomas
· 6 years ago
90da49a
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62389
by Mark Thomas
· 6 years ago
65714b4
Add comment to non-static loggers
by Mark Thomas
· 6 years ago
1fd5add
Fix broken test
by Mark Thomas
· 6 years ago
1e453cc
Switch to non-static loggers where there is a possibility of a logger becoming associated with a web application class loader causing log messages to be lost if the web application is stopped.
by Mark Thomas
· 6 years ago
7607005
Update docs after changes for CVE-2018-8014
by Mark Thomas
· 6 years ago
918fd4f
When decoding of path parameter failed, make sure to throw DecodeException instead of throwing ArrayIndexOutOfBoundsException.
by Keiichi Fujino
· 6 years ago
f3ba099
Correctly handle an invalid quality value in an Accept-Language header.
by Mark Thomas
· 6 years ago
c60a9de
Correctly handle a digest authorization header when one of the hex field values ends the header with in an invalid character.
by Mark Thomas
· 6 years ago
c7a972e
Correctly handle a digest authorization header when the user name contains an escaped character.
by Mark Thomas
· 6 years ago
cc27735
Correct the manifest for the annotations-api.jar. The JAR implements the Common Annotations API 1.2 and the manifest should
by Mark Thomas
· 6 years ago
cc40c5c
Logs for Filters must be non-static as loggers are created per class-loader and Filters may be used in multiple class loaders.
by Mark Thomas
· 6 years ago
977d614
Fix javadoc. remove old description.
by Keiichi Fujino
· 6 years ago
c0b67b1
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62395
by Mark Thomas
· 6 years ago
1f1e5e7
Ensure that the web application resources implementation does not incorrectly cache results for resources that are only visible as class loader resources.
by Mark Thomas
· 6 years ago
2c9d843
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62343
by Mark Thomas
· 6 years ago
0337a42
Add invalid host names to the error logged by UserDataHelper
by Mark Thomas
· 6 years ago
420d6e9
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62371
by Mark Thomas
· 6 years ago
af996bb
Relax Host validation by removing the requirement that the final component of a FQDN must be alphabetic.
by Mark Thomas
· 6 years ago
7b794ae
Log an error message if the AJP connector detects the the reverse proxy is sending AJP messages that are too large for the configured packetSize.
by Mark Thomas
· 6 years ago
bb83fcb
Remove duplicate calls when creating a replicated session to reduce the time taken to create the session and thereby reduce the chances of a subsequent session update message being ignored because the session does not yet exist.
by Mark Thomas
· 6 years ago
ff23a11
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=60490
by Mark Thomas
· 6 years ago
152acfc
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=50019
by Mark Thomas
· 6 years ago
4449344
Fix imports
by Mark Thomas
· 6 years ago
ab1e6dd
Towards the fix for BZ 50019
by Mark Thomas
· 6 years ago
5099a92
Clean up.
by Mark Thomas
· 6 years ago
2529478
Ensure that JNDI names used for <lookup-name> entries in web.xml and for lookup elements of @Resource annotations specify a name with an explicit java: namespace.
by Mark Thomas
· 6 years ago
0463ef6
JNDI resources that are defined with injection targets but no value are now treated as if the resource is not defined.
by Mark Thomas
· 6 years ago
7a229c3
Update the release date for 8.0.52
by Violeta Georgieva Georgieva
· 6 years ago
cc68d0b
Remove unnecessary default property values.
by Keiichi Fujino
· 6 years ago
35f62a9
Ensure that the correct default value is returned when retrieve unset properties in McastService.
by Keiichi Fujino
· 6 years ago
7b714d3
Refactor org.apache.jasper.runtime.BodyContentImpl so an additional permission is not required in catalina.policy
by Konstantin Kolinko
· 6 years ago
049f43e
Fix http://bz.apache.org/bugzilla/show_bug.cgi?id=62350
by Konstantin Kolinko
· 6 years ago
56b44f6
When restoring a saved request with a request body after FORM authentication, ensure that calls to the HttpServletRequest methods getRequestURI(), getQueryString() and getProtocol() are not corrupted by the processing of the saved request body.
by Mark Thomas
· 6 years ago
9f6811b
Correct the processing of resources with <injection-target>s defined in web.xml. First look for a match using JavaBean property names and then, only if a match is not found, look for a match using fields.
by Mark Thomas
· 6 years ago
8fc7205
Fix failing tests now mappedName in @Resource does not set the value for env-entry resources.
by Mark Thomas
· 6 years ago
c1c7191
Use a constant for a repeatedly used String
by Mark Thomas
· 6 years ago
5604561
Treat the <mapped-name> element of a <env-entry> in web.xml in the same way as the mappedName element of the equivalent @Resource annotation. Both now attempt to set the mappedName property of the resource.
by Mark Thomas
· 6 years ago
32127f3
Modify import controls so they do not overlap which prevents the reversal of deny/allow ordering from causing failures in Gump which uses the latest Checkstyle code.
by Mark Thomas
· 6 years ago
c381dbe
Increment version for next dev cycle
by Violeta Georgieva Georgieva
· 6 years ago
8a9229f
Fix tests broken by introduction of allowMultipleLeadingForwardSlashInPath
by Mark Thomas
· 6 years ago
9e9b7fe
Improve handing of overflow in the UTF-8 decoder with supplementary characters.
by Mark Thomas
· 6 years ago
d3ffb5c
Collapse multiple leading '/' characters to a single '/' in the return value of HttpServletRequest#getContextPath() to avoid issues if the value is used with HttpServletResponse#sendRedirect(). This behaviour is enabled by default and configurable via the new Context attribute allowMultipleLeadingForwardSlashInPath.
by Mark Thomas
· 6 years ago
f7ac344
Avoid warning when running under Cygwin when the JAVA_ENDORSED_DIRS environment variable is not set. Patch provided by Zemian Deng.
by Mark Thomas
· 6 years ago
41eca61
Correctly list resources in JAR files when directories do not have dedicated entries.
by Mark Thomas
· 6 years ago
ed308fc
Move to the correct section
by Mark Thomas
· 6 years ago
6079bb1
Fix test failures now 8.0.x enforces the requirement that a Host header MUST be present
by Mark Thomas
· 6 years ago
a677c41
Back-port default port handling that updated validation depends on. (Should fix failing CI build)
by Mark Thomas
· 6 years ago
360efc1
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62273
by Mark Thomas
· 6 years ago
4756b72
First step in addressing https://bz.apache.org/bugzilla/show_bug.cgi?id=62273
by Mark Thomas
· 6 years ago
5b59798
Better i18n in request target processing
by Mark Thomas
· 6 years ago
c5cec7d
Implement various Host header checks required by RFC 7230
by Mark Thomas
· 6 years ago
3c2db7f
Enable strict host/port validation for all connectors.
by Mark Thomas
· 6 years ago
67e1e82
Update the host validation to permit host names and components of domain names (excluding top-level domains) to start with a number and to ensure that top-level domains are fully alphabetic.
by Mark Thomas
· 6 years ago
5906b5e
Add error messages when exceptions are thrown due to host name parsing issues.
by Mark Thomas
· 6 years ago
5263f2e
Fix typo and spelling of octet
by Mark Thomas
· 6 years ago
7dcf93c
Inner enums are implicitly static
by Mark Thomas
· 6 years ago
03beb42
Correct various edge cases in the new HTTP Host header validation parser.
by Mark Thomas
· 6 years ago
c7f74e6
Expand the HttpParser to include Host header validation / port location extraction.
by Mark Thomas
· 6 years ago
d135de0
Optimise Patch provided by Sebastian Staudt
by Mark Thomas
· 6 years ago
3302d75
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62297
by Mark Thomas
· 6 years ago
36631ca
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62301
by Mark Thomas
· 6 years ago
4f4bedd
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62287
by Mark Thomas
· 6 years ago
ea8d713
Enable Java 10 to be specified as a JSP source and/or target if a newer ECJ version is used.
by Mark Thomas
· 6 years ago
fa6cc29
Enable ECJ version 4.7 and later to be used as a drop in replacement for the ECJ version that ships with Apache Tomcat.
by Mark Thomas
· 6 years ago
ea2bb09
Register MBean when DataSource Resource type=javax.sql.XADataSource. Patch provided by Masafumi Miura.
by Coty Sutherland
· 6 years ago
Next »